diff options
Diffstat (limited to 'crypto/openssh/ChangeLog')
-rw-r--r-- | crypto/openssh/ChangeLog | 12387 |
1 files changed, 8577 insertions, 3810 deletions
diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog index 63aeae5..092cc48 100644 --- a/crypto/openssh/ChangeLog +++ b/crypto/openssh/ChangeLog @@ -1,3817 +1,8584 @@ -20131006 - - (djm) Release OpenSSH-6.7 - -20141003 - - (djm) [sshd_config.5] typo; from Iain Morgan - -20141001 - - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c] - [openbsd-compat/openbsd-compat.h] Kludge around bad glibc - _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; - ok dtucker@ - -20140910 - - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc; - patch from Felix von Leitner; ok dtucker - -20140908 - - (dtucker) [INSTALL] Update info about egd. ok djm@ - -20140904 - - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG - -20140903 - - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and - conditionalise to avoid duplicate definition. - - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to - permissions/ACLs; from Corinna Vinschen - -20140830 - - (djm) [openbsd-compat/openssl-compat.h] add - OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them - - (djm) [misc.c] Missing newline between functions - - (djm) [openbsd-compat/openssl-compat.h] add include guard - - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@ - -20140827 - - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] - [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] - [regress/unittests/sshkey/common.c] - [regress/unittests/sshkey/test_file.c] - [regress/unittests/sshkey/test_fuzz.c] - [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h - on !ECC OpenSSL systems - - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth - monitor, not preauth; bz#2263 - - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero() - using memset_s() where possible; improve fallback to indirect bzero - via a volatile pointer to give it more of a chance to avoid being - optimised away. - -20140825 - - (djm) [bufec.c] Skip this file on !ECC OpenSSL - - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL, - update OpenSSL version requirement. - -20140824 - - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not - PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen - -20140823 - - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on - lastlog writing on platforms with high UIDs; bz#2263 - - (djm) [configure.ac] We now require a working vsnprintf everywhere (not - just for systems that lack asprintf); check for it always and extend - test to catch more brokenness. Fixes builds on Solaris <= 9 - -20140822 - - (djm) [configure.ac] include leading zero characters in OpenSSL version - number; fixes test for unsupported versions - - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC - - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/ - definition mismatch) and warning for broken/missing snprintf case. - - (djm) [configure.ac] double braces to appease autoconf - -20140821 - - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too. - - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL - - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that - don't set __progname. Diagnosed by Tom Christensen. - -20140820 - - (djm) [configure.ac] Check OpenSSL version is supported at configure time; - suggested by Kevin Brott - - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than - -L/-l; fixes linking problems on some platforms - - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC - - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna - -20140819 - - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen - - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC. - - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG - - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README] - [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions - of TCP wrappers. - -20140811 - - (djm) [myproposal.h] Make curve25519 KEX dependent on - HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC. - -20140810 - - (djm) [README contrib/caldera/openssh.spec] - [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions - -20140801 - - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need - a better solution, but this will have to do for now. - - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin - is closed; avoid regress failures when stdin is /dev/null - - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate - nc from stdin, it's more portable - -20140730 - - OpenBSD CVS Sync - - millert@cvs.openbsd.org 2014/07/24 22:57:10 - [ssh.1] - Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@ - - dtucker@cvs.openbsd.org 2014/07/25 21:22:03 - [ssh-agent.c] - Clear buffer used for handling messages. This prevents keys being - left in memory after they have been expired or deleted in some cases - (but note that ssh-agent is setgid so you would still need root to - access them). Pointed out by Kevin Burns, ok deraadt - - schwarze@cvs.openbsd.org 2014/07/28 15:40:08 - [sftp-server.8 sshd_config.5] - some systems no longer need /dev/log; - issue noticed by jirib; - ok deraadt - -20140725 - - (djm) [regress/multiplex.sh] restore incorrectly deleted line; - pointed out by Christian Hesse - -20140722 - - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow; - put it back - - (djm) [regress/multiplex.sh] change the test for still-open Unix - domain sockets to be robust against nc implementations that produce - error messages. - - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa- - specific tests inside OPENSSL_HAS_ECC. - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2014/07/22 01:18:50 - [key.c] - Prevent spam from key_load_private_pem during hostbased auth. ok djm@ - - guenther@cvs.openbsd.org 2014/07/22 07:13:42 - [umac.c] - Convert from <sys/endian.h> to the shiney new <endian.h> - ok dtucker@, who also confirmed that -portable handles this already - (ID sync only, includes.h pulls in endian.h if available.) - - djm@cvs.openbsd.org 2014/07/22 01:32:12 - [regress/multiplex.sh] - change the test for still-open Unix domain sockets to be robust against - nc implementations that produce error messages. from -portable - (Id sync only) - - dtucker@cvs.openbsd.org 2014/07/22 23:23:22 - [regress/unittests/sshkey/mktestdata.sh] - Sign test certs with ed25519 instead of ecdsa so that they'll work in - -portable on platforms that don't have ECDSA in their OpenSSL. ok djm - - dtucker@cvs.openbsd.org 2014/07/22 23:57:40 - [regress/unittests/sshkey/mktestdata.sh] - Add $OpenBSD tag to make syncs easier - - dtucker@cvs.openbsd.org 2014/07/22 23:35:38 - [regress/unittests/sshkey/testdata/*] - Regenerate test keys with certs signed with ed25519 instead of ecdsa. - These can be used in -portable on platforms that don't support ECDSA. - -20140721 - - OpenBSD CVS Sync - - millert@cvs.openbsd.org 2014/07/15 15:54:15 - [forwarding.sh multiplex.sh] - Add support for Unix domain socket forwarding. A remote TCP port - may be forwarded to a local Unix domain socket and vice versa or - both ends may be a Unix domain socket. This is a reimplementation - of the streamlocal patches by William Ahern from: - http://www.25thandclement.com/~william/projects/streamlocal.html - OK djm@ markus@ - - (djm) [regress/multiplex.sh] Not all netcat accept the -N option. - - (dtucker) [sshkey.c] ifdef out unused variable when compiling without - OPENSSL_HAS_ECC. - -20140721 - - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits - needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm - - (dtucker) [regress/unittests/sshkey/ - {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in - ifdefs. - -20140719 - - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used - in servconf.h. - -20140718 - - OpenBSD CVS Sync - - millert@cvs.openbsd.org 2014/07/15 15:54:14 - [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] - [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] - [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] - [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] - [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] - [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] - [sshd_config.5 sshlogin.c] - Add support for Unix domain socket forwarding. A remote TCP port - may be forwarded to a local Unix domain socket and vice versa or - both ends may be a Unix domain socket. This is a reimplementation - of the streamlocal patches by William Ahern from: - http://www.25thandclement.com/~william/projects/streamlocal.html - OK djm@ markus@ - - jmc@cvs.openbsd.org 2014/07/16 14:48:57 - [ssh.1] - add the streamlocal* options to ssh's -o list; millert says they're - irrelevant for scp/sftp; - ok markus millert - - djm@cvs.openbsd.org 2014/07/17 00:10:56 - [sandbox-systrace.c] - ifdef SYS_sendsyslog so this will compile without patching on -stable - - djm@cvs.openbsd.org 2014/07/17 00:10:18 - [mux.c] - preserve errno across syscall - - djm@cvs.openbsd.org 2014/07/17 00:12:03 - [key.c] - silence "incorrect passphrase" error spam; reported and ok dtucker@ - - djm@cvs.openbsd.org 2014/07/17 07:22:19 - [mux.c ssh.c] - reflect stdio-forward ("ssh -W host:port ...") failures in exit status. - previously we were always returning 0. bz#2255 reported by Brendan - Germain; ok dtucker - - djm@cvs.openbsd.org 2014/07/18 02:46:01 - [ssh-agent.c] - restore umask around listener socket creation (dropped in streamlocal patch - merge) - - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used - in servconf.h. - - (dtucker) [Makefile.in] Add a t-exec target to run just the executable - tests. - - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC. - -20140717 - - (djm) [digest-openssl.c] Preserve array order when disabling digests. - Reported by Petr Lautrbach. - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2014/07/11 08:09:54 - [sandbox-systrace.c] - Permit use of SYS_sendsyslog from inside the sandbox. Clock is ticking, - update your kernels and sshd soon.. libc will start using sendsyslog() - in about 4 days. - - tedu@cvs.openbsd.org 2014/07/11 13:54:34 - [myproposal.h] - by popular demand, add back hamc-sha1 to server proposal for better compat - with many clients still in use. ok deraadt - -20140715 - - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto - has been located; fixes builds agains libressl-portable - -20140711 - - OpenBSD CVS Sync - - benno@cvs.openbsd.org 2014/07/09 14:15:56 - [ssh-add.c] - fix ssh-add crash while loading more than one key - ok markus@ +commit 9f82e5a9042f2d872e98f48a876fcab3e25dd9bb +Author: Tim Rice <tim@multitalents.net> +Date: Mon Mar 16 22:49:20 2015 -0700 -20140709 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/07/07 08:19:12 - [ssh_config.5] - mention that ProxyCommand is executed using shell "exec" to avoid - a lingering process; bz#1977 - - djm@cvs.openbsd.org 2014/07/09 01:45:10 - [sftp.c] - more useful error message when GLOB_NOSPACE occurs; - bz#2254, patch from Orion Poplawski - - djm@cvs.openbsd.org 2014/07/09 03:02:15 - [key.c] - downgrade more error() to debug() to better match what old authfile.c - did; suppresses spurious errors with hostbased authentication enabled - - djm@cvs.openbsd.org 2014/07/06 07:42:03 - [multiplex.sh test-exec.sh] - add a hook to the cleanup() function to kill $SSH_PID if it is set - - use it to kill the mux master started in multiplex.sh (it was being left - around on fatal failures) - - djm@cvs.openbsd.org 2014/07/07 08:15:26 - [multiplex.sh] - remove forced-fatal that I stuck in there to test the new cleanup - logic and forgot to remove... - -20140706 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/07/03 23:18:35 - [authfile.h] - remove leakmalloc droppings - - djm@cvs.openbsd.org 2014/07/05 23:11:48 - [channels.c] - fix remote-forward cancel regression; ok markus@ - -20140704 - - OpenBSD CVS Sync - - jsing@cvs.openbsd.org 2014/07/03 12:42:16 - [cipher-chachapoly.c] - Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this - makes it easier to verify that chacha_encrypt_bytes() is only called once - per chacha_ivsetup() call. - ok djm@ - - djm@cvs.openbsd.org 2014/07/03 22:23:46 - [sshconnect.c] - when rekeying, skip file/DNS lookup if it is the same as the key sent - during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@ - - djm@cvs.openbsd.org 2014/07/03 22:33:41 - [channels.c] - allow explicit ::1 and 127.0.0.1 forwarding bind addresses when - GatewayPorts=no; allows client to choose address family; - bz#2222 ok markus@ - - djm@cvs.openbsd.org 2014/07/03 22:40:43 - [servconf.c servconf.h session.c sshd.8 sshd_config.5] - Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is - executed, mirroring the no-user-rc authorized_keys option; - bz#2160; ok markus@ - -20140703 - - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto - doesn't support it. - - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist; - bz#2237 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/07/03 01:45:38 - [sshkey.c] - make Ed25519 keys' title fit properly in the randomart border; bz#2247 - based on patch from Christian Hesse - - djm@cvs.openbsd.org 2014/07/03 03:11:03 - [ssh-agent.c] - Only cleanup agent socket in the main agent process and not in any - subprocesses it may have started (e.g. forked askpass). Fixes - agent sockets being zapped when askpass processes fatal(); - bz#2236 patch from Dmitry V. Levin - - djm@cvs.openbsd.org 2014/07/03 03:15:01 - [ssh-add.c] - make stdout line-buffered; saves partial output getting lost when - ssh-add fatal()s part-way through (e.g. when listing keys from an - agent that supports key types that ssh-add doesn't); - bz#2234, reported by Phil Pennock - - djm@cvs.openbsd.org 2014/07/03 03:26:43 - [digest-openssl.c] - use EVP_Digest() for one-shot hash instead of creating, updating, - finalising and destroying a context. - bz#2231, based on patch from Timo Teras - - djm@cvs.openbsd.org 2014/07/03 03:34:09 - [gss-serv.c session.c ssh-keygen.c] - standardise on NI_MAXHOST for gethostname() string lengths; about - 1/2 the cases were using it already. Fixes bz#2239 en passant - - djm@cvs.openbsd.org 2014/07/03 03:47:27 - [ssh-keygen.c] - When hashing or removing hosts using ssh-keygen, don't choke on - @revoked markers and don't remove @cert-authority markers; - bz#2241, reported by mlindgren AT runelind.net - - djm@cvs.openbsd.org 2014/07/03 04:36:45 - [digest.h] - forward-declare struct sshbuf so consumers don't need to include sshbuf.h - - djm@cvs.openbsd.org 2014/07/03 05:32:36 - [ssh_config.5] - mention '%%' escape sequence in HostName directives and how it may - be used to specify IPv6 link-local addresses - - djm@cvs.openbsd.org 2014/07/03 05:38:17 - [ssh.1] - document that -g will only work in the multiplexed case if applied to - the mux master - - djm@cvs.openbsd.org 2014/07/03 06:39:19 - [ssh.c ssh_config.5] - Add a %C escape sequence for LocalCommand and ControlPath that expands - to a unique identifer based on a has of the tuple of (local host, - remote user, hostname, port). - - Helps avoid exceeding sockaddr_un's miserly pathname limits for mux - control paths. - - bz#2220, based on patch from mancha1 AT zoho.com; ok markus@ - - jmc@cvs.openbsd.org 2014/07/03 07:45:27 - [ssh_config.5] - escape %C since groff thinks it part of an Rs/Re block; - - djm@cvs.openbsd.org 2014/07/03 11:16:55 - [auth.c auth.h auth1.c auth2.c] - make the "Too many authentication failures" message include the - user, source address, port and protocol in a format similar to the - authentication success / failure messages; bz#2199, ok dtucker - -20140702 - - OpenBSD CVS Sync - - deraadt@cvs.openbsd.org 2014/06/13 08:26:29 - [sandbox-systrace.c] - permit SYS_getentropy - from matthew - - matthew@cvs.openbsd.org 2014/06/18 02:59:13 - [sandbox-systrace.c] - Now that we have a dedicated getentropy(2) system call for - arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace - sandbox. - - ok djm - - naddy@cvs.openbsd.org 2014/06/18 15:42:09 - [sshbuf-getput-crypto.c] - The ssh_get_bignum functions must accept the same range of bignums - the corresponding ssh_put_bignum functions create. This fixes the - use of 16384-bit RSA keys (bug reported by Eivind Evensen). - ok djm@ - - djm@cvs.openbsd.org 2014/06/24 00:52:02 - [krl.c] - fix bug in KRL generation: multiple consecutive revoked certificate - serial number ranges could be serialised to an invalid format. - - Readers of a broken KRL caused by this bug will fail closed, so no - should-have-been-revoked key will be accepted. - - djm@cvs.openbsd.org 2014/06/24 01:13:21 - [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c - [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c - [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h - [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h - [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h - [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c - [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c - [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c - [sshconnect2.c sshd.c sshkey.c sshkey.h - [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] - New key API: refactor key-related functions to be more library-like, - existing API is offered as a set of wrappers. - - with and ok markus@ - - Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew - Dempsky and Ron Bowes for a detailed review a few months ago. - NB. This commit also removes portable OpenSSH support for OpenSSL - <0.9.8e. - - djm@cvs.openbsd.org 2014/06/24 02:19:48 - [ssh.c] - don't fatal() when hostname canonicalisation fails with a - ProxyCommand in use; continue and allow the ProxyCommand to - connect anyway (e.g. to a host with a name outside the DNS - behind a bastion) - - djm@cvs.openbsd.org 2014/06/24 02:21:01 - [scp.c] - when copying local->remote fails during read, don't send uninitialised - heap to the remote end. Reported by Jann Horn - - deraadt@cvs.openbsd.org 2014/06/25 14:16:09 - [sshbuf.c] - unblock SIGSEGV before raising it - ok djm - - markus@cvs.openbsd.org 2014/06/27 16:41:56 - [channels.c channels.h clientloop.c ssh.c] - fix remote fwding with same listen port but different listen address - with gerhard@, ok djm@ - - markus@cvs.openbsd.org 2014/06/27 18:50:39 - [ssh-add.c] - fix loading of private keys - - djm@cvs.openbsd.org 2014/06/30 12:54:39 - [key.c] - suppress spurious error message when loading key with a passphrase; - reported by kettenis@ ok markus@ - - djm@cvs.openbsd.org 2014/07/02 04:59:06 - [cipher-3des1.c] - fix ssh protocol 1 on the server that regressed with the sshkey change - (sometimes fatal() after auth completed), make file return useful status - codes. - NB. Id sync only for these two. They were bundled into the sshkey merge - above, since it was easier to sync the entire file and then apply - portable-specific changed atop it. - - djm@cvs.openbsd.org 2014/04/30 05:32:00 - [regress/Makefile] - unit tests for new buffer API; including basic fuzz testing - NB. Id sync only. - - djm@cvs.openbsd.org 2014/05/21 07:04:21 - [regress/integrity.sh] - when failing because of unexpected output, show the offending output - - djm@cvs.openbsd.org 2014/06/24 01:04:43 - [regress/krl.sh] - regress test for broken consecutive revoked serial number ranges - - djm@cvs.openbsd.org 2014/06/24 01:14:17 - [Makefile.in regress/Makefile regress/unittests/Makefile] - [regress/unittests/sshkey/Makefile] - [regress/unittests/sshkey/common.c] - [regress/unittests/sshkey/common.h] - [regress/unittests/sshkey/mktestdata.sh] - [regress/unittests/sshkey/test_file.c] - [regress/unittests/sshkey/test_fuzz.c] - [regress/unittests/sshkey/test_sshkey.c] - [regress/unittests/sshkey/tests.c] - [regress/unittests/sshkey/testdata/dsa_1] - [regress/unittests/sshkey/testdata/dsa_1-cert.fp] - [regress/unittests/sshkey/testdata/dsa_1-cert.pub] - [regress/unittests/sshkey/testdata/dsa_1.fp] - [regress/unittests/sshkey/testdata/dsa_1.fp.bb] - [regress/unittests/sshkey/testdata/dsa_1.param.g] - [regress/unittests/sshkey/testdata/dsa_1.param.priv] - [regress/unittests/sshkey/testdata/dsa_1.param.pub] - [regress/unittests/sshkey/testdata/dsa_1.pub] - [regress/unittests/sshkey/testdata/dsa_1_pw] - [regress/unittests/sshkey/testdata/dsa_2] - [regress/unittests/sshkey/testdata/dsa_2.fp] - [regress/unittests/sshkey/testdata/dsa_2.fp.bb] - [regress/unittests/sshkey/testdata/dsa_2.pub] - [regress/unittests/sshkey/testdata/dsa_n] - [regress/unittests/sshkey/testdata/dsa_n_pw] - [regress/unittests/sshkey/testdata/ecdsa_1] - [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp] - [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub] - [regress/unittests/sshkey/testdata/ecdsa_1.fp] - [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb] - [regress/unittests/sshkey/testdata/ecdsa_1.param.curve] - [regress/unittests/sshkey/testdata/ecdsa_1.param.priv] - [regress/unittests/sshkey/testdata/ecdsa_1.param.pub] - [regress/unittests/sshkey/testdata/ecdsa_1.pub] - [regress/unittests/sshkey/testdata/ecdsa_1_pw] - [regress/unittests/sshkey/testdata/ecdsa_2] - [regress/unittests/sshkey/testdata/ecdsa_2.fp] - [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb] - [regress/unittests/sshkey/testdata/ecdsa_2.param.curve] - [regress/unittests/sshkey/testdata/ecdsa_2.param.priv] - [regress/unittests/sshkey/testdata/ecdsa_2.param.pub] - [regress/unittests/sshkey/testdata/ecdsa_2.pub] - [regress/unittests/sshkey/testdata/ecdsa_n] - [regress/unittests/sshkey/testdata/ecdsa_n_pw] - [regress/unittests/sshkey/testdata/ed25519_1] - [regress/unittests/sshkey/testdata/ed25519_1-cert.fp] - [regress/unittests/sshkey/testdata/ed25519_1-cert.pub] - [regress/unittests/sshkey/testdata/ed25519_1.fp] - [regress/unittests/sshkey/testdata/ed25519_1.fp.bb] - [regress/unittests/sshkey/testdata/ed25519_1.pub] - [regress/unittests/sshkey/testdata/ed25519_1_pw] - [regress/unittests/sshkey/testdata/ed25519_2] - [regress/unittests/sshkey/testdata/ed25519_2.fp] - [regress/unittests/sshkey/testdata/ed25519_2.fp.bb] - [regress/unittests/sshkey/testdata/ed25519_2.pub] - [regress/unittests/sshkey/testdata/pw] - [regress/unittests/sshkey/testdata/rsa1_1] - [regress/unittests/sshkey/testdata/rsa1_1.fp] - [regress/unittests/sshkey/testdata/rsa1_1.fp.bb] - [regress/unittests/sshkey/testdata/rsa1_1.param.n] - [regress/unittests/sshkey/testdata/rsa1_1.pub] - [regress/unittests/sshkey/testdata/rsa1_1_pw] - [regress/unittests/sshkey/testdata/rsa1_2] - [regress/unittests/sshkey/testdata/rsa1_2.fp] - [regress/unittests/sshkey/testdata/rsa1_2.fp.bb] - [regress/unittests/sshkey/testdata/rsa1_2.param.n] - [regress/unittests/sshkey/testdata/rsa1_2.pub] - [regress/unittests/sshkey/testdata/rsa_1] - [regress/unittests/sshkey/testdata/rsa_1-cert.fp] - [regress/unittests/sshkey/testdata/rsa_1-cert.pub] - [regress/unittests/sshkey/testdata/rsa_1.fp] - [regress/unittests/sshkey/testdata/rsa_1.fp.bb] - [regress/unittests/sshkey/testdata/rsa_1.param.n] - [regress/unittests/sshkey/testdata/rsa_1.param.p] - [regress/unittests/sshkey/testdata/rsa_1.param.q] - [regress/unittests/sshkey/testdata/rsa_1.pub] - [regress/unittests/sshkey/testdata/rsa_1_pw] - [regress/unittests/sshkey/testdata/rsa_2] - [regress/unittests/sshkey/testdata/rsa_2.fp] - [regress/unittests/sshkey/testdata/rsa_2.fp.bb] - [regress/unittests/sshkey/testdata/rsa_2.param.n] - [regress/unittests/sshkey/testdata/rsa_2.param.p] - [regress/unittests/sshkey/testdata/rsa_2.param.q] - [regress/unittests/sshkey/testdata/rsa_2.pub] - [regress/unittests/sshkey/testdata/rsa_n] - [regress/unittests/sshkey/testdata/rsa_n_pw] - unit and fuzz tests for new key API - - (djm) [sshkey.c] Conditionalise inclusion of util.h - - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test - -20140618 - - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare - -20140617 - - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h} - openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}] - Move the OpenSSL header/library version test into its own function and add - tests for it. Fix it to allow fix version upgrades (but not downgrades). - Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150). - ok djm@ chl@ - -20140616 - - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via - OpenSMTPD and chl@ - -20140612 - - (dtucker) [configure.ac] Remove tcpwrappers support, support has already - been removed from sshd.c. - -20140611 - - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from - openbsd-compat/bsd-asprintf.c. - - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*] - Wrap stdlib.h include an ifdef for platforms that don't have it. - - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for - u_intXX_t types. - -20140610 - - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c - regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256 - curve tests if OpenSSL has them. - - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in - the proposal if the version of OpenSSL we're using doesn't support ECC. - - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef - ECC variable too. - - (dtucker) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/06/05 22:17:50 - [sshconnect2.c] - fix inverted test that caused PKCS#11 keys that were explicitly listed - not to be preferred. Reported by Dirk-Willem van Gulik - - dtucker@cvs.openbsd.org 2014/06/10 21:46:11 - [sshbuf.h] - Group ECC functions together to make things a little easier in -portable. - "doesn't bother me" deraadt@ - - (dtucker) [sshbuf.h] Only declare ECC functions if building without - OpenSSL or if OpenSSL has ECC. - - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an - assigment that might get optimized out. ok djm@ - - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for - compat stuff, specifically whether or not OpenSSL has ECC. - -20140527 - - (djm) [cipher.c] Fix merge botch. - - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config - from Corinna Vinschen, fixing a number of bugs and preparing for - Cygwin 1.7.30. - - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c] - [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege - separation user at runtime, since it may need to be a domain account. - Patch from Corinna Vinschen. - -20140522 - - (djm) [Makefile.in] typo in path - -20140521 - - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use - vhangup on Linux. It doens't work for non-root users, and for them - it just messes up the tty settings. - - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC - when it is available. It takes into account time spent suspended, - thereby ensuring timeouts (e.g. for expiring agent keys) fire - correctly. bz#2228 reported by John Haxby - -20140519 - - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine - OpenBSD - - OpenBSD CVS Sync - - logan@cvs.openbsd.org 2014/04/20 09:24:26 - [dns.c dns.h ssh-keygen.c] - Add support for SSHFP DNS records for ED25519 key types. - OK from djm@ - - logan@cvs.openbsd.org 2014/04/21 14:36:16 - [sftp-client.c sftp-client.h sftp.c] - Implement sftp upload resume support. - OK from djm@, with input from guenther@, mlarkin@ and - okan@ - - logan@cvs.openbsd.org 2014/04/22 10:07:12 - [sftp.c] - Sort the sftp command list. - OK from djm@ - - logan@cvs.openbsd.org 2014/04/22 12:42:04 - [sftp.1] - Document sftp upload resume. - OK from djm@, with feedback from okan@. - - jmc@cvs.openbsd.org 2014/04/22 14:16:30 - [sftp.1] - zap eol whitespace; - - djm@cvs.openbsd.org 2014/04/23 12:42:34 - [readconf.c] - don't record duplicate IdentityFiles - - djm@cvs.openbsd.org 2014/04/28 03:09:18 - [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h] - [ssh-keygen.c] - buffer_get_string_ptr's return should be const to remind - callers that futzing with it will futz with the actual buffer - contents - - djm@cvs.openbsd.org 2014/04/29 13:10:30 - [clientloop.c serverloop.c] - bz#1818 - don't send channel success/failre replies on channels that - have sent a close already; analysis and patch from Simon Tatham; - ok markus@ - - markus@cvs.openbsd.org 2014/04/29 18:01:49 - [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] - [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] - [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] - [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] - make compiling against OpenSSL optional (make OPENSSL=no); - reduces algorithms to curve25519, aes-ctr, chacha, ed25519; - allows us to explore further options; with and ok djm - - dtucker@cvs.openbsd.org 2014/04/29 19:58:50 - [sftp.c] - Move nulling of variable next to where it's freed. ok markus@ - - dtucker@cvs.openbsd.org 2014/04/29 20:36:51 - [sftp.c] - Don't attempt to append a nul quote char to the filename. Should prevent - fatal'ing with "el_insertstr failed" when there's a single quote char - somewhere in the string. bz#2238, ok markus@ - - djm@cvs.openbsd.org 2014/04/30 05:29:56 - [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c] - [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c] - [ssherr.h] - New buffer API; the first installment of the conversion/replacement - of OpenSSH's internals to make them usable as a standalone library. - - This includes a set of wrappers to make it compatible with the - existing buffer API so replacement can occur incrementally. - - With and ok markus@ - - Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew - Dempsky and Ron Bowes for a detailed review. - - naddy@cvs.openbsd.org 2014/04/30 19:07:48 - [mac.c myproposal.h umac.c] - UMAC can use our local fallback implementation of AES when OpenSSL isn't - available. Glue code straight from Ted Krovetz's original umac.c. - ok markus@ - - djm@cvs.openbsd.org 2014/05/02 03:27:54 - [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c] - [misc.h poly1305.h ssh-pkcs11.c defines.h] - revert __bounded change; it causes way more problems for portable than - it solves; pointed out by dtucker@ - - markus@cvs.openbsd.org 2014/05/03 17:20:34 - [monitor.c packet.c packet.h] - unbreak compression, by re-init-ing the compression code in the - post-auth child. the new buffer code is more strict, and requires - buffer_init() while the old code was happy after a bzero(); - originally from djm@ - - logan@cvs.openbsd.org 2014/05/05 07:02:30 - [sftp.c] - Zap extra whitespace. - - OK from djm@ and dtucker@ - - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write - portability glue to support building without libcrypto - - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c] - [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/03/13 20:44:49 - [login-timeout.sh] - this test is a sorry mess of race conditions; add another sleep - to avoid a failure on slow machines (at least until I find a - better way) - - djm@cvs.openbsd.org 2014/04/21 22:15:37 - [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh] - repair regress tests broken by server-side default cipher/kex/mac changes - by ensuring that the option under test is included in the server's - algorithm list - - dtucker@cvs.openbsd.org 2014/05/03 18:46:14 - [proxy-connect.sh] - Add tests for with and without compression, with and without privsep. - - logan@cvs.openbsd.org 2014/05/04 10:40:59 - [connect-privsep.sh] - Remove the Z flag from the list of malloc options as it - was removed from malloc.c 10 days ago. - - OK from miod@ - - (djm) [regress/unittests/Makefile] - [regress/unittests/Makefile.inc] - [regress/unittests/sshbuf/Makefile] - [regress/unittests/sshbuf/test_sshbuf.c] - [regress/unittests/sshbuf/test_sshbuf_fixed.c] - [regress/unittests/sshbuf/test_sshbuf_fuzz.c] - [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] - [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] - [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] - [regress/unittests/sshbuf/test_sshbuf_misc.c] - [regress/unittests/sshbuf/tests.c] - [regress/unittests/test_helper/Makefile] - [regress/unittests/test_helper/fuzz.c] - [regress/unittests/test_helper/test_helper.c] - [regress/unittests/test_helper/test_helper.h] - Import new unit tests from OpenBSD; not yet hooked up to build. - - (djm) [regress/Makefile Makefile.in] - [regress/unittests/sshbuf/test_sshbuf.c - [regress/unittests/sshbuf/test_sshbuf_fixed.c] - [regress/unittests/sshbuf/test_sshbuf_fuzz.c] - [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] - [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] - [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] - [regress/unittests/sshbuf/test_sshbuf_misc.c] - [regress/unittests/sshbuf/tests.c] - [regress/unittests/test_helper/fuzz.c] - [regress/unittests/test_helper/test_helper.c] - Hook new unit tests into the build and "make tests" - - (djm) [sshbuf.c] need __predict_false - -20140430 - - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already - have it. Only attempt to use __attribute__(__bounded__) for gcc. - -20140420 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/03/03 22:22:30 - [session.c] - ignore enviornment variables with embedded '=' or '\0' characters; - spotted by Jann Horn; ok deraadt@ - Id sync only - portable already has this. - - djm@cvs.openbsd.org 2014/03/12 04:44:58 - [ssh-keyscan.c] - scan for Ed25519 keys by default too - - djm@cvs.openbsd.org 2014/03/12 04:50:32 - [auth-bsdauth.c ssh-keygen.c] - don't count on things that accept arguments by reference to clear - things for us on error; most things do, but it's unsafe form. - - djm@cvs.openbsd.org 2014/03/12 04:51:12 - [authfile.c] - correct test that kdf name is not "none" or "bcrypt" - - naddy@cvs.openbsd.org 2014/03/12 13:06:59 - [ssh-keyscan.1] - scan for Ed25519 keys by default too - - deraadt@cvs.openbsd.org 2014/03/15 17:28:26 - [ssh-agent.c ssh-keygen.1 ssh-keygen.c] - Improve usage() and documentation towards the standard form. - In particular, this line saves a lot of man page reading time. - usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] - [-N new_passphrase] [-C comment] [-f output_keyfile] - ok schwarze jmc - - tedu@cvs.openbsd.org 2014/03/17 19:44:10 - [ssh.1] - old descriptions of des and blowfish are old. maybe ok deraadt - - tedu@cvs.openbsd.org 2014/03/19 14:42:44 - [scp.1] - there is no need for rcp anymore - ok deraadt millert - - markus@cvs.openbsd.org 2014/03/25 09:40:03 - [myproposal.h] - trimm default proposals. - - This commit removes the weaker pre-SHA2 hashes, the broken ciphers - (arcfour), and the broken modes (CBC) from the default configuration - (the patch only changes the default, all the modes are still available - for the config files). - - ok djm@, reminded by tedu@ & naddy@ and discussed with many - - deraadt@cvs.openbsd.org 2014/03/26 17:16:26 - [myproposal.h] - The current sharing of myproposal[] between both client and server code - makes the previous diff highly unpallatable. We want to go in that - direction for the server, but not for the client. Sigh. - Brought up by naddy. - - markus@cvs.openbsd.org 2014/03/27 23:01:27 - [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] - disable weak proposals in sshd, but keep them in ssh; ok djm@ - - djm@cvs.openbsd.org 2014/03/26 04:55:35 - [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c - [misc.h poly1305.h ssh-pkcs11.c] - use __bounded(...) attribute recently added to sys/cdefs.h instead of - longform __attribute__(__bounded(...)); - - for brevity and a warning free compilation with llvm/clang - - tedu@cvs.openbsd.org 2014/03/26 19:58:37 - [sshd.8 sshd.c] - remove libwrap support. ok deraadt djm mfriedl - - naddy@cvs.openbsd.org 2014/03/28 05:17:11 - [ssh_config.5 sshd_config.5] - sync available and default algorithms, improve algorithm list formatting - help from jmc@ and schwarze@, ok deraadt@ - - jmc@cvs.openbsd.org 2014/03/31 13:39:34 - [ssh-keygen.1] - the text for the -K option was inserted in the wrong place in -r1.108; - fix From: Matthew Clarke - - djm@cvs.openbsd.org 2014/04/01 02:05:27 - [ssh-keysign.c] - include fingerprint of key not found - use arc4random_buf() instead of loop+arc4random() - - djm@cvs.openbsd.org 2014/04/01 03:34:10 - [sshconnect.c] - When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any - certificate keys to plain keys and attempt SSHFP resolution. - - Prevents a server from skipping SSHFP lookup and forcing a new-hostkey - dialog by offering only certificate keys. - - Reported by mcv21 AT cam.ac.uk - - djm@cvs.openbsd.org 2014/04/01 05:32:57 - [packet.c] - demote a debug3 to PACKET_DEBUG; ok markus@ - - djm@cvs.openbsd.org 2014/04/12 04:55:53 - [sshd.c] - avoid crash at exit: check that pmonitor!=NULL before dereferencing; - bz#2225, patch from kavi AT juniper.net - - djm@cvs.openbsd.org 2014/04/16 23:22:45 - [bufaux.c] - skip leading zero bytes in buffer_put_bignum2_from_string(); - reported by jan AT mojzis.com; ok markus@ - - djm@cvs.openbsd.org 2014/04/16 23:28:12 - [ssh-agent.1] - remove the identity files from this manpage - ssh-agent doesn't deal - with them at all and the same information is duplicated in ssh-add.1 - (which does deal with them); prodded by deraadt@ - - djm@cvs.openbsd.org 2014/04/18 23:52:25 - [compat.c compat.h sshconnect2.c sshd.c version.h] - OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections - using the curve25519-sha256@libssh.org KEX exchange method to fail - when connecting with something that implements the spec properly. - - Disable this KEX method when speaking to one of the affected - versions. - - reported by Aris Adamantiadis; ok markus@ - - djm@cvs.openbsd.org 2014/04/19 05:54:59 - [compat.c] - missing wildcard; pointed out by naddy@ - - tedu@cvs.openbsd.org 2014/04/19 14:53:48 - [ssh-keysign.c sshd.c] - Delete futile calls to RAND_seed. ok djm - NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon - - tedu@cvs.openbsd.org 2014/04/19 18:15:16 - [sshd.8] - remove some really old rsh references - - tedu@cvs.openbsd.org 2014/04/19 18:42:19 - [ssh.1] - delete .xr to hosts.equiv. there's still an unfortunate amount of - documentation referring to rhosts equivalency in here. - - djm@cvs.openbsd.org 2014/04/20 02:30:25 - [misc.c misc.h umac.c] - use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on - strict-alignment architectures; reported by and ok stsp@ - - djm@cvs.openbsd.org 2014/04/20 02:49:32 - [compat.c] - add a canonical 6.6 + curve25519 bignum fix fake version that I can - recommend people use ahead of the openssh-6.7 release - -20140401 - - (djm) On platforms that support it, use prctl() to prevent sftp-server - from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net - - (djm) Use full release (e.g. 6.5p1) in debug output rather than just - version. From des@des.no - -20140317 - - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to - remind myself to add sandbox violation logging via the log socket. - -20140314 - - (tim) [opensshd.init.in] Add support for ed25519 - -20140313 - - (djm) Release OpenSSH 6.6 - -20140304 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/03/03 22:22:30 - [session.c] - ignore enviornment variables with embedded '=' or '\0' characters; - spotted by Jann Horn; ok deraadt@ - -20140301 - - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when - no moduli file exists at the expected location. - -20140228 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/02/27 00:41:49 - [bufbn.c] - fix unsigned overflow that could lead to reading a short ssh protocol - 1 bignum value; found by Ben Hawkes; ok deraadt@ - - djm@cvs.openbsd.org 2014/02/27 08:25:09 - [bufbn.c] - off by one in range check - - djm@cvs.openbsd.org 2014/02/27 22:47:07 - [sshd_config.5] - bz#2184 clarify behaviour of a keyword that appears in multiple - matching Match blocks; ok dtucker@ - - djm@cvs.openbsd.org 2014/02/27 22:57:40 - [version.h] - openssh-6.6 - - dtucker@cvs.openbsd.org 2014/01/19 23:43:02 - [regress/sftp-chroot.sh] - Don't use -q on sftp as it suppresses logging, instead redirect the - output to the regress logfile. - - dtucker@cvs.openbsd.org 2014/01/20 00:00:30 - [sregress/ftp-chroot.sh] - append to rather than truncating the log file - - dtucker@cvs.openbsd.org 2014/01/25 04:35:32 - [regress/Makefile regress/dhgex.sh] - Add a test for DH GEX sizes - - djm@cvs.openbsd.org 2014/01/26 10:22:10 - [regress/cert-hostkey.sh] - automatically generate revoked keys from listed keys rather than - manually specifying each type; from portable - (Id sync only) - - djm@cvs.openbsd.org 2014/01/26 10:49:17 - [scp-ssh-wrapper.sh scp.sh] - make sure $SCP is tested on the remote end rather than whichever one - happens to be in $PATH; from portable - (Id sync only) - - djm@cvs.openbsd.org 2014/02/27 20:04:16 - [login-timeout.sh] - remove any existing LoginGraceTime from sshd_config before adding - a specific one for the test back in - - djm@cvs.openbsd.org 2014/02/27 21:21:25 - [agent-ptrace.sh agent.sh] - keep return values that are printed in error messages; - from portable - (Id sync only) - - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Crank version numbers - - (djm) [regress/host-expand.sh] Add RCS Id - -20140227 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/02/26 20:18:37 - [ssh.c] - bz#2205: avoid early hostname lookups unless canonicalisation is enabled; - ok dtucker@ markus@ - - djm@cvs.openbsd.org 2014/02/26 20:28:44 - [auth2-gss.c gss-serv.c ssh-gss.h sshd.c] - bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep - sandboxing, as running this code in the sandbox can cause violations; - ok markus@ - - djm@cvs.openbsd.org 2014/02/26 20:29:29 - [channels.c] - don't assume that the socks4 username is \0 terminated; - spotted by Ben Hawkes; ok markus@ - - markus@cvs.openbsd.org 2014/02/26 21:53:37 - [sshd.c] - ssh_gssapi_prepare_supported_oids needs GSSAPI - -20140224 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/02/07 06:55:54 - [cipher.c mac.c] - remove some logging that makes ssh debugging output very verbose; - ok markus - - djm@cvs.openbsd.org 2014/02/15 23:05:36 - [channels.c] - avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; - bz#2200, debian#738692 via Colin Watson; ok dtucker@ - - djm@cvs.openbsd.org 2014/02/22 01:32:19 - [readconf.c] - when processing Match blocks, skip 'exec' clauses if previous predicates - failed to match; ok markus@ - - djm@cvs.openbsd.org 2014/02/23 20:03:42 - [ssh-ed25519.c] - check for unsigned overflow; not reachable in OpenSSH but others might - copy our code... - - djm@cvs.openbsd.org 2014/02/23 20:11:36 - [readconf.c readconf.h ssh.c ssh_config.5] - reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes - the hostname. This allows users to write configurations that always - refer to canonical hostnames, e.g. - - CanonicalizeHostname yes - CanonicalDomains int.example.org example.org - CanonicalizeFallbackLocal no - - Host *.int.example.org - Compression off - Host *.example.org - User djm - - ok markus@ + portability fix: Solaris systems may not have a grep that understands -q -20140213 - - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat - code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex. - -20140207 - - OpenBSD CVS Sync - - naddy@cvs.openbsd.org 2014/02/05 20:13:25 - [ssh-keygen.1 ssh-keygen.c] - tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@ - while here, fix ordering in usage(); requested by jmc@ - - djm@cvs.openbsd.org 2014/02/06 22:21:01 - [sshconnect.c] - in ssh_create_socket(), only do the getaddrinfo for BindAddress when - BindAddress is actually specified. Fixes regression in 6.5 for - UsePrivilegedPort=yes; patch from Corinna Vinschen - -20140206 - - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL - before freeing since free(NULL) is a no-op. ok djm. - - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define - __NR_shutdown; some go via the socketcall(2) multiplexer. - -20140205 - - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by - headers/libc but not supported by the kernel. Patch from Loganaden - Velvindron @ AfriNIC - -20140204 - - OpenBSD CVS Sync - - markus@cvs.openbsd.org 2014/01/27 18:58:14 - [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] - replace openssl HMAC with an implementation based on our ssh_digest_* - ok and feedback djm@ - - markus@cvs.openbsd.org 2014/01/27 19:18:54 - [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] - replace openssl MD5 with our ssh_digest_*; ok djm@ - - markus@cvs.openbsd.org 2014/01/27 20:13:46 - [digest.c digest-openssl.c digest-libc.c Makefile.in] - rename digest.c to digest-openssl.c and add libc variant; ok djm@ - - jmc@cvs.openbsd.org 2014/01/28 14:13:39 - [ssh-keyscan.1] - kill some bad Pa; - From: Jan Stary - - djm@cvs.openbsd.org 2014/01/29 00:19:26 - [sshd.c] - use kill(0, ...) instead of killpg(0, ...); on most operating systems - they are equivalent, but SUSv2 describes the latter as having undefined - behaviour; from portable; ok dtucker - (Id sync only; change is already in portable) - - djm@cvs.openbsd.org 2014/01/29 06:18:35 - [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] - [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] - [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] - remove experimental, never-enabled JPAKE code; ok markus@ - - jmc@cvs.openbsd.org 2014/01/29 14:04:51 - [sshd_config.5] - document kbdinteractiveauthentication; - requested From: Ross L Richardson - - dtucker/markus helped explain its workings; - - djm@cvs.openbsd.org 2014/01/30 22:26:14 - [sandbox-systrace.c] - allow shutdown(2) syscall in sandbox - it may be called by packet_close() - from portable - (Id sync only; change is already in portable) - - tedu@cvs.openbsd.org 2014/01/31 16:39:19 - [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] - [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] - [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] - [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] - [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] - replace most bzero with explicit_bzero, except a few that cna be memset - ok djm dtucker - - djm@cvs.openbsd.org 2014/02/02 03:44:32 - [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] - [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] - [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] - [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] - [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] - [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] - [sshd.c] - convert memset of potentially-private data to explicit_bzero() - - djm@cvs.openbsd.org 2014/02/03 23:28:00 - [ssh-ecdsa.c] - fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike - DSA_SIG_new. Reported by Batz Spear; ok markus@ - - djm@cvs.openbsd.org 2014/02/02 03:44:31 - [digest-libc.c digest-openssl.c] - convert memset of potentially-private data to explicit_bzero() - - djm@cvs.openbsd.org 2014/02/04 00:24:29 - [ssh.c] - delay lowercasing of hostname until right before hostname - canonicalisation to unbreak case-sensitive matching of ssh_config; - reported by Ike Devolder; ok markus@ - - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o - - (djm) [regress/setuid-allowed.c] Missing string.h for strerror() - -20140131 - - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) - syscall from sandboxes; it may be called by packet_close. - - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros. Fixes - build with HP-UX's compiler. Patch from Kevin Brott. - - (tim) [Makefile.in] build regress/setuid-allow. - -20140130 - - (djm) [configure.ac] Only check for width-specified integer types - in headers that actually exist. patch from Tom G. Christensen; - ok dtucker@ - - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering - different symbols for 'read' when various compiler flags are - in use, causing atomicio.c comparisons against it to break and - read/write operations to hang; ok dtucker - - (djm) Release openssh-6.5p1 - -20140129 - - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from - Tom G. Christensen - -20140128 - - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl; - ok dtucker - - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the - latter being specified to have undefined behaviour in SUSv3; - ok dtucker - - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable - when used as an error message inside an if statement so we display the - correct into. agent.sh patch from Petr Lautrbach. - -20140127 - - (dtucker) [Makefile.in] Remove trailing backslash which some make - implementations (eg older Solaris) do not cope with. - -20140126 - - OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2014/01/25 10:12:50 - [cipher.c cipher.h kex.c kex.h kexgexc.c] - Add a special case for the DH group size for 3des-cbc, which has an - effective strength much lower than the key size. This causes problems - with some cryptlib implementations, which don't support group sizes larger - than 4k but also don't use the largest group size it does support as - specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, - reduced by me with input from Markus. ok djm@ markus@ - - markus@cvs.openbsd.org 2014/01/25 20:35:37 - [kex.c] - dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len) - ok dtucker@, noted by mancha - - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable - RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations, - libc will attempt to open additional file descriptors for crypto - offload and crash if they cannot be opened. - - (djm) [configure.ac] correct AC_DEFINE for previous. - -20140125 - - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD - - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless - sys/capability.h exists and cap_rights_limit is in libc. Fixes - build on FreeBSD9x which provides the header but not the libc - support. - - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test - against the correct thing. - -20140124 - - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make - the scp regress test actually test the built scp rather than the one - in $PATH. ok dtucker@ - -20140123 - - (tim) [session.c] Improve error reporting on set_id(). - - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously - incompatible with OpenBSD's despite post-dating it by more than a decade. - Declare it as broken, and document FreeBSD's as the same. ok djm@ - -20140122 - - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a - platform that is expected to use the reuse-argv style setproctitle - hack surprises us by providing a setproctitle in libc; ok dtucker - - (djm) [configure.ac] Unless specifically requested, only attempt - to build Position Independent Executables on gcc >= 4.x; ok dtucker - - (djm) [configure.ac aclocal.m4] More tests to detect fallout from - platform hardening options: include some long long int arithmatic - to detect missing support functions for -ftrapv in libgcc and - equivalents, actually test linking when -ftrapv is supplied and - set either both -pie/-fPIE or neither. feedback and ok dtucker@ - -20140121 - - (dtucker) [configure.ac] Make PIE a configure-time option which defaults - to on platforms where it's known to be reliably detected and off elsewhere. - Works around platforms such as FreeBSD 9.1 where it does not interop with - -ftrapv (it seems to work but fails when trying to link ssh). ok djm@ - - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time - tests in the configure output. ok djm. - - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced - with sftp chroot support. Move set_id call after chroot. - - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE - and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of - detecting toolchain-related problems; ok dtucker - -20140120 - - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos - implementation does not have krb5_cc_new_unique, similar to what we do - in auth-krb5.c. - - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that - skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@ - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/01/20 00:08:48 - [digest.c] - memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@ - -20140119 - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2014/01/17 06:23:24 - [sftp-server.c] - fix log message statvfs. ok djm - - dtucker@cvs.openbsd.org 2014/01/18 09:36:26 - [session.c] - explicitly define USE_PIPES to 1 to prevent redefinition warnings in - portable on platforms that use pipes for everything. From vinschen at - redhat. - - dtucker@cvs.openbsd.org 2014/01/19 04:17:29 - [canohost.c addrmatch.c] - Cast socklen_t when comparing to size_t and use socklen_t to iterate over - the ip options, both to prevent signed/unsigned comparison warnings. - Patch from vinschen at redhat via portable openssh, begrudging ok deraadt. - - djm@cvs.openbsd.org 2014/01/19 04:48:08 - [ssh_config.5] - fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal - - dtucker@cvs.openbsd.org 2014/01/19 11:21:51 - [addrmatch.c] - Cast the sizeof to socklen_t so it'll work even if the supplied len is - negative. Suggested by and ok djm, ok deraadt. - -20140118 - - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin. Patch - from vinschen at redhat.com - - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function - declarations that stopped being included when we stopped including - <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at - redhat.com. - - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs, - optind) are defined in getopt.h already. Unfortunately they are defined as - "declspec(dllimport)" for historical reasons, because the GNU linker didn't - allow auto-import on PE/COFF targets way back when. The problem is the - dllexport attributes collide with the definitions in the various source - files in OpenSSH, which obviousy define the variables without - declspec(dllimport). The least intrusive way to get rid of these warnings - is to disable warnings for GCC compiler attributes when building on Cygwin. - Patch from vinschen at redhat.com. - - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the - return value check for cap_enter() consistent with the other uses in - FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140. - -20140117 - - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain - hardening flags including -fstack-protector-strong. These default to on - if the toolchain supports them, but there is a configure-time knob - (--without-hardening) to disable them if necessary. ok djm@ - - (djm) [sftp-client.c] signed/unsigned comparison fix - - (dtucker) [loginrec.c] Cast to the types specfied in the format - specification to prevent warnings. - - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. - - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. - - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include - includes.h to pull in all of the compatibility stuff. - - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside - #ifdef HAVE_STDINT_H. - - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that - don't have them. - - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into - separate lines and alphabetize for easier diffing of changes. - - (dtucker) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/01/17 00:21:06 - [sftp-client.c] - signed/unsigned comparison warning fix; from portable (Id sync only) - - dtucker@cvs.openbsd.org 2014/01/17 05:26:41 - [digest.c] - remove unused includes. ok djm@ - - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] - [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] - [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing - using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling - Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@ - - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c - openbsd-compat/openssl-compat.h] Add compatibility layer for older - openssl versions. ok djm@ - - (dtucker) Fix typo in #ifndef. - - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c - openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs - to be useful (and for the regression tests to pass) on platforms that - have statfs and fstatfs. ok djm@ - - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we - need them to cut down on the name collisions. - - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types. - - (dtucker) [configure.ac] Have --without-hardening not turn off - stack-protector since that has a separate flag that's been around a while. - - (dtucker) [readconf.c] Wrap paths.h inside an ifdef. Allows building on - Solaris. - - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after - they're defined if we have to define them ourselves. Fixes builds on old - AIX. - -20140118 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/01/16 07:31:09 - [sftp-client.c] - needless and incorrect cast to size_t can break resumption of - large download; patch from tobias@ - - djm@cvs.openbsd.org 2014/01/16 07:32:00 - [version.h] - openssh-6.5 - - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Crank RPM spec version numbers. - - (djm) [README] update release notes URL. - -20140112 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2014/01/10 05:59:19 - [sshd_config] - the /etc/ssh/ssh_host_ed25519_key is loaded by default too - - djm@cvs.openbsd.org 2014/01/12 08:13:13 - [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c] - [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c] - avoid use of OpenSSL BIGNUM type and functions for KEX with - Curve25519 by adding a buffer_put_bignum2_from_string() that stores - a string using the bignum encoding rules. Will make it easier to - build a reduced-feature OpenSSH without OpenSSL in the future; - ok markus@ +commit 8ef691f7d9ef500257a549d0906d78187490668f +Author: Damien Miller <djm@google.com> +Date: Wed Mar 11 10:35:26 2015 +1100 -20140110 - - (djm) OpenBSD CVS Sync - - tedu@cvs.openbsd.org 2014/01/04 17:50:55 - [mac.c monitor_mm.c monitor_mm.h xmalloc.c] - use standard types and formats for size_t like variables. ok dtucker - - guenther@cvs.openbsd.org 2014/01/09 03:26:00 - [sftp-common.c] - When formating the time for "ls -l"-style output, show dates in the future - with the year, and rearrange a comparison to avoid a potentional signed - arithmetic overflow that would give the wrong result. - ok djm@ - - djm@cvs.openbsd.org 2014/01/09 23:20:00 - [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c] - [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c] - [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c] - [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c] - Introduce digest API and use it to perform all hashing operations - rather than calling OpenSSL EVP_Digest* directly. Will make it easier - to build a reduced-feature OpenSSH without OpenSSL in future; - feedback, ok markus@ - - djm@cvs.openbsd.org 2014/01/09 23:26:48 - [sshconnect.c sshd.c] - ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient, - deranged and might make some attacks on KEX easier; ok markus@ - -20140108 - - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@ - -20131231 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/12/30 23:52:28 - [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] - [sshconnect.c sshconnect2.c sshd.c] - refuse RSA keys from old proprietary clients/servers that use the - obsolete RSA+MD5 signature scheme. it will still be possible to connect - with these clients/servers but only DSA keys will be accepted, and we'll - deprecate them entirely in a future release. ok markus@ - -20131229 - - (djm) [loginrec.c] Check for username truncation when looking up lastlog - entries - - (djm) [regress/Makefile] Add some generated files for cleaning - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/12/19 00:10:30 - [ssh-add.c] - skip requesting smartcard PIN when removing keys from agent; bz#2187 - patch from jay AT slushpupie.com; ok dtucker - - dtucker@cvs.openbsd.org 2013/12/19 00:19:12 - [serverloop.c] - Cast client_alive_interval to u_int64_t before assinging to - max_time_milliseconds to avoid potential integer overflow in the timeout. - bz#2170, patch from Loganaden Velvindron, ok djm@ - - djm@cvs.openbsd.org 2013/12/19 00:27:57 - [auth-options.c] - simplify freeing of source-address certificate restriction - - djm@cvs.openbsd.org 2013/12/19 01:04:36 - [channels.c] - bz#2147: fix multiple remote forwardings with dynamically assigned - listen ports. In the s->c message to open the channel we were sending - zero (the magic number to request a dynamic port) instead of the actual - listen port. The client therefore had no way of discriminating between - them. - - Diagnosis and fix by ronf AT timeheart.net - - djm@cvs.openbsd.org 2013/12/19 01:19:41 - [ssh-agent.c] - bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent - that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; - ok dtucker - - djm@cvs.openbsd.org 2013/12/19 22:57:13 - [poly1305.c poly1305.h] - use full name for author, with his permission - - tedu@cvs.openbsd.org 2013/12/21 07:10:47 - [ssh-keygen.1] - small typo - - djm@cvs.openbsd.org 2013/12/27 22:30:17 - [ssh-dss.c ssh-ecdsa.c ssh-rsa.c] - make the original RSA and DSA signing/verification code look more like - the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type - rather than tediously listing all variants, use __func__ for debug/ - error messages - - djm@cvs.openbsd.org 2013/12/27 22:37:18 - [ssh-rsa.c] - correct comment - - djm@cvs.openbsd.org 2013/12/29 02:28:10 - [key.c] - allow ed25519 keys to appear as certificate authorities - - djm@cvs.openbsd.org 2013/12/29 02:37:04 - [key.c] - correct comment for key_to_certified() - - djm@cvs.openbsd.org 2013/12/29 02:49:52 - [key.c] - correct comment for key_drop_cert() - - djm@cvs.openbsd.org 2013/12/29 04:20:04 - [key.c] - to make sure we don't omit any key types as valid CA keys again, - factor the valid key type check into a key_type_is_valid_ca() - function - - djm@cvs.openbsd.org 2013/12/29 04:29:25 - [authfd.c] - allow deletion of ed25519 keys from the agent - - djm@cvs.openbsd.org 2013/12/29 04:35:50 - [authfile.c] - don't refuse to load Ed25519 certificates - - djm@cvs.openbsd.org 2013/12/29 05:42:16 - [ssh.c] - don't forget to load Ed25519 certs too - - djm@cvs.openbsd.org 2013/12/29 05:57:02 - [sshconnect.c] - when showing other hostkeys, don't forget Ed25519 keys - -20131221 - - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. - -20131219 - - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions - greater than 11 either rather than just 11. Patch from Tomas Kuthan. - - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item(). - Patch from Loganaden Velvindron. - -20131218 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/12/07 08:08:26 - [ssh-keygen.1] - document -a and -o wrt new key format - - naddy@cvs.openbsd.org 2013/12/07 11:58:46 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1] - [ssh_config.5 sshd.8 sshd_config.5] - add missing mentions of ed25519; ok djm@ - - dtucker@cvs.openbsd.org 2013/12/08 09:53:27 - [sshd_config.5] - Use a literal for the default value of KEXAlgorithms. ok deraadt jmc - - markus@cvs.openbsd.org 2013/12/09 11:03:45 - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] - [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] - Add Authors for the public domain ed25519/nacl code. - see also http://nacl.cr.yp.to/features.html - All of the NaCl software is in the public domain. - and http://ed25519.cr.yp.to/software.html - The Ed25519 software is in the public domain. - - markus@cvs.openbsd.org 2013/12/09 11:08:17 - [crypto_api.h] - remove unused defines - - pascal@cvs.openbsd.org 2013/12/15 18:17:26 - [ssh-add.c] - Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page. - ok markus@ - - djm@cvs.openbsd.org 2013/12/15 21:42:35 - [cipher-chachapoly.c] - add some comments and constify a constant - - markus@cvs.openbsd.org 2013/12/17 10:36:38 - [crypto_api.h] - I've assempled the header file by cut&pasting from generated headers - and the source files. - -20131208 - - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna - Vinschen - - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh] - [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid - filesystem before running agent-ptrace.sh; ok dtucker - -20131207 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/12/05 22:59:45 - [sftp-client.c] - fix memory leak in error path in do_readdir(); pointed out by - Loganaden Velvindron @ AfriNIC in bz#2163 - - djm@cvs.openbsd.org 2013/12/06 03:40:51 - [ssh-keygen.c] - remove duplicated character ('g') in getopt() string; - document the (few) remaining option characters so we don't have to - rummage next time. - - markus@cvs.openbsd.org 2013/12/06 13:30:08 - [authfd.c key.c key.h ssh-agent.c] - move private key (de)serialization to key.c; ok djm - - markus@cvs.openbsd.org 2013/12/06 13:34:54 - [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c] - [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by - default; details in PROTOCOL.key; feedback and lots help from djm; - ok djm@ - - markus@cvs.openbsd.org 2013/12/06 13:39:49 - [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] - [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] - [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] - [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] - [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] - support ed25519 keys (hostkeys and user identities) using the public - domain ed25519 reference code from SUPERCOP, see - http://ed25519.cr.yp.to/software.html - feedback, help & ok djm@ - - jmc@cvs.openbsd.org 2013/12/06 15:29:07 - [sshd.8] - missing comma; - - djm@cvs.openbsd.org 2013/12/07 00:19:15 - [key.c] - set k->cert = NULL after freeing it - - markus@cvs.openbsd.org 2013/12/06 13:52:46 - [regress/Makefile regress/agent.sh regress/cert-hostkey.sh] - [regress/cert-userkey.sh regress/keytype.sh] - test ed25519 support; from djm@ - - (djm) [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] - [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents - - (djm) [Makefile.in] Add ed25519 sources - - (djm) [authfile.c] Conditionalise inclusion of util.h - - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c] - [openbsd-compat/blf.h openbsd-compat/blowfish.c] - [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in - portable. - - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in] - [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on - Linux - - (djm) [regress/cert-hostkey.sh] Fix merge botch - - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from - Loganaden Velvindron @ AfriNIC in bz#2179 - -20131205 - - (djm) OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2013/11/21 08:05:09 - [ssh_config.5 sshd_config.5] - no need for .Pp before displays; - - deraadt@cvs.openbsd.org 2013/11/25 18:04:21 - [ssh.1 ssh.c] - improve -Q usage and such. One usage change is that the option is now - case-sensitive - ok dtucker markus djm - - jmc@cvs.openbsd.org 2013/11/26 12:14:54 - [ssh.1 ssh.c] - - put -Q in the right place - - Ar was a poor choice for the arguments to -Q. i've chosen an - admittedly equally poor Cm, at least consistent with the rest - of the docs. also no need for multiple instances - - zap a now redundant Nm - - usage() sync - - deraadt@cvs.openbsd.org 2013/11/26 19:15:09 - [pkcs11.h] - cleanup 1 << 31 idioms. Resurrection of this issue pointed out by - Eitan Adler ok markus for ssh, implies same change in kerberosV - - djm@cvs.openbsd.org 2013/12/01 23:19:05 - [PROTOCOL] - mention curve25519-sha256@libssh.org key exchange algorithm - - djm@cvs.openbsd.org 2013/12/02 02:50:27 - [PROTOCOL.chacha20poly1305] - typo; from Jon Cave - - djm@cvs.openbsd.org 2013/12/02 02:56:17 - [ssh-pkcs11-helper.c] - use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC - - djm@cvs.openbsd.org 2013/12/02 03:09:22 - [key.c] - make key_to_blob() return a NULL blob on failure; part of - bz#2175 from Loganaden Velvindron @ AfriNIC - - djm@cvs.openbsd.org 2013/12/02 03:13:14 - [cipher.c] - correct bzero of chacha20+poly1305 key context. bz#2177 from - Loganaden Velvindron @ AfriNIC - - Also make it a memset for consistency with the rest of cipher.c - - djm@cvs.openbsd.org 2013/12/04 04:20:01 - [sftp-client.c] - bz#2171: don't leak local_fd on error; from Loganaden Velvindron @ - AfriNIC - - djm@cvs.openbsd.org 2013/12/05 01:16:41 - [servconf.c servconf.h] - bz#2161 - fix AuthorizedKeysCommand inside a Match block and - rearrange things so the same error is harder to make next time; - with and ok dtucker@ - - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct - -L location for libedit. Patch from Serge van den Boom. - -20131121 - - (djm) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/11/08 11:15:19 - [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c] - [uidswap.c] Include stdlib.h for free() as per the man page. - - markus@cvs.openbsd.org 2013/11/13 13:48:20 - [ssh-pkcs11.c] - add missing braces found by pedro - - djm@cvs.openbsd.org 2013/11/20 02:19:01 - [sshd.c] - delay closure of in/out fds until after "Bad protocol version - identification..." message, as get_remote_ipaddr/get_remote_port - require them open. - - deraadt@cvs.openbsd.org 2013/11/20 20:53:10 - [scp.c] - unsigned casts for ctype macros where neccessary - ok guenther millert markus - - deraadt@cvs.openbsd.org 2013/11/20 20:54:10 - [canohost.c clientloop.c match.c readconf.c sftp.c] - unsigned casts for ctype macros where neccessary - ok guenther millert markus - - djm@cvs.openbsd.org 2013/11/21 00:45:44 - [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] - [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] - [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] - [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport - cipher "chacha20-poly1305@openssh.com" that combines Daniel - Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an - authenticated encryption mode. - - Inspired by and similar to Adam Langley's proposal for TLS: - http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 - but differs in layout used for the MAC calculation and the use of a - second ChaCha20 instance to separately encrypt packet lengths. - Details are in the PROTOCOL.chacha20poly1305 file. - - Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC - ok markus@ naddy@ - - naddy@cvs.openbsd.org 2013/11/18 05:09:32 - [regress/forward-control.sh] - bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164) - to successfully run this; ok djm@ - - djm@cvs.openbsd.org 2013/11/21 03:15:46 - [regress/krl.sh] - add some reminders for additional tests that I'd like to implement - - djm@cvs.openbsd.org 2013/11/21 03:16:47 - [regress/modpipe.c] - use unsigned long long instead of u_int64_t here to avoid warnings - on some systems portable OpenSSH is built on. - - djm@cvs.openbsd.org 2013/11/21 03:18:51 - [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh] - [regress/try-ciphers.sh] - use new "ssh -Q cipher-auth" query to obtain lists of authenticated - encryption ciphers instead of specifying them manually; ensures that - the new chacha20poly1305@openssh.com mode is tested; - - ok markus@ and naddy@ as part of the diff to add - chacha20poly1305@openssh.com - -20131110 - - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by - querying the ones that are compiled in. - -20131109 - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 - [regress/test-exec.sh regress/rekey.sh] - Use smaller test data files to speed up tests. Grow test datafiles - where necessary for a specific test. - - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of - NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the - latter actually works before using it. Fedora (at least) has NID_secp521r1 - that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897). - - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test. - - (dtucker) [configure.ac] Add missing "test". - - (dtucker) [key.c] Check for the correct defines for NID_secp521r1. - -20131108 - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 - [regress/rekey.sh] - Rekey less frequently during tests to speed them up - - (djm) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/11/07 11:58:27 - [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] - Output the effective values of Ciphers, MACs and KexAlgorithms when - the default has not been overridden. ok markus@ - - djm@cvs.openbsd.org 2013/11/08 00:39:15 - [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] - [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] - [sftp-client.c sftp-glob.c] - use calloc for all structure allocations; from markus@ - - djm@cvs.openbsd.org 2013/11/08 01:38:11 - [version.h] - openssh-6.4 - - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Update version numbers following release. - - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of - arc4random_stir for platforms that have arc4random but don't have - arc4random_stir (right now this is only OpenBSD -current). - - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have - EVP_sha256. - - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256. - - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile - warnings. - - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform - and pass in TEST_ENV. use stderr to get polluted - and the stderr-data test to fail. - - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation: - rather than testing and generating each key, call ssh-keygen -A. - Patch from vinschen at redhat.com. - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 - [regress/test-exec.sh regress/rekey.sh] - Use smaller test data files to speed up tests. Grow test datafiles - where necessary for a specific test. - -20131107 - - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) - that got lost in recent merge. - - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff - - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these - - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms - that lack it but have arc4random_uniform() - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2013/11/04 11:51:16 - [monitor.c] - fix rekeying for KEX_C25519_SHA256; noted by dtucker@ - RCSID sync only; I thought this was a merge botch and fixed it already - - markus@cvs.openbsd.org 2013/11/06 16:52:11 - [monitor_wrap.c] - fix rekeying for AES-GCM modes; ok deraadt - - djm@cvs.openbsd.org 2013/11/06 23:05:59 - [ssh-pkcs11.c] - from portable: s/true/true_val/ to avoid name collisions on dump platforms - RCSID sync only - - (dtucker) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/10/09 23:44:14 - [regress/Makefile] (ID sync only) - regression test for sftp request white/blacklisting and readonly mode. - - markus@cvs.openbsd.org 2013/11/02 22:39:53 - [regress/kextype.sh] - add curve25519-sha256@libssh.org - - dtucker@cvs.openbsd.org 2013/11/04 12:27:42 - [regress/rekey.sh] - Test rekeying with all KexAlgorithms. - - dtucker@cvs.openbsd.org 2013/11/07 00:12:05 - [regress/rekey.sh] - Test rekeying for every Cipher, MAC and KEX, plus test every KEX with - the GCM ciphers. - - dtucker@cvs.openbsd.org 2013/11/07 01:12:51 - [regress/rekey.sh] - Factor out the data transfer rekey tests - - dtucker@cvs.openbsd.org 2013/11/07 02:48:38 - [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] - Use ssh -Q instead of hardcoding lists of ciphers or MACs. - - dtucker@cvs.openbsd.org 2013/11/07 03:55:41 - [regress/kextype.sh] - Use ssh -Q to get kex types instead of a static list. - - dtucker@cvs.openbsd.org 2013/11/07 04:26:56 - [regress/kextype.sh] - trailing space - - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment - variable. It's no longer used now that we get the supported MACs from - ssh -Q. - -20131104 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2013/11/02 20:03:54 - [ssh-pkcs11.c] - support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys; - fixes bz#1908; based on patch from Laurent Barbe; ok djm - - markus@cvs.openbsd.org 2013/11/02 21:59:15 - [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] - use curve25519 for default key exchange (curve25519-sha256@libssh.org); - initial patch from Aris Adamantiadis; ok djm@ - - markus@cvs.openbsd.org 2013/11/02 22:10:15 - [kexdhs.c kexecdhs.c] - no need to include monitor_wrap.h - - markus@cvs.openbsd.org 2013/11/02 22:24:24 - [kexdhs.c kexecdhs.c] - no need to include ssh-gss.h - - markus@cvs.openbsd.org 2013/11/02 22:34:01 - [auth-options.c] - no need to include monitor_wrap.h and ssh-gss.h - - markus@cvs.openbsd.org 2013/11/02 22:39:19 - [ssh_config.5 sshd_config.5] - the default kex is now curve25519-sha256@libssh.org - - djm@cvs.openbsd.org 2013/11/03 10:37:19 - [roaming_common.c] - fix a couple of function definitions foo() -> foo(void) - (-Wold-style-definition) - - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from - KEX/curve25519 change - -20131103 - - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep. - From OpenSMTPD where it prevents "implicit declaration" warnings (it's - a no-op in OpenSSH). From chl at openbsd. - - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd - vsnprintf. From eric at openbsd via chl@. - - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t - for platforms that don't have them. - -20131030 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/10/29 09:42:11 - [key.c key.h] - fix potential stack exhaustion caused by nested certificates; - report by Mateusz Kocielski; ok dtucker@ markus@ - - djm@cvs.openbsd.org 2013/10/29 09:48:02 - [servconf.c servconf.h session.c sshd_config sshd_config.5] - shd_config PermitTTY to disallow TTY allocation, mirroring the - longstanding no-pty authorized_keys option; - bz#2070, patch from Teran McKinney; ok markus@ - - jmc@cvs.openbsd.org 2013/10/29 18:49:32 - [sshd_config.5] - pty(4), not pty(7); - -20131026 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/10/25 23:04:51 - [ssh.c] - fix crash when using ProxyCommand caused by previous commit - was calling - freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@ - -20131025 - - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove - unnecessary arc4random_stir() calls. The only ones left are to ensure - that the PRNG gets a different state after fork() for platforms that - have broken the API. - -20131024 - - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check - rather than full client name which may be of form user@REALM; - patch from Miguel Sanders; ok dtucker@ - - (djm) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/10/23 05:40:58 - [servconf.c] - fix comment - - djm@cvs.openbsd.org 2013/10/23 23:35:32 - [sshd.c] - include local address and port in "Connection from ..." message (only - shown at loglevel>=verbose) - - dtucker@cvs.openbsd.org 2013/10/24 00:49:49 - [moduli.c] - Periodically print progress and, if possible, expected time to completion - when screening moduli for DH groups. ok deraadt djm - - dtucker@cvs.openbsd.org 2013/10/24 00:51:48 - [readconf.c servconf.c ssh_config.5 sshd_config.5] - Disallow empty Match statements and add "Match all" which matches - everything. ok djm, man page help jmc@ - - djm@cvs.openbsd.org 2013/10/24 08:19:36 - [ssh.c] - fix bug introduced in hostname canonicalisation commit: don't try to - resolve hostnames when a ProxyCommand is set unless the user has forced - canonicalisation; spotted by Iain Morgan - - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd" - -20131023 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/10/20 04:39:28 - [ssh_config.5] - document % expansions performed by "Match command ..." - - djm@cvs.openbsd.org 2013/10/20 06:19:28 - [readconf.c ssh_config.5] - rename "command" subclause of the recently-added "Match" keyword to - "exec"; it's shorter, clearer in intent and we might want to add the - ability to match against the command being executed at the remote end in - the future. - - djm@cvs.openbsd.org 2013/10/20 09:51:26 - [scp.1 sftp.1] - add canonicalisation options to -o lists - - jmc@cvs.openbsd.org 2013/10/20 18:00:13 - [ssh_config.5] - tweak the "exec" description, as worded by djm; - - djm@cvs.openbsd.org 2013/10/23 03:03:07 - [readconf.c] - Hostname may have %h sequences that should be expanded prior to Match - evaluation; spotted by Iain Morgan - - djm@cvs.openbsd.org 2013/10/23 03:05:19 - [readconf.c ssh.c] - comment - - djm@cvs.openbsd.org 2013/10/23 04:16:22 - [ssh-keygen.c] - Make code match documentation: relative-specified certificate expiry time - should be relative to current time and not the validity start time. - Reported by Petr Lautrbach; ok deraadt@ - -20131018 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/10/09 23:44:14 - [regress/Makefile regress/sftp-perm.sh] - regression test for sftp request white/blacklisting and readonly mode. - - jmc@cvs.openbsd.org 2013/10/17 07:35:48 - [sftp.1 sftp.c] - tweak previous; - - djm@cvs.openbsd.org 2013/10/17 22:08:04 - [sshd.c] - include remote port in bad banner message; bz#2162 - -20131017 - - (djm) OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2013/10/15 14:10:25 - [ssh.1 ssh_config.5] - tweak previous; - - djm@cvs.openbsd.org 2013/10/16 02:31:47 - [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5] - [sshconnect.c sshconnect.h] - Implement client-side hostname canonicalisation to allow an explicit - search path of domain suffixes to use to convert unqualified host names - to fully-qualified ones for host key matching. - This is particularly useful for host certificates, which would otherwise - need to list unqualified names alongside fully-qualified ones (and this - causes a number of problems). - "looks fine" markus@ - - jmc@cvs.openbsd.org 2013/10/16 06:42:25 - [ssh_config.5] - tweak previous; - - djm@cvs.openbsd.org 2013/10/16 22:49:39 - [readconf.c readconf.h ssh.1 ssh.c ssh_config.5] - s/canonicalise/canonicalize/ for consistency with existing spelling, - e.g. authorized_keys; pointed out by naddy@ - - djm@cvs.openbsd.org 2013/10/16 22:58:01 - [ssh.c ssh_config.5] - one I missed in previous: s/isation/ization/ - - djm@cvs.openbsd.org 2013/10/17 00:30:13 - [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c] - fsync@openssh.com protocol extension for sftp-server - client support to allow calling fsync() faster successful transfer - patch mostly by imorgan AT nas.nasa.gov; bz#1798 - "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@ - - djm@cvs.openbsd.org 2013/10/17 00:46:49 - [ssh.c] - rearrange check to reduce diff against -portable - (Id sync only) - -20131015 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/10/09 23:42:17 - [sftp-server.8 sftp-server.c] - Add ability to whitelist and/or blacklist sftp protocol requests by name. - Refactor dispatch loop and consolidate read-only mode checks. - Make global variables static, since sftp-server is linked into sshd(8). - ok dtucker@ - - djm@cvs.openbsd.org 2013/10/10 00:53:25 - [sftp-server.c] - add -Q, -P and -p to usage() before jmc@ catches me - - djm@cvs.openbsd.org 2013/10/10 01:43:03 - [sshd.c] - bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly - updated; ok dtucker@ - - djm@cvs.openbsd.org 2013/10/11 02:45:36 - [sftp-client.c] - rename flag arguments to be more clear and consistent. - reorder some internal function arguments to make adding additional flags - easier. - no functional change - - djm@cvs.openbsd.org 2013/10/11 02:52:23 - [sftp-client.c] - missed one arg reorder - - djm@cvs.openbsd.org 2013/10/11 02:53:45 - [sftp-client.h] - obsolete comment - - jmc@cvs.openbsd.org 2013/10/14 14:18:56 - [sftp-server.8 sftp-server.c] - tweak previous; - ok djm - - djm@cvs.openbsd.org 2013/10/14 21:20:52 - [session.c session.h] - Add logging of session starts in a useful format; ok markus@ feedback and - ok dtucker@ - - djm@cvs.openbsd.org 2013/10/14 22:22:05 - [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5] - add a "Match" keyword to ssh_config that allows matching on hostname, - user and result of arbitrary commands. "nice work" markus@ - - djm@cvs.openbsd.org 2013/10/14 23:28:23 - [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c] - refactor client config code a little: - add multistate option partsing to readconf.c, similar to servconf.c's - existing code. - move checking of options that accept "none" as an argument to readconf.c - add a lowercase() function and use it instead of explicit tolower() in - loops - part of a larger diff that was ok markus@ - - djm@cvs.openbsd.org 2013/10/14 23:31:01 - [ssh.c] - whitespace at EOL; pointed out by markus@ - - [ssh.c] g/c unused variable. - -20131010 - - (dtucker) OpenBSD CVS Sync - - sthen@cvs.openbsd.org 2013/09/16 11:35:43 - [ssh_config] - Remove gssapi config parts from ssh_config, as was already done for - sshd_config. Req by/ok ajacoutot@ - ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular - - djm@cvs.openbsd.org 2013/09/19 00:24:52 - [progressmeter.c] - store the initial file offset so the progress meter doesn't freak out - when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@` - - djm@cvs.openbsd.org 2013/09/19 00:49:12 - [sftp-client.c] - fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan - - djm@cvs.openbsd.org 2013/09/19 01:24:46 - [channels.c] - bz#1297 - tell the client (via packet_send_debug) when their preferred - listen address has been overridden by the server's GatewayPorts; - ok dtucker@ - - djm@cvs.openbsd.org 2013/09/19 01:26:29 - [sshconnect.c] - bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from - swp AT swp.pp.ru; ok dtucker@ - - dtucker@cvs.openbsd.org 2013/10/08 11:42:13 - [dh.c dh.h] - Increase the size of the Diffie-Hellman groups requested for a each - symmetric key size. New values from NIST Special Publication 800-57 with - the upper limit specified by RFC4419. Pointed out by Peter Backes, ok - djm@. - -20131009 - - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull - in OpenBSD implementation of arc4random, shortly to replace the existing - bsd-arc4random.c - - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c] - [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random - implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, - tested tim@ - -20130922 - - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj - setting when handling SIGHUP to maintain behaviour over retart. Patch - from Matthew Ife. - -20130918 - - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu. - -20130914 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/08/22 19:02:21 - [sshd.c] - Stir PRNG after post-accept fork. The child gets a different PRNG state - anyway via rexec and explicit privsep reseeds, but it's good to be sure. - ok markus@ - - mikeb@cvs.openbsd.org 2013/08/28 12:34:27 - [ssh-keygen.c] - improve batch processing a bit by making use of the quite flag a bit - more often and exit with a non zero code if asked to find a hostname - in a known_hosts file and it wasn't there; - originally from reyk@, ok djm - - djm@cvs.openbsd.org 2013/08/31 00:13:54 - [sftp.c] - make ^w match ksh behaviour (delete previous word instead of entire line) - - deraadt@cvs.openbsd.org 2013/09/02 22:00:34 - [ssh-keygen.c sshconnect1.c sshd.c] - All the instances of arc4random_stir() are bogus, since arc4random() - does this itself, inside itself, and has for a very long time.. Actually, - this was probably reducing the entropy available. - ok djm - ID SYNC ONLY for portable; we don't trust other arc4random implementations - to do this right. - - sthen@cvs.openbsd.org 2013/09/07 13:53:11 - [sshd_config] - Remove commented-out kerberos/gssapi config options from sample config, - kerberos support is currently not enabled in ssh in OpenBSD. Discussed with - various people; ok deraadt@ - ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular - - djm@cvs.openbsd.org 2013/09/12 01:41:12 - [clientloop.c] - fix connection crash when sending break (~B) on ControlPersist'd session; - ok dtucker@ - - djm@cvs.openbsd.org 2013/09/13 06:54:34 - [channels.c] - avoid unaligned access in code that reused a buffer to send a - struct in_addr in a reply; simpler just use use buffer_put_int(); - from portable; spotted by and ok dtucker@ - -20130828 - - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the - 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we - start to use them in the future. - - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits - until we have configure support. - -20130821 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/08/06 23:03:49 - [sftp.c] - fix some whitespace at EOL - make list of commands an enum rather than a long list of defines - add -a to usage() - - djm@cvs.openbsd.org 2013/08/06 23:05:01 - [sftp.1] - document top-level -a option (the -a option to 'get' was already - documented) - - djm@cvs.openbsd.org 2013/08/06 23:06:01 - [servconf.c] - add cast to avoid format warning; from portable - - jmc@cvs.openbsd.org 2013/08/07 06:24:51 - [sftp.1 sftp.c] - sort -a; - - djm@cvs.openbsd.org 2013/08/08 04:52:04 - [sftp.c] - fix two year old regression: symlinking a file would incorrectly - canonicalise the target path. bz#2129 report from delphij AT freebsd.org - - djm@cvs.openbsd.org 2013/08/08 05:04:03 - [sftp-client.c sftp-client.h sftp.c] - add a "-l" flag for the rename command to force it to use the silly - standard SSH_FXP_RENAME command instead of the POSIX-rename- like - posix-rename@openssh.com extension. - - intended for use in regress tests, so no documentation. - - djm@cvs.openbsd.org 2013/08/09 03:37:25 - [sftp.c] - do getopt parsing for all sftp commands (with an empty optstring for - commands without arguments) to ensure consistent behaviour - - djm@cvs.openbsd.org 2013/08/09 03:39:13 - [sftp-client.c] - two problems found by a to-be-committed regress test: 1) msg_id was not - being initialised so was starting at a random value from the heap - (harmless, but confusing). 2) some error conditions were not being - propagated back to the caller - - djm@cvs.openbsd.org 2013/08/09 03:56:42 - [sftp.c] - enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word; - matching ksh's relatively recent change. - - djm@cvs.openbsd.org 2013/08/13 18:32:08 - [ssh-keygen.c] - typo in error message; from Stephan Rickauer - - djm@cvs.openbsd.org 2013/08/13 18:33:08 - [ssh-keygen.c] - another of the same typo - - jmc@cvs.openbsd.org 2013/08/14 08:39:27 - [scp.1 ssh.1] - some Bx/Ox conversion; - From: Jan Stary - - djm@cvs.openbsd.org 2013/08/20 00:11:38 - [readconf.c readconf.h ssh_config.5 sshconnect.c] - Add a ssh_config ProxyUseFDPass option that supports the use of - ProxyCommands that establish a connection and then pass a connected - file descriptor back to ssh(1). This allows the ProxyCommand to exit - rather than have to shuffle data back and forth and enables ssh to use - getpeername, etc. to obtain address information just like it does with - regular directly-connected sockets. ok markus@ - - jmc@cvs.openbsd.org 2013/08/20 06:56:07 - [ssh.1 ssh_config.5] - some proxyusefdpass tweaks; - -20130808 - - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt - since some platforms (eg really old FreeBSD) don't have it. Instead, - run "make clean" before a complete regress run. ok djm. - - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime( - CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the - CLOCK_MONOTONIC define but don't actually support it. Found and tested - by Kevin Brott, ok djm. - - (dtucker) [misc.c] Remove define added for fallback testing that was - mistakenly included in the previous commit. - - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt - removal. The "make clean" removes modpipe which is built by the top-level - directory before running the tests. Spotted by tim@ - - (djm) Release 6.3p1 - -20130804 - - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support - for building with older Heimdal versions. ok djm. - -20130801 - - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non- - blocking connecting socket will clear any stored errno that might - otherwise have been retrievable via getsockopt(). A hack to limit writes - to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap - it in an #ifdef. Diagnosis and patch from Ivo Raisr. - - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134 - -20130725 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/07/20 22:20:42 - [krl.c] - fix verification error in (as-yet usused) KRL signature checking path - - djm@cvs.openbsd.org 2013/07/22 05:00:17 - [umac.c] - make MAC key, data to be hashed and nonce for final hash const; - checked with -Wcast-qual - - djm@cvs.openbsd.org 2013/07/22 12:20:02 - [umac.h] - oops, forgot to commit corresponding header change; - spotted by jsg and jasper - - djm@cvs.openbsd.org 2013/07/25 00:29:10 - [ssh.c] - daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure - it is fully detached from its controlling terminal. based on debugging - - djm@cvs.openbsd.org 2013/07/25 00:56:52 - [sftp-client.c sftp-client.h sftp.1 sftp.c] - sftp support for resuming partial downloads; patch mostly by Loganaden - Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@ - "Just be careful" deraadt@ - - djm@cvs.openbsd.org 2013/07/25 00:57:37 - [version.h] - openssh-6.3 for release - - dtucker@cvs.openbsd.org 2013/05/30 20:12:32 - [regress/test-exec.sh] - use ssh and sshd as testdata since it needs to be >256k for the rekey test - - dtucker@cvs.openbsd.org 2013/06/10 21:56:43 - [regress/forwarding.sh] - Add test for forward config parsing - - djm@cvs.openbsd.org 2013/06/21 02:26:26 - [regress/sftp-cmds.sh regress/test-exec.sh] - unbreak sftp-cmds for renamed test data (s/ls/data/) - - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on - Solaris and UnixWare. Feedback and OK djm@ - - (tim) [regress/forwarding.sh] Fix for building outside source tree. - -20130720 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2013/07/19 07:37:48 - [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] - [servconf.h session.c sshd.c sshd_config.5] - add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, - or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 - ok djm@ - - djm@cvs.openbsd.org 2013/07/20 01:43:46 - [umac.c] - use a union to ensure correct alignment; ok deraadt - - djm@cvs.openbsd.org 2013/07/20 01:44:37 - [ssh-keygen.c ssh.c] - More useful error message on missing current user in /etc/passwd - - djm@cvs.openbsd.org 2013/07/20 01:50:20 - [ssh-agent.c] - call cleanup_handler on SIGINT when in debug mode to ensure sockets - are cleaned up on manual exit; bz#2120 - - djm@cvs.openbsd.org 2013/07/20 01:55:13 - [auth-krb5.c gss-serv-krb5.c gss-serv.c] - fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@ - -20130718 - - (djm) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/06/10 19:19:44 - [readconf.c] - revert 1.203 while we investigate crashes reported by okan@ - - guenther@cvs.openbsd.org 2013/06/17 04:48:42 - [scp.c] - Handle time_t values as long long's when formatting them and when - parsing them from remote servers. - Improve error checking in parsing of 'T' lines. - ok dtucker@ deraadt@ - - markus@cvs.openbsd.org 2013/06/20 19:15:06 - [krl.c] - don't leak the rdata blob on errors; ok djm@ - - djm@cvs.openbsd.org 2013/06/21 00:34:49 - [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c] - for hostbased authentication, print the client host and user on - the auth success/failure line; bz#2064, ok dtucker@ - - djm@cvs.openbsd.org 2013/06/21 00:37:49 - [ssh_config.5] - explicitly mention that IdentitiesOnly can be used with IdentityFile - to control which keys are offered from an agent. - - djm@cvs.openbsd.org 2013/06/21 05:42:32 - [dh.c] - sprinkle in some error() to explain moduli(5) parse failures - - djm@cvs.openbsd.org 2013/06/21 05:43:10 - [scp.c] - make this -Wsign-compare clean after time_t conversion - - djm@cvs.openbsd.org 2013/06/22 06:31:57 - [scp.c] - improved time_t overflow check suggested by guenther@ - - jmc@cvs.openbsd.org 2013/06/27 14:05:37 - [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] - do not use Sx for sections outwith the man page - ingo informs me that - stuff like html will render with broken links; - issue reported by Eric S. Raymond, via djm - - markus@cvs.openbsd.org 2013/07/02 12:31:43 - [dh.c] - remove extra whitespace - - djm@cvs.openbsd.org 2013/07/12 00:19:59 - [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] - [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] - fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ - - djm@cvs.openbsd.org 2013/07/12 00:20:00 - [sftp.c ssh-keygen.c ssh-pkcs11.c] - fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ - - djm@cvs.openbsd.org 2013/07/12 00:43:50 - [misc.c] - in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when - errno == 0. Avoids confusing error message in some broken resolver - cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker - - djm@cvs.openbsd.org 2013/07/12 05:42:03 - [ssh-keygen.c] - do_print_resource_record() can never be called with a NULL filename, so - don't attempt (and bungle) asking for one if it has not been specified - bz#2127 ok dtucker@ - - djm@cvs.openbsd.org 2013/07/12 05:48:55 - [ssh.c] - set TCP nodelay for connections started with -N; bz#2124 ok dtucker@ - - schwarze@cvs.openbsd.org 2013/07/16 00:07:52 - [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8] - use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@ - - djm@cvs.openbsd.org 2013/07/18 01:12:26 - [ssh.1] - be more exact wrt perms for ~/.ssh/config; bz#2078 - -20130702 - - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config - contrib/cygwin/ssh-user-config] Modernizes and improve readability of - the Cygwin README file (which hasn't been updated for ages), drop - unsupported OSes from the ssh-host-config help text, and drop an - unneeded option from ssh-user-config. Patch from vinschen at redhat com. - -20130610 - - (djm) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/06/07 15:37:52 - [channels.c channels.h clientloop.c] - Add an "ABANDONED" channel state and use for mux sessions that are - disconnected via the ~. escape sequence. Channels in this state will - be able to close if the server responds, but do not count as active channels. - This means that if you ~. all of the mux clients when using ControlPersist - on a broken network, the backgrounded mux master will exit when the - Control Persist time expires rather than hanging around indefinitely. - bz#1917, also reported and tested by tedu@. ok djm@ markus@. - - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported - algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages. - - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have - the required OpenSSL support. Patch from naddy at freebsd. - - (dtucker) [myproposal.h] Make the conditional algorithm support consistent - and add some comments so it's clear what goes where. - -20130605 - - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of - the necessary functions, not from the openssl version. - - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test. - Patch from cjwatson at debian. - - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the - forwarding test is extremely slow copying data on some machines so switch - back to copying the much smaller ls binary until we can figure out why - this is. - - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building - modpipe in case there's anything in there we need. - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/06/02 21:01:51 - [channels.h] - typo in comment - - dtucker@cvs.openbsd.org 2013/06/02 23:36:29 - [clientloop.h clientloop.c mux.c] - No need for the mux cleanup callback to be visible so restore it to static - and call it through the detach_user function pointer. ok djm@ - - dtucker@cvs.openbsd.org 2013/06/03 00:03:18 - [mac.c] - force the MAC output to be 64-bit aligned so umac won't see unaligned - accesses on strict-alignment architectures. bz#2101, patch from - tomas.kuthan at oracle.com, ok djm@ - - dtucker@cvs.openbsd.org 2013/06/04 19:12:23 - [scp.c] - use MAXPATHLEN for buffer size instead of fixed value. ok markus - - dtucker@cvs.openbsd.org 2013/06/04 20:42:36 - [sftp.c] - Make sftp's libedit interface marginally multibyte aware by building up - the quoted string by character instead of by byte. Prevents failures - when linked against a libedit built with wide character support (bz#1990). - "looks ok" djm - - dtucker@cvs.openbsd.org 2013/06/05 02:07:29 - [mux.c] - fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, - ok djm - - dtucker@cvs.openbsd.org 2013/06/05 02:27:50 - [sshd.c] - When running sshd -D, close stderr unless we have explicitly requesting - logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch - so, err, ok dtucker. - - dtucker@cvs.openbsd.org 2013/06/05 12:52:38 - [sshconnect2.c] - Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djm - - dtucker@cvs.openbsd.org 2013/06/05 22:00:28 - [readconf.c] - plug another memleak. bz#1967, from Zhenbo Xu, detected by Melton, ok djm - - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for - platforms that don't have multibyte character support (specifically, - mblen). - -20130602 - - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy - linking regress/modpipe. - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/06/02 13:33:05 - [progressmeter.c] - Add misc.h for monotime prototype. (ID sync only). - - dtucker@cvs.openbsd.org 2013/06/02 13:35:58 - [ssh-agent.c] - Make parent_alive_interval time_t to avoid signed/unsigned comparison - - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platforms - to prevent noise from configure. Patch from Nathan Osman. (bz#2114). - - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android. - Patch from Nathan Osman. - - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we - need a shell that can handle "[ file1 -nt file2 ]". Rather than keep - dealing with shell portability issues in regression tests, we let - configure find us a capable shell on those platforms with an old /bin/sh. - - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr. - feedback and ok dtucker - - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker - - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h. - - (dtucker) [configure.ac] Some other platforms need sys/types.h before - sys/socket.h. - -20130601 - - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to - using openssl's DES_crypt function on platorms that don't have a native - one, eg Android. Based on a patch from Nathan Osman. - - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS - rather than trying to enumerate the plaforms that don't have them. - Based on a patch from Nathan Osman, with help from tim@. - - (dtucker) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/05/17 00:13:13 - [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c - ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c - gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c - auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c - servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c - auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c - sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c - kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c - kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c - monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c - ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c - sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c - ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c - dns.c packet.c readpass.c authfd.c moduli.c] - bye, bye xfree(); ok markus@ - - djm@cvs.openbsd.org 2013/05/19 02:38:28 - [auth2-pubkey.c] - fix failure to recognise cert-authority keys if a key of a different type - appeared in authorized_keys before it; ok markus@ - - djm@cvs.openbsd.org 2013/05/19 02:42:42 - [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] - Standardise logging of supplemental information during userauth. Keys - and ruser is now logged in the auth success/failure message alongside - the local username, remote host/port and protocol in use. Certificates - contents and CA are logged too. - Pushing all logging onto a single line simplifies log analysis as it is - no longer necessary to relate information scattered across multiple log - entries. "I like it" markus@ - - dtucker@cvs.openbsd.org 2013/05/31 12:28:10 - [ssh-agent.c] - Use time_t where appropriate. ok djm - - dtucker@cvs.openbsd.org 2013/06/01 13:15:52 - [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c - channels.c sandbox-systrace.c] - Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like - keepalives and rekeying will work properly over clock steps. Suggested by - markus@, "looks good" djm@. - - dtucker@cvs.openbsd.org 2013/06/01 20:59:25 - [scp.c sftp-client.c] - Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch - from Nathan Osman via bz#2085. ok deraadt. - - dtucker@cvs.openbsd.org 2013/06/01 22:34:50 - [sftp-client.c] - Update progressmeter when data is acked, not when it's sent. bz#2108, from - Debian via Colin Watson, ok djm@ - - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c - groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c - sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c - openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c - openbsd-compat/port-linux.c] Replace portable-specific instances of xfree - with the equivalent calls to free. - - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall - back to time(NULL) if we can't find it anywhere. - - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday. - -20130529 - - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null - implementation of endgrent for platforms that don't have it (eg Android). - Loosely based on a patch from Nathan Osman, ok djm - - 20130517 - - (dtucker) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/03/07 00:20:34 - [regress/proxy-connect.sh] - repeat test with a style appended to the username - - dtucker@cvs.openbsd.org 2013/03/23 11:09:43 - [regress/test-exec.sh] - Only regenerate host keys if they don't exist or if ssh-keygen has changed - since they were. Reduces test runtime by 5-30% depending on machine - speed. - - dtucker@cvs.openbsd.org 2013/04/06 06:00:22 - [regress/rekey.sh regress/test-exec.sh regress/integrity.sh - regress/multiplex.sh Makefile regress/cfgmatch.sh] - Split the regress log into 3 parts: the debug output from ssh, the debug - log from sshd and the output from the client command (ssh, scp or sftp). - Somewhat functional now, will become more useful when ssh/sshd -E is added. - - dtucker@cvs.openbsd.org 2013/04/07 02:16:03 - [regress/Makefile regress/rekey.sh regress/integrity.sh - regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh] - use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and - save the output from any failing tests. If a test fails the debug output - from ssh and sshd for the failing tests (and only the failing tests) should - be available in failed-ssh{,d}.log. - - djm@cvs.openbsd.org 2013/04/18 02:46:12 - [regress/Makefile regress/sftp-chroot.sh] - test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@ - - dtucker@cvs.openbsd.org 2013/04/22 07:23:08 - [regress/multiplex.sh] - Write mux master logs to regress.log instead of ssh.log to keep separate - - djm@cvs.openbsd.org 2013/05/10 03:46:14 - [regress/modpipe.c] - sync some portability changes from portable OpenSSH (id sync only) - - dtucker@cvs.openbsd.org 2013/05/16 02:10:35 - [regress/rekey.sh] - Add test for time-based rekeying - - dtucker@cvs.openbsd.org 2013/05/16 03:33:30 - [regress/rekey.sh] - test rekeying when there's no data being transferred - - dtucker@cvs.openbsd.org 2013/05/16 04:26:10 - [regress/rekey.sh] - add server-side rekey test - - dtucker@cvs.openbsd.org 2013/05/16 05:48:31 - [regress/rekey.sh] - add tests for RekeyLimit parsing - - dtucker@cvs.openbsd.org 2013/05/17 00:37:40 - [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh - regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh - regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh - regress/ssh-com.sh] - replace 'echo -n' with 'printf' since it's more portable - also remove "echon" hack. - - dtucker@cvs.openbsd.org 2013/05/17 01:16:09 - [regress/agent-timeout.sh] - Pull back some portability changes from -portable: - - TIMEOUT is a read-only variable in some shells - - not all greps have -q so redirect to /dev/null instead. - (ID sync only) - - dtucker@cvs.openbsd.org 2013/05/17 01:32:11 - [regress/integrity.sh] - don't print output from ssh before getting it (it's available in ssh.log) - - dtucker@cvs.openbsd.org 2013/05/17 04:29:14 - [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh - regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh - regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh - regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh - regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh - regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh - regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh - regress/multiplex.sh] - Move the setting of DATA and COPY into test-exec.sh - - dtucker@cvs.openbsd.org 2013/05/17 10:16:26 - [regress/try-ciphers.sh] - use expr for math to keep diffs vs portable down - (id sync only) - - dtucker@cvs.openbsd.org 2013/05/17 10:23:52 - [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh] - Use SUDO when cat'ing pid files and running the sshd log wrapper so that - it works with a restrictive umask and the pid files are not world readable. - Changes from -portable. (id sync only) - - dtucker@cvs.openbsd.org 2013/05/17 10:24:48 - [regress/localcommand.sh] - use backticks for portability. (id sync only) - - dtucker@cvs.openbsd.org 2013/05/17 10:26:26 - [regress/sftp-badcmds.sh] - remove unused BATCH variable. (id sync only) - - dtucker@cvs.openbsd.org 2013/05/17 10:28:11 - [regress/sftp.sh] - only compare copied data if sftp succeeds. from portable (id sync only) - - dtucker@cvs.openbsd.org 2013/05/17 10:30:07 - [regress/test-exec.sh] - wait a bit longer for startup and use case for absolute path. - from portable (id sync only) - - dtucker@cvs.openbsd.org 2013/05/17 10:33:09 - [regress/agent-getpeereid.sh] - don't redirect stdout from sudo. from portable (id sync only) - - dtucker@cvs.openbsd.org 2013/05/17 10:34:30 - [regress/portnum.sh] - use a more portable negated if structure. from portable (id sync only) - - dtucker@cvs.openbsd.org 2013/05/17 10:35:43 - [regress/scp.sh] - use a file extention that's not special on some platforms. from portable - (id sync only) - - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it - in portable and it's long gone in openbsd. - - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange - methods. When the openssl version doesn't support ECDH then next one on - the list is DH group exchange, but that causes a bit more traffic which can - mean that the tests flip bits in the initial exchange rather than the MACed - traffic and we get different errors to what the tests look for. - - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits. - - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd. - - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd. - - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh] - Move the jot helper function to portable-specific part of test-exec.sh. - - (dtucker) [regress/test-exec.sh] Move the portable-specific functions - together and add a couple of missing lines from openbsd. - - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5 - helper function to the portable part of test-exec.sh. - - (dtucker) [regress/runtests.sh] Remove obsolete test driver script. - - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by - rev 1.6 which calls wait. - -20130516 - - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be - executed if mktemp failed; bz#2105 ok dtucker@ - - (dtucker) OpenBSD CVS Sync - - tedu@cvs.openbsd.org 2013/04/23 17:49:45 - [misc.c] - use xasprintf instead of a series of strlcats and strdup. ok djm - - tedu@cvs.openbsd.org 2013/04/24 16:01:46 - [misc.c] - remove extra parens noticed by nicm - - dtucker@cvs.openbsd.org 2013/05/06 07:35:12 - [sftp-server.8] - Reference the version of the sftp draft we actually implement. ok djm@ - - djm@cvs.openbsd.org 2013/05/10 03:40:07 - [sshconnect2.c] - fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from - Colin Watson - - djm@cvs.openbsd.org 2013/05/10 04:08:01 - [key.c] - memleak in cert_free(), wasn't actually freeing the struct; - bz#2096 from shm AT digitalsun.pl - - dtucker@cvs.openbsd.org 2013/05/10 10:13:50 - [ssh-pkcs11-helper.c] - remove unused extern optarg. ok markus@ - - dtucker@cvs.openbsd.org 2013/05/16 02:00:34 - [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c - ssh_config.5 packet.h] - Add an optional second argument to RekeyLimit in the client to allow - rekeying based on elapsed time in addition to amount of traffic. - with djm@ jmc@, ok djm - - dtucker@cvs.openbsd.org 2013/05/16 04:09:14 - [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config - sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing - rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man - page. - - djm@cvs.openbsd.org 2013/05/16 04:27:50 - [ssh_config.5 readconf.h readconf.c] - add the ability to ignore specific unrecognised ssh_config options; - bz#866; ok markus@ - - jmc@cvs.openbsd.org 2013/05/16 06:28:45 - [ssh_config.5] - put IgnoreUnknown in the right place; - - jmc@cvs.openbsd.org 2013/05/16 06:30:06 - [sshd_config.5] - oops! avoid Xr to self; - - dtucker@cvs.openbsd.org 2013/05/16 09:08:41 - [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] - Fix some "unused result" warnings found via clang and -portable. - ok markus@ - - dtucker@cvs.openbsd.org 2013/05/16 09:12:31 - [readconf.c servconf.c] - switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@ - - dtucker@cvs.openbsd.org 2013/05/16 10:43:34 - [servconf.c readconf.c] - remove now-unused variables - - dtucker@cvs.openbsd.org 2013/05/16 10:44:06 - [servconf.c] - remove another now-unused variable - - (dtucker) [configure.ac readconf.c servconf.c - openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled. - -20130510 - - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler - supports it. Mentioned by Colin Watson in bz#2100, ok djm. - - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to - getopt.c. Preprocessed source is identical other than line numbers. - - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No - portability changes yet. - - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c - openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add - portability code to getopt_long.c and switch over Makefile and the ugly - hack in modpipe.c. Fixes bz#1448. - - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c - openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb - in to use it when we're using our own getopt. - - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the - underlying libraries support them. - - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so - we don't get a warning on compilers that *don't* support it. Add - -Wno-unknown-warning-option. Move both to the start of the list for - maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9. - -20130423 - - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support - platforms, such as Android, that lack struct passwd.pw_gecos. Report - and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@ - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2013/03/05 20:16:09 - [sshconnect2.c] - reset pubkey order on partial success; ok djm@ - - djm@cvs.openbsd.org 2013/03/06 23:35:23 - [session.c] - fatal() when ChrootDirectory specified by running without root privileges; - ok markus@ - - djm@cvs.openbsd.org 2013/03/06 23:36:53 - [readconf.c] - g/c unused variable (-Wunused) - - djm@cvs.openbsd.org 2013/03/07 00:19:59 - [auth2-pubkey.c monitor.c] - reconstruct the original username that was sent by the client, which may - have included a style (e.g. "root:skey") when checking public key - signatures. Fixes public key and hostbased auth when the client specified - a style; ok markus@ - - markus@cvs.openbsd.org 2013/03/07 19:27:25 - [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] - add submethod support to AuthenticationMethods; ok and freedback djm@ - - djm@cvs.openbsd.org 2013/03/08 06:32:58 - [ssh.c] - allow "ssh -f none ..." ok markus@ - - djm@cvs.openbsd.org 2013/04/05 00:14:00 - [auth2-gss.c krl.c sshconnect2.c] - hush some {unused, printf type} warnings - - djm@cvs.openbsd.org 2013/04/05 00:31:49 - [pathnames.h] - use the existing _PATH_SSH_USER_RC define to construct the other - pathnames; bz#2077, ok dtucker@ (no binary change) - - djm@cvs.openbsd.org 2013/04/05 00:58:51 - [mux.c] - cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too - (in addition to ones already in OPEN); bz#2079, ok dtucker@ - - markus@cvs.openbsd.org 2013/04/06 16:07:00 - [channels.c sshd.c] - handle ECONNABORTED for accept(); ok deraadt some time ago... - - dtucker@cvs.openbsd.org 2013/04/07 02:10:33 - [log.c log.h ssh.1 ssh.c sshd.8 sshd.c] - Add -E option to ssh and sshd to append debugging logs to a specified file - instead of stderr or syslog. ok markus@, man page help jmc@ - - dtucker@cvs.openbsd.org 2013/04/07 09:40:27 - [sshd.8] - clarify -e text. suggested by & ok jmc@ - - djm@cvs.openbsd.org 2013/04/11 02:27:50 - [packet.c] - quiet disconnect notifications on the server from error() back to logit() - if it is a normal client closure; bz#2057 ok+feedback dtucker@ - - dtucker@cvs.openbsd.org 2013/04/17 09:04:09 - [session.c] - revert rev 1.262; it fails because uid is already set here. ok djm@ - - djm@cvs.openbsd.org 2013/04/18 02:16:07 - [sftp.c] - make "sftp -q" do what it says on the sticker: hush everything but errors; - ok dtucker@ - - djm@cvs.openbsd.org 2013/04/19 01:00:10 - [sshd_config.5] - document the requirment that the AuthorizedKeysCommand be owned by root; - ok dtucker@ markus@ - - djm@cvs.openbsd.org 2013/04/19 01:01:00 - [ssh-keygen.c] - fix some memory leaks; bz#2088 ok dtucker@ - - djm@cvs.openbsd.org 2013/04/19 01:03:01 - [session.c] - reintroduce 1.262 without the connection-killing bug: - fatal() when ChrootDirectory specified by running without root privileges; - ok markus@ - - djm@cvs.openbsd.org 2013/04/19 01:06:50 - [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] - [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] - add the ability to query supported ciphers, MACs, key type and KEX - algorithms to ssh. Includes some refactoring of KEX and key type handling - to be table-driven; ok markus@ - - djm@cvs.openbsd.org 2013/04/19 11:10:18 - [ssh.c] - add -Q to usage; reminded by jmc@ - - djm@cvs.openbsd.org 2013/04/19 12:07:08 - [kex.c] - remove duplicated list entry pointed out by naddy@ - - dtucker@cvs.openbsd.org 2013/04/22 01:17:18 - [mux.c] - typo in debug output: evitval->exitval - -20130418 - - (djm) [config.guess config.sub] Update to last versions before they switch - to GPL3. ok dtucker@ - - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from - unused argument warnings (in particular, -fno-builtin-memset) from clang. - -20130404 - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2013/02/17 23:16:57 - [readconf.c ssh.c readconf.h sshconnect2.c] - Keep track of which IndentityFile options were manually supplied and which - were default options, and don't warn if the latter are missing. - ok markus@ - - dtucker@cvs.openbsd.org 2013/02/19 02:12:47 - [krl.c] - Remove bogus include. ok djm - - dtucker@cvs.openbsd.org 2013/02/22 04:45:09 - [ssh.c readconf.c readconf.h] - Don't complain if IdentityFiles specified in system-wide configs are - missing. ok djm, deraadt. - - markus@cvs.openbsd.org 2013/02/22 19:13:56 - [sshconnect.c] - support ProxyCommand=- (stdin/out already point to the proxy); ok djm@ - - djm@cvs.openbsd.org 2013/02/22 22:09:01 - [ssh.c] - Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier - version) - -20130401 - - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h - to avoid conflicting definitions of __int64, adding the required bits. - Patch from Corinna Vinschen. - -20130323 - - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit. - -20130322 - - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil - Hands' greatly revised version. - - (djm) Release 6.2p1 - - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype. - - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before - defining it again. Prevents warnings if someone, eg, sets it in CFLAGS. - -20130318 - - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c] - [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's - so mark it as broken. Patch from des AT des.no - -20130317 - - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none - of the bits the configure test looks for. - -20130316 - - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform - is unable to successfully compile them. Based on patch from des AT - des.no - - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] - Add a usleep replacement for platforms that lack it; ok dtucker - - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to - occur after UID switch; patch from John Marshall via des AT des.no; - ok dtucker@ - -20130312 - - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh] - Improve portability of cipher-speed test, based mostly on a patch from - Iain Morgan. - - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin") - in addition to root as an owner of system directories on AIX and HP-UX. - ok djm@ - -20130307 - - (dtucker) [INSTALL] Bump documented autoconf version to what we're - currently using. - - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it - was removed in configure.ac rev 1.481 as it was redundant. - - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days - ago. - - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a - chance to complete on broken systems; ok dtucker@ - -20130306 - - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding - connection to start so that the test works on slower machines. - - (dtucker) [configure.ac] test that we can set number of file descriptors - to zero with setrlimit before enabling the rlimit sandbox. This affects - (at least) HPUX 11.11. - -20130305 - - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for - HP/UX. Spotted by Kevin Brott - - (dtucker) [configure.ac] use "=" for shell test and not "==". Spotted by - Amit Kulkarni and Kevin Brott. - - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure - build breakage on (at least) HP-UX 11.11. Found by Amit Kulkarni and Kevin - Brott. - - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov. - -20130227 - - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Crank version numbers - - (tim) [regress/forward-control.sh] use sh in case login shell is csh. - - (tim) [regress/integrity.sh] shell portability fix. - - (tim) [regress/integrity.sh] keep old solaris awk from hanging. - - (tim) [regress/krl.sh] keep old solaris awk from hanging. - -20130226 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/02/20 08:27:50 - [integrity.sh] - Add an option to modpipe that warns if the modification offset it not - reached in it's stream and turn it on for t-integrity. This should catch - cases where the session is not fuzzed for being too short (cf. my last - "oops" commit) - - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage - for UsePAM=yes configuration - -20130225 - - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed - to use Solaris native GSS libs. Patch from Pierre Ossman. - -20130223 - - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer - bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu. - ok tim - -20130222 - - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to - ssh(1) since they're not needed. Patch from Pierre Ossman, ok djm. - - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named - libgss too. Patch from Pierre Ossman, ok djm. - - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux - seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com; - ok dtucker - -20130221 - - (tim) [regress/forward-control.sh] shell portability fix. - -20130220 - - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix. - - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded - err.h include from krl.c. Additional portability fixes for modpipe. OK djm - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/02/20 08:27:50 - [regress/integrity.sh regress/modpipe.c] - Add an option to modpipe that warns if the modification offset it not - reached in it's stream and turn it on for t-integrity. This should catch - cases where the session is not fuzzed for being too short (cf. my last - "oops" commit) - - djm@cvs.openbsd.org 2013/02/20 08:29:27 - [regress/modpipe.c] - s/Id/OpenBSD/ in RCS tag - -20130219 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/02/18 22:26:47 - [integrity.sh] - crank the offset yet again; it was still fuzzing KEX one of Darren's - portable test hosts at 2800 - - djm@cvs.openbsd.org 2013/02/19 02:14:09 - [integrity.sh] - oops, forgot to increase the output of the ssh command to ensure that - we actually reach $offset - - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that - lack support for SHA2. - - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms - that do not have them. - -20130217 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/02/17 23:16:55 - [integrity.sh] - make the ssh command generates some output to ensure that there are at - least offset+tries bytes in the stream. - -20130216 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/02/16 06:08:45 - [integrity.sh] - make sure the fuzz offset is actually past the end of KEX for all KEX - types. diffie-hellman-group-exchange-sha256 requires an offset around - 2700. Noticed via test failures in portable OpenSSH on platforms that - lack ECC and this the more byte-frugal ECDH KEX algorithms. - -20130215 - - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from - Iain Morgan - - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] - Use getpgrp() if we don't have getpgid() (old BSDs, maybe others). - - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c - openbsd-compat/openbsd-compat.h] Add strtoull to compat library for - platforms that don't have it. - - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul, - group strto* function prototypes together. - - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes - an argument. Pointed out by djm. - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/02/14 21:35:59 - [auth2-pubkey.c] - Correct error message that had a typo and was logging the wrong thing; - patch from Petr Lautrbach - - dtucker@cvs.openbsd.org 2013/02/15 00:21:01 - [sshconnect2.c] - Warn more loudly if an IdentityFile provided by the user cannot be read. - bz #1981, ok djm@ - -20130214 - - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC. - - (djm) [regress/krl.sh] typo; found by Iain Morgan - - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead - of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by - Iain Morgan - -20130212 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/01/24 21:45:37 - [krl.c] - fix handling of (unused) KRL signatures; skip string in correct buffer - - djm@cvs.openbsd.org 2013/01/24 22:08:56 - [krl.c] - skip serial lookup when cert's serial number is zero - - krw@cvs.openbsd.org 2013/01/25 05:00:27 - [krl.c] - Revert last. Breaks due to likely typo. Let djm@ fix later. - ok djm@ via dlg@ - - djm@cvs.openbsd.org 2013/01/25 10:22:19 - [krl.c] - redo last commit without the vi-vomit that snuck in: - skip serial lookup when cert's serial number is zero - (now with 100% better comment) - - djm@cvs.openbsd.org 2013/01/26 06:11:05 - [Makefile.in acss.c acss.h cipher-acss.c cipher.c] - [openbsd-compat/openssl-compat.h] - remove ACSS, now that it is gone from libcrypto too - - djm@cvs.openbsd.org 2013/01/27 10:06:12 - [krl.c] - actually use the xrealloc() return value; spotted by xi.wang AT gmail.com - - dtucker@cvs.openbsd.org 2013/02/06 00:20:42 - [servconf.c sshd_config sshd_config.5] - Change default of MaxStartups to 10:30:100 to start doing random early - drop at 10 connections up to 100 connections. This will make it harder - to DoS as CPUs have come a long way since the original value was set - back in 2000. Prompted by nion at debian org, ok markus@ - - dtucker@cvs.openbsd.org 2013/02/06 00:22:21 - [auth.c] - Fix comment, from jfree.e1 at gmail - - djm@cvs.openbsd.org 2013/02/08 00:41:12 - [sftp.c] - fix NULL deref when built without libedit and control characters - entered as command; debugging and patch from Iain Morgan an - Loganaden Velvindron in bz#1956 - - markus@cvs.openbsd.org 2013/02/10 21:19:34 - [version.h] - openssh 6.2 - - djm@cvs.openbsd.org 2013/02/10 23:32:10 - [ssh-keygen.c] - append to moduli file when screening candidates rather than overwriting. - allows resumption of interrupted screen; patch from Christophe Garault - in bz#1957; ok dtucker@ - - djm@cvs.openbsd.org 2013/02/10 23:35:24 - [packet.c] - record "Received disconnect" messages at ERROR rather than INFO priority, - since they are abnormal and result in a non-zero ssh exit status; patch - from Iain Morgan in bz#2057; ok dtucker@ - - dtucker@cvs.openbsd.org 2013/02/11 21:21:58 - [sshd.c] - Add openssl version to debug output similar to the client. ok markus@ - - djm@cvs.openbsd.org 2013/02/11 23:58:51 - [regress/try-ciphers.sh] - remove acss here too - - (djm) [regress/try-ciphers.sh] clean up CVS merge botch - -20130211 - - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old - libcrypto that lacks EVP_CIPHER_CTX_ctrl - -20130208 - - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer; - patch from Iain Morgan in bz#2059 - - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows - __attribute__ on return values and work around if necessary. ok djm@ - -20130207 - - (djm) [configure.ac] Don't probe seccomp capability of running kernel - at configure time; the seccomp sandbox will fall back to rlimit at - runtime anyway. Patch from plautrba AT redhat.com in bz#2011 - -20130120 - - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h] - Move prototypes for replacement ciphers to openssl-compat.h; fix EVP - prototypes for openssl-1.0.0-fips. - - (djm) OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2013/01/18 07:57:47 - [ssh-keygen.1] - tweak previous; - - jmc@cvs.openbsd.org 2013/01/18 07:59:46 - [ssh-keygen.c] - -u before -V in usage(); - - jmc@cvs.openbsd.org 2013/01/18 08:00:49 - [sshd_config.5] - tweak previous; - - jmc@cvs.openbsd.org 2013/01/18 08:39:04 - [ssh-keygen.1] - add -Q to the options list; ok djm - - jmc@cvs.openbsd.org 2013/01/18 21:48:43 - [ssh-keygen.1] - command-line (adj.) -> command line (n.); - - jmc@cvs.openbsd.org 2013/01/19 07:13:25 - [ssh-keygen.1] - fix some formatting; ok djm - - markus@cvs.openbsd.org 2013/01/19 12:34:55 - [krl.c] - RB_INSERT does not remove existing elments; ok djm@ - - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer - version. - - (djm) [regress/krl.sh] replacement for jot; most platforms lack it - -20130118 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/01/17 23:00:01 - [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5] - [krl.c krl.h PROTOCOL.krl] - add support for Key Revocation Lists (KRLs). These are a compact way to - represent lists of revoked keys and certificates, taking as little as - a single bit of incremental cost to revoke a certificate by serial number. - KRLs are loaded via the existing RevokedKeys sshd_config option. - feedback and ok markus@ - - djm@cvs.openbsd.org 2013/01/18 00:45:29 - [regress/Makefile regress/cert-userkey.sh regress/krl.sh] - Tests for Key Revocation Lists (KRLs) - - djm@cvs.openbsd.org 2013/01/18 03:00:32 - [krl.c] - fix KRL generation bug for list sections - -20130117 - - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] - check for GCM support before testing GCM ciphers. - -20130112 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2013/01/12 11:22:04 - [cipher.c] - improve error message for integrity failure in AES-GCM modes; ok markus@ - - djm@cvs.openbsd.org 2013/01/12 11:23:53 - [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] - test AES-GCM modes; feedback markus@ - - (djm) [regress/integrity.sh] repair botched merge - -20130109 - - (djm) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2012/12/14 05:26:43 - [auth.c] - use correct string in error message; from rustybsd at gmx.fr - - djm@cvs.openbsd.org 2013/01/02 00:32:07 - [clientloop.c mux.c] - channel_setup_local_fwd_listener() returns 0 on failure, not -ve - bz#2055 reported by mathieu.lacage AT gmail.com - - djm@cvs.openbsd.org 2013/01/02 00:33:49 - [PROTOCOL.agent] - correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED - bz#2051 from david AT lechnology.com - - djm@cvs.openbsd.org 2013/01/03 05:49:36 - [servconf.h] - add a couple of ServerOptions members that should be copied to the privsep - child (for consistency, in this case they happen only to be accessed in - the monitor); ok dtucker@ - - djm@cvs.openbsd.org 2013/01/03 12:49:01 - [PROTOCOL] - fix description of MAC calculation for EtM modes; ok markus@ - - djm@cvs.openbsd.org 2013/01/03 12:54:49 - [sftp-server.8 sftp-server.c] - allow specification of an alternate start directory for sftp-server(8) - "I like this" markus@ - - djm@cvs.openbsd.org 2013/01/03 23:22:58 - [ssh-keygen.c] - allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ... - ok markus@ - - jmc@cvs.openbsd.org 2013/01/04 19:26:38 - [sftp-server.8 sftp-server.c] - sftp-server.8: add argument name to -d - sftp-server.c: add -d to usage() - ok djm - - markus@cvs.openbsd.org 2013/01/08 18:49:04 - [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c] - [myproposal.h packet.c ssh_config.5 sshd_config.5] - support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) - ok and feedback djm@ - - djm@cvs.openbsd.org 2013/01/09 05:40:17 - [ssh-keygen.c] - correctly initialise fingerprint type for fingerprinting PKCS#11 keys - - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h] - Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little - cipher compat code to openssl-compat.h - -20121217 - - (dtucker) [Makefile.in] Add some scaffolding so that the new regress - tests will work with VPATH directories. - -20121213 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2012/12/12 16:45:52 - [packet.c] - reset incoming_packet buffer for each new packet in EtM-case, too; - this happens if packets are parsed only parially (e.g. ignore - messages sent when su/sudo turn off echo); noted by sthen/millert - - naddy@cvs.openbsd.org 2012/12/12 16:46:10 - [cipher.c] - use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled - counter mode code; ok djm@ - - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our - compat code for older OpenSSL - - (djm) [cipher.c] Fix missing prototype for compat code - -20121212 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2012/12/11 22:16:21 - [monitor.c] - drain the log messages after receiving the keystate from the unpriv - child. otherwise it might block while sending. ok djm@ - - markus@cvs.openbsd.org 2012/12/11 22:31:18 - [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h] - [packet.c ssh_config.5 sshd_config.5] - add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms - that change the packet format and compute the MAC over the encrypted - message (including the packet size) instead of the plaintext data; - these EtM modes are considered more secure and used by default. - feedback and ok djm@ - - sthen@cvs.openbsd.org 2012/12/11 22:51:45 - [mac.c] - fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@ - - markus@cvs.openbsd.org 2012/12/11 22:32:56 - [regress/try-ciphers.sh] - add etm modes - - markus@cvs.openbsd.org 2012/12/11 22:42:11 - [regress/Makefile regress/modpipe.c regress/integrity.sh] - test the integrity of the packets; with djm@ - - markus@cvs.openbsd.org 2012/12/11 23:12:13 - [try-ciphers.sh] - add hmac-ripemd160-etm@openssh.com - - (djm) [mac.c] fix merge botch - - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test - work on platforms without 'jot' - - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip - - (djm) [regress/Makefile] fix t-exec rule - -20121207 - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2012/12/06 06:06:54 - [regress/keys-command.sh] - Fix some problems with the keys-command test: - - use string comparison rather than numeric comparison - - check for existing KEY_COMMAND file and don't clobber if it exists - - clean up KEY_COMMAND file if we do create it. - - check that KEY_COMMAND is executable (which it won't be if eg /var/run - is mounted noexec). - ok djm. - - jmc@cvs.openbsd.org 2012/12/03 08:33:03 - [ssh-add.1 sshd_config.5] - tweak previous; - - markus@cvs.openbsd.org 2012/12/05 15:42:52 - [ssh-add.c] - prevent double-free of comment; ok djm@ - - dtucker@cvs.openbsd.org 2012/12/07 01:51:35 - [serverloop.c] - Cast signal to int for logging. A no-op on openbsd (they're always ints) - but will prevent warnings in portable. ok djm@ - -20121205 - - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@. - -20121203 - - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get - TAILQ_FOREACH_SAFE needed for upcoming changes. - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2012/12/02 20:26:11 - [ssh_config.5 sshconnect2.c] - Make IdentitiesOnly apply to keys obtained from a PKCS11Provider. - This allows control of which keys are offered from tokens using - IdentityFile. ok markus@ - - djm@cvs.openbsd.org 2012/12/02 20:42:15 - [ssh-add.1 ssh-add.c] - make deleting explicit keys "ssh-add -d" symmetric with adding keys - - try to delete the corresponding certificate too and respect the -k option - to allow deleting of the key only; feedback and ok markus@ - - djm@cvs.openbsd.org 2012/12/02 20:46:11 - [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c] - [sshd_config.5] - make AllowTcpForwarding accept "local" and "remote" in addition to its - current "yes"/"no" to allow the server to specify whether just local or - remote TCP forwarding is enabled. ok markus@ - - dtucker@cvs.openbsd.org 2012/10/05 02:20:48 - [regress/cipher-speed.sh regress/try-ciphers.sh] - Add umac-128@openssh.com to the list of MACs to be tested - - djm@cvs.openbsd.org 2012/10/19 05:10:42 - [regress/cert-userkey.sh] - include a serial number when generating certs - - djm@cvs.openbsd.org 2012/11/22 22:49:30 - [regress/Makefile regress/keys-command.sh] - regress for AuthorizedKeysCommand; hints from markus@ - - djm@cvs.openbsd.org 2012/12/02 20:47:48 - [Makefile regress/forward-control.sh] - regress for AllowTcpForwarding local/remote; ok markus@ - - djm@cvs.openbsd.org 2012/12/03 00:14:06 - [auth2-chall.c ssh-keygen.c] - Fix compilation with -Wall -Werror (trivial type fixes) - - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation - debugging. ok dtucker@ - - (djm) [configure.ac] Revert previous. configure.ac already does this - for us. - -20121114 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2012/11/14 02:24:27 - [auth2-pubkey.c] - fix username passed to helper program - prepare stdio fds before closefrom() - spotted by landry@ - - djm@cvs.openbsd.org 2012/11/14 02:32:15 - [ssh-keygen.c] - allow the full range of unsigned serial numbers; 'fine' deraadt@ - - djm@cvs.openbsd.org 2012/12/02 20:34:10 - [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c] - [monitor.c monitor.h] - Fixes logging of partial authentication when privsep is enabled - Previously, we recorded "Failed xxx" since we reset authenticated before - calling auth_log() in auth2.c. This adds an explcit "Partial" state. - - Add a "submethod" to auth_log() to report which submethod is used - for keyboard-interactive. - - Fix multiple authentication when one of the methods is - keyboard-interactive. - - ok markus@ - - dtucker@cvs.openbsd.org 2012/10/05 02:05:30 - [regress/multiplex.sh] - Use 'kill -0' to test for the presence of a pid since it's more portable - -20121107 - - (djm) OpenBSD CVS Sync - - eric@cvs.openbsd.org 2011/11/28 08:46:27 - [moduli.5] - fix formula - ok djm@ - - jmc@cvs.openbsd.org 2012/09/26 17:34:38 - [moduli.5] - last stage of rfc changes, using consistent Rs/Re blocks, and moving the - references into a STANDARDS section; - -20121105 - - (dtucker) [uidswap.c openbsd-compat/Makefile.in - openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h - openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids - and gids from uidswap.c to the compat library, which allows it to work with - the new setresuid calls in auth2-pubkey. with tim@, ok djm@ - - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that - don't have it. Spotted by tim@. - -20121104 - - (djm) OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2012/10/31 08:04:50 - [sshd_config.5] - tweak previous; - - djm@cvs.openbsd.org 2012/11/04 10:38:43 - [auth2-pubkey.c sshd.c sshd_config.5] - Remove default of AuthorizedCommandUser. Administrators are now expected - to explicitly specify a user. feedback and ok markus@ - - djm@cvs.openbsd.org 2012/11/04 11:09:15 - [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c] - [sshd_config.5] - Support multiple required authentication via an AuthenticationMethods - option. This option lists one or more comma-separated lists of - authentication method names. Successful completion of all the methods in - any list is required for authentication to complete; - feedback and ok markus@ - -20121030 - - (djm) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2012/10/05 12:34:39 - [sftp.c] - fix signed vs unsigned warning; feedback & ok: djm@ - - djm@cvs.openbsd.org 2012/10/30 21:29:55 - [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] - [sshd.c sshd_config sshd_config.5] - new sshd_config option AuthorizedKeysCommand to support fetching - authorized_keys from a command in addition to (or instead of) from - the filesystem. The command is run as the target server user unless - another specified via a new AuthorizedKeysCommandUser option. - - patch originally by jchadima AT redhat.com, reworked by me; feedback + fix compile with clang + +commit 4df590cf8dc799e8986268d62019b487a8ed63ad +Author: Damien Miller <djm@google.com> +Date: Wed Mar 11 10:02:39 2015 +1100 + + make unit tests work for !OPENSSH_HAS_ECC + +commit 307bb40277ca2c32e97e61d70d1ed74b571fd6ba +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Mar 7 04:41:48 2015 +0000 + + upstream commit + + unbreak for w/SSH1 (default) case; ok markus@ deraadt@ + +commit b44ee0c998fb4c5f3c3281f2398af5ce42840b6f +Author: Damien Miller <djm@mindrot.org> +Date: Thu Mar 5 18:39:20 2015 -0800 + + unbreak hostkeys test for w/ SSH1 case + +commit 55e5bdeb519cb60cc18b7ba0545be581fb8598b4 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Mar 6 01:40:56 2015 +0000 + + upstream commit + + fix sshkey_certify() return value for unsupported key types; + ok markus@ deraadt@ + +commit be8f658e550a434eac04256bfbc4289457a24e99 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Mar 4 15:38:03 2015 -0800 + + update version numbers to match version.h + +commit ac5e8acefa253eb5e5ba186e34236c0e8007afdc +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Mar 4 23:22:35 2015 +0000 + + upstream commit + + make these work with !SSH1; ok markus@ deraadt@ + +commit 2f04af92f036b0c87a23efb259c37da98cd81fe6 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Mar 4 21:12:59 2015 +0000 + + upstream commit + + make ssh-add -D work with !SSH1 agent + +commit a05adf95d2af6abb2b7826ddaa7a0ec0cdc1726b +Author: Damien Miller <djm@mindrot.org> +Date: Wed Mar 4 00:55:48 2015 -0800 + + netcat needs poll.h portability goop + +commit dad2b1892b4c1b7e58df483a8c5b983c4454e099 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Tue Mar 3 22:35:19 2015 +0000 + + upstream commit + + make it possible to run tests w/o ssh1 support; ok djm@ + +commit d48a22601bdd3eec054794c535f4ae8d8ae4c6e2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Mar 4 18:53:53 2015 +0000 + + upstream commit + + crank; ok markus, deraadt + +commit bbffb23daa0b002dd9f296e396a9ab8a5866b339 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Mar 3 13:50:27 2015 -0800 + + more --without-ssh1 fixes + +commit 6c2039286f503e2012a58a1d109e389016e7a99b +Author: Damien Miller <djm@mindrot.org> +Date: Tue Mar 3 13:48:48 2015 -0800 + + fix merge both that broke --without-ssh1 compile + +commit 111dfb225478a76f89ecbcd31e96eaf1311b59d3 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Mar 3 21:21:13 2015 +0000 + + upstream commit + + add SSH1 Makefile knob to make it easier to build without + SSH1 support; ok markus@ + +commit 3f7f5e6c5d2aa3f6710289c1a30119e534e56c5c +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Mar 3 20:42:49 2015 +0000 + + upstream commit + + expand __unused to full __attribute__ for better portability + +commit 2fab9b0f8720baf990c931e3f68babb0bf9949c6 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Mar 4 07:41:27 2015 +1100 + + avoid warning + +commit d1bc844322461f882b4fd2277ba9a8d4966573d2 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Mar 4 06:31:45 2015 +1100 + + Revert "define __unused to nothing if not already defined" + + This reverts commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908. + + Some system headers have objects named __unused + +commit 00797e86b2d98334d1bb808f65fa1fd47f328ff1 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Mar 4 05:02:45 2015 +1100 + + check for crypt and DES_crypt in openssl block + + fixes builds on systems that use DES_crypt; based on patch + from Roumen Petrov + +commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Mar 4 04:59:13 2015 +1100 + + define __unused to nothing if not already defined + + fixes builds on BSD/OS + +commit d608a51daad4f14ad6ab43d7cf74ef4801cc3fe9 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Mar 3 17:53:40 2015 +0000 + + upstream commit + + reorder logic for better portability; patch from Roumen + Petrov + +commit 68d2dfc464fbcdf8d6387884260f9801f4352393 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Mar 3 06:48:58 2015 +0000 + + upstream commit + + Allow "ssh -Q protocol-version" to list supported SSH + protocol versions. Useful for detecting builds without SSH v.1 support; idea and ok markus@ -20121019 - - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in - the generated file as intended. - -20121005 - - (dtucker) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2012/09/17 09:54:44 - [sftp.c] - an XXX for later - - markus@cvs.openbsd.org 2012/09/17 13:04:11 - [packet.c] - clear old keys on rekeing; ok djm - - dtucker@cvs.openbsd.org 2012/09/18 10:36:12 - [sftp.c] - Add bounds check on sftp tab-completion. Part of a patch from from - Jean-Marc Robert via tech@, ok djm - - dtucker@cvs.openbsd.org 2012/09/21 10:53:07 - [sftp.c] - Fix improper handling of absolute paths when PWD is part of the completed - path. Patch from Jean-Marc Robert via tech@, ok djm. - - dtucker@cvs.openbsd.org 2012/09/21 10:55:04 - [sftp.c] - Fix handling of filenames containing escaped globbing characters and - escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm. - - jmc@cvs.openbsd.org 2012/09/26 16:12:13 - [ssh.1] - last stage of rfc changes, using consistent Rs/Re blocks, and moving the - references into a STANDARDS section; - - naddy@cvs.openbsd.org 2012/10/01 13:59:51 - [monitor_wrap.c] - pasto; ok djm@ - - djm@cvs.openbsd.org 2012/10/02 07:07:45 - [ssh-keygen.c] - fix -z option, broken in revision 1.215 - - markus@cvs.openbsd.org 2012/10/04 13:21:50 - [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c] - add umac128 variant; ok djm@ at n2k12 - - dtucker@cvs.openbsd.org 2012/09/06 04:11:07 - [regress/try-ciphers.sh] - Restore missing space. (Id sync only). - - dtucker@cvs.openbsd.org 2012/09/09 11:51:25 - [regress/multiplex.sh] - Add test for ssh -Ostop - - dtucker@cvs.openbsd.org 2012/09/10 00:49:21 - [regress/multiplex.sh] - Log -O cmd output to the log file and make logging consistent with the - other tests. Test clean shutdown of an existing channel when testing - "stop". - - dtucker@cvs.openbsd.org 2012/09/10 01:51:19 - [regress/multiplex.sh] - use -Ocheck and waiting for completions by PID to make multiplexing test - less racy and (hopefully) more reliable on slow hardware. - - [Makefile umac.c] Add special-case target to build umac128.o. - - [umac.c] Enforce allowed umac output sizes. From djm@. - - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom". - -20120917 - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2012/09/13 23:37:36 - [servconf.c] - Fix comment line length - - markus@cvs.openbsd.org 2012/09/14 16:51:34 - [sshconnect.c] - remove unused variable - -20120907 - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2012/09/06 09:50:13 - [clientloop.c] - Make the escape command help (~?) context sensitive so that only commands - that will work in the current session are shown. ok markus@ - - jmc@cvs.openbsd.org 2012/09/06 13:57:42 - [ssh.1] - missing letter in previous; - - dtucker@cvs.openbsd.org 2012/09/07 00:30:19 - [clientloop.c] - Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@ - - dtucker@cvs.openbsd.org 2012/09/07 01:10:21 - [clientloop.c] - Merge escape help text for ~v and ~V; ok djm@ - - dtucker@cvs.openbsd.org 2012/09/07 06:34:21 - [clientloop.c] - when muxmaster is run with -N, make it shut down gracefully when a client - sends it "-O stop" rather than hanging around (bz#1985). ok djm@ - -20120906 - - (dtucker) OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2012/08/15 18:25:50 - [ssh-keygen.1] - a little more info on certificate validity; - requested by Ross L Richardson, and provided by djm - - dtucker@cvs.openbsd.org 2012/08/17 00:45:45 - [clientloop.c clientloop.h mux.c] - Force a clean shutdown of ControlMaster client sessions when the ~. escape - sequence is used. This means that ~. should now work in mux clients even - if the server is no longer responding. Found by tedu, ok djm. - - djm@cvs.openbsd.org 2012/08/17 01:22:56 - [kex.c] - add some comments about better handling first-KEX-follows notifications - from the server. Nothing uses these right now. No binary change - - djm@cvs.openbsd.org 2012/08/17 01:25:58 - [ssh-keygen.c] - print details of which host lines were deleted when using - "ssh-keygen -R host"; ok markus@ - - djm@cvs.openbsd.org 2012/08/17 01:30:00 - [compat.c sshconnect.c] - Send client banner immediately, rather than waiting for the server to - move first for SSH protocol 2 connections (the default). Patch based on - one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@ - - dtucker@cvs.openbsd.org 2012/09/06 04:37:39 - [clientloop.c log.c ssh.1 log.h] - Add ~v and ~V escape sequences to raise and lower the logging level - respectively. Man page help from jmc, ok deraadt jmc - -20120830 - - (dtucker) [moduli] Import new moduli file. - -20120828 - - (djm) Release openssh-6.1 - -20120828 - - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN - for compatibility with future mingw-w64 headers. Patch from vinschen at - redhat com. - -20120822 - - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Update version numbers - -20120731 - - (djm) OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2012/07/06 06:38:03 - [ssh-keygen.c] - missing full stop in usage(); - - djm@cvs.openbsd.org 2012/07/10 02:19:15 - [servconf.c servconf.h sshd.c sshd_config] - Turn on systrace sandboxing of pre-auth sshd by default for new installs - by shipping a config that overrides the current UsePrivilegeSeparation=yes - default. Make it easier to flip the default in the future by adding too. - prodded markus@ feedback dtucker@ "get it in" deraadt@ - - dtucker@cvs.openbsd.org 2012/07/13 01:35:21 - [servconf.c] - handle long comments in config files better. bz#2025, ok markus - - markus@cvs.openbsd.org 2012/07/22 18:19:21 - [version.h] - openssh 6.1 - -20120720 - - (dtucker) Import regened moduli file. - -20120706 - - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is - not available. Allows use of sshd compiled on host with a filter-capable - kernel on hosts that lack the support. bz#2011 ok dtucker@ - - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no - unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT - esperi.org.uk; ok dtucker@ -- (djm) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2012/07/06 00:41:59 - [moduli.c ssh-keygen.1 ssh-keygen.c] - Add options to specify starting line number and number of lines to process - when screening moduli candidates. This allows processing of different - parts of a candidate moduli file in parallel. man page help jmc@, ok djm@ - - djm@cvs.openbsd.org 2012/07/06 01:37:21 - [mux.c] - fix memory leak of passed-in environment variables and connection - context when new session message is malformed; bz#2003 from Bert.Wesarg - AT googlemail.com - - djm@cvs.openbsd.org 2012/07/06 01:47:38 - [ssh.c] - move setting of tty_flag to after config parsing so RequestTTY options - are correctly picked up. bz#1995 patch from przemoc AT gmail.com; - ok dtucker@ +commit 39e2f1229562e1195169905607bc12290d21f021 +Author: millert@openbsd.org <millert@openbsd.org> +Date: Sun Mar 1 15:44:40 2015 +0000 -20120704 - - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for - platforms that don't have it. "looks good" tim@ - -20120703 - - (dtucker) [configure.ac] Detect platforms that can't use select(2) with - setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those. - - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not - setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its - benefit is minor, so it's not worth disabling the sandbox if it doesn't - work. - -20120702 -- (dtucker) OpenBSD CVS Sync - - naddy@cvs.openbsd.org 2012/06/29 13:57:25 - [ssh_config.5 sshd_config.5] - match the documented MAC order of preference to the actual one; - ok dtucker@ - - markus@cvs.openbsd.org 2012/06/30 14:35:09 - [sandbox-systrace.c sshd.c] - fix a during the load of the sandbox policies (child can still make - the read-syscall and wait forever for systrace-answers) by replacing - the read/write synchronisation with SIGSTOP/SIGCONT; - report and help hshoexer@; ok djm@, dtucker@ - - dtucker@cvs.openbsd.org 2012/07/02 08:50:03 - [ssh.c] - set interactive ToS for forwarded X11 sessions. ok djm@ - - dtucker@cvs.openbsd.org 2012/07/02 12:13:26 - [ssh-pkcs11-helper.c sftp-client.c] - fix a couple of "assigned but not used" warnings. ok markus@ - - dtucker@cvs.openbsd.org 2012/07/02 14:37:06 - [regress/connect-privsep.sh] - remove exit from end of test since it prevents reporting failure - - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh] - Move cygwin detection to test-exec and use to skip reexec test on cygwin. - - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k. - -20120629 - - OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2012/06/21 00:16:07 - [addrmatch.c] - fix strlcpy truncation check. from carsten at debian org, ok markus - - dtucker@cvs.openbsd.org 2012/06/22 12:30:26 - [monitor.c sshconnect2.c] - remove dead code following 'for (;;)' loops. - From Steve.McClellan at radisys com, ok markus@ - - dtucker@cvs.openbsd.org 2012/06/22 14:36:33 - [sftp.c] - Remove unused variable leftover from tab-completion changes. - From Steve.McClellan at radisys com, ok markus@ - - dtucker@cvs.openbsd.org 2012/06/26 11:02:30 - [sandbox-systrace.c] - Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation - sandbox" since malloc now uses it. From johnw.mail at gmail com. - - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 - [mac.c myproposal.h ssh_config.5 sshd_config.5] - Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed - from draft6 of the spec and will not be in the RFC when published. Patch - from mdb at juniper net via bz#2023, ok markus. - - naddy@cvs.openbsd.org 2012/06/29 13:57:25 - [ssh_config.5 sshd_config.5] - match the documented MAC order of preference to the actual one; ok dtucker@ - - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 - [regress/addrmatch.sh] - Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests - to match. Feedback and ok djm@ markus@. - - djm@cvs.openbsd.org 2012/06/01 00:47:35 - [regress/multiplex.sh regress/forwarding.sh] - append to rather than truncate test log; bz#2013 from openssh AT - roumenpetrov.info - - djm@cvs.openbsd.org 2012/06/01 00:52:52 - [regress/sftp-cmds.sh] - don't delete .* on cleanup due to unintended env expansion; pointed out in - bz#2014 by openssh AT roumenpetrov.info - - dtucker@cvs.openbsd.org 2012/06/26 12:06:59 - [regress/connect-privsep.sh] - test sandbox with every malloc option - - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 - [regress/try-ciphers.sh regress/cipher-speed.sh] - Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed - from draft6 of the spec and will not be in the RFC when published. Patch - from mdb at juniper net via bz#2023, ok markus. - - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error. - - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have - the required functions in libcrypto. - -20120628 - - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null - pointer deref in the client when built with LDNS and using DNSSEC with a - CNAME. Patch from gregdlg+mr at hochet info. - -20120622 - - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as - can logon as a service. Patch from vinschen at redhat com. - -20120620 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2011/12/02 00:41:56 - [mux.c] - fix bz#1948: ssh -f doesn't fork for multiplexed connection. + upstream commit + + Make sure we only call getnameinfo() for AF_INET or AF_INET6 + sockets. getpeername() of a Unix domain socket may return without error on + some systems without actually setting ss_family so getnameinfo() was getting + called with ss_family set to AF_UNSPEC. OK djm@ + +commit e47536ba9692d271b8ad89078abdecf0a1c11707 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Feb 28 08:20:11 2015 -0800 + + portability fixes for regress/netcat.c + + Mostly avoiding "err(1, NULL)" + +commit 02973ad5f6f49d8420e50a392331432b0396c100 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Feb 28 08:05:27 2015 -0800 + + twiddle another test for portability + + from Tom G. Christensen + +commit f7f3116abf2a6e2f309ab096b08c58d19613e5d0 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 27 15:52:49 2015 -0800 + + twiddle test for portability + +commit 1ad3a77cc9d5568f5437ff99d377aa7a41859b83 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Feb 26 20:33:22 2015 -0800 + + make regress/netcat.c fd passing (more) portable + +commit 9e1cfca7e1fe9cf8edb634fc894e43993e4da1ea +Author: Damien Miller <djm@mindrot.org> +Date: Thu Feb 26 20:32:58 2015 -0800 + + create OBJ/valgrind-out before running unittests + +commit bd58853102cee739f0e115e6d4b5334332ab1442 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Feb 25 16:58:22 2015 -0800 + + valgrind support + +commit f43d17269194761eded9e89f17456332f4c83824 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Feb 26 20:45:47 2015 +0000 + + upstream commit + + don't printf NULL key comments; reported by Tom Christensen + +commit 6e6458b476ec854db33e3e68ebf4f489d0ab3df8 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Feb 25 23:05:47 2015 +0000 + + upstream commit + + zero cmsgbuf before use; we initialise the bits we use + but valgrind still spams warning on it + +commit a63cfa26864b93ab6afefad0b630e5358ed8edfa +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Feb 25 19:54:02 2015 +0000 + + upstream commit + + fix small memory leak when UpdateHostkeys=no + +commit e6b950341dd75baa8526f1862bca39e52f5b879b +Author: Tim Rice <tim@multitalents.net> +Date: Wed Feb 25 09:56:48 2015 -0800 + + Revert "Work around finicky USL linker so netcat will build." + + This reverts commit d1db656021d0cd8c001a6692f772f1de29b67c8b. + + No longer needed with commit 678e473e2af2e4802f24dd913985864d9ead7fb3 + +commit 6f621603f9cff2a5d6016a404c96cb2f8ac2dec0 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Feb 25 17:29:38 2015 +0000 + + upstream commit + + don't leak validity of user in "too many authentication + failures" disconnect message; reported by Sebastian Reitenbach + +commit 6288e3a935494df12519164f52ca5c8c65fc3ca5 +Author: naddy@openbsd.org <naddy@openbsd.org> +Date: Tue Feb 24 15:24:05 2015 +0000 + + upstream commit + + add -v (show ASCII art) to -l's synopsis; ok djm@ + +commit 678e473e2af2e4802f24dd913985864d9ead7fb3 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Feb 26 04:12:58 2015 +1100 + + Remove dependency on xmalloc. + + Remove ssh_get_progname's dependency on xmalloc, which should reduce + link order problems. ok djm@ + +commit 5d5ec165c5b614b03678afdad881f10e25832e46 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Feb 25 15:32:49 2015 +1100 + + Restrict ECDSA and ECDH tests. + + ifdef out some more ECDSA and ECDH tests when built against an OpenSSL + that does not have eliptic curve functionality. + +commit 1734e276d99b17e92d4233fac7aef3a3180aaca7 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Feb 25 13:40:45 2015 +1100 + + Move definition of _NSIG. + + _NSIG is only unsed in one file, so move it there prevent redefinition + warnings reported by Kevin Brott. + +commit a47ead7c95cfbeb72721066c4da2312e5b1b9f3d +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Feb 25 13:17:40 2015 +1100 + + Add includes.h for compatibility stuff. + +commit 38806bda6d2e48ad32812b461eebe17672ada771 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 24 16:50:06 2015 -0800 + + include netdb.h to look for MAXHOSTNAMELEN; ok tim + +commit d1db656021d0cd8c001a6692f772f1de29b67c8b +Author: Tim Rice <tim@multitalents.net> +Date: Tue Feb 24 10:42:08 2015 -0800 + + Work around finicky USL linker so netcat will build. + +commit cb030ce25f555737e8ba97bdd7883ac43f3ff2a3 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 24 09:23:04 2015 -0800 + + include includes.h to avoid build failure on AIX + +commit 13af342458f5064144abbb07e5ac9bbd4eb42567 +Author: Tim Rice <tim@multitalents.net> +Date: Tue Feb 24 07:56:47 2015 -0800 + + Original portability patch from djm@ for platforms missing err.h. + Fix name space clash on Solaris 10. Still more to do for Solaris 10 + to deal with msghdr structure differences. ok djm@ + +commit 910209203d0cd60c5083901cbcc0b7b44d9f48d2 +Author: Tim Rice <tim@multitalents.net> +Date: Mon Feb 23 22:06:56 2015 -0800 + + cleaner way fix dispatch.h portion of commit + a88dd1da119052870bb2654c1a32c51971eade16 + (some systems have sig_atomic_t in signal.h, some in sys/signal.h) + Sounds good to me djm@ + +commit 676c38d7cbe65b76bbfff796861bb6615cc6a596 +Author: Tim Rice <tim@multitalents.net> +Date: Mon Feb 23 21:51:33 2015 -0800 + + portability fix: if we can't dind a better define for HOST_NAME_MAX, use 255 + +commit 1221b22023dce38cbc90ba77eae4c5d78c77a5e6 +Author: Tim Rice <tim@multitalents.net> +Date: Mon Feb 23 21:50:34 2015 -0800 + + portablity fix: s/__inline__/inline/ + +commit 4c356308a88d309c796325bb75dce90ca16591d5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Feb 24 13:49:31 2015 +1100 + + Wrap stdint.h includes in HAVE_STDINT_H. + +commit c9c88355c6a27a908e7d1e5003a2b35ea99c1614 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Feb 24 13:43:57 2015 +1100 + + Add AI_NUMERICSERV to fake-rfc2553. + + Our getaddrinfo implementation always returns numeric values already. + +commit ef342ab1ce6fb9a4b30186c89c309d0ae9d0eeb4 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Feb 24 13:39:57 2015 +1100 + + Include OpenSSL's objects.h before bn.h. + + Prevents compile errors on some platforms (at least old GCCs and AIX's + XLC compilers). + +commit dcc8997d116f615195aa7c9ec019fb36c28c6228 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Feb 24 12:30:59 2015 +1100 + + Convert two macros into functions. + + Convert packet_send_debug and packet_disconnect from macros to + functions. Some older GCCs (2.7.x, 2.95.x) see to have problems with + variadic macros with only one argument so we convert these two into + functions. ok djm@ + +commit 2285c30d51b7e2052c6526445abe7e7cc7e170a1 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 23 22:21:21 2015 +0000 + + upstream commit + + further silence spurious error message even when -v is + specified (e.g. to get visual host keys); reported by naddy@ + +commit 9af21979c00652029e160295e988dea40758ece2 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 24 09:04:32 2015 +1100 + + don't include stdint.h unless HAVE_STDINT_H set + +commit 62f678dd51660d6f8aee1da33d3222c5de10a89e +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 24 09:02:54 2015 +1100 + + nother sys/queue.h -> sys-queue.h fix + + spotted by Tom Christensen + +commit b3c19151cba2c0ed01b27f55de0d723ad07ca98f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 23 20:32:15 2015 +0000 + + upstream commit + + fix a race condition by using a mux socket rather than an + ineffectual wait statement + +commit a88dd1da119052870bb2654c1a32c51971eade16 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 24 06:30:29 2015 +1100 + + various include fixes for portable + +commit 5248429b5ec524d0a65507cff0cdd6e0cb99effd +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 23 16:55:51 2015 +0000 + + upstream commit + + add an XXX to remind me to improve sshkey_load_public + +commit e94e4b07ef2eaead38b085a60535df9981cdbcdb +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 23 16:55:31 2015 +0000 + + upstream commit + + silence a spurious error message when listing + fingerprints for known_hosts; bz#2342 + +commit f2293a65392b54ac721f66bc0b44462e8d1d81f8 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 23 16:33:25 2015 +0000 + + upstream commit + + fix setting/clearing of TTY raw mode around + UpdateHostKeys=ask confirmation question; reported by Herb Goldman + +commit f2004cd1adf34492eae0a44b1ef84e0e31b06088 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Feb 23 05:04:21 2015 +1100 + + Repair for non-ECC OpenSSL. + + Ifdef out the ECC parts when building with an OpenSSL that doesn't have + it. + +commit 37f9220db8d1a52c75894c3de1e5f2ae5bd71b6f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Feb 23 03:07:24 2015 +1100 + + Wrap stdint.h includes in ifdefs. + +commit f81f1bbc5b892c8614ea740b1f92735652eb43f0 +Author: Tim Rice <tim@multitalents.net> +Date: Sat Feb 21 18:12:10 2015 -0800 + + out of tree build fix + +commit 2e13a1e4d22f3b503c3bfc878562cc7386a1d1ae +Author: Tim Rice <tim@multitalents.net> +Date: Sat Feb 21 18:08:51 2015 -0800 + + mkdir kex unit test directory so testing out of tree builds works + +commit 1797f49b1ba31e8700231cd6b1d512d80bb50d2c +Author: halex@openbsd.org <halex@openbsd.org> +Date: Sat Feb 21 21:46:57 2015 +0000 + + upstream commit + + make "ssh-add -d" properly remove a corresponding + certificate, and also not whine and fail if there is none + + ok djm@ + +commit 7faaa32da83a609059d95dbfcb0649fdb04caaf6 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Feb 22 07:57:27 2015 +1100 + + mkdir hostkey and bitmap unit test directories + +commit bd49da2ef197efac5e38f5399263a8b47990c538 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Feb 20 23:46:01 2015 +0000 + + upstream commit + + sort options useable under Match case-insensitively; prodded + jmc@ + +commit 1a779a0dd6cd8b4a1a40ea33b5415ab8408128ac +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Feb 21 20:51:02 2015 +0000 + + upstream commit + + correct paths to configuration files being written/updated; + they live in $OBJ not cwd; some by Roumen Petrov + +commit 28ba006c1acddff992ae946d0bc0b500b531ba6b +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Feb 21 15:41:07 2015 +1100 + + More correct checking of HAVE_DECL_AI_NUMERICSERV. + +commit e50e8c97a9cecae1f28febccaa6ca5ab3bc10f54 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Feb 21 15:10:33 2015 +1100 + + Add null declaration of AI_NUMERICINFO. + + Some platforms (older FreeBSD and DragonFly versions) do have + getaddrinfo() but do not have AI_NUMERICINFO. so define it to zero + in those cases. + +commit 18a208d6a460d707a45916db63a571e805f5db46 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Feb 20 22:40:32 2015 +0000 + + upstream commit + + more options that are available under Match; bz#2353 reported + by calestyo AT scientia.net + +commit 44732de06884238049f285f1455b2181baa7dc82 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Feb 20 22:17:21 2015 +0000 + + upstream commit + + UpdateHostKeys fixes: + + I accidentally changed the format of the hostkeys@openssh.com messages + last week without changing the extension name, and this has been causing + connection failures for people who are running -current. First reported + by sthen@ + + s/hostkeys@openssh.com/hostkeys-00@openssh.com/ + Change the name of the proof message too, and reorder it a little. + + Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY + available to read the response) so disable UpdateHostKeys if it is in + ask mode and ControlPersist is active (and document this) + +commit 13a39414d25646f93e6d355521d832a03aaaffe2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Feb 17 00:14:05 2015 +0000 + + upstream commit + + Regression: I broke logging of public key fingerprints in + 1.46. Pointed out by Pontus Lundkvist + +commit 773dda25e828c4c9a52f7bdce6e1e5924157beab +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 30 23:10:17 2015 +1100 + + repair --without-openssl; broken in refactor + +commit e89c780886b23600de1e1c8d74aabd1ff61f43f0 +Author: Damien Miller <djm@google.com> +Date: Tue Feb 17 10:04:55 2015 +1100 + + hook up hostkeys unittest to portable Makefiles + +commit 0abf41f99aa16ff09b263bead242d6cb2dbbcf99 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 16 22:21:03 2015 +0000 + + upstream commit + + enable hostkeys unit tests + +commit 68a5d647ccf0fb6782b2f749433a1eee5bc9044b +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 16 22:20:50 2015 +0000 + + upstream commit + + check string/memory compare arguments aren't NULL + +commit ef575ef20d09f20722e26b45dab80b3620469687 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 16 22:18:34 2015 +0000 + + upstream commit + + unit tests for hostfile.c code, just hostkeys_foreach so + far + +commit 8ea3365e6aa2759ccf5c76eaea62cbc8a280b0e7 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Sat Feb 14 12:43:16 2015 +0000 + + upstream commit + + test server rekey limit + +commit ce63c4b063c39b2b22d4ada449c9e3fbde788cb3 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 16 22:30:03 2015 +0000 + + upstream commit + + partial backout of: + + revision 1.441 + date: 2015/01/31 20:30:05; author: djm; state: Exp; lines: +17 -10; commitid + : x8klYPZMJSrVlt3O; + Let sshd load public host keys even when private keys are missing. + Allows sshd to advertise additional keys for future key rotation. + Also log fingerprint of hostkeys loaded; ok markus@ + + hostkey updates now require access to the private key, so we can't + load public keys only. The improved log messages (fingerprints of keys + loaded) are kept. + +commit 523463a3a2a9bfc6cfc5afa01bae9147f76a37cc +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 16 22:13:32 2015 +0000 + + upstream commit + + Revise hostkeys@openssh.com hostkey learning extension. + + The client will not ask the server to prove ownership of the private + halves of any hitherto-unseen hostkeys it offers to the client. + + Allow UpdateHostKeys option to take an 'ask' argument to let the + user manually review keys offered. + + ok markus@ + +commit 6c5c949782d86a6e7d58006599c7685bfcd01685 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 16 22:08:57 2015 +0000 + + upstream commit + + Refactor hostkeys_foreach() and dependent code Deal with + IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing + changed ok markus@ as part of larger commit + +commit 51b082ccbe633dc970df1d1f4c9c0497115fe721 +Author: miod@openbsd.org <miod@openbsd.org> +Date: Mon Feb 16 18:26:26 2015 +0000 + + upstream commit + + Declare ge25519_base as extern, to prevent it from + becoming a common. Gets us rid of ``lignment 4 of symbol + `crypto_sign_ed25519_ref_ge25519_base' in mod_ge25519.o is smaller than 16 in + mod_ed25519.o'' warnings at link time. + +commit 02db468bf7e3281a8e3c058ced571b38b6407c34 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Fri Feb 13 18:57:00 2015 +0000 + + upstream commit + + make rekey_limit for sshd w/privsep work; ok djm@ + dtucker@ + +commit 8ec67d505bd23c8bf9e17b7a364b563a07a58ec8 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Thu Feb 12 20:34:19 2015 +0000 + + upstream commit + + Prevent sshd spamming syslog with + "ssh_dispatch_run_fatal: disconnected". ok markus@ + +commit d4c0295d1afc342057ba358237acad6be8af480b +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Feb 11 01:20:38 2015 +0000 + + upstream commit + + Some packet error messages show the address of the peer, + but might be generated after the socket to the peer has suffered a TCP reset. + In these cases, getpeername() won't work so cache the address earlier. + + spotted in the wild via deraadt@ and tedu@ + +commit 4af1709cf774475ce5d1bc3ddcc165f6c222897d +Author: jsg@openbsd.org <jsg@openbsd.org> +Date: Mon Feb 9 23:22:37 2015 +0000 + + upstream commit + + fix some leaks in error paths ok markus@ + +commit fd36834871d06a03e1ff8d69e41992efa1bbf85f +Author: millert@openbsd.org <millert@openbsd.org> +Date: Fri Feb 6 23:21:59 2015 +0000 + + upstream commit + + SIZE_MAX is standard, we should be using it in preference to + the obsolete SIZE_T_MAX. OK miod@ beck@ + +commit 1910a286d7771eab84c0b047f31c0a17505236fa +Author: millert@openbsd.org <millert@openbsd.org> +Date: Thu Feb 5 12:59:57 2015 +0000 + + upstream commit + + Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@ + +commit ce4f59b2405845584f45e0b3214760eb0008c06c +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Tue Feb 3 08:07:20 2015 +0000 + + upstream commit + + missing ; djm and mlarkin really having great + interactions recently + +commit 5d34aa94938abb12b877a25be51862757f25d54b +Author: halex@openbsd.org <halex@openbsd.org> +Date: Tue Feb 3 00:34:14 2015 +0000 + + upstream commit + + slightly extend the passphrase prompt if running with -c + in order to give the user a chance to notice if unintentionally running + without it + + wording tweak and ok djm@ + +commit cb3bde373e80902c7d5d0db429f85068d19b2918 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 2 22:48:53 2015 +0000 + + upstream commit + + handle PKCS#11 C_Login returning + CKR_USER_ALREADY_LOGGED_IN; based on patch from Yuri Samoilenko; ok markus@ + +commit 15ad750e5ec3cc69765b7eba1ce90060e7083399 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Feb 2 07:41:40 2015 +0000 + + upstream commit + + turn UpdateHostkeys off by default until I figure out + mlarkin@'s warning message; requested by deraadt@ + +commit 3cd5103c1e1aaa59bd66f7f52f6ebbcd5deb12f9 +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Mon Feb 2 01:57:44 2015 +0000 + + upstream commit + + increasing encounters with difficult DNS setups in + darknets has convinced me UseDNS off by default is better ok djm + +commit 6049a548a8a68ff0bbe581ab1748ea6a59ecdc38 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Jan 31 20:30:05 2015 +0000 + + upstream commit + + Let sshd load public host keys even when private keys are + missing. Allows sshd to advertise additional keys for future key rotation. + Also log fingerprint of hostkeys loaded; ok markus@ + +commit 46347ed5968f582661e8a70a45f448e0179ca0ab +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 30 11:43:14 2015 +0000 + + upstream commit + + Add a ssh_config HostbasedKeyType option to control which + host public key types are tried during hostbased authentication. + + This may be used to prevent too many keys being sent to the server, + and blowing past its MaxAuthTries limit. + + bz#2211 based on patch by Iain Morgan; ok markus@ + +commit 802660cb70453fa4d230cb0233bc1bbdf8328de1 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 30 10:44:49 2015 +0000 + + upstream commit + + set a timeout to prevent hangs when talking to busted + servers; ok markus@ + +commit 86936ec245a15c7abe71a0722610998b0a28b194 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 30 01:11:39 2015 +0000 + + upstream commit + + regression test for 'wildcard CA' serial/key ID revocations + +commit 4509b5d4a4fa645a022635bfa7e86d09b285001f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 30 01:13:33 2015 +0000 + + upstream commit + + avoid more fatal/exit in the packet.c paths that + ssh-keyscan uses; feedback and "looks good" markus@ + +commit 669aee994348468af8b4b2ebd29b602cf2860b22 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 30 01:10:33 2015 +0000 + + upstream commit + + permit KRLs that revoke certificates by serial number or + key ID without scoping to a particular CA; ok markus@ + +commit 7a2c368477e26575d0866247d3313da4256cb2b5 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 30 00:59:19 2015 +0000 + + upstream commit + + missing parentheses after if in do_convert_from() broke + private key conversion from other formats some time in 2010; bz#2345 reported + by jjelen AT redhat.com + +commit 25f5f78d8bf5c22d9cea8b49de24ebeee648a355 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 30 00:22:25 2015 +0000 + + upstream commit + + fix ssh protocol 1, spotted by miod@ + +commit 9ce86c926dfa6e0635161b035e3944e611cbccf0 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 28 22:36:00 2015 +0000 + + upstream commit + + update to new API (key_fingerprint => sshkey_fingerprint) + check sshkey_fingerprint return values; ok markus + +commit 9125525c37bf73ad3ee4025520889d2ce9d10f29 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 28 22:05:31 2015 +0000 + + upstream commit + + avoid fatal() calls in packet code makes ssh-keyscan more + reliable against server failures ok dtucker@ markus@ + +commit fae7bbe544cba7a9e5e4ab47ff6faa3d978646eb +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 28 21:15:47 2015 +0000 + + upstream commit + + avoid fatal() calls in packet code makes ssh-keyscan more + reliable against server failures ok dtucker@ markus@ + +commit 1a3d14f6b44a494037c7deab485abe6496bf2c60 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 28 11:07:25 2015 +0000 + + upstream commit + + remove obsolete comment + +commit 80c25b7bc0a71d75c43a4575d9a1336f589eb639 +Author: okan@openbsd.org <okan@openbsd.org> +Date: Tue Jan 27 12:54:06 2015 +0000 + + upstream commit + + Since r1.2 removed the use of PRI* macros, inttypes.h is + no longer required. + + ok djm@ + +commit 69ff64f69615c2a21c97cb5878a0996c21423257 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 27 23:07:43 2015 +1100 + + compile on systems without TCP_MD5SIG (e.g. OSX) + +commit 358964f3082fb90b2ae15bcab07b6105cfad5a43 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 27 23:07:25 2015 +1100 + + use ssh-keygen under test rather than system's + +commit a2c95c1bf33ea53038324d1fdd774bc953f98236 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 27 23:06:59 2015 +1100 + + OSX lacks HOST_NAME_MAX, has _POSIX_HOST_NAME_MAX + +commit ade31d7b6f608a19b85bee29a7a00b1e636a2919 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 27 23:06:23 2015 +1100 + + these need active_state defined to link on OSX + + temporary measure until active_state goes away entirely + +commit e56aa87502f22c5844918c10190e8b4f785f067b +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 27 12:01:36 2015 +0000 + + upstream commit + + use printf instead of echo -n to reduce diff against + -portable + +commit 9f7637f56eddfaf62ce3c0af89c25480f2cf1068 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Mon Jan 26 13:55:29 2015 +0000 + + upstream commit + + sort previous; + +commit 3076ee7d530d5b16842fac7a6229706c7e5acd26 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 26 13:36:53 2015 +0000 + + upstream commit + + properly restore umask + +commit d411d395556b73ba1b9e451516a0bd6697c4b03d +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 26 06:12:18 2015 +0000 + + upstream commit + + regression test for host key rotation + +commit fe8a3a51699afbc6407a8fae59b73349d01e49f8 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 26 06:11:28 2015 +0000 + + upstream commit + + adapt to sshkey API tweaks + +commit 7dd355fb1f0038a3d5cdca57ebab4356c7a5b434 +Author: miod@openbsd.org <miod@openbsd.org> +Date: Sat Jan 24 10:39:21 2015 +0000 + + upstream commit + + Move -lz late in the linker commandline for things to + build on static arches. + +commit 0dad3b806fddb93c475b30853b9be1a25d673a33 +Author: miod@openbsd.org <miod@openbsd.org> +Date: Fri Jan 23 21:21:23 2015 +0000 + + upstream commit + + -Wpointer-sign is supported by gcc 4 only. + +commit 2b3b1c1e4bd9577b6e780c255c278542ea66c098 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 20 22:58:57 2015 +0000 + + upstream commit + + use SUBDIR to recuse into unit tests; makes "make obj" + actually work + +commit 1d1092bff8db27080155541212b420703f8b9c92 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 26 12:16:36 2015 +0000 + + upstream commit + + correct description of UpdateHostKeys in ssh_config.5 and + add it to -o lists for ssh, scp and sftp; pointed out by jmc@ + +commit 5104db7cbd6cdd9c5971f4358e74414862fc1022 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 26 06:10:03 2015 +0000 + + upstream commit + + correctly match ECDSA subtype (== curve) for + offered/recevied host keys. Fixes connection-killing host key mismatches when + a server offers multiple ECDSA keys with different curve type (an extremely + unlikely configuration). + + ok markus, "looks mechanical" deraadt@ + +commit 8d4f87258f31cb6def9b3b55b6a7321d84728ff2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 26 03:04:45 2015 +0000 + + upstream commit + + Host key rotation support. + + Add a hostkeys@openssh.com protocol extension (global request) for + a server to inform a client of all its available host key after + authentication has completed. The client may record the keys in + known_hosts, allowing it to upgrade to better host key algorithms + and a server to gracefully rotate its keys. + + The client side of this is controlled by a UpdateHostkeys config + option (default on). + + ok markus@ + +commit 60b1825262b1f1e24fc72050b907189c92daf18e +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 26 02:59:11 2015 +0000 + + upstream commit + + small refactor and add some convenience functions; ok + markus + +commit a5a3e3328ddce91e76f71ff479022d53e35c60c9 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Thu Jan 22 21:00:42 2015 +0000 + + upstream commit + + heirarchy -> hierarchy; + +commit dcff5810a11195c57e1b3343c0d6b6f2b9974c11 +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Thu Jan 22 20:24:41 2015 +0000 + + upstream commit + + Provide a warning about chroot misuses (which sadly, seem + to have become quite popular because shiny). sshd cannot detect/manage/do + anything about these cases, best we can do is warn in the right spot in the + man page. ok markus + +commit 087266ec33c76fc8d54ac5a19efacf2f4a4ca076 +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Tue Jan 20 23:14:00 2015 +0000 + + upstream commit + + Reduce use of <sys/param.h> and transition to <limits.h> + throughout. ok djm markus + +commit 57e783c8ba2c0797f93977e83b2a8644a03065d8 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Tue Jan 20 20:16:21 2015 +0000 + + upstream commit + + kex_setup errors are fatal() + +commit 1d6424a6ff94633c221297ae8f42d54e12a20912 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 20 08:02:33 2015 +0000 + + upstream commit + + this test would accidentally delete agent.sh if run without + obj/ + +commit 12b5f50777203e12575f1b08568281e447249ed3 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 20 07:56:44 2015 +0000 + + upstream commit + + make this compile with KERBEROS5 enabled + +commit e2cc6bef08941256817d44d146115b3478586ad4 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 20 07:55:33 2015 +0000 + + upstream commit + + fix hostkeys in agent; ok markus@ + +commit 1ca3e2155aa5d3801a7ae050f85c71f41fcb95b1 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 20 10:11:31 2015 +1100 + + fix kex test + +commit c78a578107c7e6dcf5d30a2f34cb6581bef14029 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 19 20:45:25 2015 +0000 + + upstream commit + + finally enable the KEX tests I wrote some years ago... + +commit 31821d7217e686667d04935aeec99e1fc4a46e7e +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 19 20:42:31 2015 +0000 + + upstream commit + + adapt to new error message (SSH_ERR_MAC_INVALID) + +commit d3716ca19e510e95d956ae14d5b367e364bff7f1 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 19 17:31:13 2015 +0000 + + upstream commit + + this test was broken in at least two ways, such that it + wasn't checking that a KRL was not excluding valid keys + +commit 3f797653748e7c2b037dacb57574c01d9ef3b4d3 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 19 20:32:39 2015 +0000 + + upstream commit + + switch ssh-keyscan from setjmp to multiple ssh transport + layer instances ok djm@ + +commit f582f0e917bb0017b00944783cd5f408bf4b0b5e +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 19 20:30:23 2015 +0000 + + upstream commit + + add experimental api for packet layer; ok djm@ + +commit 48b3b2ba75181f11fca7f327058a591f4426cade +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 19 20:20:20 2015 +0000 + + upstream commit + + store compat flags in struct ssh; ok djm@ + +commit 57d10cbe861a235dd269c74fb2fe248469ecee9d +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 19 20:16:15 2015 +0000 + + upstream commit + + adapt kex to sshbuf and struct ssh; ok djm@ + +commit 3fdc88a0def4f86aa88a5846ac079dc964c0546a +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 19 20:07:45 2015 +0000 + + upstream commit + + move dispatch to struct ssh; ok djm@ + +commit 091c302829210c41e7f57c3f094c7b9c054306f0 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 19 19:52:16 2015 +0000 + + upstream commit + + update packet.c & isolate, introduce struct ssh a) switch + packet.c to buffer api and isolate per-connection info into struct ssh b) + (de)serialization of the state is moved from monitor to packet.c c) the old + packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and + integrated into packet.c with and ok djm@ + +commit 4e62cc68ce4ba20245d208b252e74e91d3785b74 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 19 17:35:48 2015 +0000 + + upstream commit + + fix format strings in (disabled) debugging + +commit d85e06245907d49a2cd0cfa0abf59150ad616f42 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 19 06:01:32 2015 +0000 + + upstream commit + + be a bit more careful in these tests to ensure that + known_hosts is clean + +commit 7947810eab5fe0ad311f32a48f4d4eb1f71be6cf +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 22:00:18 2015 +0000 + + upstream commit + + regression test for known_host file editing using + ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok + markus@ + +commit 3a2b09d147a565d8a47edf37491e149a02c0d3a3 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 19:54:46 2015 +0000 + + upstream commit + + more and better key tests + + test signatures and verification + test certificate generation + flesh out nested cert test + + removes most of the XXX todo markers + +commit 589e69fd82724cfc9738f128e4771da2e6405d0d +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 19:53:58 2015 +0000 + + upstream commit + + make the signature fuzzing test much more rigorous: + ensure that the fuzzed input cases do not match the original (using new + fuzz_matches_original() function) and check that the verification fails in + each case + +commit 80603c0daa2538c349c1c152405580b164d5475f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 19:52:44 2015 +0000 + + upstream commit + + add a fuzz_matches_original() function to the fuzzer to + detect fuzz cases that are identical to the original data. Hacky + implementation, but very useful when you need the fuzz to be different, e.g. + when verifying signature + +commit 87d5495bd337e358ad69c524fcb9495208c0750b +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 19:50:55 2015 +0000 + + upstream commit + + better dumps from the fuzzer (shown on errors) - + include the original data as well as the fuzzed copy. + +commit d59ec478c453a3fff05badbbfd96aa856364f2c2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 19:47:55 2015 +0000 + + upstream commit + + enable hostkey-agent.sh test + +commit 26b3425170bf840e4b095e1c10bf25a0a3e3a105 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Jan 17 18:54:30 2015 +0000 + + upstream commit + + unit test for hostkeys in ssh-agent + +commit 9e06a0fb23ec55d9223b26a45bb63c7649e2f2f2 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Thu Jan 15 23:41:29 2015 +0000 + + upstream commit + + add kex unit tests + +commit d2099dec6da21ae627f6289aedae6bc1d41a22ce +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Mon Jan 19 00:32:54 2015 +0000 + + upstream commit + + djm, your /usr/include tree is old + +commit 2b3c3c76c30dc5076fe09d590f5b26880f148a54 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 21:51:19 2015 +0000 + + upstream commit + + some feedback from markus@: comment hostkeys_foreach() + context and avoid a member in it. + +commit cecb30bc2ba6d594366e657d664d5c494b6c8a7f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 21:49:42 2015 +0000 + + upstream commit + + make ssh-keygen use hostkeys_foreach(). Removes some + horrendous code; ok markus@ + +commit ec3d065df3a9557ea96b02d061fd821a18c1a0b9 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 21:48:09 2015 +0000 + + upstream commit + + convert load_hostkeys() (hostkey ordering and + known_host matching) to use the new hostkey_foreach() iterator; ok markus + +commit c29811cc480a260e42fd88849fc86a80c1e91038 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 21:40:23 2015 +0000 + + upstream commit + + introduce hostkeys_foreach() to allow iteration over a + known_hosts file or controlled subset thereof. This will allow us to pull out + some ugly and duplicated code, and will be used to implement hostkey rotation + later. + + feedback and ok markus + +commit f101d8291da01bbbfd6fb8c569cfd0cc61c0d346 +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Sun Jan 18 14:01:00 2015 +0000 + + upstream commit + + string truncation due to sizeof(size) ok djm markus + +commit 35d6022b55b7969fc10c261cb6aa78cc4a5fcc41 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 13:33:34 2015 +0000 + + upstream commit + + avoid trailing ',' in host key algorithms + +commit 7efb455789a0cb76bdcdee91c6060a3dc8f5c007 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jan 18 13:22:28 2015 +0000 + + upstream commit + + infer key length correctly when user specified a fully- + qualified key name instead of using the -b bits option; ok markus@ + +commit 83f8ffa6a55ccd0ce9d8a205e3e7439ec18fedf5 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Jan 17 18:53:34 2015 +0000 + + upstream commit + + fix hostkeys on ssh agent; found by unit test I'm about + to commit + +commit 369d61f17657b814124268f99c033e4dc6e436c1 +Author: schwarze@openbsd.org <schwarze@openbsd.org> +Date: Fri Jan 16 16:20:23 2015 +0000 + + upstream commit + + garbage collect empty .No macros mandoc warns about + +commit bb8b442d32dbdb8521d610e10d8b248d938bd747 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 16 15:55:07 2015 +0000 + + upstream commit + + regression: incorrect error message on + otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@ + +commit 9010902954a40b59d0bf3df3ccbc3140a653e2bc +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jan 16 07:19:48 2015 +0000 + + upstream commit + + when hostname canonicalisation is enabled, try to parse + hostnames as addresses before looking them up for canonicalisation. fixes + bz#2074 and avoids needless DNS lookups in some cases; ok markus + +commit 2ae4f337b2a5fb2841b6b0053b49496fef844d1c +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Fri Jan 16 06:40:12 2015 +0000 + + upstream commit + + Replace <sys/param.h> with <limits.h> and other less + dirty headers where possible. Annotate <sys/param.h> lines with their + current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, + LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of + MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. + These are the files confirmed through binary verification. ok guenther, + millert, doug (helped with the verification protocol) + +commit 3c4726f4c24118e8f1bb80bf75f1456c76df072c +Author: markus@openbsd.org <markus@openbsd.org> +Date: Thu Jan 15 21:38:50 2015 +0000 + + upstream commit + + remove xmalloc, switch to sshbuf + +commit e17ac01f8b763e4b83976b9e521e90a280acc097 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Thu Jan 15 21:37:14 2015 +0000 + + upstream commit + + switch to sshbuf + +commit ddef9995a1fa6c7a8ff3b38bfe6cf724bebf13d0 +Author: naddy@openbsd.org <naddy@openbsd.org> +Date: Thu Jan 15 18:32:54 2015 +0000 + + upstream commit + + handle UMAC128 initialization like UMAC; ok djm@ markus@ + +commit f14564c1f7792446bca143580aef0e7ac25dcdae +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jan 15 11:04:36 2015 +0000 + + upstream commit + + fix regression reported by brad@ for passworded keys without + agent present + +commit 45c0fd70bb2a88061319dfff20cb12ef7b1bc47e +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 22:08:23 2015 +1100 + + make bitmap test compile + +commit d333f89abf7179021e5c3f28673f469abe032062 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jan 15 07:36:28 2015 +0000 + + upstream commit + + unit tests for KRL bitmap + +commit 7613f828f49c55ff356007ae9645038ab6682556 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Wed Jan 14 09:58:21 2015 +0000 + + upstream commit + + re-add comment about full path + +commit 6c43b48b307c41cd656b415621a644074579a578 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Wed Jan 14 09:54:38 2015 +0000 + + upstream commit + + don't reset to the installed sshd; connect before + reconfigure, too + +commit 771bb47a1df8b69061f09462e78aa0b66cd594bf +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 13 14:51:51 2015 +0000 + + upstream commit + + implement a SIGINFO handler so we can discern a stuck + fuzz test from a merely glacial one; prompted by and ok markus + +commit cfaa57962f8536f3cf0fd7daf4d6a55d6f6de45f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 13 08:23:26 2015 +0000 + + upstream commit + + use $SSH instead of installed ssh to allow override; + spotted by markus@ + +commit 0920553d0aee117a596b03ed5b49b280d34a32c5 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 13 07:49:49 2015 +0000 + + upstream commit + + regress test for PubkeyAcceptedKeyTypes; ok markus@ + +commit 27ca1a5c0095eda151934bca39a77e391f875d17 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 12 20:13:27 2015 +0000 + + upstream commit + + unbreak parsing of pubkey comments; with gerhard; ok + djm/deraadt + +commit 55358f0b4e0b83bc0df81c5f854c91b11e0bb4dc +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 12 11:46:32 2015 +0000 + + upstream commit + + fatal if soft-PKCS11 library is missing rather (rather + than continue and fail with a more cryptic error) + +commit c3554cdd2a1a62434b8161017aa76fa09718a003 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 12 11:12:38 2015 +0000 + + upstream commit + + let this test all supporte key types; pointed out/ok + markus@ + +commit 1129dcfc5a3e508635004bcc05a3574cb7687167 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jan 15 09:40:00 2015 +0000 + + upstream commit + + sync ssh-keysign, ssh-keygen and some dependencies to the + new buffer/key API; mostly mechanical, ok markus@ + +commit e4ebf5586452bf512da662ac277aaf6ecf0efe7c +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jan 15 07:57:08 2015 +0000 + + upstream commit + + remove commented-out test code now that it has moved to a + proper unit test + +commit e81cba066c1e9eb70aba0f6e7c0ff220611b370f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 14 20:54:29 2015 +0000 + + upstream commit + + whitespace + +commit 141efe49542f7156cdbc2e4cd0a041d8b1aab622 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 14 20:05:27 2015 +0000 + + upstream commit + + move authfd.c and its tentacles to the new buffer/key + API; ok markus@ + +commit 0088c57af302cda278bd26d8c3ae81d5b6f7c289 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 14 19:33:41 2015 +0000 + + upstream commit + + fix small regression: ssh-agent would return a success + message but an empty signature if asked to sign using an unknown key; ok + markus@ + +commit b03ebe2c22b8166e4f64c37737f4278676e3488d +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 03:08:58 2015 +1100 + + more --without-openssl + + fix some regressions caused by upstream merges + + enable KRLs now that they no longer require BIGNUMs + +commit bc42cc6fe784f36df225c44c93b74830027cb5a2 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 03:08:29 2015 +1100 + + kludge around tun API mismatch betterer + +commit c332110291089b624fa0951fbf2d1ee6de525b9f +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 02:59:51 2015 +1100 + + some systems lack SO_REUSEPORT + +commit 83b9678a62cbdc74eb2031cf1e1e4ffd58e233ae +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 02:35:50 2015 +1100 + + fix merge botch + +commit 0cdc5a3eb6fb383569a4da2a30705d9b90428d6b +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 02:35:33 2015 +1100 + + unbreak across API change + +commit 6e2549ac2b5e7f96cbc2d83a6e0784b120444b47 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 02:30:18 2015 +1100 + + need includes.h for portable OpenSSH + +commit 72ef7c148c42db7d5632a29f137f8b87b579f2d9 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 02:21:31 2015 +1100 + + support --without-openssl at configure time + + Disables and removes dependency on OpenSSL. Many features don't + work and the set of crypto options is greatly restricted. This + will only work on system with native arc4random or /dev/urandom. + + Considered highly experimental for now. + +commit 4f38c61c68ae7e3f9ee4b3c38bc86cd39f65ece9 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 15 02:28:00 2015 +1100 + + add files missed in last commit + +commit a165bab605f7be55940bb8fae977398e8c96a46d +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 14 15:02:39 2015 +0000 + + upstream commit + + avoid BIGNUM in KRL code by using a simple bitmap; + feedback and ok markus + +commit 7d845f4a0b7ec97887be204c3760e44de8bf1f32 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 14 13:54:13 2015 +0000 + + upstream commit + + update sftp client and server to new buffer API. pretty + much just mechanical changes; with & ok markus + +commit 139ca81866ec1b219c717d17061e5e7ad1059e2a +Author: markus@openbsd.org <markus@openbsd.org> +Date: Wed Jan 14 13:09:09 2015 +0000 + + upstream commit + + switch to sshbuf/sshkey; with & ok djm@ + +commit 81bfbd0bd35683de5d7f2238b985e5f8150a9180 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jan 14 21:48:18 2015 +1100 + + support --without-openssl at configure time + + Disables and removes dependency on OpenSSL. Many features don't + work and the set of crypto options is greatly restricted. This + will only work on system with native arc4random or /dev/urandom. + + Considered highly experimental for now. + +commit 54924b53af15ccdcbb9f89984512b5efef641a31 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 14 10:46:28 2015 +0000 + + upstream commit + + avoid an warning for the !OPENSSL case + +commit ae8b463217f7c9b66655bfc3945c050ffdaeb861 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Wed Jan 14 10:30:34 2015 +0000 + + upstream commit + + swith auth-options to new sshbuf/sshkey; ok djm@ + +commit 540e891191b98b89ee90aacf5b14a4a68635e763 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jan 14 10:29:45 2015 +0000 + + upstream commit + + make non-OpenSSL aes-ctr work on sshd w/ privsep; ok + markus@ + +commit 60c2c4ea5e1ad0ddfe8b2877b78ed5143be79c53 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Wed Jan 14 10:24:42 2015 +0000 + + upstream commit + + remove unneeded includes, sync my copyright across files + & whitespace; ok djm@ + +commit 128343bcdb0b60fc826f2733df8cf979ec1627b4 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Tue Jan 13 19:31:40 2015 +0000 + + upstream commit + + adapt mac.c to ssherr.h return codes (de-fatal) and + simplify dependencies ok djm@ + +commit e7fd952f4ea01f09ceb068721a5431ac2fd416ed +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 13 19:04:35 2015 +0000 + + upstream commit + + sync changes from libopenssh; prepared by markus@ mostly + debug output tweaks, a couple of error return value changes and some other + minor stuff + +commit 76c0480a85675f03a1376167cb686abed01a3583 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 13 19:38:18 2015 +1100 + + add --without-ssh1 option to configure + + Allows disabling support for SSH protocol 1. + +commit 1f729f0614d1376c3332fa1edb6a5e5cec7e9e03 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jan 13 07:39:19 2015 +0000 + + upstream commit + + add sshd_config HostbasedAcceptedKeyTypes and + PubkeyAcceptedKeyTypes options to allow sshd to control what public key types + will be accepted. Currently defaults to all. Feedback & ok markus@ + +commit 816d1538c24209a93ba0560b27c4fda57c3fff65 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 12 20:13:27 2015 +0000 + + upstream commit + + unbreak parsing of pubkey comments; with gerhard; ok + djm/deraadt + +commit 0097565f849851812df610b7b6b3c4bd414f6c62 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 12 19:22:46 2015 +0000 + + upstream commit + + missing error assigment on sshbuf_put_string() + +commit a7f49dcb527dd17877fcb8d5c3a9a6f550e0bba5 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jan 12 15:18:07 2015 +0000 + + upstream commit + + apparently memcpy(x, NULL, 0) is undefined behaviour + according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls + when length==0; ok markus@ + +commit 905fe30fca82f38213763616d0d26eb6790bde33 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 12 14:05:19 2015 +0000 + + upstream commit + + free->sshkey_free; ok djm@ + +commit f067cca2bc20c86b110174c3fef04086a7f57b13 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jan 12 13:29:27 2015 +0000 + + upstream commit + + allow WITH_OPENSSL w/o WITH_SSH1; ok djm@ + +commit c4bfafcc2a9300d9cfb3c15e75572d3a7d74670d +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jan 8 13:10:58 2015 +0000 + + upstream commit + + adjust for sshkey_load_file() API change + +commit e752c6d547036c602b89e9e704851463bd160e32 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jan 8 13:44:36 2015 +0000 + + upstream commit + + fix ssh_config FingerprintHash evaluation order; from Petr + Lautrbach + +commit ab24ab847b0fc94c8d5e419feecff0bcb6d6d1bf +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jan 8 10:15:45 2015 +0000 + + upstream commit + + reorder hostbased key attempts to better match the + default hostkey algorithms order in myproposal.h; ok markus@ + +commit 1195f4cb07ef4b0405c839293c38600b3e9bdb46 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jan 8 10:14:08 2015 +0000 + + upstream commit + + deprecate key_load_private_pem() and + sshkey_load_private_pem() interfaces. Refactor the generic key loading API to + not require pathnames to be specified (they weren't really used). + + Fixes a few other things en passant: + + Makes ed25519 keys work for hostbased authentication (ssh-keysign + previously used the PEM-only routines). + + Fixes key comment regression bz#2306: key pathnames were being lost as + comment fields. + + ok markus@ + +commit febbe09e4e9aff579b0c5cc1623f756862e4757d +Author: tedu@openbsd.org <tedu@openbsd.org> +Date: Wed Jan 7 18:15:07 2015 +0000 + + upstream commit + + workaround for the Meyer, et al, Bleichenbacher Side + Channel Attack. fake up a bignum key before RSA decryption. discussed/ok djm + markus + +commit 5191df927db282d3123ca2f34a04d8d96153911a +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Dec 23 22:42:48 2014 +0000 + + upstream commit + + KNF and add a little more debug() + +commit 8abd80315d3419b20e6938f74d37e2e2b547f0b7 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Mon Dec 22 09:26:31 2014 +0000 + + upstream commit + + add fingerprinthash to the options list; + +commit 296ef0560f60980da01d83b9f0e1a5257826536f +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Mon Dec 22 09:24:59 2014 +0000 + + upstream commit + + tweak previous; + +commit 462082eacbd37778a173afb6b84c6f4d898a18b5 +Author: Damien Miller <djm@google.com> +Date: Tue Dec 30 08:16:11 2014 +1100 + + avoid uninitialised free of ldns_res + + If an invalid rdclass was passed to getrrsetbyname() then + this would execute a free on an uninitialised pointer. + OpenSSH only ever calls this with a fixed and valid rdclass. + + Reported by Joshua Rogers + +commit 01b63498801053f131a0740eb9d13faf35d636c8 +Author: Damien Miller <djm@google.com> +Date: Mon Dec 29 18:10:18 2014 +1100 + + pull updated OpenBSD BCrypt PBKDF implementation + + Includes fix for 1 byte output overflow for large key length + requests (not reachable in OpenSSH). + + Pointed out by Joshua Rogers + +commit c528c1b4af2f06712177b3de9b30705752f7cbcb +Author: Damien Miller <djm@google.com> +Date: Tue Dec 23 15:26:13 2014 +1100 + + fix variable name for IPv6 case in construct_utmpx + + patch from writeonce AT midipix.org via bz#2296 + +commit 293cac52dcda123244b2e594d15592e5e481c55e +Author: Damien Miller <djm@google.com> +Date: Mon Dec 22 16:30:42 2014 +1100 + + include and use OpenBSD netcat in regress/ + +commit 8f6784f0cb56dc4fd00af3e81a10050a5785228d +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 09:05:17 2014 +0000 + + upstream commit + + mention ssh -Q feature to list supported { MAC, cipher, + KEX, key } algorithms in more places and include the query string used to + list the relevant information; bz#2288 + +commit 449e11b4d7847079bd0a2daa6e3e7ea03d8ef700 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Mon Dec 22 08:24:17 2014 +0000 + + upstream commit + + tweak previous; + +commit 4bea0ab3290c0b9dd2aa199e932de8e7e18062d6 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 08:06:03 2014 +0000 + + upstream commit + + regression test for multiple required pubkey authentication; + ok markus@ + +commit f1c4d8ec52158b6f57834b8cd839605b0a33e7f2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 08:04:23 2014 +0000 + + upstream commit + + correct description of what will happen when a + AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd + will refuse to start) + +commit 161cf419f412446635013ac49e8c660cadc36080 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 07:55:51 2014 +0000 + + upstream commit + + make internal handling of filename arguments of "none" + more consistent with ssh. "none" arguments are now replaced with NULL when + the configuration is finalised. + + Simplifies checking later on (just need to test not-NULL rather than + that + strcmp) and cleans up some inconsistencies. ok markus@ + +commit f69b69b8625be447b8826b21d87713874dac25a6 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 07:51:30 2014 +0000 + + upstream commit + + remember which public keys have been used for + authentication and refuse to accept previously-used keys. + + This allows AuthenticationMethods=publickey,publickey to require + that users authenticate using two _different_ pubkeys. + + ok markus@ + +commit 46ac2ed4677968224c4ca825bc98fc68dae183f0 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 07:24:11 2014 +0000 + + upstream commit + + fix passing of wildcard forward bind addresses when + connection multiplexing is in use; patch from Sami Hartikainen via bz#2324; ok dtucker@ - - djm@cvs.openbsd.org 2011/12/04 23:16:12 - [mux.c] - revert: - > revision 1.32 - > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 - > fix bz#1948: ssh -f doesn't fork for multiplexed connection. - > ok dtucker@ - it interacts badly with ControlPersist - - djm@cvs.openbsd.org 2012/01/07 21:11:36 - [mux.c] - fix double-free in new session handler - NB. Id sync only - - djm@cvs.openbsd.org 2012/05/23 03:28:28 - [dns.c dns.h key.c key.h ssh-keygen.c] - add support for RFC6594 SSHFP DNS records for ECDSA key types. - patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@ - (Original authors Ondřej Surý, Ondřej Caletka and Daniel Black) - - djm@cvs.openbsd.org 2012/06/01 00:49:35 - [PROTOCOL.mux] - correct types of port numbers (integers, not strings); bz#2004 from - bert.wesarg AT googlemail.com - - djm@cvs.openbsd.org 2012/06/01 01:01:22 - [mux.c] - fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg - AT googlemail.com - - dtucker@cvs.openbsd.org 2012/06/18 11:43:53 - [jpake.c] - correct sizeof usage. patch from saw at online.de, ok deraadt - - dtucker@cvs.openbsd.org 2012/06/18 11:49:58 - [ssh_config.5] - RSA instead of DSA twice. From Steve.McClellan at radisys com - - dtucker@cvs.openbsd.org 2012/06/18 12:07:07 - [ssh.1 sshd.8] - Remove mention of 'three' key files since there are now four. From - Steve.McClellan at radisys com. - - dtucker@cvs.openbsd.org 2012/06/18 12:17:18 - [ssh.1] - Clarify description of -W. Noted by Steve.McClellan at radisys com, - ok jmc - - markus@cvs.openbsd.org 2012/06/19 18:25:28 - [servconf.c servconf.h sshd_config.5] - sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups} - this allows 'Match LocalPort 1022' combined with 'AllowUser bauer' - ok djm@ (back in March) - - jmc@cvs.openbsd.org 2012/06/19 21:35:54 - [sshd_config.5] - tweak previous; ok markus - - djm@cvs.openbsd.org 2012/06/20 04:42:58 - [clientloop.c serverloop.c] - initialise accept() backoff timer to avoid EINVAL from select(2) in - rekeying - -20120519 - - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch - from cjwatson at debian org. - - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find - pkg-config so it does the right thing when cross-compiling. Patch from - cjwatson at debian org. -- (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 - [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5] - Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests - to match. Feedback and ok djm@ markus@. - - dtucker@cvs.openbsd.org 2012/05/19 06:30:30 - [sshd_config.5] - Document PermitOpen none. bz#2001, patch from Loganaden Velvindron - -20120504 - - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h> - to fix building on some plaforms. Fom bowman at math utah edu and - des at des no. - -20120427 - - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6 - platform rather than exiting early, so that we still clean up and return - success or failure to test-exec.sh - -20120426 - - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters - via Niels - - (djm) [auth-krb5.c] Save errno across calls that might modify it; - ok dtucker@ - -20120423 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2012/04/23 08:18:17 - [channels.c] - fix function proto/source mismatch - -20120422 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2012/02/29 11:21:26 - [ssh-keygen.c] - allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ - - guenther@cvs.openbsd.org 2012/03/15 03:10:27 - [session.c] - root should always be excluded from the test for /etc/nologin instead - of having it always enforced even when marked as ignorenologin. This - regressed when the logic was incompletely flipped around in rev 1.251 - ok halex@ millert@ - - djm@cvs.openbsd.org 2012/03/28 07:23:22 - [PROTOCOL.certkeys] - explain certificate extensions/crit split rationale. Mention requirement - that each appear at most once per cert. - - dtucker@cvs.openbsd.org 2012/03/29 23:54:36 - [channels.c channels.h servconf.c] - Add PermitOpen none option based on patch from Loganaden Velvindron - (bz #1949). ok djm@ - - djm@cvs.openbsd.org 2012/04/11 13:16:19 - [channels.c channels.h clientloop.c serverloop.c] - don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a - while; ok deraadt@ markus@ - - djm@cvs.openbsd.org 2012/04/11 13:17:54 - [auth.c] - Support "none" as an argument for AuthorizedPrincipalsFile to indicate - no file should be read. - - djm@cvs.openbsd.org 2012/04/11 13:26:40 - [sshd.c] - don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a - while; ok deraadt@ markus@ - - djm@cvs.openbsd.org 2012/04/11 13:34:17 - [ssh-keyscan.1 ssh-keyscan.c] - now that sshd defaults to offering ECDSA keys, ssh-keyscan should also - look for them by default; bz#1971 - - djm@cvs.openbsd.org 2012/04/12 02:42:32 - [servconf.c servconf.h sshd.c sshd_config sshd_config.5] - VersionAddendum option to allow server operators to append some arbitrary - text to the SSH-... banner; ok deraadt@ "don't care" markus@ - - djm@cvs.openbsd.org 2012/04/12 02:43:55 - [sshd_config sshd_config.5] - mention AuthorizedPrincipalsFile=none default - - djm@cvs.openbsd.org 2012/04/20 03:24:23 - [sftp.c] - setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...) - - jmc@cvs.openbsd.org 2012/04/20 16:26:22 - [ssh.1] - use "brackets" instead of "braces", for consistency; - -20120420 - - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Update for release 6.0 - - (djm) [README] Update URL to release notes. - - (djm) Release openssh-6.0 + +commit 0d1b241a262e4d0a6bbfdd595489ab1b853c43a1 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 06:14:29 2014 +0000 + + upstream commit + + make this slightly easier to diff against portable + +commit 0715bcdddbf68953964058f17255bf54734b8737 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Dec 22 13:47:07 2014 +1100 + + add missing regress output file + +commit 1e30483c8ad2c2f39445d4a4b6ab20c241e40593 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 02:15:52 2014 +0000 + + upstream commit + + adjust for new SHA256 key fingerprints and + slightly-different MD5 hex fingerprint format + +commit 6b40567ed722df98593ad8e6a2d2448fc2b4b151 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Dec 22 01:14:49 2014 +0000 + + upstream commit + + poll changes to netcat (usr.bin/netcat.c r1.125) broke + this test; fix it by ensuring more stdio fds are sent to devnull + +commit a5375ccb970f49dddf7d0ef63c9b713ede9e7260 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Sun Dec 21 23:35:14 2014 +0000 + + upstream commit + + tweak previous; + +commit b79efde5c3badf5ce4312fe608d8307eade533c5 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Dec 21 23:12:42 2014 +0000 + + upstream commit + + document FingerprintHash here too + +commit d16bdd8027dd116afa01324bb071a4016cdc1a75 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Dec 22 10:18:09 2014 +1100 + + missing include for base64 encoding + +commit 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Dec 21 22:27:55 2014 +0000 + + upstream commit + + Add FingerprintHash option to control algorithm used for + key fingerprints. Default changes from MD5 to SHA256 and format from hex to + base64. + + Feedback and ok naddy@ markus@ + +commit 058f839fe15c51be8b3a844a76ab9a8db550be4f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 18 23:58:04 2014 +0000 + + upstream commit + + don't count partial authentication success as a failure + against MaxAuthTries; ok deraadt@ + +commit c7219f4f54d64d6dde66dbcf7a2699daa782d2a1 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Dec 12 00:02:17 2014 +0000 + + upstream commit + + revert chunk I didn't mean to commit yet; via jmc@ + +commit 7de5991aa3997e2981440f39c1ea01273a0a2c7b +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 18 11:44:06 2014 +1100 + + upstream libc change + + revision 1.2 + date: 2014/12/08 03:45:00; author: bcook; state: Exp; lines: +2 -2; commitid: 7zWEBgJJOCZ2hvTV; + avoid left shift overflow in reallocarray. + + Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting + 1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with + (size_t)1 so that we get the correct constant size for the platform. + + discussed with tedu@ & deraadt@ + +commit 2048f85a5e6da8bc6e0532efe02ecfd4e63c978c +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 18 10:15:49 2014 +1100 + + include CFLAGS in gnome askpass targets + + from Fedora + +commit 48b68ce19ca42fa488960028048dec023f7899bb +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 11 08:20:09 2014 +0000 + + upstream commit + + explicitly include sys/param.h in files that use the + howmany() macro; from portable + +commit d663bea30a294d440fef4398e5cd816317bd4518 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 11 05:25:06 2014 +0000 + + upstream commit + + mention AuthorizedKeysCommandUser must be set for + AuthorizedKeysCommand to be run; bz#2287 + +commit 17bf3d81e00f2abb414a4fd271118cf4913f049f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 11 05:13:28 2014 +0000 + + upstream commit + + show in debug output which hostkeys are being tried when + attempting hostbased auth; patch from Iain Morgan + +commit da0277e3717eadf5b15e03379fc29db133487e94 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 11 04:16:14 2014 +0000 + + upstream commit + + Make manual reflect reality: sftp-server's -d option + accepts a "%d" option, not a "%h" one. + + bz#2316; reported by Kirk Wolf + +commit 4cf87f4b81fa9380bce5fcff7b0f8382ae3ad996 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Dec 10 01:24:09 2014 +0000 + + upstream commit + + better error value for invalid signature length + +commit 4bfad14ca56f8ae04f418997816b4ba84e2cfc3c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Dec 10 02:12:51 2014 +1100 + + Resync more with OpenBSD's rijndael.c, in particular "#if 0"-ing out some + unused code. Should fix compile error reported by plautrba at redhat. + +commit 642652d280499691c8212ec6b79724b50008ce09 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Dec 10 01:32:23 2014 +1100 + + Add reallocarray to compat library + +commit 3dfd8d93dfcc69261f5af99df56f3ff598581979 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 4 22:31:50 2014 +0000 + + upstream commit + + add tests for new client RevokedHostKeys option; refactor + to make it a bit more readable + +commit a31046cad1aed16a0b55171192faa6d02665ccec +Author: krw@openbsd.org <krw@openbsd.org> +Date: Wed Nov 19 13:35:37 2014 +0000 + + upstream commit + + Nuke yet more obvious #include duplications. + + ok deraadt@ + +commit a7c762e5b2c1093542c0bc1df25ccec0b4cf479f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 4 20:47:36 2014 +0000 + + upstream commit + + key_in_file() wrapper is no longer used + +commit 5e39a49930d885aac9c76af3129332b6e772cd75 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 4 02:24:32 2014 +0000 + + upstream commit + + add RevokedHostKeys option for the client + + Allow textfile or KRL-based revocation of hostkeys. + +commit 74de254bb92c684cf53461da97f52d5ba34ded80 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Dec 4 01:49:59 2014 +0000 + + upstream commit + + convert KRL code to new buffer API + + ok markus@ + +commit db995f2eed5fc432598626fa3e30654503bf7151 +Author: millert@openbsd.org <millert@openbsd.org> +Date: Wed Nov 26 18:34:51 2014 +0000 + + upstream commit + + Prefer setvbuf() to setlinebuf() for portability; ok + deraadt@ + +commit 72bba3d179ced8b425272efe6956a309202a91f3 +Author: jsg@openbsd.org <jsg@openbsd.org> +Date: Mon Nov 24 03:39:22 2014 +0000 + + upstream commit + + Fix crashes in the handling of the sshd config file found + with the afl fuzzer. + + ok deraadt@ djm@ + +commit 867f49c666adcfe92bf539d9c37c1accdea08bf6 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Nov 26 13:22:41 2014 +1100 + + Avoid Cygwin ssh-host-config reading /etc/group + + Patch from Corinna Vinschen + +commit 8b66f36291a721b1ba7c44f24a07fdf39235593e +Author: Damien Miller <djm@mindrot.org> +Date: Wed Nov 26 13:20:35 2014 +1100 + + allow custom service name for sshd on Cygwin + + Permits the use of multiple sshd running with different service names. + + Patch by Florian Friesdorf via Corinna Vinschen + +commit 08c0eebf55d70a9ae1964399e609288ae3186a0c +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Sat Nov 22 19:21:03 2014 +0000 + + upstream commit + + restore word zapped in previous, and remove some useless + "No" macros; + +commit a1418a0033fba43f061513e992e1cbcc3343e563 +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Sat Nov 22 18:15:41 2014 +0000 + + upstream commit + + /dev/random has created the same effect as /dev/arandom + (and /dev/urandom) for quite some time. Mop up the last few, by using + /dev/random where we actually want it, or not even mentioning arandom where + it is irrelevant. + +commit b6de5ac9ed421362f479d1ad4fa433d2e25dad5b +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Nov 21 01:00:38 2014 +0000 + + upstream commit + + fix NULL pointer dereference crash on invalid timestamp + + found using Michal Zalewski's afl fuzzer + +commit a1f8110cd5ed818d59b3a2964fab7de76e92c18e +Author: mikeb@openbsd.org <mikeb@openbsd.org> +Date: Tue Nov 18 22:38:48 2014 +0000 + + upstream commit + + Sync AES code to the one shipped in OpenSSL/LibreSSL. + + This includes a commit made by Andy Polyakov <appro at openssl ! org> + to the OpenSSL source tree on Wed, 28 Jun 2006 with the following + message: "Mitigate cache-collision timing attack on last round." + + OK naddy, miod, djm + +commit 335c83d5f35d8620e16b8aa26592d4f836e09ad2 +Author: krw@openbsd.org <krw@openbsd.org> +Date: Tue Nov 18 20:54:28 2014 +0000 + + upstream commit + + Nuke more obvious #include duplications. + + ok deraadt@ millert@ tedu@ + +commit 51b64e44121194ae4bf153dee391228dada2abcb +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Nov 17 00:21:40 2014 +0000 + + upstream commit + + fix KRL generation when multiple CAs are in use + + We would generate an invalid KRL when revoking certs by serial + number for multiple CA keys due to a section being written out + twice. + + Also extend the regress test to catch this case by having it + produce a multi-CA KRL. + + Reported by peter AT pean.org + +commit d2d51003a623e21fb2b25567c4878d915e90aa2a +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Nov 18 01:02:25 2014 +0000 + + upstream commit + + fix NULL pointer dereference crash in key loading + + found by Michal Zalewski's AFL fuzzer + +commit 9f9fad0191028edc43d100d0ded39419b6895fdf +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Nov 17 00:21:40 2014 +0000 + + upstream commit + + fix KRL generation when multiple CAs are in use + + We would generate an invalid KRL when revoking certs by serial + number for multiple CA keys due to a section being written out + twice. + + Also extend the regress test to catch this case by having it + produce a multi-CA KRL. + + Reported by peter AT pean.org + +commit da8af83d3f7ec00099963e455010e0ed1d7d0140 +Author: bentley@openbsd.org <bentley@openbsd.org> +Date: Sat Nov 15 14:41:03 2014 +0000 + + upstream commit + + Reduce instances of `` '' in manuals. + + troff displays these as typographic quotes, but nroff implementations + almost always print them literally, which rarely has the intended effect + with modern fonts, even in stock xterm. + + These uses of `` '' can be replaced either with more semantic alternatives + or with Dq, which prints typographic quotes in a UTF-8 locale (but will + automatically fall back to `` '' in an ASCII locale). + + improvements and ok schwarze@ + +commit fc302561369483bb755b17f671f70fb894aec01d +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Nov 10 22:25:49 2014 +0000 + + upstream commit + + mux-related manual tweaks + + mention ControlPersist=0 is the same as ControlPersist=yes + + recommend that ControlPath sockets be placed in a og-w directory + +commit 0e4cff5f35ed11102fe3783779960ef07e0cd381 +Author: Damien Miller <djm@google.com> +Date: Wed Nov 5 11:01:31 2014 +1100 + + Prepare scripts for next Cygwin release + + Makes the Cygwin-specific ssh-user-config script independent of the + existence of /etc/passwd. The next Cygwin release will allow to + generate passwd and group entries from the Windows account DBs, so the + scripts have to adapt. + + from Corinna Vinschen + +commit 7d0ba5336651731949762eb8877ce9e3b52df436 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 30 10:45:41 2014 +1100 + + include version number in OpenSSL-too-old error + +commit 3bcb92e04d9207e9f78d82f7918c6d3422054ce9 +Author: lteo@openbsd.org <lteo@openbsd.org> +Date: Fri Oct 24 02:01:20 2014 +0000 + + upstream commit + + Remove unnecessary include: netinet/in_systm.h is not needed + by these programs. + + NB. skipped for portable + + ok deraadt@ millert@ + +commit 6fdcaeb99532e28a69f1a1599fbd540bb15b70a0 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Oct 20 03:43:01 2014 +0000 + + upstream commit + + whitespace + +commit 165bc8786299e261706ed60342985f9de93a7461 +Author: daniel@openbsd.org <daniel@openbsd.org> +Date: Tue Oct 14 03:09:59 2014 +0000 + + upstream commit + + plug a memory leak; from Maxime Villard. + + ok djm@ + +commit b1ba15f3885947c245c2dbfaad0a04ba050abea0 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Thu Oct 9 06:21:31 2014 +0000 + + upstream commit + + tweak previous; + +commit 259a02ebdf74ad90b41d116ecf70aa823fa4c6e7 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Oct 13 00:38:35 2014 +0000 + + upstream commit + + whitespace + +commit 957fbceb0f3166e41b76fdb54075ab3b9cc84cba +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Oct 8 22:20:25 2014 +0000 + + upstream commit + + Tweak config reparsing with host canonicalisation + + Make the second pass through the config files always run when + hostname canonicalisation is enabled. + + Add a "Match canonical" criteria that allows ssh_config Match + blocks to trigger only in the second config pass. + + Add a -G option to ssh that causes it to parse its configuration + and dump the result to stdout, similar to "sshd -T" + + Allow ssh_config Port options set in the second config parse + phase to be applied (they were being ignored). + + bz#2267 bz#2286; ok markus + +commit 5c0dafd38bf66feeeb45fa0741a5baf5ad8039ba +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Oct 8 22:15:27 2014 +0000 + + upstream commit + + another -Wpointer-sign from clang + +commit bb005dc815ebda9af3ae4b39ca101c4da918f835 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Oct 8 22:15:06 2014 +0000 + + upstream commit + + fix a few -Wpointer-sign warnings from clang + +commit 3cc1fbb4fb0e804bfb873fd363cea91b27fc8188 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Oct 8 21:45:48 2014 +0000 + + upstream commit + + parse cert sections using nested buffers to reduce + copies; ok markus + +commit 4a45922aebf99164e2fc83d34fe55b11ae1866ef +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Oct 6 00:47:15 2014 +0000 + + upstream commit + + correct options in usage(); from mancha1 AT zoho.com + +commit 48dffd5bebae6fed0556dc5c36cece0370690618 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Sep 9 09:45:36 2014 +0000 + + upstream commit + + mention permissions on tun(4) devices in PermitTunnel + documentation; bz#2273 + +commit a5883d4eccb94b16c355987f58f86a7dee17a0c2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 3 18:55:07 2014 +0000 + + upstream commit + + tighten permissions on pty when the "tty" group does + not exist; pointed out by Corinna Vinschen; ok markus + +commit 180bcb406b58bf30723c01a6b010e48ee626dda8 +Author: sobrado@openbsd.org <sobrado@openbsd.org> +Date: Sat Aug 30 16:32:25 2014 +0000 + + upstream commit + + typo. + +commit f70b22bcdd52f6bf127047b3584371e6e5d45627 +Author: sobrado@openbsd.org <sobrado@openbsd.org> +Date: Sat Aug 30 15:33:50 2014 +0000 + + upstream commit + + improve capitalization for the Ed25519 public-key + signature system. + + ok djm@ + +commit 7df8818409c752cf3f0c3f8044fe9aebed8647bd +Author: doug@openbsd.org <doug@openbsd.org> +Date: Thu Aug 21 01:08:52 2014 +0000 + + upstream commit + + Free resources on error in mkstemp and fdopen + + ok djm@ + +commit 40ba4c9733aaed08304714faeb61529f18da144b +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Wed Aug 20 01:28:55 2014 +0000 + + upstream commit + + djm how did you make a typo like that... + +commit 57d378ec9278ba417a726f615daad67d157de666 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Aug 19 23:58:28 2014 +0000 + + upstream commit + + When dumping the server configuration (sshd -T), print + correct KEX, MAC and cipher defaults. Spotted by Iain Morgan + +commit 7ff880ede5195d0b17e7f1e3b6cfbc4cb6f85240 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Aug 19 23:57:18 2014 +0000 + + upstream commit + + ~-expand lcd paths + +commit 4460a7ad0c78d4cd67c467f6e9f4254d0404ed59 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Oct 12 12:35:48 2014 +1100 + + remove duplicated KEX_DH1 entry + +commit c9b8426a616138d0d762176c94f51aff3faad5ff +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 9 10:34:06 2014 +1100 + + remove ChangeLog file + + Commit logs will be generated from git at release time. + +commit 81d18ff7c93a04affbf3903e0963859763219aed +Author: Damien Miller <djm@google.com> +Date: Tue Oct 7 21:24:25 2014 +1100 + + delete contrib/caldera directory + +commit 0ec9e87d3638206456968202f05bb5123670607a +Author: Damien Miller <djm@google.com> +Date: Tue Oct 7 19:57:27 2014 +1100 + + test commit + +commit 8fb65a44568701b779f3d77326bceae63412d28d +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 7 09:21:49 2014 +1100 + + - (djm) Release OpenSSH-6.7 + +commit e8c9f2602c46f6781df5e52e6cd8413dab4602a3 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Oct 3 09:24:56 2014 +1000 + + - (djm) [sshd_config.5] typo; from Iain Morgan + +commit 703b98a26706f5083801d11059486d77491342ae +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 1 09:43:07 2014 +1000 + + - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c] + [openbsd-compat/openbsd-compat.h] Kludge around bad glibc + _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; + ok dtucker@ + +commit 0fa0ed061bbfedb0daa705e220748154a84c3413 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Sep 10 08:15:34 2014 +1000 + + - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc; + patch from Felix von Leitner; ok dtucker + +commit ad7d23d461c3b7e1dcb15db13aee5f4b94dc1a95 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Sep 9 12:23:10 2014 +1000 + + 20140908 + - (dtucker) [INSTALL] Update info about egd. ok djm@ + +commit 2a8699f37cc2515e3bc60e0c677ba060f4d48191 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Sep 4 03:46:05 2014 +1000 + + - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG + +commit 44988defb1f5e3afe576d86000365e1f07a1b494 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Sep 3 05:35:32 2014 +1000 + + - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to + permissions/ACLs; from Corinna Vinschen + +commit 23f269562b7537b2f6f5014e50a25e5dcc55a837 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Sep 3 05:33:25 2014 +1000 + + - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and + conditionalise to avoid duplicate definition. + +commit 41c8de2c0031cf59e7cf0c06b5bcfbf4852c1fda +Author: Damien Miller <djm@mindrot.org> +Date: Sat Aug 30 16:23:06 2014 +1000 + + - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@ + +commit d7c81e216a7bd9eed6e239c970d9261bb1651947 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Aug 30 04:18:28 2014 +1000 + + - (djm) [openbsd-compat/openssl-compat.h] add include guard + +commit 4687802dda57365b984b897fc3c8e2867ea09b22 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Aug 30 03:29:19 2014 +1000 + + - (djm) [misc.c] Missing newline between functions + +commit 51c77e29220dee87c53be2dc47092934acab26fe +Author: Damien Miller <djm@mindrot.org> +Date: Sat Aug 30 02:30:30 2014 +1000 + + - (djm) [openbsd-compat/openssl-compat.h] add + OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them + +commit 3d673d103bad35afaec6e7ef73e5277216ce33a3 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 27 06:32:01 2014 +1000 + + - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero() + using memset_s() where possible; improve fallback to indirect bzero + via a volatile pointer to give it more of a chance to avoid being + optimised away. + +commit 146218ac11a1eb0dcade6f793d7acdef163b5ddc +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 27 04:11:55 2014 +1000 + + - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth + monitor, not preauth; bz#2263 + +commit 1b215c098b3b37e38aa4e4c91bb908eee41183b1 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 27 04:04:40 2014 +1000 + + - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] + [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] + [regress/unittests/sshkey/common.c] + [regress/unittests/sshkey/test_file.c] + [regress/unittests/sshkey/test_fuzz.c] + [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h + on !ECC OpenSSL systems + +commit ad013944af0a19e3f612089d0099bb397cf6502d +Author: Damien Miller <djm@mindrot.org> +Date: Tue Aug 26 09:27:28 2014 +1000 + + - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL, + update OpenSSL version requirement. + +commit ed126de8ee04c66640a0ea2697c4aaf36801f100 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Aug 26 08:37:47 2014 +1000 + + - (djm) [bufec.c] Skip this file on !ECC OpenSSL + +commit 9c1dede005746864a4fdb36a7cdf6c51296ca909 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Aug 24 03:01:06 2014 +1000 + + - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not + PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen + +commit d244a5816fd1312a33404b436e4dd83594f1119e +Author: Damien Miller <djm@mindrot.org> +Date: Sat Aug 23 17:06:49 2014 +1000 + + - (djm) [configure.ac] We now require a working vsnprintf everywhere (not + just for systems that lack asprintf); check for it always and extend + test to catch more brokenness. Fixes builds on Solaris <= 9 + +commit 4cec036362a358e398e6a2e6d19d8e5780558634 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Aug 23 03:11:09 2014 +1000 + + - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on + lastlog writing on platforms with high UIDs; bz#2263 + +commit 394a60f2598d28b670d934b93942a3370b779b39 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Aug 22 18:06:20 2014 +1000 + + - (djm) [configure.ac] double braces to appease autoconf + +commit 4d69aeabd6e60afcdc7cca177ca751708ab79a9d +Author: Damien Miller <djm@mindrot.org> +Date: Fri Aug 22 17:48:27 2014 +1000 + + - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/ + definition mismatch) and warning for broken/missing snprintf case. + +commit 0c11f1ac369d2c0aeb0ab0458a7cd04c72fe5e9e +Author: Damien Miller <djm@mindrot.org> +Date: Fri Aug 22 17:36:56 2014 +1000 + + - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC + +commit 6d62784b8973340b251fea6b04890f471adf28db +Author: Damien Miller <djm@mindrot.org> +Date: Fri Aug 22 17:36:19 2014 +1000 + + - (djm) [configure.ac] include leading zero characters in OpenSSL version + number; fixes test for unsupported versions + +commit 4f1ff1ed782117f5d5204d4e91156ed5da07cbb7 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Aug 21 15:54:50 2014 +1000 + + - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that + don't set __progname. Diagnosed by Tom Christensen. + +commit 005a64da0f457410045ef0bfa93c863c2450447d +Author: Damien Miller <djm@mindrot.org> +Date: Thu Aug 21 10:48:41 2014 +1000 + + - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL + +commit aa6598ebb3343c7380e918388e10e8ca5852b613 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Aug 21 10:47:54 2014 +1000 + + - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too. + +commit 54703e3cf63f0c80d4157e5ad7dbc2b363ee2c56 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 20 11:10:51 2014 +1000 + + - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna + +commit f0935698f0461f24d8d1f1107b476ee5fd4db1cb +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 20 11:06:50 2014 +1000 + + - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC + +commit c5089ecaec3b2c02f014f4e67518390702a4ba14 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 20 11:06:20 2014 +1000 + + - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than + -L/-l; fixes linking problems on some platforms + +commit 2195847e503a382f83ee969b0a8bd3dfe0e55c18 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 20 11:05:03 2014 +1000 + + - (djm) [configure.ac] Check OpenSSL version is supported at configure time; + suggested by Kevin Brott + +commit a75aca1bbc989aa9f8b1b08489d37855f3d24d1a +Author: Damien Miller <djm@mindrot.org> +Date: Tue Aug 19 11:36:07 2014 +1000 + + - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README] + [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions + of TCP wrappers. + +commit 3f022b5a9477abceeb1bbeab04b055f3cc7ca8f6 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Aug 19 11:32:34 2014 +1000 + + - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG + +commit 88137902632aceb923990e98cf5dc923bb3ef2f5 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Aug 19 11:28:11 2014 +1000 + + - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC. + +commit 2f3d1e7fb2eabd3cfbfd8d0f7bdd2f9a1888690b +Author: Damien Miller <djm@mindrot.org> +Date: Tue Aug 19 11:14:36 2014 +1000 + + - (djm) [myproposal.h] Make curve25519 KEX dependent on + HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC. + +commit d4e7d59d01a6c7f59e8c1f94a83c086e9a33d8aa +Author: Damien Miller <djm@mindrot.org> +Date: Tue Aug 19 11:14:17 2014 +1000 + + - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen + +commit 9eaeea2cf2b6af5f166cfa9ad3c7a90711a147a9 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Aug 10 11:35:05 2014 +1000 + + - (djm) [README contrib/caldera/openssh.spec] + [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions + +commit f8988fbef0c9801d19fa2f8f4f041690412bec37 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Aug 1 13:31:52 2014 +1000 + + - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate + nc from stdin, it's more portable + +commit 5b3879fd4b7a4e3d43bab8f40addda39bc1169d0 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Aug 1 12:28:31 2014 +1000 + + - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin + is closed; avoid regress failures when stdin is /dev/null + +commit a9c46746d266f8a1b092a72b2150682d1af8ebfc +Author: Damien Miller <djm@mindrot.org> +Date: Fri Aug 1 12:26:49 2014 +1000 + + - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need + a better solution, but this will have to do for now. + +commit 426117b2e965e43f47015942b5be8dd88fe74b88 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 30 12:33:20 2014 +1000 + + - schwarze@cvs.openbsd.org 2014/07/28 15:40:08 + [sftp-server.8 sshd_config.5] + some systems no longer need /dev/log; + issue noticed by jirib; + ok deraadt + +commit f497794b6962eaf802ab4ac2a7b22ae591cca1d5 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 30 12:32:46 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/07/25 21:22:03 + [ssh-agent.c] + Clear buffer used for handling messages. This prevents keys being + left in memory after they have been expired or deleted in some cases + (but note that ssh-agent is setgid so you would still need root to + access them). Pointed out by Kevin Burns, ok deraadt + +commit a8a0f65c57c8ecba94d65948e9090da54014dfef +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 30 12:32:28 2014 +1000 + + - OpenBSD CVS Sync + - millert@cvs.openbsd.org 2014/07/24 22:57:10 + [ssh.1] + Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@ + +commit 56b840f2b81e14a2f95c203403633a72566736f8 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 25 08:11:30 2014 +1000 + + - (djm) [regress/multiplex.sh] restore incorrectly deleted line; + pointed out by Christian Hesse + +commit dd417b60d5ca220565d1014e92b7f8f43dc081eb +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jul 23 10:41:21 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/07/22 23:35:38 + [regress/unittests/sshkey/testdata/*] + Regenerate test keys with certs signed with ed25519 instead of ecdsa. + These can be used in -portable on platforms that don't support ECDSA. + +commit 40e50211896369dba8f64f3b5e5fd58b76f5ac3f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jul 23 10:35:45 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/07/22 23:57:40 + [regress/unittests/sshkey/mktestdata.sh] + Add $OpenBSD tag to make syncs easier + +commit 07e644251e809b1d4c062cf85bd1146a7e3f5a8a +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jul 23 10:34:26 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/07/22 23:23:22 + [regress/unittests/sshkey/mktestdata.sh] + Sign test certs with ed25519 instead of ecdsa so that they'll work in + -portable on platforms that don't have ECDSA in their OpenSSL. ok djm + +commit cea099a7c4eaecb01b001e5453bb4e5c25006c22 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jul 23 10:04:02 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/22 01:32:12 + [regress/multiplex.sh] + change the test for still-open Unix domain sockets to be robust against + nc implementations that produce error messages. from -portable + (Id sync only) + +commit 31eb78078d349b32ea41952ecc944b3ad6cb0d45 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jul 23 09:43:42 2014 +1000 + + - guenther@cvs.openbsd.org 2014/07/22 07:13:42 + [umac.c] + Convert from <sys/endian.h> to the shiney new <endian.h> + ok dtucker@, who also confirmed that -portable handles this already + (ID sync only, includes.h pulls in endian.h if available.) + +commit 820763efef2d19d965602533036c2b4badc9d465 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jul 23 09:40:46 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/07/22 01:18:50 + [key.c] + Prevent spam from key_load_private_pem during hostbased auth. ok djm@ + +commit c4ee219a66f3190fa96cbd45b4d11015685c6306 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jul 23 04:27:50 2014 +1000 + + - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa- + specific tests inside OPENSSL_HAS_ECC. + +commit 04f4824940ea3edd60835416ececbae16438968a +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jul 22 11:31:47 2014 +1000 + + - (djm) [regress/multiplex.sh] change the test for still-open Unix + domain sockets to be robust against nc implementations that produce + error messages. + +commit 5ea4fe00d55453aaa44007330bb4c3181bd9b796 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jul 22 09:39:19 2014 +1000 + + - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow; + put it back + +commit 948a1774a79a85f9deba6d74db95f402dee32c69 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jul 22 01:07:11 2014 +1000 + + - (dtucker) [sshkey.c] ifdef out unused variable when compiling without + OPENSSL_HAS_ECC. + +commit c8f610f6cc57ae129758052439d9baf13699097b +Author: Damien Miller <djm@mindrot.org> +Date: Mon Jul 21 10:23:27 2014 +1000 + + - (djm) [regress/multiplex.sh] Not all netcat accept the -N option. + +commit 0e4e95566cd95c887f69272499b8f3880b3ec0f5 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Jul 21 09:52:54 2014 +1000 + + - millert@cvs.openbsd.org 2014/07/15 15:54:15 + [forwarding.sh multiplex.sh] + Add support for Unix domain socket forwarding. A remote TCP port + may be forwarded to a local Unix domain socket and vice versa or + both ends may be a Unix domain socket. This is a reimplementation + of the streamlocal patches by William Ahern from: + http://www.25thandclement.com/~william/projects/streamlocal.html + OK djm@ markus@ + +commit 93a87ab27ecdc709169fb24411133998f81e2761 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jul 21 06:30:25 2014 +1000 + + - (dtucker) [regress/unittests/sshkey/ + {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in + ifdefs. + +commit 5573171352ea23df2dc6d2fe0324d023b7ba697c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jul 21 02:24:59 2014 +1000 + + - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits + needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm + +commit 74e28682711d005026c7c8f15f96aea9d3c8b5a3 +Author: Tim Rice <tim@multitalents.net> +Date: Fri Jul 18 20:00:11 2014 -0700 + + - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used + in servconf.h. + +commit d1a0421f8e5e933fee6fb58ee6b9a22c63c8a613 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jul 19 07:23:55 2014 +1000 + + - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC. + +commit f0fe9ea1be62227c130b317769de3d1e736b6dc1 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jul 19 06:33:12 2014 +1000 + + - (dtucker) [Makefile.in] Add a t-exec target to run just the executable + tests. + +commit 450bc1180d4b061434a4b733c5c8814fa30b022b +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jul 19 06:23:18 2014 +1000 + + - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used + in servconf.h. + +commit ab2ec586baad122ed169285c31927ccf58bc7b28 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 18 15:04:47 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/18 02:46:01 + [ssh-agent.c] + restore umask around listener socket creation (dropped in streamlocal patch + merge) + +commit 357610d15946381ae90c271837dcdd0cdce7145f +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 18 15:04:10 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/17 07:22:19 + [mux.c ssh.c] + reflect stdio-forward ("ssh -W host:port ...") failures in exit status. + previously we were always returning 0. bz#2255 reported by Brendan + Germain; ok dtucker + +commit dad9a4a0b7c2b5d78605f8df28718f116524134e +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 18 15:03:49 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/17 00:12:03 + [key.c] + silence "incorrect passphrase" error spam; reported and ok dtucker@ + +commit f42f7684ecbeec6ce50e0310f80b3d6da2aaf533 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 18 15:03:27 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/17 00:10:18 + [mux.c] + preserve errno across syscall + +commit 1b83320628cb0733e3688b85bfe4d388a7c51909 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 18 15:03:02 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/17 00:10:56 + [sandbox-systrace.c] + ifdef SYS_sendsyslog so this will compile without patching on -stable + +commit 6d57656331bcd754d912950e4a18ad259d596e61 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 18 15:02:06 2014 +1000 + + - jmc@cvs.openbsd.org 2014/07/16 14:48:57 + [ssh.1] + add the streamlocal* options to ssh's -o list; millert says they're + irrelevant for scp/sftp; + + ok markus millert + +commit 7acefbbcbeab725420ea07397ae35992f505f702 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 18 14:11:24 2014 +1000 + + - millert@cvs.openbsd.org 2014/07/15 15:54:14 + [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] + [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] + [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] + [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] + [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] + [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] + [sshd_config.5 sshlogin.c] + Add support for Unix domain socket forwarding. A remote TCP port + may be forwarded to a local Unix domain socket and vice versa or + both ends may be a Unix domain socket. This is a reimplementation + of the streamlocal patches by William Ahern from: + http://www.25thandclement.com/~william/projects/streamlocal.html + OK djm@ markus@ + +commit 6262d760e00714523633bd989d62e273a3dca99a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 17 09:52:07 2014 +1000 + + - tedu@cvs.openbsd.org 2014/07/11 13:54:34 + [myproposal.h] + by popular demand, add back hamc-sha1 to server proposal for better compat + with many clients still in use. ok deraadt + +commit 9d69d937b46ecba17f16d923e538ceda7b705c7a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 17 09:49:37 2014 +1000 + + - deraadt@cvs.openbsd.org 2014/07/11 08:09:54 + [sandbox-systrace.c] + Permit use of SYS_sendsyslog from inside the sandbox. Clock is ticking, + update your kernels and sshd soon.. libc will start using sendsyslog() + in about 4 days. + +commit f6293a0b4129826fc2e37e4062f96825df43c326 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 17 09:01:25 2014 +1000 + + - (djm) [digest-openssl.c] Preserve array order when disabling digests. + Reported by Petr Lautrbach. + +commit 00f9cd230709c04399ef5ff80492d70a55230694 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jul 15 10:41:38 2014 +1000 + + - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto + has been located; fixes builds agains libressl-portable + +commit 1d0df3249c87019556b83306c28d4769375c2edc +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 11 09:19:04 2014 +1000 + + - OpenBSD CVS Sync + - benno@cvs.openbsd.org 2014/07/09 14:15:56 + [ssh-add.c] + fix ssh-add crash while loading more than one key + ok markus@ + +commit 7a57eb3d105aa4ced15fb47001092c58811e6d9d +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 9 13:22:31 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/07 08:15:26 + [multiplex.sh] + remove forced-fatal that I stuck in there to test the new cleanup + logic and forgot to remove... + +commit 612f965239a30fe536b11ece1834d9f470aeb029 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 9 13:22:03 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/06 07:42:03 + [multiplex.sh test-exec.sh] + add a hook to the cleanup() function to kill $SSH_PID if it is set + + use it to kill the mux master started in multiplex.sh (it was being left + around on fatal failures) + +commit d0bb950485ba121e43a77caf434115ed6417b46f +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 9 13:07:28 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/09 03:02:15 + [key.c] + downgrade more error() to debug() to better match what old authfile.c + did; suppresses spurious errors with hostbased authentication enabled + +commit 0070776a038655c57f57e70cd05e4c38a5de9d84 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 9 13:07:06 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/09 01:45:10 + [sftp.c] + more useful error message when GLOB_NOSPACE occurs; + bz#2254, patch from Orion Poplawski + +commit 079bac2a43c74ef7cf56850afbab3b1932534c50 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 9 13:06:25 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/07 08:19:12 + [ssh_config.5] + mention that ProxyCommand is executed using shell "exec" to avoid + a lingering process; bz#1977 + +commit 3a48cc090096cf99b9de592deb5f90e444edebfb +Author: Damien Miller <djm@mindrot.org> +Date: Sun Jul 6 09:32:49 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/05 23:11:48 + [channels.c] + fix remote-forward cancel regression; ok markus@ + +commit 48bae3a38cb578713e676708164f6e7151cc64fa +Author: Damien Miller <djm@mindrot.org> +Date: Sun Jul 6 09:27:06 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 23:18:35 + [authfile.h] + remove leakmalloc droppings + +commit 72e6b5c9ed5e72ca3a6ccc3177941b7c487a0826 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 4 09:00:04 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 22:40:43 + [servconf.c servconf.h session.c sshd.8 sshd_config.5] + Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is + executed, mirroring the no-user-rc authorized_keys option; + bz#2160; ok markus@ + +commit 602943d1179a08dfa70af94f62296ea5e3d6ebb8 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 4 08:59:41 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 22:33:41 + [channels.c] + allow explicit ::1 and 127.0.0.1 forwarding bind addresses when + GatewayPorts=no; allows client to choose address family; + bz#2222 ok markus@ + +commit 6b37fbb7921d156b31e2c8f39d9e1b6746c34983 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 4 08:59:24 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 22:23:46 + [sshconnect.c] + when rekeying, skip file/DNS lookup if it is the same as the key sent + during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@ + +commit d2c3cd5f2e47ee24cf7093ce8e948c2e79dfc3fd +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 4 08:59:01 2014 +1000 + + - jsing@cvs.openbsd.org 2014/07/03 12:42:16 + [cipher-chachapoly.c] + Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this + makes it easier to verify that chacha_encrypt_bytes() is only called once + per chacha_ivsetup() call. + ok djm@ + +commit 686feb560ec43a06ba04da82b50f3c183c947309 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:29:38 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 11:16:55 + [auth.c auth.h auth1.c auth2.c] + make the "Too many authentication failures" message include the + user, source address, port and protocol in a format similar to the + authentication success / failure messages; bz#2199, ok dtucker + +commit 0f12341402e18fd9996ec23189b9418d2722453f +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:28:09 2014 +1000 + + - jmc@cvs.openbsd.org 2014/07/03 07:45:27 + [ssh_config.5] + escape %C since groff thinks it part of an Rs/Re block; + +commit 9c38643c5cd47a19db2cc28279dcc28abadc22b3 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:27:46 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 06:39:19 + [ssh.c ssh_config.5] + Add a %C escape sequence for LocalCommand and ControlPath that expands + to a unique identifer based on a has of the tuple of (local host, + remote user, hostname, port). + + Helps avoid exceeding sockaddr_un's miserly pathname limits for mux + control paths. + + bz#2220, based on patch from mancha1 AT zoho.com; ok markus@ + +commit 49d9bfe2b2f3e90cc158a215dffa7675e57e7830 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:26:42 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 05:38:17 + [ssh.1] + document that -g will only work in the multiplexed case if applied to + the mux master + +commit ef9f13ba4c58057b2166d1f2e790535da402fbe5 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:26:21 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 05:32:36 + [ssh_config.5] + mention '%%' escape sequence in HostName directives and how it may + be used to specify IPv6 link-local addresses + +commit e6a407789e5432dd2e53336fb73476cc69048c54 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:25:03 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 04:36:45 + [digest.h] + forward-declare struct sshbuf so consumers don't need to include sshbuf.h + +commit 4a1d3d50f02d0a8a4ef95ea4749293cbfb89f919 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:24:40 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 03:47:27 + [ssh-keygen.c] + When hashing or removing hosts using ssh-keygen, don't choke on + @revoked markers and don't remove @cert-authority markers; + bz#2241, reported by mlindgren AT runelind.net + +commit e5c0d52ceb575c3db8c313e0b1aa3845943d7ba8 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:24:19 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 03:34:09 + [gss-serv.c session.c ssh-keygen.c] + standardise on NI_MAXHOST for gethostname() string lengths; about + 1/2 the cases were using it already. Fixes bz#2239 en passant + +commit c174a3b7c14e0d178c61219de2aa1110e209950c +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:23:24 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 03:26:43 + [digest-openssl.c] + use EVP_Digest() for one-shot hash instead of creating, updating, + finalising and destroying a context. + bz#2231, based on patch from Timo Teras + +commit d7ca2cd31ecc4d63a055e2dcc4bf35c13f2db4c5 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:23:01 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 03:15:01 + [ssh-add.c] + make stdout line-buffered; saves partial output getting lost when + ssh-add fatal()s part-way through (e.g. when listing keys from an + agent that supports key types that ssh-add doesn't); + bz#2234, reported by Phil Pennock + +commit b1e967c8d7c7578dd0c172d85b3046cf54ea42ba +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:22:40 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 03:11:03 + [ssh-agent.c] + Only cleanup agent socket in the main agent process and not in any + subprocesses it may have started (e.g. forked askpass). Fixes + agent sockets being zapped when askpass processes fatal(); + bz#2236 patch from Dmitry V. Levin + +commit 61e28e55c3438d796b02ef878bcd28620d452670 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 21:22:22 2014 +1000 + + - djm@cvs.openbsd.org 2014/07/03 01:45:38 + [sshkey.c] + make Ed25519 keys' title fit properly in the randomart border; bz#2247 + based on patch from Christian Hesse + +commit 9eb4cd9a32c32d40d36450b68ed93badc6a94c68 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 13:29:50 2014 +1000 + + - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist; + bz#2237 + +commit 8da0fa24934501909408327298097b1629b89eaa +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 3 11:54:19 2014 +1000 + + - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto + doesn't support it. + +commit 81309c857dd0dbc0a1245a16d621c490ad48cfbb +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 17:45:55 2014 +1000 + + - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test + +commit 82b2482ce68654815ee049b9bf021bb362a35ff2 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 17:43:41 2014 +1000 + + - (djm) [sshkey.c] Conditionalise inclusion of util.h + +commit dd8b1dd7933eb6f5652641b0cdced34a387f2e80 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 17:38:31 2014 +1000 + + - djm@cvs.openbsd.org 2014/06/24 01:14:17 + [Makefile.in regress/Makefile regress/unittests/Makefile] + [regress/unittests/sshkey/Makefile] + [regress/unittests/sshkey/common.c] + [regress/unittests/sshkey/common.h] + [regress/unittests/sshkey/mktestdata.sh] + [regress/unittests/sshkey/test_file.c] + [regress/unittests/sshkey/test_fuzz.c] + [regress/unittests/sshkey/test_sshkey.c] + [regress/unittests/sshkey/tests.c] + [regress/unittests/sshkey/testdata/dsa_1] + [regress/unittests/sshkey/testdata/dsa_1-cert.fp] + [regress/unittests/sshkey/testdata/dsa_1-cert.pub] + [regress/unittests/sshkey/testdata/dsa_1.fp] + [regress/unittests/sshkey/testdata/dsa_1.fp.bb] + [regress/unittests/sshkey/testdata/dsa_1.param.g] + [regress/unittests/sshkey/testdata/dsa_1.param.priv] + [regress/unittests/sshkey/testdata/dsa_1.param.pub] + [regress/unittests/sshkey/testdata/dsa_1.pub] + [regress/unittests/sshkey/testdata/dsa_1_pw] + [regress/unittests/sshkey/testdata/dsa_2] + [regress/unittests/sshkey/testdata/dsa_2.fp] + [regress/unittests/sshkey/testdata/dsa_2.fp.bb] + [regress/unittests/sshkey/testdata/dsa_2.pub] + [regress/unittests/sshkey/testdata/dsa_n] + [regress/unittests/sshkey/testdata/dsa_n_pw] + [regress/unittests/sshkey/testdata/ecdsa_1] + [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp] + [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub] + [regress/unittests/sshkey/testdata/ecdsa_1.fp] + [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb] + [regress/unittests/sshkey/testdata/ecdsa_1.param.curve] + [regress/unittests/sshkey/testdata/ecdsa_1.param.priv] + [regress/unittests/sshkey/testdata/ecdsa_1.param.pub] + [regress/unittests/sshkey/testdata/ecdsa_1.pub] + [regress/unittests/sshkey/testdata/ecdsa_1_pw] + [regress/unittests/sshkey/testdata/ecdsa_2] + [regress/unittests/sshkey/testdata/ecdsa_2.fp] + [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb] + [regress/unittests/sshkey/testdata/ecdsa_2.param.curve] + [regress/unittests/sshkey/testdata/ecdsa_2.param.priv] + [regress/unittests/sshkey/testdata/ecdsa_2.param.pub] + [regress/unittests/sshkey/testdata/ecdsa_2.pub] + [regress/unittests/sshkey/testdata/ecdsa_n] + [regress/unittests/sshkey/testdata/ecdsa_n_pw] + [regress/unittests/sshkey/testdata/ed25519_1] + [regress/unittests/sshkey/testdata/ed25519_1-cert.fp] + [regress/unittests/sshkey/testdata/ed25519_1-cert.pub] + [regress/unittests/sshkey/testdata/ed25519_1.fp] + [regress/unittests/sshkey/testdata/ed25519_1.fp.bb] + [regress/unittests/sshkey/testdata/ed25519_1.pub] + [regress/unittests/sshkey/testdata/ed25519_1_pw] + [regress/unittests/sshkey/testdata/ed25519_2] + [regress/unittests/sshkey/testdata/ed25519_2.fp] + [regress/unittests/sshkey/testdata/ed25519_2.fp.bb] + [regress/unittests/sshkey/testdata/ed25519_2.pub] + [regress/unittests/sshkey/testdata/pw] + [regress/unittests/sshkey/testdata/rsa1_1] + [regress/unittests/sshkey/testdata/rsa1_1.fp] + [regress/unittests/sshkey/testdata/rsa1_1.fp.bb] + [regress/unittests/sshkey/testdata/rsa1_1.param.n] + [regress/unittests/sshkey/testdata/rsa1_1.pub] + [regress/unittests/sshkey/testdata/rsa1_1_pw] + [regress/unittests/sshkey/testdata/rsa1_2] + [regress/unittests/sshkey/testdata/rsa1_2.fp] + [regress/unittests/sshkey/testdata/rsa1_2.fp.bb] + [regress/unittests/sshkey/testdata/rsa1_2.param.n] + [regress/unittests/sshkey/testdata/rsa1_2.pub] + [regress/unittests/sshkey/testdata/rsa_1] + [regress/unittests/sshkey/testdata/rsa_1-cert.fp] + [regress/unittests/sshkey/testdata/rsa_1-cert.pub] + [regress/unittests/sshkey/testdata/rsa_1.fp] + [regress/unittests/sshkey/testdata/rsa_1.fp.bb] + [regress/unittests/sshkey/testdata/rsa_1.param.n] + [regress/unittests/sshkey/testdata/rsa_1.param.p] + [regress/unittests/sshkey/testdata/rsa_1.param.q] + [regress/unittests/sshkey/testdata/rsa_1.pub] + [regress/unittests/sshkey/testdata/rsa_1_pw] + [regress/unittests/sshkey/testdata/rsa_2] + [regress/unittests/sshkey/testdata/rsa_2.fp] + [regress/unittests/sshkey/testdata/rsa_2.fp.bb] + [regress/unittests/sshkey/testdata/rsa_2.param.n] + [regress/unittests/sshkey/testdata/rsa_2.param.p] + [regress/unittests/sshkey/testdata/rsa_2.param.q] + [regress/unittests/sshkey/testdata/rsa_2.pub] + [regress/unittests/sshkey/testdata/rsa_n] + [regress/unittests/sshkey/testdata/rsa_n_pw] + unit and fuzz tests for new key API + +commit c1dc24b71f087f385b92652b9673f52af64e0428 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 17:02:03 2014 +1000 + + - djm@cvs.openbsd.org 2014/06/24 01:04:43 + [regress/krl.sh] + regress test for broken consecutive revoked serial number ranges + +commit 43d3ed2dd3feca6d0326c7dc82588d2faa115e92 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 17:01:08 2014 +1000 + + - djm@cvs.openbsd.org 2014/05/21 07:04:21 + [regress/integrity.sh] + when failing because of unexpected output, show the offending output + +commit 5a96707ffc8d227c2e7d94fa6b0317f8a152cf4e +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 15:38:05 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/30 05:32:00 + [regress/Makefile] + unit tests for new buffer API; including basic fuzz testing + NB. Id sync only. + +commit 3ff92ba756aee48e4ae3e0aeff7293517b3dd185 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 15:33:09 2014 +1000 + + - djm@cvs.openbsd.org 2014/06/30 12:54:39 + [key.c] + suppress spurious error message when loading key with a passphrase; + reported by kettenis@ ok markus@ + - djm@cvs.openbsd.org 2014/07/02 04:59:06 + [cipher-3des1.c] + fix ssh protocol 1 on the server that regressed with the sshkey change + (sometimes fatal() after auth completed), make file return useful status + codes. + NB. Id sync only for these two. They were bundled into the sshkey merge + above, since it was easier to sync the entire file and then apply + portable-specific changed atop it. + +commit ec3d0e24a1e46873d80507f5cd8ee6d0d03ac5dc +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 15:30:00 2014 +1000 + + - markus@cvs.openbsd.org 2014/06/27 18:50:39 + [ssh-add.c] + fix loading of private keys + +commit 4b3ed647d5b328cf68e6a8ffbee490d8e0683e82 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 15:29:40 2014 +1000 + + - markus@cvs.openbsd.org 2014/06/27 16:41:56 + [channels.c channels.h clientloop.c ssh.c] + fix remote fwding with same listen port but different listen address + with gerhard@, ok djm@ + +commit 9e01ff28664921ce9b6500681333e42fb133b4d0 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 15:29:21 2014 +1000 + + - deraadt@cvs.openbsd.org 2014/06/25 14:16:09 + [sshbuf.c] + unblock SIGSEGV before raising it + ok djm + +commit 1845fe6bda0729e52f4c645137f4fc3070b5438a +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 15:29:01 2014 +1000 + + - djm@cvs.openbsd.org 2014/06/24 02:21:01 + [scp.c] + when copying local->remote fails during read, don't send uninitialised + heap to the remote end. Reported by Jann Horn + +commit 19439e9a2a0ac0b4b3b1210e89695418beb1c883 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 15:28:40 2014 +1000 + + - djm@cvs.openbsd.org 2014/06/24 02:19:48 + [ssh.c] + don't fatal() when hostname canonicalisation fails with a + ProxyCommand in use; continue and allow the ProxyCommand to + connect anyway (e.g. to a host with a name outside the DNS + behind a bastion) + +commit 8668706d0f52654fe64c0ca41a96113aeab8d2b8 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 15:28:02 2014 +1000 + + - djm@cvs.openbsd.org 2014/06/24 01:13:21 + [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c + [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c + [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h + [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h + [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h + [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c + [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c + [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c + [sshconnect2.c sshd.c sshkey.c sshkey.h + [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] + New key API: refactor key-related functions to be more library-like, + existing API is offered as a set of wrappers. + + with and ok markus@ + + Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew + Dempsky and Ron Bowes for a detailed review a few months ago. + + NB. This commit also removes portable OpenSSH support for OpenSSL + <0.9.8e. + +commit 2cd7929250cf9e9f658d70dcd452f529ba08c942 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 12:48:30 2014 +1000 + + - djm@cvs.openbsd.org 2014/06/24 00:52:02 + [krl.c] + fix bug in KRL generation: multiple consecutive revoked certificate + serial number ranges could be serialised to an invalid format. + + Readers of a broken KRL caused by this bug will fail closed, so no + should-have-been-revoked key will be accepted. + +commit 99db840ee8dbbd2b3fbc6c45d0ee2f6a65e96898 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 12:48:04 2014 +1000 + + - naddy@cvs.openbsd.org 2014/06/18 15:42:09 + [sshbuf-getput-crypto.c] + The ssh_get_bignum functions must accept the same range of bignums + the corresponding ssh_put_bignum functions create. This fixes the + use of 16384-bit RSA keys (bug reported by Eivind Evensen). + ok djm@ + +commit 84a89161a9629239b64171ef3e22ef6a3e462d51 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 12:47:48 2014 +1000 + + - matthew@cvs.openbsd.org 2014/06/18 02:59:13 + [sandbox-systrace.c] + Now that we have a dedicated getentropy(2) system call for + arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace + sandbox. + + ok djm + +commit 51504ceec627c0ad57b9f75585c7b3d277f326be +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 2 12:47:25 2014 +1000 + + - deraadt@cvs.openbsd.org 2014/06/13 08:26:29 + [sandbox-systrace.c] + permit SYS_getentropy + from matthew + +commit a261b8df59117f7dc52abb3a34b35a40c2c9fa88 +Author: Tim Rice <tim@multitalents.net> +Date: Wed Jun 18 16:17:28 2014 -0700 + + - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare + +commit 316fac6f18f87262a315c79bcf68b9f92c9337e4 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jun 17 23:06:07 2014 +1000 + + - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h} + openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}] + Move the OpenSSL header/library version test into its own function and add + tests for it. Fix it to allow fix version upgrades (but not downgrades). + Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150). + ok djm@ chl@ + +commit af665bb7b092a59104db1e65577851cf35b86e32 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jun 16 22:50:55 2014 +1000 + + - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via + OpenSMTPD and chl@ + +commit f9696566fb41320820f3b257ab564fa321bb3751 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jun 13 11:06:04 2014 +1000 + + - (dtucker) [configure.ac] Remove tcpwrappers support, support has already + been removed from sshd.c. + +commit 5e2b8894b0b24af4ad0a2f7aa33ebf255df7a8bc +Author: Tim Rice <tim@multitalents.net> +Date: Wed Jun 11 18:31:10 2014 -0700 + + - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for + u_intXX_t types. + +commit 985ee2cbc3e43bc65827c3c0d4df3faa99160c37 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 12 05:32:29 2014 +1000 + + - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*] + Wrap stdlib.h include an ifdef for platforms that don't have it. + +commit cf5392c2db2bb1dbef9818511d34056404436109 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 12 05:22:49 2014 +1000 + + - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from + openbsd-compat/bsd-asprintf.c. + +commit 58538d795e0b662f2f4e5a7193f1204bbe992ddd +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 11 13:39:24 2014 +1000 + + - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for + compat stuff, specifically whether or not OpenSSL has ECC. + +commit eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 11 13:10:00 2014 +1000 + + - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an + assigment that might get optimized out. ok djm@ + +commit b9609fd86c623d6d440e630f5f9a63295f7aea20 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 11 08:04:02 2014 +1000 + + - (dtucker) [sshbuf.h] Only declare ECC functions if building without + OpenSSL or if OpenSSL has ECC. + +commit a54a040f66944c6e8913df8635a01a2327219be9 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 11 07:58:35 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/06/10 21:46:11 + [sshbuf.h] + Group ECC functions together to make things a little easier in -portable. + "doesn't bother me" deraadt@ + +commit 9f92c53bad04a89067756be8198d4ec2d8a08875 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 11 07:57:58 2014 +1000 + + - djm@cvs.openbsd.org 2014/06/05 22:17:50 + [sshconnect2.c] + fix inverted test that caused PKCS#11 keys that were explicitly listed + not to be preferred. Reported by Dirk-Willem van Gulik + +commit 15c254a25394f96643da2ad0f674acdc51e89856 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 11 07:38:49 2014 +1000 + + - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef + ECC variable too. + +commit d7af0cc5bf273eeed0897a99420bc26841d07d8f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 11 07:37:25 2014 +1000 + + - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in + the proposal if the version of OpenSSL we're using doesn't support ECC. + +commit 67508ac2563c33d582be181a3e777c65f549d22f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 11 06:27:16 2014 +1000 + + - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c + regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256 + curve tests if OpenSSL has them. + +commit 6482d90a65459a88c18c925368525855832272b3 +Author: Damien Miller <djm@mindrot.org> +Date: Tue May 27 14:34:42 2014 +1000 + + - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c] + [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege + separation user at runtime, since it may need to be a domain account. + Patch from Corinna Vinschen. + +commit f9eb5e0734f7a7f6e975809eb54684d2a06a7ffc +Author: Damien Miller <djm@mindrot.org> +Date: Tue May 27 14:31:58 2014 +1000 + + - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config + from Corinna Vinschen, fixing a number of bugs and preparing for + Cygwin 1.7.30. + +commit eae88744662e6b149f43ef071657727f1a157d95 +Author: Damien Miller <djm@mindrot.org> +Date: Tue May 27 14:27:02 2014 +1000 + + - (djm) [cipher.c] Fix merge botch. + +commit 564b5e253c1d95c26a00e8288f0089a2571661c3 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 22 08:23:59 2014 +1000 + + - (djm) [Makefile.in] typo in path + +commit e84d10302aeaf7a1acb05c451f8718143656856a +Author: Damien Miller <djm@mindrot.org> +Date: Wed May 21 17:13:36 2014 +1000 + + revert a diff I didn't mean to commit + +commit 795b86313f1f1aab9691666c4f2d5dae6e4acd50 +Author: Damien Miller <djm@mindrot.org> +Date: Wed May 21 17:12:53 2014 +1000 + + - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC + when it is available. It takes into account time spent suspended, + thereby ensuring timeouts (e.g. for expiring agent keys) fire + correctly. bz#2228 reported by John Haxby + +commit 18912775cb97c0b1e75e838d3c7d4b56648137b5 +Author: Damien Miller <djm@mindrot.org> +Date: Wed May 21 17:06:46 2014 +1000 + + - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use + vhangup on Linux. It doens't work for non-root users, and for them + it just messes up the tty settings. + +commit 7f1c264d3049cd95234e91970ccb5406e1d15b27 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 18:01:52 2014 +1000 + + - (djm) [sshbuf.c] need __predict_false + +commit e7429f2be8643e1100380a8a7389d85cc286c8fe +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 18:01:01 2014 +1000 + + - (djm) [regress/Makefile Makefile.in] + [regress/unittests/sshbuf/test_sshbuf.c + [regress/unittests/sshbuf/test_sshbuf_fixed.c] + [regress/unittests/sshbuf/test_sshbuf_fuzz.c] + [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] + [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] + [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] + [regress/unittests/sshbuf/test_sshbuf_misc.c] + [regress/unittests/sshbuf/tests.c] + [regress/unittests/test_helper/fuzz.c] + [regress/unittests/test_helper/test_helper.c] + Hook new unit tests into the build and "make tests" + +commit def1de086707b0e6b046fe7e115c60aca0227a99 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 15:17:15 2014 +1000 + + - (djm) [regress/unittests/Makefile] + [regress/unittests/Makefile.inc] + [regress/unittests/sshbuf/Makefile] + [regress/unittests/sshbuf/test_sshbuf.c] + [regress/unittests/sshbuf/test_sshbuf_fixed.c] + [regress/unittests/sshbuf/test_sshbuf_fuzz.c] + [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] + [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] + [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] + [regress/unittests/sshbuf/test_sshbuf_misc.c] + [regress/unittests/sshbuf/tests.c] + [regress/unittests/test_helper/Makefile] + [regress/unittests/test_helper/fuzz.c] + [regress/unittests/test_helper/test_helper.c] + [regress/unittests/test_helper/test_helper.h] + Import new unit tests from OpenBSD; not yet hooked up to build. + +commit 167685756fde8bc213a8df2c8e1848e312db0f46 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 15:08:40 2014 +1000 + + - logan@cvs.openbsd.org 2014/05/04 10:40:59 + [connect-privsep.sh] + Remove the Z flag from the list of malloc options as it + was removed from malloc.c 10 days ago. + + OK from miod@ + +commit d0b69fe90466920d69c96069312e24b581771bd7 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 15:08:19 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/05/03 18:46:14 + [proxy-connect.sh] + Add tests for with and without compression, with and without privsep. + +commit edb1af50441d19fb2dd9ccb4d75bf14473fca584 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 15:07:53 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/21 22:15:37 + [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh] + repair regress tests broken by server-side default cipher/kex/mac changes + by ensuring that the option under test is included in the server's + algorithm list + +commit 54343e95c70994695f8842fb22836321350198d3 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 15:07:33 2014 +1000 + + - djm@cvs.openbsd.org 2014/03/13 20:44:49 + [login-timeout.sh] + this test is a sorry mess of race conditions; add another sleep + to avoid a failure on slow machines (at least until I find a + better way) + +commit e5b9f0f2ee6e133894307e44e862b66426990733 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:58:07 2014 +1000 + + - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c] + [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes + +commit b9c566788a9ebd6a9d466f47a532124f111f0542 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:43:37 2014 +1000 + + - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write + portability glue to support building without libcrypto + +commit 3dc27178b42234b653a32f7a87292d7994045ee3 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:37:59 2014 +1000 + + - logan@cvs.openbsd.org 2014/05/05 07:02:30 + [sftp.c] + Zap extra whitespace. + + OK from djm@ and dtucker@ + +commit c31a0cd5b31961f01c5b731f62a6cb9d4f767472 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:37:39 2014 +1000 + + - markus@cvs.openbsd.org 2014/05/03 17:20:34 + [monitor.c packet.c packet.h] + unbreak compression, by re-init-ing the compression code in the + post-auth child. the new buffer code is more strict, and requires + buffer_init() while the old code was happy after a bzero(); + originally from djm@ + +commit 686c7d9ee6f44b2be4128d7860b6b37adaeba733 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:37:03 2014 +1000 + + - djm@cvs.openbsd.org 2014/05/02 03:27:54 + [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c] + [misc.h poly1305.h ssh-pkcs11.c defines.h] + revert __bounded change; it causes way more problems for portable than + it solves; pointed out by dtucker@ + +commit 294c58a007cfb2f3bddc4fc3217e255857ffb9bf +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:35:03 2014 +1000 + + - naddy@cvs.openbsd.org 2014/04/30 19:07:48 + [mac.c myproposal.h umac.c] + UMAC can use our local fallback implementation of AES when OpenSSL isn't + available. Glue code straight from Ted Krovetz's original umac.c. + ok markus@ + +commit 05e82c3b963c33048128baf72a6f6b3a1c10b4c1 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:33:43 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/30 05:29:56 + [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c] + [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c] + [ssherr.h] + New buffer API; the first installment of the conversion/replacement + of OpenSSH's internals to make them usable as a standalone library. + + This includes a set of wrappers to make it compatible with the + existing buffer API so replacement can occur incrementally. + + With and ok markus@ + + Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew + Dempsky and Ron Bowes for a detailed review. + +commit 380948180f847a26f2d0c85b4dad3dca2ed2fd8b +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:25:18 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/04/29 20:36:51 + [sftp.c] + Don't attempt to append a nul quote char to the filename. Should prevent + fatal'ing with "el_insertstr failed" when there's a single quote char + somewhere in the string. bz#2238, ok markus@ + +commit d7fd8bedd4619a2ec7fd02aae4c4e1db4431ad9f +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:24:59 2014 +1000 + + - dtucker@cvs.openbsd.org 2014/04/29 19:58:50 + [sftp.c] + Move nulling of variable next to where it's freed. ok markus@ + +commit 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 14:24:09 2014 +1000 + + - markus@cvs.openbsd.org 2014/04/29 18:01:49 + [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] + [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] + [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] + [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] + make compiling against OpenSSL optional (make OPENSSL=no); + reduces algorithms to curve25519, aes-ctr, chacha, ed25519; + allows us to explore further options; with and ok djm + +commit c5893785564498cea73cb60d2cf199490483e080 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:48:49 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/29 13:10:30 + [clientloop.c serverloop.c] + bz#1818 - don't send channel success/failre replies on channels that + have sent a close already; analysis and patch from Simon Tatham; + ok markus@ + +commit 633de33b192d808d87537834c316dc8b75fe1880 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:48:26 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/28 03:09:18 + [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h] + [ssh-keygen.c] + buffer_get_string_ptr's return should be const to remind + callers that futzing with it will futz with the actual buffer + contents + +commit 15271907843e4ae50dcfc83b3594014cf5e9607b +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:47:56 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/23 12:42:34 + [readconf.c] + don't record duplicate IdentityFiles + +commit 798a02568b13a2e46efebd81f08c8f4bb33a6dc7 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:47:37 2014 +1000 + + - jmc@cvs.openbsd.org 2014/04/22 14:16:30 + [sftp.1] + zap eol whitespace; + +commit d875ff78d2b8436807381051de112f0ebf9b9ae1 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:47:15 2014 +1000 + + - logan@cvs.openbsd.org 2014/04/22 12:42:04 + [sftp.1] + Document sftp upload resume. + OK from djm@, with feedback from okan@. + +commit b15cd7bb097fd80dc99520f45290ef775da1ef19 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:46:52 2014 +1000 + + - logan@cvs.openbsd.org 2014/04/22 10:07:12 + [sftp.c] + Sort the sftp command list. + OK from djm@ + +commit d8accc0aa72656ba63d50937165c5ae49db1dcd6 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:46:25 2014 +1000 + + - logan@cvs.openbsd.org 2014/04/21 14:36:16 + [sftp-client.c sftp-client.h sftp.c] + Implement sftp upload resume support. + OK from djm@, with input from guenther@, mlarkin@ and + okan@ + +commit 16cd3928a87d20c77b13592a74b60b08621d3ce6 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:45:58 2014 +1000 + + - logan@cvs.openbsd.org 2014/04/20 09:24:26 + [dns.c dns.h ssh-keygen.c] + Add support for SSHFP DNS records for ED25519 key types. + OK from djm@ + +commit ec0b67eb3b4e12f296ced1fafa01860c374f7eea +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 15 13:45:26 2014 +1000 + + - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine + OpenBSD + +commit f028460d0b2e5a584355321015cde69bf6fd933e +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 1 02:24:35 2014 +1000 + + - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already + have it. Only attempt to use __attribute__(__bounded__) for gcc. + +commit b628cc4c3e4a842bab5e4584d18c2bc5fa4d0edf +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:33:58 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/20 02:49:32 + [compat.c] + add a canonical 6.6 + curve25519 bignum fix fake version that I can + recommend people use ahead of the openssh-6.7 release + +commit 888566913933a802f3a329ace123ebcb7154cf78 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:33:19 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/20 02:30:25 + [misc.c misc.h umac.c] + use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on + strict-alignment architectures; reported by and ok stsp@ + +commit 16f85cbc7e5139950e6a38317e7c8b368beafa5d +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:29:28 2014 +1000 + + - tedu@cvs.openbsd.org 2014/04/19 18:42:19 + [ssh.1] + delete .xr to hosts.equiv. there's still an unfortunate amount of + documentation referring to rhosts equivalency in here. + +commit 69cb24b7356ec3f0fc5ff04a68f98f2c55c766f4 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:29:06 2014 +1000 + + - tedu@cvs.openbsd.org 2014/04/19 18:15:16 + [sshd.8] + remove some really old rsh references + +commit 84c1e7bca8c4ceaccf4d5557e39a833585a3c77e +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:27:53 2014 +1000 + + - tedu@cvs.openbsd.org 2014/04/19 14:53:48 + [ssh-keysign.c sshd.c] + Delete futile calls to RAND_seed. ok djm + NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon + +commit 0e6b67423b8662f9ca4c92750309e144fd637ef1 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:27:01 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/19 05:54:59 + [compat.c] + missing wildcard; pointed out by naddy@ + +commit 9395b28223334826837c15e8c1bb4dfb3b0d2ca5 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:25:30 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/18 23:52:25 + [compat.c compat.h sshconnect2.c sshd.c version.h] + OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections + using the curve25519-sha256@libssh.org KEX exchange method to fail + when connecting with something that implements the spec properly. + + Disable this KEX method when speaking to one of the affected + versions. + + reported by Aris Adamantiadis; ok markus@ + +commit 8c492da58f8ceb85cf5f7066f23e26fb813a963d +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:25:09 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/16 23:28:12 + [ssh-agent.1] + remove the identity files from this manpage - ssh-agent doesn't deal + with them at all and the same information is duplicated in ssh-add.1 + (which does deal with them); prodded by deraadt@ + +commit adbfdbbdccc70c9bd70d81ae096db115445c6e26 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:24:49 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/16 23:22:45 + [bufaux.c] + skip leading zero bytes in buffer_put_bignum2_from_string(); + reported by jan AT mojzis.com; ok markus@ + +commit 75c62728dc87af6805696eeb520b9748faa136c8 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:24:31 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/12 04:55:53 + [sshd.c] + avoid crash at exit: check that pmonitor!=NULL before dereferencing; + bz#2225, patch from kavi AT juniper.net + +commit 2a328437fb1b0976f2f4522d8645803d5a5d0967 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:24:01 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/01 05:32:57 + [packet.c] + demote a debug3 to PACKET_DEBUG; ok markus@ + +commit 7d6a9fb660c808882d064e152d6070ffc3844c3f +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:23:43 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/01 03:34:10 + [sshconnect.c] + When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any + certificate keys to plain keys and attempt SSHFP resolution. + + Prevents a server from skipping SSHFP lookup and forcing a new-hostkey + dialog by offering only certificate keys. + + Reported by mcv21 AT cam.ac.uk + +commit fcd62c0b66b8415405ed0af29c236329eb88cc0f +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:23:21 2014 +1000 + + - djm@cvs.openbsd.org 2014/04/01 02:05:27 + [ssh-keysign.c] + include fingerprint of key not found + use arc4random_buf() instead of loop+arc4random() + +commit 43b156cf72f900f88065b0a1c1ebd09ab733ca46 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:23:03 2014 +1000 + + - jmc@cvs.openbsd.org 2014/03/31 13:39:34 + [ssh-keygen.1] + the text for the -K option was inserted in the wrong place in -r1.108; + fix From: Matthew Clarke + +commit c1621c84f2dc1279065ab9fde2aa9327af418900 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:22:46 2014 +1000 + + - naddy@cvs.openbsd.org 2014/03/28 05:17:11 + [ssh_config.5 sshd_config.5] + sync available and default algorithms, improve algorithm list formatting + help from jmc@ and schwarze@, ok deraadt@ + +commit f2719b7c2b8a3b14d778d8a6d8dc729b5174b054 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:22:18 2014 +1000 + + - tedu@cvs.openbsd.org 2014/03/26 19:58:37 + [sshd.8 sshd.c] + remove libwrap support. ok deraadt djm mfriedl + +commit 4f40209aa4060b9c066a2f0d9332ace7b8dfb391 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:21:22 2014 +1000 + + - djm@cvs.openbsd.org 2014/03/26 04:55:35 + [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c + [misc.h poly1305.h ssh-pkcs11.c] + use __bounded(...) attribute recently added to sys/cdefs.h instead of + longform __attribute__(__bounded(...)); + + for brevity and a warning free compilation with llvm/clang + +commit 9235a030ad1b16903fb495d81544e0f7c7449523 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:17:20 2014 +1000 + + Three commits in one (since they touch the same heavily-diverged file + repeatedly): + + - markus@cvs.openbsd.org 2014/03/25 09:40:03 + [myproposal.h] + trimm default proposals. + + This commit removes the weaker pre-SHA2 hashes, the broken ciphers + (arcfour), and the broken modes (CBC) from the default configuration + (the patch only changes the default, all the modes are still available + for the config files). + + ok djm@, reminded by tedu@ & naddy@ and discussed with many + - deraadt@cvs.openbsd.org 2014/03/26 17:16:26 + [myproposal.h] + The current sharing of myproposal[] between both client and server code + makes the previous diff highly unpallatable. We want to go in that + direction for the server, but not for the client. Sigh. + Brought up by naddy. + - markus@cvs.openbsd.org 2014/03/27 23:01:27 + [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] + disable weak proposals in sshd, but keep them in ssh; ok djm@ + +commit 6e1777f592f15f4559728c78204617537b1ac076 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:02:58 2014 +1000 + + - tedu@cvs.openbsd.org 2014/03/19 14:42:44 + [scp.1] + there is no need for rcp anymore + ok deraadt millert + +commit eb1b7c514d2a7b1802ccee8cd50e565a4d419887 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:02:26 2014 +1000 + + - tedu@cvs.openbsd.org 2014/03/17 19:44:10 + [ssh.1] + old descriptions of des and blowfish are old. maybe ok deraadt + +commit f0858de6e1324ec730752387074b111b8551081e +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:01:30 2014 +1000 + + - deraadt@cvs.openbsd.org 2014/03/15 17:28:26 + [ssh-agent.c ssh-keygen.1 ssh-keygen.c] + Improve usage() and documentation towards the standard form. + In particular, this line saves a lot of man page reading time. + usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] + [-N new_passphrase] [-C comment] [-f output_keyfile] + ok schwarze jmc + +commit 94bfe0fbd6e91a56b5b0ab94ac955d2a67d101aa +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:00:51 2014 +1000 + + - naddy@cvs.openbsd.org 2014/03/12 13:06:59 + [ssh-keyscan.1] + scan for Ed25519 keys by default too + +commit 3819519288b2b3928c6882f5883b0f55148f4fc0 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:00:28 2014 +1000 + + - djm@cvs.openbsd.org 2014/03/12 04:51:12 + [authfile.c] + correct test that kdf name is not "none" or "bcrypt" + +commit 8f9cd709c7cf0655d414306a0ed28306b33802be +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 13:00:11 2014 +1000 + + - djm@cvs.openbsd.org 2014/03/12 04:50:32 + [auth-bsdauth.c ssh-keygen.c] + don't count on things that accept arguments by reference to clear + things for us on error; most things do, but it's unsafe form. + +commit 1c7ef4be83f6dec84509a312518b9df00ab491d9 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 12:59:46 2014 +1000 + + - djm@cvs.openbsd.org 2014/03/12 04:44:58 + [ssh-keyscan.c] + scan for Ed25519 keys by default too + +commit c10bf4d051c97939b30a1616c0499310057d07da +Author: Damien Miller <djm@mindrot.org> +Date: Sun Apr 20 12:58:04 2014 +1000 + + - djm@cvs.openbsd.org 2014/03/03 22:22:30 + [session.c] + ignore enviornment variables with embedded '=' or '\0' characters; + spotted by Jann Horn; ok deraadt@ + Id sync only - portable already has this. + +commit c2e49062faccbcd7135c40d1c78c5c329c58fc2e +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 1 14:42:46 2014 +1100 + + - (djm) Use full release (e.g. 6.5p1) in debug output rather than just + version. From des@des.no + +commit 14928b7492abec82afa4c2b778fc03f78cd419b6 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 1 14:38:07 2014 +1100 + + - (djm) On platforms that support it, use prctl() to prevent sftp-server + from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net + +commit 48abc47e60048461fe9117e108a7e99ea1ac2bb8 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Mar 17 14:45:56 2014 +1100 + + - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to + remind myself to add sandbox violation logging via the log socket. + +commit 9c36698ca2f554ec221dc7ef29c7a89e97c88705 +Author: Tim Rice <tim@multitalents.net> +Date: Fri Mar 14 12:45:01 2014 -0700 + + 20140314 + - (tim) [opensshd.init.in] Add support for ed25519 + +commit 19158b2447e35838d69b2b735fb640d1e86061ea +Author: Damien Miller <djm@mindrot.org> +Date: Thu Mar 13 13:14:21 2014 +1100 + + - (djm) Release OpenSSH 6.6 + +commit 8569eba5d7f7348ce3955eeeb399f66f25c52ece +Author: Damien Miller <djm@mindrot.org> +Date: Tue Mar 4 09:35:17 2014 +1100 + + - djm@cvs.openbsd.org 2014/03/03 22:22:30 + [session.c] + ignore enviornment variables with embedded '=' or '\0' characters; + spotted by Jann Horn; ok deraadt@ + +commit 2476c31b96e89aec7d4e73cb6fbfb9a4290de3a7 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Mar 2 04:01:00 2014 +1100 + + - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when + no moduli file exists at the expected location. + +commit c83fdf30e9db865575b2521b1fe46315cf4c70ae +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:34:03 2014 +1100 + + - (djm) [regress/host-expand.sh] Add RCS Id + +commit 834aeac3555e53f7d29a6fcf3db010dfb99681c7 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:25:16 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/27 21:21:25 + [agent-ptrace.sh agent.sh] + keep return values that are printed in error messages; + from portable + (Id sync only) + +commit 4f7f1a9a0de24410c30952c7e16d433240422182 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:24:11 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/27 20:04:16 + [login-timeout.sh] + remove any existing LoginGraceTime from sshd_config before adding + a specific one for the test back in + +commit d705d987c27f68080c8798eeb5262adbdd6b4ffd +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:23:26 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/26 10:49:17 + [scp-ssh-wrapper.sh scp.sh] + make sure $SCP is tested on the remote end rather than whichever one + happens to be in $PATH; from portable + (Id sync only) + +commit 624a3ca376e3955a4b9d936c9e899e241b65d357 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:22:37 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/26 10:22:10 + [regress/cert-hostkey.sh] + automatically generate revoked keys from listed keys rather than + manually specifying each type; from portable + (Id sync only) + +commit b84392328425e4b9a71f8bde5fe6a4a4c48d3ec4 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:21:26 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/25 04:35:32 + [regress/Makefile regress/dhgex.sh] + Add a test for DH GEX sizes + +commit 1e2aa3d90472293ea19008f02336d6d68aa05793 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:19:51 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/20 00:00:30 + [sftp-chroot.sh] + append to rather than truncating the log file + +commit f483cc16fe7314e24a37aa3a4422b03c013c3213 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:19:11 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/19 23:43:02 + [regress/sftp-chroot.sh] + Don't use -q on sftp as it suppresses logging, instead redirect the + output to the regress logfile. + +commit 6486f16f1c0ebd6f39286f6ab5e08286d90a994a +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:03:52 2014 +1100 + + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers + +commit 92cf5adea194140380e6af6ec32751f9ad540794 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:01:53 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/27 22:57:40 + [version.h] + openssh-6.6 + +commit fc5d6759aba71eb205b296b5f148010ffc828583 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:01:28 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/27 22:47:07 + [sshd_config.5] + bz#2184 clarify behaviour of a keyword that appears in multiple + matching Match blocks; ok dtucker@ + +commit 172ec7e0af1a5f1d682f6a2dca335c6c186153d5 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:00:57 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/27 08:25:09 + [bufbn.c] + off by one in range check + +commit f9a9aaba437c2787e40cf7cc928281950e161678 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 28 10:00:27 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/27 00:41:49 + [bufbn.c] + fix unsigned overflow that could lead to reading a short ssh protocol + 1 bignum value; found by Ben Hawkes; ok deraadt@ + +commit fb3423b612713d9cde67c8a75f6f51188d6a3de3 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Feb 27 10:20:07 2014 +1100 + + - markus@cvs.openbsd.org 2014/02/26 21:53:37 + [sshd.c] + ssh_gssapi_prepare_supported_oids needs GSSAPI + +commit 1348129a34f0f7728c34d86c100a32dcc8d1f922 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Feb 27 10:18:32 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/26 20:29:29 + [channels.c] + don't assume that the socks4 username is \0 terminated; + spotted by Ben Hawkes; ok markus@ + +commit e6a74aeeacd01d885262ff8e50eb28faee8c8039 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Feb 27 10:17:49 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/26 20:28:44 + [auth2-gss.c gss-serv.c ssh-gss.h sshd.c] + bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep + sandboxing, as running this code in the sandbox can cause violations; + ok markus@ + +commit 08b57c67f3609340ff703fe2782d7058acf2529e +Author: Damien Miller <djm@mindrot.org> +Date: Thu Feb 27 10:17:13 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/26 20:18:37 + [ssh.c] + bz#2205: avoid early hostname lookups unless canonicalisation is enabled; + ok dtucker@ markus@ + +commit 13f97b2286142fd0b8eab94e4ce84fe124eeb752 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Feb 24 15:57:55 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/23 20:11:36 + [readconf.c readconf.h ssh.c ssh_config.5] + reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes + the hostname. This allows users to write configurations that always + refer to canonical hostnames, e.g. + + CanonicalizeHostname yes + CanonicalDomains int.example.org example.org + CanonicalizeFallbackLocal no + + Host *.int.example.org + Compression off + Host *.example.org + User djm + + ok markus@ + +commit bee3a234f3d1ad4244952bcff1b4b7c525330dc2 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Feb 24 15:57:22 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/23 20:03:42 + [ssh-ed25519.c] + check for unsigned overflow; not reachable in OpenSSH but others might + copy our code... + +commit 0628780abe61e7e50cba48cdafb1837f49ff23b2 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Feb 24 15:56:45 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/22 01:32:19 + [readconf.c] + when processing Match blocks, skip 'exec' clauses if previous predicates + failed to match; ok markus@ + +commit 0890dc8191bb201eb01c3429feec0300a9d3a930 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Feb 24 15:56:07 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/15 23:05:36 + [channels.c] + avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; + bz#2200, debian#738692 via Colin Watson; ok dtucker@ + +commit d3cf67e1117c25d151d0f86396e77ee3a827045a +Author: Damien Miller <djm@mindrot.org> +Date: Mon Feb 24 15:55:36 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/07 06:55:54 + [cipher.c mac.c] + remove some logging that makes ssh debugging output very verbose; + ok markus + +commit 03ae081aeaa118361c81ece76eb7cc1aaa2b40c5 +Author: Tim Rice <tim@multitalents.net> +Date: Fri Feb 21 09:09:34 2014 -0800 + + 20140221 + - (tim) [configure.ac] Fix cut-and-paste error. Patch from Bryan Drewery. + +commit 4a20959d2e3c90e9d66897c0b4032c785672d815 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Feb 13 16:38:32 2014 +1100 + + - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat + code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex. + +commit d1a7a9c0fd1ac2e3314cceb2891959fd2cd9eabb +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 7 09:24:33 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/06 22:21:01 + [sshconnect.c] + in ssh_create_socket(), only do the getaddrinfo for BindAddress when + BindAddress is actually specified. Fixes regression in 6.5 for + UsePrivilegedPort=yes; patch from Corinna Vinschen + +commit 6ce35b6cc4ead1bf98abec34cb2e2d6ca0abb15e +Author: Damien Miller <djm@mindrot.org> +Date: Fri Feb 7 09:24:14 2014 +1100 + + - naddy@cvs.openbsd.org 2014/02/05 20:13:25 + [ssh-keygen.1 ssh-keygen.c] + tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@ + while here, fix ordering in usage(); requested by jmc@ + +commit 6434cb2cfbbf0a46375d2d22f2ff9927feb5e478 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Feb 6 11:17:50 2014 +1100 + + - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define + __NR_shutdown; some go via the socketcall(2) multiplexer. + +commit 8d36f9ac71eff2e9f5770c0518b73d875f270647 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Feb 6 10:44:13 2014 +1100 + + - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL + before freeing since free(NULL) is a no-op. ok djm. + +commit a0959da3680b4ce8cf911caf3293a6d90f88eeb7 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Feb 5 10:33:45 2014 +1100 + + - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by + headers/libc but not supported by the kernel. Patch from Loganaden + Velvindron @ AfriNIC + +commit 9c449bc183b256c84d8f740727b0bc54d247b15e +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:38:28 2014 +1100 + + - (djm) [regress/setuid-allowed.c] Missing string.h for strerror() + +commit bf7e0f03be661b6f5b3bfe325135ce19391f9c4d +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:37:50 2014 +1100 + + - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o + +commit eb6d870a0ea8661299bb2ea8f013d3ace04e2024 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:26:34 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/04 00:24:29 + [ssh.c] + delay lowercasing of hostname until right before hostname + canonicalisation to unbreak case-sensitive matching of ssh_config; + reported by Ike Devolder; ok markus@ + +commit d56b44d2dfa093883a5c4e91be3f72d99946b170 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:26:04 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/04 00:24:29 + [ssh.c] + delay lowercasing of hostname until right before hostname + canonicalisation to unbreak case-sensitive matching of ssh_config; + reported by Ike Devolder; ok markus@ + +commit db3c595ea74ea9ccd5aa644d7e1f8dc675710731 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:25:45 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/02 03:44:31 + [digest-libc.c digest-openssl.c] + convert memset of potentially-private data to explicit_bzero() + +commit aae07e2e2000dd318418fd7fd4597760904cae32 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:20:40 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/03 23:28:00 + [ssh-ecdsa.c] + fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike + DSA_SIG_new. Reported by Batz Spear; ok markus@ + +commit a5103f413bde6f31bff85d6e1fd29799c647d765 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:20:14 2014 +1100 + + - djm@cvs.openbsd.org 2014/02/02 03:44:32 + [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] + [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] + [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] + [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] + [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] + [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] + [sshd.c] + convert memset of potentially-private data to explicit_bzero() + +commit 1d2c4564265ee827147af246a16f3777741411ed +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:18:20 2014 +1100 + + - tedu@cvs.openbsd.org 2014/01/31 16:39:19 + [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] + [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] + [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] + [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] + [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] + replace most bzero with explicit_bzero, except a few that cna be memset + ok djm dtucker + +commit 3928de067c286683a95fbdbdb5fdb3c78a0e5efd +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:13:54 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/30 22:26:14 + [sandbox-systrace.c] + allow shutdown(2) syscall in sandbox - it may be called by packet_close() + from portable + (Id sync only; change is already in portable) + +commit e1e480aee8a9af6cfbe7188667b7b940d6b57f9f +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:13:17 2014 +1100 + + - jmc@cvs.openbsd.org 2014/01/29 14:04:51 + [sshd_config.5] + document kbdinteractiveauthentication; + requested From: Ross L Richardson + + dtucker/markus helped explain its workings; + +commit 7cc194f70d4a5ec9a82d19422eaf18db4a6624c6 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:12:56 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/29 06:18:35 + [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] + [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] + [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] + remove experimental, never-enabled JPAKE code; ok markus@ + +commit b0f26544cf6f4feeb1a4f6db09fca834f5c9867d +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:10:01 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/29 00:19:26 + [sshd.c] + use kill(0, ...) instead of killpg(0, ...); on most operating systems + they are equivalent, but SUSv2 describes the latter as having undefined + behaviour; from portable; ok dtucker + (Id sync only; change is already in portable) + +commit f8f35bc471500348bb262039fb1fc43175d251b0 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:09:12 2014 +1100 + + - jmc@cvs.openbsd.org 2014/01/28 14:13:39 + [ssh-keyscan.1] + kill some bad Pa; + From: Jan Stary + +commit 0ba85d696ae9daf66002c2e4ab0d6bb111e1a787 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:08:38 2014 +1100 + + ignore a few more regress droppings + +commit ec93d15170b7a6ddf63fd654bd0f6a752acc19dd +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:07:13 2014 +1100 + + - markus@cvs.openbsd.org 2014/01/27 20:13:46 + [digest.c digest-openssl.c digest-libc.c Makefile.in] + rename digest.c to digest-openssl.c and add libc variant; ok djm@ + +commit 4a1c7aa640fb97d3472d51b215b6a0ec0fd025c7 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:03:36 2014 +1100 + + - markus@cvs.openbsd.org 2014/01/27 19:18:54 + [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] + replace openssl MD5 with our ssh_digest_*; ok djm@ + +commit 4e8d937af79ce4e253f77ec93489d098b25becc3 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Feb 4 11:02:42 2014 +1100 + + - markus@cvs.openbsd.org 2014/01/27 18:58:14 + [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] + replace openssl HMAC with an implementation based on our ssh_digest_* + ok and feedback djm@ + +commit 69d0d09f76bab5aec86fbf78489169f63bd16475 +Author: Tim Rice <tim@multitalents.net> +Date: Fri Jan 31 14:25:18 2014 -0800 + + - (tim) [Makefile.in] build regress/setuid-allow. + +commit 0eeafcd76b972a3d159f3118227c149a4d7817fe +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 31 14:18:51 2014 +1100 + + - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros. Fixes + build with HP-UX's compiler. Patch from Kevin Brott. + +commit 7e5cec6070673e9f9785ffc749837ada22fbe99f +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 31 09:25:34 2014 +1100 + + - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) + syscall from sandboxes; it may be called by packet_close. + +commit cdb6c90811caa5df2df856be9b0b16db020fe31d +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 30 12:50:17 2014 +1100 + + - (djm) Release openssh-6.5p1 + +commit 996ea80b1884b676a901439f1f2681eb6ff68501 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 30 12:49:55 2014 +1100 + + trim entries prior to openssh-6.0p1 + +commit f5bbd3b657b6340551c8a95f74a70857ff8fac79 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 30 11:26:46 2014 +1100 + + - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering + different symbols for 'read' when various compiler flags are + in use, causing atomicio.c comparisons against it to break and + read/write operations to hang; ok dtucker + +commit c2868192ddc4e1420a50389e18c05db20b0b1f32 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 30 10:21:19 2014 +1100 + + - (djm) [configure.ac] Only check for width-specified integer types + in headers that actually exist. patch from Tom G. Christensen; + ok dtucker@ + +commit c161fc90fc86e2035710570238a9e1ca7a68d2a5 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jan 29 21:01:33 2014 +1100 + + - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from + Tom G. Christensen + +commit 6f917ad376481995ab7d29fb53b08ec8d507eb9e +Author: Tim Rice <tim@multitalents.net> +Date: Tue Jan 28 10:26:25 2014 -0800 + + - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable + when used as an error message inside an if statement so we display the + correct into. agent.sh patch from Petr Lautrbach. + +commit ab16ef4152914d44ce6f76e48167d26d22f66a06 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 28 15:08:12 2014 +1100 + + - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the + latter being specified to have undefined behaviour in SUSv3; + ok dtucker + +commit ab0394905884dc6e58c3721211c6b38fb8fc2ca8 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 28 15:07:10 2014 +1100 + + - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl; + ok dtucker + +commit 4ab20a82d4d4168d62318923f62382f6ef242fcd +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jan 27 17:35:04 2014 +1100 + + - (dtucker) [Makefile.in] Remove trailing backslash which some make + implementations (eg older Solaris) do not cope with. + +commit e7e8b3cfe9f8665faaf0e68b33df5bbb431bd129 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jan 27 17:32:50 2014 +1100 + + Welcome to 2014 + +commit 5b447c0aac0dd444251e276f6bb3bbbe1c05331c +Author: Damien Miller <djm@mindrot.org> +Date: Sun Jan 26 09:46:53 2014 +1100 + + - (djm) [configure.ac] correct AC_DEFINE for previous. + +commit 2035b2236d3b1f76c749c642a43e03c85eae76e6 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Jan 26 09:39:53 2014 +1100 + + - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable + RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations, + libc will attempt to open additional file descriptors for crypto + offload and crash if they cannot be opened. + +commit a92ac7410475fbb00383c7402aa954dc0a75ae19 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Jan 26 09:38:03 2014 +1100 + + - markus@cvs.openbsd.org 2014/01/25 20:35:37 + [kex.c] + dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len) + ok dtucker@, noted by mancha + +commit 76eea4ab4e658670ca6e76dd1e6d17f262208b57 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Jan 26 09:37:25 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/25 10:12:50 + [cipher.c cipher.h kex.c kex.h kexgexc.c] + Add a special case for the DH group size for 3des-cbc, which has an + effective strength much lower than the key size. This causes problems + with some cryptlib implementations, which don't support group sizes larger + than 4k but also don't use the largest group size it does support as + specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, + reduced by me with input from Markus. ok djm@ markus@ + +commit 603b8f47f1cd9ed95a2017447db8e60ca6704594 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Jan 25 13:16:59 2014 +1100 + + - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test + against the correct thing. + +commit c96d85376d779b6ac61525b5440010d344d2f23f +Author: Damien Miller <djm@mindrot.org> +Date: Sat Jan 25 13:12:28 2014 +1100 + + - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless + sys/capability.h exists and cap_rights_limit is in libc. Fixes + build on FreeBSD9x which provides the header but not the libc + support. + +commit f62ecef9939cb3dbeb10602fd705d4db3976d822 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Jan 25 12:34:38 2014 +1100 + + - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD + +commit b0e0f760b861676a3fe5c40133b270713d5321a9 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 24 14:27:04 2014 +1100 + + - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make + the scp regress test actually test the built scp rather than the one + in $PATH. ok dtucker@ + +commit 42a092530159637da9cb7f9e1b5f4679e34a85e6 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jan 23 23:14:39 2014 +1100 + + - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously + incompatible with OpenBSD's despite post-dating it by more than a decade. + Declare it as broken, and document FreeBSD's as the same. ok djm@ + +commit 617da33c20cb59f9ea6c99c881d92493371ef7b8 +Author: Tim Rice <tim@multitalents.net> +Date: Wed Jan 22 19:16:10 2014 -0800 + + - (tim) [session.c] Improve error reporting on set_id(). + +commit 5c2ff5e31f57d303ebb414d84a934c02728fa568 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jan 22 21:30:12 2014 +1100 + + - (djm) [configure.ac aclocal.m4] More tests to detect fallout from + platform hardening options: include some long long int arithmatic + to detect missing support functions for -ftrapv in libgcc and + equivalents, actually test linking when -ftrapv is supplied and + set either both -pie/-fPIE or neither. feedback and ok dtucker@ + +commit 852472a54b8a0dc3e53786b313baaa86850a4273 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jan 22 16:31:18 2014 +1100 + + - (djm) [configure.ac] Unless specifically requested, only attempt + to build Position Independent Executables on gcc >= 4.x; ok dtucker + +commit ee87838786cef0194db36ae0675b3e7c4e8ec661 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jan 22 16:30:15 2014 +1100 + + - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a + platform that is expected to use the reuse-argv style setproctitle + hack surprises us by providing a setproctitle in libc; ok dtucker + +commit 5c96a154c7940fa67b1f11c421e390dbbc159f27 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jan 21 13:10:26 2014 +1100 + + - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE + and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of + detecting toolchain-related problems; ok dtucker + +commit 9464ba6fb34bb42eb3501ec3c5143662e75674bf +Author: Tim Rice <tim@multitalents.net> +Date: Mon Jan 20 17:59:28 2014 -0800 + + - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced + with sftp chroot support. Move set_id call after chroot. + +commit a6d573caa14d490e6c42fb991bcb5c6860ec704b +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jan 21 12:50:46 2014 +1100 + + - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time + tests in the configure output. ok djm. + +commit 096118dc73ab14810b3c12785c0b5acb01ad6123 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jan 21 12:48:51 2014 +1100 + + - (dtucker) [configure.ac] Make PIE a configure-time option which defaults + to on platforms where it's known to be reliably detected and off elsewhere. + Works around platforms such as FreeBSD 9.1 where it does not interop with + -ftrapv (it seems to work but fails when trying to link ssh). ok djm@ + +commit f9df7f6f477792254eab33cdef71a6d66488cb88 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Jan 20 20:07:15 2014 +1100 + + - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that + skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@ + +commit c74e70eb52ccc0082bd5a70b5798bb01c114d138 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jan 20 13:18:09 2014 +1100 + + - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos + implementation does not have krb5_cc_new_unique, similar to what we do + in auth-krb5.c. + +commit 3510979e83b6a18ec8773c64c3fa04aa08b2e783 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Jan 20 12:41:53 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/20 00:08:48 + [digest.c] + memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@ + +commit 7eee358d7a6580479bee5cd7e52810ebfd03e5b2 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jan 19 22:37:02 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/19 11:21:51 + [addrmatch.c] + Cast the sizeof to socklen_t so it'll work even if the supplied len is + negative. Suggested by and ok djm, ok deraadt. + +commit b7e01c09b56ab26e8fac56bbce0fd25e36d12bb0 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jan 19 22:36:13 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/19 04:48:08 + [ssh_config.5] + fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal + +commit 7b1ded04adce42efa25ada7c3a39818d3109b724 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jan 19 15:30:02 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/19 04:17:29 + [canohost.c addrmatch.c] + Cast socklen_t when comparing to size_t and use socklen_t to iterate over + the ip options, both to prevent signed/unsigned comparison warnings. + Patch from vinschen at redhat via portable openssh, begrudging ok deraadt. + +commit 293ee3c9f0796d99ebb033735f0e315f2e0180bf +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jan 19 15:28:01 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/18 09:36:26 + [session.c] + explicitly define USE_PIPES to 1 to prevent redefinition warnings in + portable on platforms that use pipes for everything. From redhat @ + redhat. + +commit 2aca159d05f9e7880d1d8f1ce49a218840057f53 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jan 19 15:25:34 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/17 06:23:24 + [sftp-server.c] + fix log message statvfs. ok djm + +commit 841f7da89ae8b367bb502d61c5c41916c6e7ae4c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jan 18 22:12:15 2014 +1100 + + - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the + return value check for cap_enter() consistent with the other uses in + FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140. + +commit fdce3731660699b2429e93e822f2ccbaccd163ae +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jan 18 21:12:42 2014 +1100 + + - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs, + optind) are defined in getopt.h already. Unfortunately they are defined as + "declspec(dllimport)" for historical reasons, because the GNU linker didn't + allow auto-import on PE/COFF targets way back when. The problem is the + dllexport attributes collide with the definitions in the various source + files in OpenSSH, which obviousy define the variables without + declspec(dllimport). The least intrusive way to get rid of these warnings + is to disable warnings for GCC compiler attributes when building on Cygwin. + Patch from vinschen at redhat.com. + +commit 1411c9263f46e1ee49d0d302bf7258ebe69ce827 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jan 18 21:03:59 2014 +1100 + + - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function + declarations that stopped being included when we stopped including + <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at + redhat.com. + +commit 89c532d843c95a085777c66365067d64d1937eb9 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jan 18 20:43:49 2014 +1100 + + - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin. Patch + from vinschen at redhat.com + +commit 355f861022be7b23d3009fae8f3c9f6f7fc685f7 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jan 18 00:12:38 2014 +1100 + + - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after + they're defined if we have to define them ourselves. Fixes builds on old + AIX. + +commit a3357661ee1d5d553294f36e4940e8285c7f1332 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Jan 18 00:03:57 2014 +1100 + + - (dtucker) [readconf.c] Wrap paths.h inside an ifdef. Allows building on + Solaris. + +commit 9edcbff46ff01c8d5dee9c1aa843f09e9ad8a80e +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 21:54:32 2014 +1100 + + - (dtucker) [configure.ac] Have --without-toolchain-hardening not turn off + stack-protector since that has a separate flag that's been around a while. + +commit 6d725687c490d4ba957a1bbc0ba0a2956c09fa69 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 19:17:34 2014 +1100 + + - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types. + +commit 5055699c7f7c7ef21703a443ec73117da392f6ae +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 18:48:22 2014 +1100 + + - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we + need them to cut down on the name collisions. + +commit a5cf1e220def07290260e4125e74f41ac75cf88d +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 18:10:58 2014 +1100 + + - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c + openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs + to be useful (and for the regression tests to pass) on platforms that + have statfs and fstatfs. ok djm@ + +commit 1357d71d7b6d269969520aaa3e84d312ec971d5b +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 18:00:40 2014 +1100 + + - (dtucker) Fix typo in #ifndef. + +commit d23a91ffb289d3553a58b7a60cec39fba9f0f506 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 17:32:30 2014 +1100 + + - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c + openbsd-compat/openssl-compat.h] Add compatibility layer for older + openssl versions. ok djm@ + +commit 868ea1ea1c1bfdbee5dbad78f81999c5983ecf31 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 17 16:47:04 2014 +1100 + + - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] + [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] + [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing + using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling + Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@ + +commit a9d186a8b50d18869a10e9203abf71c83ddb1f79 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 16:30:49 2014 +1100 + + - dtucker@cvs.openbsd.org 2014/01/17 05:26:41 + [digest.c] + remove unused includes. ok djm@ + +commit 5f1c57a7a7eb39c0e4fee3367712337dbcaef024 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 16:29:45 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/17 00:21:06 + [sftp-client.c] + signed/unsigned comparison warning fix; from portable (Id sync only) + +commit c548722361d89fb12c108528f96b306a26477b18 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 15:12:16 2014 +1100 + + - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into + separate lines and alphabetize for easier diffing of changes. + +commit acad351a5b1c37de9130c9c1710445cc45a7f6b9 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 14:20:05 2014 +1100 + + - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that + don't have them. + +commit c3ed065ce8417aaa46490836648c173a5010f226 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 14:18:45 2014 +1100 + + - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside + #ifdef HAVE_STDINT_H. + +commit f45f78ae437062c7d9506c5f475b7215f486be44 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 12:43:43 2014 +1100 + + - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include + includes.h to pull in all of the compatibility stuff. + +commit 99df369d0340caac145d57f700d830147ff18b87 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 12:42:17 2014 +1100 + + - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. + +commit ac413b62ea1957e80c711acbe0c11b908273fc01 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 12:31:33 2014 +1100 + + - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. + +commit 1c4a011e9c939e74815346a560843e1862c300b8 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 12:23:23 2014 +1100 + + - (dtucker) [loginrec.c] Cast to the types specfied in the format + specification to prevent warnings. + +commit c3d483f9a8275be1113535a1e0d0e384f605f3c4 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 17 11:20:26 2014 +1100 + + - (djm) [sftp-client.c] signed/unsigned comparison fix + +commit fd994379dd972417d0491767f7cd9b5bf23f4975 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Jan 17 09:53:24 2014 +1100 + + - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain + hardening flags including -fstack-protector-strong. These default to on + if the toolchain supports them, but there is a configure-time knob + (--without-hardening) to disable them if necessary. ok djm@ + +commit 366224d21768ee8ec28cfbcc5fbade1b32582d58 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 16 18:51:44 2014 +1100 + + - (djm) [README] update release notes URL. + +commit 2ae77e64f8fa82cbf25c9755e8e847709b978b40 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 16 18:51:07 2014 +1100 + + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank RPM spec version numbers. + +commit 0fa29e6d777c73a1b4ddd3b996b06ee20022ae8a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 16 18:42:31 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/16 07:32:00 + [version.h] + openssh-6.5 + +commit 52c371cd6d2598cc73d4e633811b3012119c47e2 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jan 16 18:42:10 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/16 07:31:09 + [sftp-client.c] + needless and incorrect cast to size_t can break resumption of + large download; patch from tobias@ + +commit 91b580e4bec55118bf96ab3cdbe5a50839e75d0a +Author: Damien Miller <djm@mindrot.org> +Date: Sun Jan 12 19:21:22 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/12 08:13:13 + [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c] + [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c] + avoid use of OpenSSL BIGNUM type and functions for KEX with + Curve25519 by adding a buffer_put_bignum2_from_string() that stores + a string using the bignum encoding rules. Will make it easier to + build a reduced-feature OpenSSH without OpenSSL in the future; + ok markus@ + +commit af5d4481f4c7c8c3c746e68b961bb85ef907800e +Author: Damien Miller <djm@mindrot.org> +Date: Sun Jan 12 19:20:47 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/10 05:59:19 + [sshd_config] + the /etc/ssh/ssh_host_ed25519_key is loaded by default too + +commit 58cd63bc63038acddfb4051ed14e11179d8f4941 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 10 10:59:24 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/09 23:26:48 + [sshconnect.c sshd.c] + ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient, + deranged and might make some attacks on KEX easier; ok markus@ + +commit b3051d01e505c9c2dc00faab472a0d06fa6b0e65 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 10 10:58:53 2014 +1100 + + - djm@cvs.openbsd.org 2014/01/09 23:20:00 + [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c] + [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c] + [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c] + [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c] + Introduce digest API and use it to perform all hashing operations + rather than calling OpenSSL EVP_Digest* directly. Will make it easier + to build a reduced-feature OpenSSH without OpenSSL in future; + feedback, ok markus@ + +commit e00e413dd16eb747fb2c15a099971d91c13cf70f +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 10 10:40:45 2014 +1100 + + - guenther@cvs.openbsd.org 2014/01/09 03:26:00 + [sftp-common.c] + When formating the time for "ls -l"-style output, show dates in the future + with the year, and rearrange a comparison to avoid a potentional signed + arithmetic overflow that would give the wrong result. + + ok djm@ + +commit 3e49853650448883685cfa32fa382d0ba6d51d48 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jan 10 10:37:05 2014 +1100 + + - tedu@cvs.openbsd.org 2014/01/04 17:50:55 + [mac.c monitor_mm.c monitor_mm.h xmalloc.c] + use standard types and formats for size_t like variables. ok dtucker + +commit a9c1e500ef609795cbc662848edb1a1dca279c81 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jan 8 16:13:12 2014 +1100 + + - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@ + +commit 324541e5264e1489ca0babfaf2b39612eb80dfb3 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Dec 31 12:25:40 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/30 23:52:28 + [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] + [sshconnect.c sshconnect2.c sshd.c] + refuse RSA keys from old proprietary clients/servers that use the + obsolete RSA+MD5 signature scheme. it will still be possible to connect + with these clients/servers but only DSA keys will be accepted, and we'll + deprecate them entirely in a future release. ok markus@ + +commit 9f4c8e797ea002a883307ca906f1f1f815010e78 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:57:46 2013 +1100 + + - (djm) [regress/Makefile] Add some generated files for cleaning + +commit 106bf1ca3c7a5fdc34f9fd7a1fe651ca53085bc5 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:54:03 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/29 05:57:02 + [sshconnect.c] + when showing other hostkeys, don't forget Ed25519 keys + +commit 0fa47cfb32c239117632cab41e4db7d3e6de5e91 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:53:39 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/29 05:42:16 + [ssh.c] + don't forget to load Ed25519 certs too + +commit b9a95490daa04cc307589897f95bfaff324ad2c9 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:50:15 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/29 04:35:50 + [authfile.c] + don't refuse to load Ed25519 certificates + +commit f72cdde6e6fabc51d2a62f4e75b8b926d9d7ee89 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:49:55 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/29 04:29:25 + [authfd.c] + allow deletion of ed25519 keys from the agent + +commit 29ace1cb68cc378a464c72c0fd67aa5f9acd6b5b +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:49:31 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/29 04:20:04 + [key.c] + to make sure we don't omit any key types as valid CA keys again, + factor the valid key type check into a key_type_is_valid_ca() + function + +commit 9de4fcdc5a9cff48d49a3e2f6194d3fb2d7ae34d +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:49:13 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/29 02:49:52 + [key.c] + correct comment for key_drop_cert() + +commit 5baeacf8a80f054af40731c6f92435f9164b8e02 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:48:55 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/29 02:37:04 + [key.c] + correct comment for key_to_certified() + +commit 83f2fe26cb19330712c952eddbd3c0b621674adc +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:48:38 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/29 02:28:10 + [key.c] + allow ed25519 keys to appear as certificate authorities + +commit 06122e9a74bb488b0fe0a8f64e1135de870f9cc0 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:48:15 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/27 22:37:18 + [ssh-rsa.c] + correct comment + +commit 3e19295c3a253c8dc8660cf45baad7f45fccb969 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:47:50 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/27 22:30:17 + [ssh-dss.c ssh-ecdsa.c ssh-rsa.c] + make the original RSA and DSA signing/verification code look more like + the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type + rather than tediously listing all variants, use __func__ for debug/ + error messages + +commit 137977180be6254639e2c90245763e6965f8d815 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:47:14 2013 +1100 + + - tedu@cvs.openbsd.org 2013/12/21 07:10:47 + [ssh-keygen.1] + small typo + +commit 339a48fe7ffb3186d22bbaa9efbbc3a053e602fd +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:46:49 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/19 22:57:13 + [poly1305.c poly1305.h] + use full name for author, with his permission + +commit 0b36c83148976c7c8268f4f41497359e2fb26251 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:45:51 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/19 01:19:41 + [ssh-agent.c] + bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent + that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; + ok dtucker + +commit 4def184e9b6c36be6d965a9705632fc4c0c2a8af +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:45:26 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/19 01:04:36 + [channels.c] + bz#2147: fix multiple remote forwardings with dynamically assigned + listen ports. In the s->c message to open the channel we were sending + zero (the magic number to request a dynamic port) instead of the actual + listen port. The client therefore had no way of discriminating between + them. + + Diagnosis and fix by ronf AT timeheart.net + +commit bf25d114e23a803f8feca8926281b1aaedb6191b +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:44:56 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/19 00:27:57 + [auth-options.c] + simplify freeing of source-address certificate restriction + +commit bb3dafe7024a5b4e851252e65ee35d45b965e4a8 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:44:29 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/12/19 00:19:12 + [serverloop.c] + Cast client_alive_interval to u_int64_t before assinging to + max_time_milliseconds to avoid potential integer overflow in the timeout. + bz#2170, patch from Loganaden Velvindron, ok djm@ + +commit ef275ead3dcadde4db1efe7a0aa02b5e618ed40c +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:44:07 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/19 00:10:30 + [ssh-add.c] + skip requesting smartcard PIN when removing keys from agent; bz#2187 + patch from jay AT slushpupie.com; ok dtucker + +commit 7d97fd9a1cae778c3eacf16e09f5da3689d616c6 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 29 17:40:18 2013 +1100 + + - (djm) [loginrec.c] Check for username truncation when looking up lastlog + entries + +commit 77244afe3b6d013b485e0952eaab89b9db83380f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Dec 21 17:02:39 2013 +1100 + + 20131221 + - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. + +commit 53f8e784dc431a82d31c9b0e95b144507f9330e9 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Dec 19 11:31:44 2013 +1100 + + - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item(). + Patch from Loganaden Velvindron. + +commit 1fcec9d4f265e38af248c4c845986ca8c174bd68 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Dec 19 11:00:12 2013 +1100 + + - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions + greater than 11 either rather than just 11. Patch from Tomas Kuthan. + +commit 6674eb9683afd1ea4eb35670b5e66815543a759e +Author: Damien Miller <djm@mindrot.org> +Date: Wed Dec 18 17:50:39 2013 +1100 + + - markus@cvs.openbsd.org 2013/12/17 10:36:38 + [crypto_api.h] + I've assempled the header file by cut&pasting from generated headers + and the source files. + +commit d58a5964426ee014384d67d775d16712e93057f3 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Dec 18 17:50:13 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/15 21:42:35 + [cipher-chachapoly.c] + add some comments and constify a constant + +commit 059321d19af24d87420de3193f79dfab23556078 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Dec 18 17:49:48 2013 +1100 + + - pascal@cvs.openbsd.org 2013/12/15 18:17:26 + [ssh-add.c] + Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page. + ok markus@ + +commit 155b5a5bf158767f989215479ded2a57f331e1c6 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Dec 18 17:48:32 2013 +1100 + + - markus@cvs.openbsd.org 2013/12/09 11:08:17 + [crypto_api.h] + remove unused defines + +commit 8a56dc2b6b48b05590810e7f4c3567508410000c +Author: Damien Miller <djm@mindrot.org> +Date: Wed Dec 18 17:48:11 2013 +1100 + + - markus@cvs.openbsd.org 2013/12/09 11:03:45 + [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] + [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] + Add Authors for the public domain ed25519/nacl code. + see also http://nacl.cr.yp.to/features.html + All of the NaCl software is in the public domain. + and http://ed25519.cr.yp.to/software.html + The Ed25519 software is in the public domain. + +commit 6575c3acf31fca117352f31f37b16ae46e664837 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Dec 18 17:47:02 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/12/08 09:53:27 + [sshd_config.5] + Use a literal for the default value of KEXAlgorithms. ok deraadt jmc + +commit 8ba0ead6985ea14999265136b14ffd5aeec516f9 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Dec 18 17:46:27 2013 +1100 + + - naddy@cvs.openbsd.org 2013/12/07 11:58:46 + [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1] + [ssh_config.5 sshd.8 sshd_config.5] + add missing mentions of ed25519; ok djm@ + +commit 4f752cf71cf44bf4bc777541156c2bf56daf9ce9 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Dec 18 17:45:35 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/07 08:08:26 + [ssh-keygen.1] + document -a and -o wrt new key format + +commit 6d6fcd14e23a9053198342bb379815b15e504084 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 8 15:53:28 2013 +1100 + + - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh] + [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid + filesystem before running agent-ptrace.sh; ok dtucker + +commit 7e6e42fb532c7dafd7078ef5e9e2d3e47fcf6752 +Author: Damien Miller <djm@mindrot.org> +Date: Sun Dec 8 08:23:08 2013 +1100 + + - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna + Vinschen + +commit da3ca351b49d52ae85db2e3998265dc3c6617068 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 21:43:46 2013 +1100 + + - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from + Loganaden Velvindron @ AfriNIC in bz#2179 + +commit eb401585bb8336cbf81fe4fc58eb9f7cac3ab874 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 17:07:15 2013 +1100 + + - (djm) [regress/cert-hostkey.sh] Fix merge botch + +commit f54542af3ad07532188b10136ae302314ec69ed6 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 16:32:44 2013 +1100 + + - markus@cvs.openbsd.org 2013/12/06 13:52:46 + [regress/Makefile regress/agent.sh regress/cert-hostkey.sh] + [regress/cert-userkey.sh regress/keytype.sh] + test ed25519 support; from djm@ + +commit f104da263de995f66b6861b4f3368264ee483d7f +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 12:37:53 2013 +1100 + + - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in] + [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on + Linux + +commit 1ff130dac9b7aea0628f4ad30683431fe35e0020 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 11:51:51 2013 +1100 + + - [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c] + [openbsd-compat/blf.h openbsd-compat/blowfish.c] + [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in + portable. + +commit 4260828a2958ebe8c96f66d8301dac53f4cde556 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 11:38:03 2013 +1100 + + - [authfile.c] Conditionalise inclusion of util.h + +commit a913442bac8a26fd296a3add51293f8f6f9b3b4c +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 11:35:36 2013 +1100 + + - [Makefile.in] Add ed25519 sources + +commit ca570a519cb846da61d002c7f46fa92e39c83e45 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 11:29:09 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/07 00:19:15 + [key.c] + set k->cert = NULL after freeing it + +commit 3cccc0e155229a2f2d86b6df40bd4559b4f960ff +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 11:27:47 2013 +1100 + + - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] + [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents + +commit a7827c11b3f0380b7e593664bd62013ff9c131db +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 11:24:30 2013 +1100 + + - jmc@cvs.openbsd.org 2013/12/06 15:29:07 + [sshd.8] + missing comma; + +commit 5be9d9e3cbd9c66f24745d25bf2e809c1d158ee0 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 11:24:01 2013 +1100 + + - markus@cvs.openbsd.org 2013/12/06 13:39:49 + [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] + [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] + [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] + [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] + [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] + support ed25519 keys (hostkeys and user identities) using the public + domain ed25519 reference code from SUPERCOP, see + http://ed25519.cr.yp.to/software.html + feedback, help & ok djm@ + +commit bcd00abd8451f36142ae2ee10cc657202149201e +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 10:41:55 2013 +1100 + + - markus@cvs.openbsd.org 2013/12/06 13:34:54 + [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c] + [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by + default; details in PROTOCOL.key; feedback and lots help from djm; + ok djm@ + +commit f0e9060d236c0e38bec2fa1c6579fb0a2ea6458d +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 10:40:26 2013 +1100 + + - markus@cvs.openbsd.org 2013/12/06 13:30:08 + [authfd.c key.c key.h ssh-agent.c] + move private key (de)serialization to key.c; ok djm + +commit 0f8536da23a6ef26e6495177c0d8a4242b710289 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 10:31:37 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/06 03:40:51 + [ssh-keygen.c] + remove duplicated character ('g') in getopt() string; + document the (few) remaining option characters so we don't have to + rummage next time. + +commit 393920745fd328d3fe07f739a3cf7e1e6db45b60 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Dec 7 10:31:08 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/05 22:59:45 + [sftp-client.c] + fix memory leak in error path in do_readdir(); pointed out by + Loganaden Velvindron @ AfriNIC in bz#2163 + +commit 534b2ccadea5e5e9a8b27226e6faac3ed5552e97 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 14:07:27 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/05 01:16:41 + [servconf.c servconf.h] + bz#2161 - fix AuthorizedKeysCommand inside a Match block and + rearrange things so the same error is harder to make next time; + with and ok dtucker@ + +commit 8369c8e61a3408ec6bb75755fad4ffce29b5fdbe +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Dec 5 11:00:16 2013 +1100 + + - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct + -L location for libedit. Patch from Serge van den Boom. + +commit 9275df3e0a2a3bc3897f7d664ea86a425c8a092d +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:26:32 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/04 04:20:01 + [sftp-client.c] + bz#2171: don't leak local_fd on error; from Loganaden Velvindron @ + AfriNIC + +commit 960f6a2b5254e4da082d8aa3700302ed12dc769a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:26:14 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/02 03:13:14 + [cipher.c] + correct bzero of chacha20+poly1305 key context. bz#2177 from + Loganaden Velvindron @ AfriNIC + + Also make it a memset for consistency with the rest of cipher.c + +commit f7e8a8796d661c9d6692ab837e1effd4f5ada1c2 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:25:51 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/02 03:09:22 + [key.c] + make key_to_blob() return a NULL blob on failure; part of + bz#2175 from Loganaden Velvindron @ AfriNIC + +commit f1e44ea9d9a6d4c1a95a0024132e603bd1778c9c +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:23:21 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/02 02:56:17 + [ssh-pkcs11-helper.c] + use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC + +commit 114e540b15d57618f9ebf624264298f80bbd8c77 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:22:57 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/02 02:50:27 + [PROTOCOL.chacha20poly1305] + typo; from Jon Cave + +commit e4870c090629e32f2cb649dc16d575eeb693f4a8 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:22:39 2013 +1100 + + - djm@cvs.openbsd.org 2013/12/01 23:19:05 + [PROTOCOL] + mention curve25519-sha256@libssh.org key exchange algorithm + +commit 1d2f8804a6d33a4e908b876b2e1266b8260ec76b +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:22:03 2013 +1100 + + - deraadt@cvs.openbsd.org 2013/11/26 19:15:09 + [pkcs11.h] + cleanup 1 << 31 idioms. Resurrection of this issue pointed out by + Eitan Adler ok markus for ssh, implies same change in kerberosV + +commit bdb352a54f82df94a548e3874b22f2d6ae90328d +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:20:52 2013 +1100 + + - jmc@cvs.openbsd.org 2013/11/26 12:14:54 + [ssh.1 ssh.c] + - put -Q in the right place + - Ar was a poor choice for the arguments to -Q. i've chosen an + admittedly equally poor Cm, at least consistent with the rest + of the docs. also no need for multiple instances + - zap a now redundant Nm + - usage() sync + +commit d937dc084a087090f1cf5395822c3ac958d33759 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:19:54 2013 +1100 + + - deraadt@cvs.openbsd.org 2013/11/25 18:04:21 + [ssh.1 ssh.c] + improve -Q usage and such. One usage change is that the option is now + case-sensitive + ok dtucker markus djm + +commit dec0393f7ee8aabc7d9d0fc2c5fddb4bc649112e +Author: Damien Miller <djm@mindrot.org> +Date: Thu Dec 5 10:18:43 2013 +1100 + + - jmc@cvs.openbsd.org 2013/11/21 08:05:09 + [ssh_config.5 sshd_config.5] + no need for .Pp before displays; + +commit 8a073cf57940aabf85e49799f89f5d5e9b072c1b +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 14:26:18 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/21 03:18:51 + [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh] + [regress/try-ciphers.sh] + use new "ssh -Q cipher-auth" query to obtain lists of authenticated + encryption ciphers instead of specifying them manually; ensures that + the new chacha20poly1305@openssh.com mode is tested; + + ok markus@ and naddy@ as part of the diff to add + chacha20poly1305@openssh.com + +commit ea61b2179f63d48968dd2c9617621002bb658bfe +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 14:25:15 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/21 03:16:47 + [regress/modpipe.c] + use unsigned long long instead of u_int64_t here to avoid warnings + on some systems portable OpenSSH is built on. + +commit 36aba25b0409d2db6afc84d54bc47a2532d38424 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 14:24:42 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/21 03:15:46 + [regress/krl.sh] + add some reminders for additional tests that I'd like to implement + +commit fa7a20bc289f09b334808d988746bc260a2f60c9 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 14:24:08 2013 +1100 + + - naddy@cvs.openbsd.org 2013/11/18 05:09:32 + [regress/forward-control.sh] + bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164) + to successfully run this; ok djm@ + (ID sync only; our timeouts are already longer) + +commit 0fde8acdad78a4d20cadae974376cc0165f645ee +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 14:12:23 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/21 00:45:44 + [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] + [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] + [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] + [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport + cipher "chacha20-poly1305@openssh.com" that combines Daniel + Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an + authenticated encryption mode. + + Inspired by and similar to Adam Langley's proposal for TLS: + http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 + but differs in layout used for the MAC calculation and the use of a + second ChaCha20 instance to separately encrypt packet lengths. + Details are in the PROTOCOL.chacha20poly1305 file. + + Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC + ok markus@ naddy@ + +commit fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 13:57:15 2013 +1100 + + - deraadt@cvs.openbsd.org 2013/11/20 20:54:10 + [canohost.c clientloop.c match.c readconf.c sftp.c] + unsigned casts for ctype macros where neccessary + ok guenther millert markus + +commit e00167307e4d3692695441e9bd712f25950cb894 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 13:56:49 2013 +1100 + + - deraadt@cvs.openbsd.org 2013/11/20 20:53:10 + [scp.c] + unsigned casts for ctype macros where neccessary + ok guenther millert markus + +commit 23e00aa6ba9eee0e0c218f2026bf405ad4625832 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 13:56:28 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/20 02:19:01 + [sshd.c] + delay closure of in/out fds until after "Bad protocol version + identification..." message, as get_remote_ipaddr/get_remote_port + require them open. + +commit 867e6934be6521f87f04a5ab86702e2d1b314245 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 13:56:06 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/13 13:48:20 + [ssh-pkcs11.c] + add missing braces found by pedro + +commit 0600c7020f4fe68a780bd7cf21ff541a8d4b568a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 21 13:55:43 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/08 11:15:19 + [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c] + [uidswap.c] Include stdlib.h for free() as per the man page. + +commit b6a75b0b93b8faa6f79c3a395ab6c71f3f880b80 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Nov 10 20:25:22 2013 +1100 + + - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by + querying the ones that are compiled in. + +commit 2c89430119367eb1bc96ea5ee55de83357e4c926 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Nov 10 12:38:42 2013 +1100 + + - (dtucker) [key.c] Check for the correct defines for NID_secp521r1. + +commit dd5264db5f641dbd03186f9e5e83e4b14b3d0003 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Nov 9 22:32:51 2013 +1100 + + - (dtucker) [configure.ac] Add missing "test". + +commit 95cb2d4eb08117be061f3ff076adef3e9a5372c3 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Nov 9 22:02:31 2013 +1100 + + - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test. + +commit 37bcef51b3d9d496caecea6394814d2f49a1357f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Nov 9 18:39:25 2013 +1100 + + - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of + NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the + latter actually works before using it. Fedora (at least) has NID_secp521r1 + that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897). + +commit 6e2fe81f926d995bae4be4a6b5b3c88c1c525187 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Nov 9 16:55:03 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 + [regress/test-exec.sh regress/rekey.sh] + Use smaller test data files to speed up tests. Grow test datafiles + where necessary for a specific test. + +commit aff7ef1bb8b7c1eeb1f4812129091c5adbf51848 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Nov 9 00:19:22 2013 +1100 + + - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation: + rather than testing and generating each key, call ssh-keygen -A. + Patch from vinschen at redhat.com. + +commit 882abfd3fb3c98cfe70b4fc79224770468b570a5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sat Nov 9 00:17:41 2013 +1100 + + - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform + and pass in TEST_ENV. Unknown options cause stderr to get polluted + and the stderr-data test to fail. + +commit 8c333ec23bdf7da917aa20ac6803a2cdd79182c5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Nov 8 21:12:58 2013 +1100 + + - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile + warnings. + +commit d94240b2f6b376b6e9de187e4a0cd4b89dfc48cb +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Nov 8 21:10:04 2013 +1100 + + - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256. + +commit 1c8ce34909886288a3932dce770deec5449f7bb5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Nov 8 19:50:32 2013 +1100 + + - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have + EVP_sha256. + +commit ccdb9bec46bcc88549b26a94aa0bae2b9f51031c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Nov 8 18:54:38 2013 +1100 + + - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of + arc4random_stir for platforms that have arc4random but don't have + arc4random_stir (right now this is only OpenBSD -current). + +commit 3420a50169b52cc8d2775d51316f9f866c73398f +Author: Damien Miller <djm@mindrot.org> +Date: Fri Nov 8 16:48:13 2013 +1100 + + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update version numbers following release. + +commit 3ac4a234df842fd8c94d9cb0ad198e1fe84b895b +Author: Damien Miller <djm@mindrot.org> +Date: Fri Nov 8 12:39:49 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/08 01:38:11 + [version.h] + openssh-6.4 + +commit 6c81fee693038de7d4a5559043350391db2a2761 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Nov 8 12:19:55 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/08 00:39:15 + [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] + [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] + [sftp-client.c sftp-glob.c] + use calloc for all structure allocations; from markus@ + +commit 690d989008e18af3603a5e03f1276c9bad090370 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Nov 8 12:16:49 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/07 11:58:27 + [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] + Output the effective values of Ciphers, MACs and KexAlgorithms when + the default has not been overridden. ok markus@ + +commit 08998c5fb9c7c1d248caa73b76e02ca0482e6d85 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Nov 8 12:11:46 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 + [regress/rekey.sh] + Rekey less frequently during tests to speed them up + +commit 4bf7e50e533aa956366df7402c132f202e841a48 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 22:33:48 2013 +1100 + + - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment + variable. It's no longer used now that we get the supported MACs from + ssh -Q. + +commit 6e9d6f411288374d1dee4b7debbfa90bc7e73035 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 15:32:37 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/07 04:26:56 + [regress/kextype.sh] + trailing space + +commit 74cbc22529f3e5de756e1b7677b7624efb28f62c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 15:26:12 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/07 03:55:41 + [regress/kextype.sh] + Use ssh -Q to get kex types instead of a static list. + +commit a955041c930e63405159ff7d25ef14272f36eab3 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 15:21:19 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/07 02:48:38 + [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] + Use ssh -Q instead of hardcoding lists of ciphers or MACs. + +commit 06595d639577577bc15d359e037a31eb83563269 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 15:08:02 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/07 01:12:51 + [regress/rekey.sh] + Factor out the data transfer rekey tests + +commit 651dc8b2592202dac6b16ee3b82ce5b331be7da3 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 15:04:44 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/07 00:12:05 + [regress/rekey.sh] + Test rekeying for every Cipher, MAC and KEX, plus test every KEX with + the GCM ciphers. + +commit 234557762ba1096a867ca6ebdec07efebddb5153 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 15:00:51 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/11/04 12:27:42 + [regress/rekey.sh] + Test rekeying with all KexAlgorithms. + +commit bbfb9b0f386aab0c3e19d11f136199ef1b9ad0ef +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 14:56:43 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/02 22:39:53 + [regress/kextype.sh] + add curve25519-sha256@libssh.org + +commit aa19548a98c0f89283ebd7354abd746ca6bc4fdf +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Nov 7 14:50:09 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/09 23:44:14 + [regress/Makefile] (ID sync only) + regression test for sftp request white/blacklisting and readonly mode. + +commit c8908aabff252f5da772d4e679479c2b7d18cac1 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 7 13:38:35 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/06 23:05:59 + [ssh-pkcs11.c] + from portable: s/true/true_val/ to avoid name collisions on dump platforms + RCSID sync only + +commit 49c145c5e89b9d7d48e84328d6347d5ad640b567 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 7 13:35:39 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/06 16:52:11 + [monitor_wrap.c] + fix rekeying for AES-GCM modes; ok deraadt + +commit 67a8800f290b39fd60e379988c700656ae3f2539 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 7 13:32:51 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/04 11:51:16 + [monitor.c] + fix rekeying for KEX_C25519_SHA256; noted by dtucker@ + RCSID sync only; I thought this was a merge botch and fixed it already + +commit df8b030b15fcec7baf38ec7944f309f9ca8cc9a7 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 7 13:28:16 2013 +1100 + + - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms + that lack it but have arc4random_uniform() + +commit a6fd1d3c38a562709374a70fa76423859160aa90 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 7 12:03:26 2013 +1100 + + - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these + +commit c98319750b0bbdd0d1794420ec97d65dd9244613 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 7 12:00:23 2013 +1100 + + - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff + +commit 61c5c2319e84a58210810d39b062c8b8e3321160 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Nov 7 11:34:14 2013 +1100 + + - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) + that got lost in recent merge. + +commit 094003f5454a9f5a607674b2739824a7e91835f4 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Nov 4 22:59:27 2013 +1100 + + - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from + KEX/curve25519 change + +commit ca67a7eaf8766499ba67801d0be8cdaa550b9a50 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Nov 4 09:05:17 2013 +1100 + + - djm@cvs.openbsd.org 2013/11/03 10:37:19 + [roaming_common.c] + fix a couple of function definitions foo() -> foo(void) + (-Wold-style-definition) + +commit 0bd8f1519d51af8d4229be81e8f2f4903a1d440b +Author: Damien Miller <djm@mindrot.org> +Date: Mon Nov 4 08:55:43 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/02 22:39:19 + [ssh_config.5 sshd_config.5] + the default kex is now curve25519-sha256@libssh.org + +commit 4c3ba0767fbe4a8a2a748df4035aaf86651f6b30 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Nov 4 08:40:13 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/02 22:34:01 + [auth-options.c] + no need to include monitor_wrap.h and ssh-gss.h + +commit 660621b2106b987b874c2f120218bec249d0f6ba +Author: Damien Miller <djm@mindrot.org> +Date: Mon Nov 4 08:37:51 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/02 22:24:24 + [kexdhs.c kexecdhs.c] + no need to include ssh-gss.h + +commit abdca986decfbbc008c895195b85e879ed460ada +Author: Damien Miller <djm@mindrot.org> +Date: Mon Nov 4 08:30:05 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/02 22:10:15 + [kexdhs.c kexecdhs.c] + no need to include monitor_wrap.h + +commit 1e1242604eb0fd510fe93f81245c529237ffc513 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Nov 4 08:26:52 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/02 21:59:15 + [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] + use curve25519 for default key exchange (curve25519-sha256@libssh.org); + initial patch from Aris Adamantiadis; ok djm@ + +commit d2252c79191d069372ed6effce7c7a2de93448cd +Author: Damien Miller <djm@mindrot.org> +Date: Mon Nov 4 07:41:48 2013 +1100 + + - markus@cvs.openbsd.org 2013/11/02 20:03:54 + [ssh-pkcs11.c] + support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys; + fixes bz#1908; based on patch from Laurent Barbe; ok djm + +commit 007e3b357e880caa974d5adf9669298ba0751c78 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Nov 3 18:43:55 2013 +1100 + + - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t + for platforms that don't have them. + +commit 710f3747352fb93a63e5b69b12379da37f5b3fa9 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Nov 3 17:20:34 2013 +1100 + + - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd + vsnprintf. From eric at openbsd via chl@. + +commit d52770452308e5c2e99f4da6edaaa77ef078b610 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Nov 3 16:30:46 2013 +1100 + + - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep. + From OpenSMTPD where it prevents "implicit declaration" warnings (it's + a no-op in OpenSSH). From chl at openbsd. + +commit 63857c9340d3482746a5622ffdacc756751f6448 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 30 22:31:06 2013 +1100 + + - jmc@cvs.openbsd.org 2013/10/29 18:49:32 + [sshd_config.5] + pty(4), not pty(7); + +commit 5ff30c6b68adeee767dd29bf2369763c6a13c0b3 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 30 22:21:50 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/29 09:48:02 + [servconf.c servconf.h session.c sshd_config sshd_config.5] + shd_config PermitTTY to disallow TTY allocation, mirroring the + longstanding no-pty authorized_keys option; + bz#2070, patch from Teran McKinney; ok markus@ + +commit 4a3a9d4bbf8048473f5cc202cd8db7164d5e6b8d +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 30 22:19:47 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/29 09:42:11 + [key.c key.h] + fix potential stack exhaustion caused by nested certificates; + report by Mateusz Kocielski; ok dtucker@ markus@ + +commit 28631ceaa7acd9bc500f924614431542893c6a21 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Oct 26 10:07:56 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/25 23:04:51 + [ssh.c] + fix crash when using ProxyCommand caused by previous commit - was calling + freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@ + +commit 26506ad29350c5681815745cc90b3952a84cf118 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Oct 26 10:05:46 2013 +1100 + + - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove + unnecessary arc4random_stir() calls. The only ones left are to ensure + that the PRNG gets a different state after fork() for platforms that + have broken the API. + +commit bd43e8872325e9bbb3319c89da593614709f317c +Author: Tim Rice <tim@multitalents.net> +Date: Thu Oct 24 12:22:49 2013 -0700 + + - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd" + +commit a90c0338083ee0e4064c4bdf61f497293a699be0 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 24 21:03:17 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/24 08:19:36 + [ssh.c] + fix bug introduced in hostname canonicalisation commit: don't try to + resolve hostnames when a ProxyCommand is set unless the user has forced + canonicalisation; spotted by Iain Morgan + +commit cf31f3863425453ffcda540fbefa9df80088c8d1 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 24 21:02:56 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/10/24 00:51:48 + [readconf.c servconf.c ssh_config.5 sshd_config.5] + Disallow empty Match statements and add "Match all" which matches + everything. ok djm, man page help jmc@ + +commit 4bedd4032a09ce87322ae5ea80f193f109e5c607 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 24 21:02:26 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/10/24 00:49:49 + [moduli.c] + Periodically print progress and, if possible, expected time to completion + when screening moduli for DH groups. ok deraadt djm + +commit 5ecb41629860687b145be63b8877fabb6bae5eda +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 24 21:02:02 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/23 23:35:32 + [sshd.c] + include local address and port in "Connection from ..." message (only + shown at loglevel>=verbose) + +commit 03bf2e61ad6ac59a362a1f11b105586cb755c147 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 24 21:01:26 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/10/23 05:40:58 + [servconf.c] + fix comment + +commit 8f1873191478847773906af961c8984d02a49dd6 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 24 10:53:02 2013 +1100 + + - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check + rather than full client name which may be of form user@REALM; + patch from Miguel Sanders; ok dtucker@ + +commit 5b01b0dcb417eb615df77e7ce1b59319bf04342c +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 23 16:31:31 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/23 04:16:22 + [ssh-keygen.c] + Make code match documentation: relative-specified certificate expiry time + should be relative to current time and not the validity start time. + Reported by Petr Lautrbach; ok deraadt@ + +commit eff5cada589f25793dbe63a76aba9da39837a148 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 23 16:31:10 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/23 03:05:19 + [readconf.c ssh.c] + comment + +commit 084bcd24e9fe874020e4df4e073e7408e1b17fb7 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 23 16:30:51 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/23 03:03:07 + [readconf.c] + Hostname may have %h sequences that should be expanded prior to Match + evaluation; spotted by Iain Morgan + +commit 8e5a67f46916def40b2758bb7755350dd2eee843 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 23 16:30:25 2013 +1100 + + - jmc@cvs.openbsd.org 2013/10/20 18:00:13 + [ssh_config.5] + tweak the "exec" description, as worded by djm; + +commit c0049bd0bca02890cd792babc594771c563f91f2 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 23 16:29:59 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/20 09:51:26 + [scp.1 sftp.1] + add canonicalisation options to -o lists + +commit 8a04be795fc28514a09e55a54b2e67968f2e1b3a +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 23 16:29:40 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/20 06:19:28 + [readconf.c ssh_config.5] + rename "command" subclause of the recently-added "Match" keyword to + "exec"; it's shorter, clearer in intent and we might want to add the + ability to match against the command being executed at the remote end in + the future. + +commit 5c86ebdf83b636b6741db4b03569ef4a53b89a58 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 23 16:29:12 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/20 04:39:28 + [ssh_config.5] + document % expansions performed by "Match command ..." + +commit 4502f88774edc56194707167443f94026d3c7cfa +Author: Damien Miller <djm@mindrot.org> +Date: Fri Oct 18 10:17:36 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/17 22:08:04 + [sshd.c] + include remote port in bad banner message; bz#2162 + +commit 1edcbf65ebd2febeaf10a836468f35e519eed7ca +Author: Damien Miller <djm@mindrot.org> +Date: Fri Oct 18 10:17:17 2013 +1100 + + - jmc@cvs.openbsd.org 2013/10/17 07:35:48 + [sftp.1 sftp.c] + tweak previous; + +commit a176e1823013dd8533a20235b3a5131f0626f46b +Author: Damien Miller <djm@mindrot.org> +Date: Fri Oct 18 09:05:41 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/09 23:44:14 + [regress/Makefile regress/sftp-perm.sh] + regression test for sftp request white/blacklisting and readonly mode. + +commit e3ea09494dcfe7ba76536e95765c8328ecfc18fb +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 17 11:57:23 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/17 00:46:49 + [ssh.c] + rearrange check to reduce diff against -portable + (Id sync only) + +commit f29238e67471a7f1088a99c3c3dbafce76b790cf +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 17 11:48:52 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/17 00:30:13 + [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c] + fsync@openssh.com protocol extension for sftp-server + client support to allow calling fsync() faster successful transfer + patch mostly by imorgan AT nas.nasa.gov; bz#1798 + "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@ + +commit 51682faa599550a69d8120e5e2bdbdc0625ef4be +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 17 11:48:31 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/16 22:58:01 + [ssh.c ssh_config.5] + one I missed in previous: s/isation/ization/ + +commit 3850559be93f1a442ae9ed370e8c389889dd5f72 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 17 11:48:13 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/16 22:49:39 + [readconf.c readconf.h ssh.1 ssh.c ssh_config.5] + s/canonicalise/canonicalize/ for consistency with existing spelling, + e.g. authorized_keys; pointed out by naddy@ + +commit 607af3434b75acc7199a5d99d5a9c11068c01f27 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 17 11:47:51 2013 +1100 + + - jmc@cvs.openbsd.org 2013/10/16 06:42:25 + [ssh_config.5] + tweak previous; + +commit 0faf747e2f77f0f7083bcd59cbed30c4b5448444 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 17 11:47:23 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/16 02:31:47 + [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5] + [sshconnect.c sshconnect.h] + Implement client-side hostname canonicalisation to allow an explicit + search path of domain suffixes to use to convert unqualified host names + to fully-qualified ones for host key matching. + This is particularly useful for host certificates, which would otherwise + need to list unqualified names alongside fully-qualified ones (and this + causes a number of problems). + "looks fine" markus@ + +commit d77b81f856e078714ec6b0f86f61c20249b7ead4 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 17 11:39:00 2013 +1100 + + - jmc@cvs.openbsd.org 2013/10/15 14:10:25 + [ssh.1 ssh_config.5] + tweak previous; + +commit dcd39f29ce3308dc74a0ff27a9056205a932ce05 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 17 11:31:40 2013 +1100 + + - [ssh.c] g/c unused variable. + +commit 5359a628ce3763408da25d83271a8eddec597a0c +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:20:37 2013 +1100 + + - [ssh.c] g/c unused variable. + +commit 386feab0c4736b054585ee8ee372865d5cde8d69 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:14:49 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/14 23:31:01 + [ssh.c] + whitespace at EOL; pointed out by markus@ + +commit e9fc72edd6c313b670558cd5219601c38a949b67 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:14:12 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/14 23:28:23 + [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c] + refactor client config code a little: + add multistate option partsing to readconf.c, similar to servconf.c's + existing code. + move checking of options that accept "none" as an argument to readconf.c + add a lowercase() function and use it instead of explicit tolower() in + loops + part of a larger diff that was ok markus@ + +commit 194fd904d8597a274b93e075b2047afdf5a175d4 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:13:05 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/14 22:22:05 + [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5] + add a "Match" keyword to ssh_config that allows matching on hostname, + user and result of arbitrary commands. "nice work" markus@ + +commit 71df752de2a04f423b1cd18d961a79f4fbccbcee +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:12:02 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/14 21:20:52 + [session.c session.h] + Add logging of session starts in a useful format; ok markus@ feedback and + ok dtucker@ + +commit 6efab27109b82820e8d32a5d811adb7bfc354f65 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:07:05 2013 +1100 + + - jmc@cvs.openbsd.org 2013/10/14 14:18:56 + [sftp-server.8 sftp-server.c] + tweak previous; + ok djm + +commit 61c7de8a94156f6d7e9718ded9be8c65bb902b66 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:06:45 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/11 02:53:45 + [sftp-client.h] + obsolete comment + +commit 2f93d0556e4892208c9b072624caa8cc5ddd839d +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:06:27 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/11 02:52:23 + [sftp-client.c] + missed one arg reorder + +commit bda5c8445713ae592d969a5105ed1a65da22bc96 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 12:05:58 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/11 02:45:36 + [sftp-client.c] + rename flag arguments to be more clear and consistent. + reorder some internal function arguments to make adding additional flags + easier. + no functional change + +commit 61ee4d68ca0fcc793a826fc7ec70f3b8ffd12ab6 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 11:56:47 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/10 01:43:03 + [sshd.c] + bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly + updated; ok dtucker@ + +commit 73600e51af9ee734a19767e0c084bbbc5eb5b8da +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 11:56:25 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/10 00:53:25 + [sftp-server.c] + add -Q, -P and -p to usage() before jmc@ catches me + +commit 6eaeebf27d92f39a38c772aa3f20c2250af2dd29 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 15 11:55:57 2013 +1100 + + - djm@cvs.openbsd.org 2013/10/09 23:42:17 + [sftp-server.8 sftp-server.c] + Add ability to whitelist and/or blacklist sftp protocol requests by name. + Refactor dispatch loop and consolidate read-only mode checks. + Make global variables static, since sftp-server is linked into sshd(8). + ok dtucker@ + +commit df62d71e64d29d1054e7a53d1a801075ef70335f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Oct 10 10:32:39 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/10/08 11:42:13 + [dh.c dh.h] + Increase the size of the Diffie-Hellman groups requested for a each + symmetric key size. New values from NIST Special Publication 800-57 with + the upper limit specified by RFC4419. Pointed out by Peter Backes, ok + djm@. + +commit e6e52f8c5dc89a6767702e65bb595aaf7bc8991c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Oct 10 10:28:07 2013 +1100 + + - djm@cvs.openbsd.org 2013/09/19 01:26:29 + [sshconnect.c] + bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from + swp AT swp.pp.ru; ok dtucker@ + +commit 71152bc9911bc34a98810b2398dac20df3fe8de3 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Oct 10 10:27:21 2013 +1100 + + - djm@cvs.openbsd.org 2013/09/19 01:24:46 + [channels.c] + bz#1297 - tell the client (via packet_send_debug) when their preferred + listen address has been overridden by the server's GatewayPorts; + ok dtucker@ + +commit b59aaf3c4f3f449a4b86d8528668bd979be9aa5f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Oct 10 10:26:21 2013 +1100 + + - djm@cvs.openbsd.org 2013/09/19 00:49:12 + [sftp-client.c] + fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan + +commit 5d80e4522d6238bdefe9d0c634f0e6d35a241e41 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Oct 10 10:25:09 2013 +1100 + + - djm@cvs.openbsd.org 2013/09/19 00:24:52 + [progressmeter.c] + store the initial file offset so the progress meter doesn't freak out + when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@ + +commit ad92df7e5ed26fea85adfb3f95352d6cd8e86344 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Oct 10 10:24:11 2013 +1100 + + - sthen@cvs.openbsd.org 2013/09/16 11:35:43 + [ssh_config] + Remove gssapi config parts from ssh_config, as was already done for + sshd_config. Req by/ok ajacoutot@ + ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular + +commit 720711960b130d36dfdd3d50eb25ef482bdd000e +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 9 10:44:47 2013 +1100 + + - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c] + [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random + implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, + tested tim@ + +commit 9159310087a218e28940a592896808b8eb76a039 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 9 10:42:32 2013 +1100 + + - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull + in OpenBSD implementation of arc4random, shortly to replace the existing + bsd-arc4random.c + +commit 67f1d557a68d6fa8966a327d7b6dee3408cf0e72 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 9 09:33:08 2013 +1100 + + correct incorrect years in datestamps; from des + +commit f2bf36c3eb4d969f85ec8aa342e9aecb61cc8bb1 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Sep 22 19:02:40 2013 +1000 + + - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj + setting when handling SIGHUP to maintain behaviour over retart. Patch + from Matthew Ife. + +commit e90a06ae570fd259a2f5ced873c7f17390f535a5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Sep 18 15:09:38 2013 +1000 + + - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu. + +commit 13840e0103946982cee2a05c40697be7e57dca41 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 14 09:49:43 2013 +1000 + + - djm@cvs.openbsd.org 2013/09/13 06:54:34 + [channels.c] + avoid unaligned access in code that reused a buffer to send a + struct in_addr in a reply; simpler just use use buffer_put_int(); + from portable; spotted by and ok dtucker@ + +commit 70182522a47d283513a010338cd028cb80dac2ab +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 14 09:49:19 2013 +1000 + + - djm@cvs.openbsd.org 2013/09/12 01:41:12 + [clientloop.c] + fix connection crash when sending break (~B) on ControlPersist'd session; + ok dtucker@ + +commit ff9d6c2a4171ee32e8fe28fc3b86eb33bd5c845b +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 14 09:48:55 2013 +1000 + + - sthen@cvs.openbsd.org 2013/09/07 13:53:11 + [sshd_config] + Remove commented-out kerberos/gssapi config options from sample config, + kerberos support is currently not enabled in ssh in OpenBSD. Discussed with + various people; ok deraadt@ + ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular + +commit 8bab5e7b5ff6721d926b5ebf05a3a24489889c58 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 14 09:47:00 2013 +1000 + + - deraadt@cvs.openbsd.org 2013/09/02 22:00:34 + [ssh-keygen.c sshconnect1.c sshd.c] + All the instances of arc4random_stir() are bogus, since arc4random() + does this itself, inside itself, and has for a very long time.. Actually, + this was probably reducing the entropy available. + ok djm + ID SYNC ONLY for portable; we don't trust other arc4random implementations + to do this right. + +commit 61353b3208d548fab863e0e0ac5d2400ee5bb340 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 14 09:45:32 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/31 00:13:54 + [sftp.c] + make ^w match ksh behaviour (delete previous word instead of entire line) + +commit 660854859cad31d234edb9353fb7ca2780df8128 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 14 09:45:03 2013 +1000 + + - mikeb@cvs.openbsd.org 2013/08/28 12:34:27 + [ssh-keygen.c] + improve batch processing a bit by making use of the quite flag a bit + more often and exit with a non zero code if asked to find a hostname + in a known_hosts file and it wasn't there; + originally from reyk@, ok djm + +commit 045bda5cb8acf0eb9d71c275ee1247e3154fc9e5 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 14 09:44:37 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/22 19:02:21 + [sshd.c] + Stir PRNG after post-accept fork. The child gets a different PRNG state + anyway via rexec and explicit privsep reseeds, but it's good to be sure. + ok markus@ + +commit ed4af412da60a084891b20412433a27966613fb8 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 14 09:40:51 2013 +1000 + + add marker for 6.3p1 release at the point of the last included change + +commit 43968a8e66a0aa1afefb11665bf96f86b113f5d9 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 28 14:00:54 2013 +1000 + + - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits + until we have configure support. + +commit 04be8b9e53f8388c94b531ebc5d1bd6e10e930d1 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 28 12:49:43 2013 +1000 + + - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the + 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we + start to use them in the future. + +commit f2f6c315a920a256937e1b6a3702757f3195a592 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:44:58 2013 +1000 + + - jmc@cvs.openbsd.org 2013/08/20 06:56:07 + [ssh.1 ssh_config.5] + some proxyusefdpass tweaks; + +commit 1262b6638f7d01ab110fd373dd90d915c882fe1a +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:44:24 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/20 00:11:38 + [readconf.c readconf.h ssh_config.5 sshconnect.c] + Add a ssh_config ProxyUseFDPass option that supports the use of + ProxyCommands that establish a connection and then pass a connected + file descriptor back to ssh(1). This allows the ProxyCommand to exit + rather than have to shuffle data back and forth and enables ssh to use + getpeername, etc. to obtain address information just like it does with + regular directly-connected sockets. ok markus@ + +commit b7727df37efde4dbe4f5a33b19cbf42022aabf66 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:43:49 2013 +1000 + + - jmc@cvs.openbsd.org 2013/08/14 08:39:27 + [scp.1 ssh.1] + some Bx/Ox conversion; + From: Jan Stary + +commit d5d9d7b1fdacf0551de4c747728bd159be40590a +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:43:27 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/13 18:33:08 + [ssh-keygen.c] + another of the same typo + +commit d234afb0b3a8de1be78cbeafed5fc86912594c3c +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:42:58 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/13 18:32:08 + [ssh-keygen.c] + typo in error message; from Stephan Rickauer + +commit e0ee727b8281a7c2ae20630ce83f6b200b404059 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:42:35 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/09 03:56:42 + [sftp.c] + enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word; + matching ksh's relatively recent change. + +commit fec029f1dc2c338f3fae3fa82aabc988dc07868c +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:42:12 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/09 03:39:13 + [sftp-client.c] + two problems found by a to-be-committed regress test: 1) msg_id was not + being initialised so was starting at a random value from the heap + (harmless, but confusing). 2) some error conditions were not being + propagated back to the caller + +commit 036d30743fc914089f9849ca52d615891d47e616 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:41:46 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/09 03:37:25 + [sftp.c] + do getopt parsing for all sftp commands (with an empty optstring for + commands without arguments) to ensure consistent behaviour + +commit c7dba12bf95eb1d69711881a153cc286c1987663 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:41:15 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/08 05:04:03 + [sftp-client.c sftp-client.h sftp.c] + add a "-l" flag for the rename command to force it to use the silly + standard SSH_FXP_RENAME command instead of the POSIX-rename- like + posix-rename@openssh.com extension. + + intended for use in regress tests, so no documentation. + +commit 034f27a0c09e69fe3589045b41f03f6e345b63f5 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:40:44 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/08 04:52:04 + [sftp.c] + fix two year old regression: symlinking a file would incorrectly + canonicalise the target path. bz#2129 report from delphij AT freebsd.org + +commit c6895c5c67492144dd28589e5788f783be9152ed +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:40:21 2013 +1000 + + - jmc@cvs.openbsd.org 2013/08/07 06:24:51 + [sftp.1 sftp.c] + sort -a; + +commit a6d6c1f38ac9b4a5e1bd4df889e1020a8370ed55 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:40:01 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/06 23:06:01 + [servconf.c] + add cast to avoid format warning; from portable + +commit eec840673bce3f69ad269672fba7ed8ff05f154f +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:39:39 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/06 23:05:01 + [sftp.1] + document top-level -a option (the -a option to 'get' was already + documented) + +commit 02e878070d0eddad4e11f2c82644b275418eb112 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Aug 21 02:38:51 2013 +1000 + + - djm@cvs.openbsd.org 2013/08/06 23:03:49 + [sftp.c] + fix some whitespace at EOL + make list of commands an enum rather than a long list of defines + add -a to usage() + +commit acd2060f750c16d48b87b92a10b5a833227baf9d +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Aug 8 17:02:12 2013 +1000 + + - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt + removal. The "make clean" removes modpipe which is built by the top-level + directory before running the tests. Spotted by tim@ + +commit 9542de4547beebf707f3640082d471f1a85534c9 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Aug 8 12:50:06 2013 +1000 + + - (dtucker) [misc.c] Remove define added for fallback testing that was + mistakenly included in the previous commit. + +commit 94396b7f06f512a0acb230640d7f703fb802a9ee +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Aug 8 11:52:37 2013 +1000 + + - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime( + CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the + CLOCK_MONOTONIC define but don't actually support it. Found and tested + by Kevin Brott, ok djm. + +commit a5a3cbfa0fb8ef011d3e7b38910a13f6ebbb8818 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Aug 8 10:58:49 2013 +1000 + + - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt + since some platforms (eg really old FreeBSD) don't have it. Instead, + run "make clean" before a complete regress run. ok djm. + +commit f3ab2c5f9cf4aed44971eded3ac9eeb1344b2be5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Aug 4 21:48:41 2013 +1000 + + - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support + for building with older Heimdal versions. ok djm. + +commit ab3575c055adfbce70fa7405345cf0f80b07c827 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Aug 1 14:34:16 2013 +1000 + + - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134 + +commit c192a4c4f6da907dc0e67a3ca61d806f9a92c931 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Aug 1 14:29:20 2013 +1000 + + - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non- + blocking connecting socket will clear any stored errno that might + otherwise have been retrievable via getsockopt(). A hack to limit writes + to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap + it in an #ifdef. Diagnosis and patch from Ivo Raisr. + +commit 81f7cf1ec5bc2fd202eda05abc2e5361c54633c5 +Author: Tim Rice <tim@multitalents.net> +Date: Thu Jul 25 18:41:40 2013 -0700 + + more correct comment for last commit + +commit 0553ad76ffdff35fb31b9e6df935a71a1cc6daa2 +Author: Tim Rice <tim@multitalents.net> +Date: Thu Jul 25 16:03:16 2013 -0700 + + - (tim) [regress/forwarding.sh] Fix for building outside read only source tree. + +commit ed899eb597a8901ff7322cba809660515ec0d601 +Author: Tim Rice <tim@multitalents.net> +Date: Thu Jul 25 15:40:00 2013 -0700 + + - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on + Solaris and UnixWare. Feedback and OK djm@ + +commit e9e936d33b4b1d77ffbaace9438cb2f1469c1dc7 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 12:34:00 2013 +1000 + + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update version numbers + +commit d1e26cf391de31128b4edde118bff5fed98a90ea +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 12:11:18 2013 +1000 + + - djm@cvs.openbsd.org 2013/06/21 02:26:26 + [regress/sftp-cmds.sh regress/test-exec.sh] + unbreak sftp-cmds for renamed test data (s/ls/data/) + +commit 78d47b7c5b182e44552913de2b4b7e0363c8e3cc +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 12:08:46 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/10 21:56:43 + [regress/forwarding.sh] + Add test for forward config parsing + +commit fea440639e04cea9f2605375a41d654390369402 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 12:08:07 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/30 20:12:32 + [regress/test-exec.sh] + use ssh and sshd as testdata since it needs to be >256k for the rekey test + +commit 53435b2d8773a5d7c78359e9f7bf9df2d93b9ef5 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 11:57:15 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/25 00:57:37 + [version.h] + openssh-6.3 for release + +commit 0d032419ee6e1968fc1cb187af63bf3b77b506ea +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 11:56:52 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/25 00:56:52 + [sftp-client.c sftp-client.h sftp.1 sftp.c] + sftp support for resuming partial downloads; patch mostly by Loganaden + Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@ + +commit 98e27dcf581647b5bbe9780e8f59685d942d8ea3 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 11:55:52 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/25 00:29:10 + [ssh.c] + daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure + it is fully detached from its controlling terminal. based on debugging + +commit 94c9cd34d1590ea1d4bf76919a15b5688fa90ed1 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 11:55:39 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/22 12:20:02 + [umac.h] + oops, forgot to commit corresponding header change; + spotted by jsg and jasper + +commit c331dbd22297ab9bf351abee659893d139c9f28a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 11:55:20 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/22 05:00:17 + [umac.c] + make MAC key, data to be hashed and nonce for final hash const; + checked with -Wcast-qual + +commit c8669a8cd24952b3f16a44eac63d2b6ce8a6343a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 25 11:52:48 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/20 22:20:42 + [krl.c] + fix verification error in (as-yet usused) KRL signature checking path + +commit 63ddc899d28cf60045b560891894b9fbf6f822e9 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Jul 20 13:35:45 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/20 01:55:13 + [auth-krb5.c gss-serv-krb5.c gss-serv.c] + fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@ + +commit 1f0e86f23fcebb026371c0888402a981df2a61c4 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Jul 20 13:22:49 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/20 01:50:20 + [ssh-agent.c] + call cleanup_handler on SIGINT when in debug mode to ensure sockets + are cleaned up on manual exit; bz#2120 + +commit 3009d3cbb89316b1294fb5cedb54770b5d114d04 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Jul 20 13:22:31 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/20 01:44:37 + [ssh-keygen.c ssh.c] + More useful error message on missing current user in /etc/passwd + +commit 32ecfa0f7920db31471ca8c1f4adc20ae38ed9d6 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Jul 20 13:22:13 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/20 01:43:46 + [umac.c] + use a union to ensure correct alignment; ok deraadt + +commit 85b45e09188e7a7fc8f0a900a4c6a0f04a5720a7 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Jul 20 13:21:52 2013 +1000 + + - markus@cvs.openbsd.org 2013/07/19 07:37:48 + [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] + [servconf.h session.c sshd.c sshd_config.5] + add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, + or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 + ok djm@ + +commit d93340cbb6bc0fc0dbd4427e0cec6d994a494dd9 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:14:34 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/18 01:12:26 + [ssh.1] + be more exact wrt perms for ~/.ssh/config; bz#2078 + +commit bf836e535dc3a8050c1756423539bac127ee5098 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:14:13 2013 +1000 + + - schwarze@cvs.openbsd.org 2013/07/16 00:07:52 + [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8] + use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@ + +commit 649fe025a409d0ce88c60a068f3f211193c35873 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:13:55 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/12 05:48:55 + [ssh.c] + set TCP nodelay for connections started with -N; bz#2124 ok dtucker@ + +commit 5bb8833e809d827496dffca0dc2c223052c93931 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:13:37 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/12 05:42:03 + [ssh-keygen.c] + do_print_resource_record() can never be called with a NULL filename, so + don't attempt (and bungle) asking for one if it has not been specified + bz#2127 ok dtucker@ + +commit 7313fc9222785d0c54a7ffcaf2067f4db02c8d72 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:13:19 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/12 00:43:50 + [misc.c] + in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when + errno == 0. Avoids confusing error message in some broken resolver + cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker + +commit 746d1a6c524d2e90ebe98cc29e42573a3e1c3c1b +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:13:02 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/12 00:20:00 + [sftp.c ssh-keygen.c ssh-pkcs11.c] + fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ + +commit ce98654674648fb7d58f73edf6aa398656a2dba4 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:12:44 2013 +1000 + + - djm@cvs.openbsd.org 2013/07/12 00:19:59 + [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] + [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] + fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ + +commit 0d02c3e10e1ed16d6396748375a133d348127a2a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:12:06 2013 +1000 + + - markus@cvs.openbsd.org 2013/07/02 12:31:43 + [dh.c] + remove extra whitespace + +commit fecfd118d6c90df4fcd3cec7b14e4d3ce69a41d5 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:11:50 2013 +1000 + + - jmc@cvs.openbsd.org 2013/06/27 14:05:37 + [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] + do not use Sx for sections outwith the man page - ingo informs me that + stuff like html will render with broken links; + + issue reported by Eric S. Raymond, via djm + +commit bc35d92e78fd53c3f32cbdbdf89d8b1919788c50 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:11:25 2013 +1000 + + - djm@cvs.openbsd.org 2013/06/22 06:31:57 + [scp.c] + improved time_t overflow check suggested by guenther@ + +commit 8158441d01ab84f33a7e70e27f87c02cbf67e709 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:11:07 2013 +1000 + + - djm@cvs.openbsd.org 2013/06/21 05:43:10 + [scp.c] + make this -Wsign-compare clean after time_t conversion + +commit bbeb1dac550bad8e6aff9bd27113c6bd5ebb7413 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:10:49 2013 +1000 + + - djm@cvs.openbsd.org 2013/06/21 05:42:32 + [dh.c] + sprinkle in some error() to explain moduli(5) parse failures + +commit 7f2b438ca0b7c3b9684a03d7bf3eaf379da16de9 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:10:29 2013 +1000 + + - djm@cvs.openbsd.org 2013/06/21 00:37:49 + [ssh_config.5] + explicitly mention that IdentitiesOnly can be used with IdentityFile + to control which keys are offered from an agent. + +commit 20bdcd72365e8b3d51261993928cc47c5f0d7c8a +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:10:09 2013 +1000 + + - djm@cvs.openbsd.org 2013/06/21 00:34:49 + [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c] + for hostbased authentication, print the client host and user on + the auth success/failure line; bz#2064, ok dtucker@ + +commit 3071070b39e6d1722151c754cdc2b26640eaf45e +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:09:44 2013 +1000 + + - markus@cvs.openbsd.org 2013/06/20 19:15:06 + [krl.c] + don't leak the rdata blob on errors; ok djm@ + +commit 044bd2a7ddb0b6f6b716c87e57261572e2b89028 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:09:25 2013 +1000 + + - guenther@cvs.openbsd.org 2013/06/17 04:48:42 + [scp.c] + Handle time_t values as long long's when formatting them and when + parsing them from remote servers. + Improve error checking in parsing of 'T' lines. + + ok dtucker@ deraadt@ + +commit 9a6615542108118582f64b7161ca0e12176e3712 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 18 16:09:04 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/10 19:19:44 + [readconf.c] + revert 1.203 while we investigate crashes reported by okan@ + +commit b7482cff46e7e76bfb3cda86c365a08f58d4fca0 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jul 2 20:06:46 2013 +1000 + + - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config + contrib/cygwin/ssh-user-config] Modernizes and improve readability of + the Cygwin README file (which hasn't been updated for ages), drop + unsupported OSes from the ssh-host-config help text, and drop an + unneeded option from ssh-user-config. Patch from vinschen at redhat com. + +commit b8ae92d08b91beaef34232c6ef34b9941473fdd6 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jun 11 12:10:02 2013 +1000 + + - (dtucker) [myproposal.h] Make the conditional algorithm support consistent + and add some comments so it's clear what goes where. + +commit 97b62f41adcb0dcbeff142d0540793a7ea17c910 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jun 11 11:47:24 2013 +1000 + + - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have + the required OpenSSL support. Patch from naddy at freebsd. + +commit 6d8bd57448b45b42809da32857d7804444349ee7 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jun 11 11:26:10 2013 +1000 + + - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported + algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages. + +commit 36187093ea0b2d2240c043417b8949611687e105 +Author: Damien Miller <djm@mindrot.org> +Date: Mon Jun 10 13:07:11 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/07 15:37:52 + [channels.c channels.h clientloop.c] + Add an "ABANDONED" channel state and use for mux sessions that are + disconnected via the ~. escape sequence. Channels in this state will + be able to close if the server responds, but do not count as active channels. + This means that if you ~. all of the mux clients when using ControlPersist + on a broken network, the backgrounded mux master will exit when the + Control Persist time expires rather than hanging around indefinitely. + bz#1917, also reported and tested by tedu@. ok djm@ markus@. + +commit ae133d4b31af05bb232d797419f498f3ae7e9f2d +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:30:20 2013 +1000 + + - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for + platforms that don't have multibyte character support (specifically, + mblen). + +commit 408eaf3ab716096f8faf30f091bd54a2c7a17a09 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:22:46 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/05 22:00:28 + [readconf.c] + plug another memleak. bz#1967, from Zhenbo Xu, detected by Melton, ok djm + +commit e52a260f16888ca75390f97de4606943e61785e8 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:22:05 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/05 12:52:38 + [sshconnect2.c] + Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djm + +commit 0cca17fa1819d3a0ba06a6db41ab3eaa8d769587 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:21:14 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/05 02:27:50 + [sshd.c] + When running sshd -D, close stderr unless we have explicitly requesting + logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch + so, err, ok dtucker. + +commit 746e9067bd9b3501876e1c86f38f3c510a12f895 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:20:13 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/05 02:07:29 + [mux.c] + fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, + ok djm + +commit ea64721275a81c4788af36294d94bf4f74012e06 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:19:09 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/04 20:42:36 + [sftp.c] + Make sftp's libedit interface marginally multibyte aware by building up + the quoted string by character instead of by byte. Prevents failures + when linked against a libedit built with wide character support (bz#1990). + "looks ok" djm + +commit 194454d7a8f8cb8ac55f2b9d0199ef9445788bee +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:16:04 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/04 19:12:23 + [scp.c] + use MAXPATHLEN for buffer size instead of fixed value. ok markus + +commit 4ac66af091cf6db5a42c18e43738ca9c41e338e5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:12:37 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/03 00:03:18 + [mac.c] + force the MAC output to be 64-bit aligned so umac won't see unaligned + accesses on strict-alignment architectures. bz#2101, patch from + tomas.kuthan at oracle.com, ok djm@ + +commit ea8342c248ad6c0a4fe1a70de133f954973bd2b2 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:11:40 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/02 23:36:29 + [clientloop.h clientloop.c mux.c] + No need for the mux cleanup callback to be visible so restore it to static + and call it through the detach_user function pointer. ok djm@ + +commit 5d12b8f05d79ba89d0807910a664fa80f6f3bf8c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 08:09:10 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/02 21:01:51 + [channels.h] + typo in comment + +commit dc62edbf121c41e8b5270904091039450206d98a +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 05:12:35 2013 +1000 + + - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building + modpipe in case there's anything in there we need. + +commit 2a22873cd869679415104bc9f6bb154811ee604c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Jun 6 01:59:13 2013 +1000 + + - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the + forwarding test is extremely slow copying data on some machines so switch + back to copying the much smaller ls binary until we can figure out why + this is. + +commit b4e00949f01176cd4fae3e0cef5ffa8dea379042 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 5 22:48:44 2013 +1000 + + - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test. + Patch from cjwatson at debian. + +commit 2ea9eb77a7fcab3190564ef5a6a5377a600aa391 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Wed Jun 5 15:04:00 2013 +1000 + + - (dtucker) Enable sha256 kex methods based on the presence of the necessary + functions, not from the openssl version. + +commit 16cac190ebb9b5612cccea63a7c22ac33bc9a07a +Author: Darren Tucker <dtucker@zip.com.au> +Date: Tue Jun 4 12:55:24 2013 +1000 + + - (dtucker) [configure.ac] Some other platforms need sys/types.h before + sys/socket.h. + +commit 0b43ffe143a5843703c3755fa040b8684fb04134 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jun 3 09:30:44 2013 +1000 + + - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h. + +commit 3f3064c82238c486706471d300217d73dd0f125e +Author: Tim Rice <tim@multitalents.net> +Date: Sun Jun 2 15:13:09 2013 -0700 + + - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker + +commit 01ec0af301f60fefdd0079647f13ef9abadd2db5 +Author: Tim Rice <tim@multitalents.net> +Date: Sun Jun 2 14:31:27 2013 -0700 + + - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr. + feedback and ok dtucker + +commit 5ab9b63468100757479534edeb53f788a61fe08b +Author: Tim Rice <tim@multitalents.net> +Date: Sun Jun 2 14:05:48 2013 -0700 + + - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we + need a shell that can handle "[ file1 -nt file2 ]". Rather than keep + dealing with shell portability issues in regression tests, we let + configure find us a capable shell on those platforms with an old /bin/sh. + +commit 898ac935e56a7ac5d8b686c590fdb8b7aca27e59 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jun 3 02:03:25 2013 +1000 + + - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android. + Patch from Nathan Osman. + +commit ef4901c3eb98c7ab1342c3cd8f2638da1f4b0678 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Jun 3 01:59:13 2013 +1000 + + - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platforms + to prevent noise from configure. Patch from Nathan Osman. + +commit 073f795bc1c7728c320e5982c0d417376b0907f5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 23:47:11 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/02 13:35:58 + [ssh-agent.c] + Make parent_alive_interval time_t to avoid signed/unsigned comparison + +commit 00e1abb1ebe13ab24e812f68715f46e65e7c5271 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 23:46:24 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/02 13:33:05 + [progressmeter.c] + Add misc.h for monotime prototype. (id sync only) + +commit 86211d1738695e63b2a68f0c3a4f60e1a9d9bda3 +Author: Tim Rice <tim@multitalents.net> +Date: Sat Jun 1 18:38:23 2013 -0700 + + 20130602 + - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy + linking regress/modpipe. + +commit e9887d1c37940b9d6c72d55cfad7a40de4c6e28d +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 09:17:09 2013 +1000 + + - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday. + +commit 65cf74079a2d563c4ede649116a13ca78c8cc2a4 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 09:11:19 2013 +1000 + + fix typo + +commit c9a1991b95a4c9f04f9dcef299a8110d2ec80d3e +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 08:37:05 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/01 22:34:50 + [sftp-client.c] + Update progressmeter when data is acked, not when it's sent. bz#2108, from + Debian via Colin Watson, ok djm@ + +commit a710891659202c82545e84725d4e5cd77aef567c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 08:18:31 2013 +1000 + + - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall + back to time(NULL) if we can't find it anywhere. + +commit f60845fde29cead9d75e812db1c04916b4c58ffd +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 08:07:31 2013 +1000 + + - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c + groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c + sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c + openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c + openbsd-compat/port-linux.c] Replace portable-specific instances of xfree + with the equivalent calls to free. + +commit 12f6533215c0a36ab29d11ff52a853fce45573b4 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 08:01:24 2013 +1000 + + Remove stray '+' accidentally introduced in sync + +commit 3750fce6ac6b287f62584ac55a4406df95c71b92 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 07:52:21 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/01 20:59:25 + [scp.c sftp-client.c] + Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch + from Nathan Osman via bz#2113. ok deraadt. + + (note: corrected bug number from 2085) + +commit b759c9c2efebe7b416ab81093ca8eb17836b6933 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 07:46:16 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/06/01 13:15:52 + [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c + channels.c sandbox-systrace.c] + Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like + keepalives and rekeying will work properly over clock steps. Suggested by + markus@, "looks good" djm@. + +commit 55119253c64808b0d3b2ab5d2bc67ee9dac3430b +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 07:43:59 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/31 12:28:10 + [ssh-agent.c] + Use time_t where appropriate. ok djm + +commit 0acca3797d53d958d240c69a5f222f2aa8444858 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 07:41:51 2013 +1000 + + - djm@cvs.openbsd.org 2013/05/19 02:42:42 + [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] + Standardise logging of supplemental information during userauth. Keys + and ruser is now logged in the auth success/failure message alongside + the local username, remote host/port and protocol in use. Certificates + contents and CA are logged too. + Pushing all logging onto a single line simplifies log analysis as it is + no longer necessary to relate information scattered across multiple log + entries. "I like it" markus@ + +commit 74836ae0fabcc1a76b9d9eacd1629c88a054b2d0 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 07:32:00 2013 +1000 + + - djm@cvs.openbsd.org 2013/05/19 02:38:28 + [auth2-pubkey.c] + fix failure to recognise cert-authority keys if a key of a different type + appeared in authorized_keys before it; ok markus@ + +commit a627d42e51ffa71e014d7b2d2c07118122fd3ec3 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 07:31:17 2013 +1000 + + - djm@cvs.openbsd.org 2013/05/17 00:13:13 + [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c + ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c + gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c + auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c + servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c + auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c + sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c + kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c + kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c + monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c + ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c + sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c + ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c + dns.c packet.c readpass.c authfd.c moduli.c] + bye, bye xfree(); ok markus@ + +commit c7aad0058c957afeb26a3f703e8cb0eddeb62365 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 07:18:47 2013 +1000 + + - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS + rather than trying to enumerate the plaforms that don't have them. + Based on a patch from Nathan Osman, with help from tim@. + +commit c0c3373216801797053e123b5f62d35bf41b3611 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Sun Jun 2 06:28:03 2013 +1000 + + - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to + using openssl's DES_crpyt function on platorms that don't have a native + one, eg Android. Based on a patch from Nathan Osman. + +commit efdf5342143a887013a1daae583167dadf6752a7 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 30 08:29:08 2013 +1000 + + - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null + implementation of endgrent for platforms that don't have it (eg Android). + Loosely based on a patch from Nathan Osman, ok djm + +commit 9b42d327380e5cd04efde6fb70e1535fecedf0d7 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:48:59 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:35:43 + [regress/scp.sh] + use a file extention that's not special on some platforms. from portable + (id sync only) + +commit 0a404b0ed79ba45ccaf7ed5528a8f5004c3698cb +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:47:29 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:34:30 + [regress/portnum.sh] + use a more portable negated if structure. from portable (id sync only) + +commit 62ee222e6f3f5ee288434f58b5136ae3d56f5164 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:46:00 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:33:09 + [regress/agent-getpeereid.sh] + don't redirect stdout from sudo. from portable (id sync only) + +commit 00478d30cb4bcc18dc1ced8144d16b03cdf790f6 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:45:06 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:30:07 + [regress/test-exec.sh] + wait a bit longer for startup and use case for absolute path. + from portable (id sync only) + +commit 98989eb95eef0aefed7e9fb4e65c2f625be946f6 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:44:09 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:28:11 + [regress/sftp.sh] + only compare copied data if sftp succeeds. from portable (id sync only) + +commit 438f60eb9a5f7cd40bb242cfec865e4fde71b07c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:43:13 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:26:26 + [regress/sftp-badcmds.sh] + remove unused BATCH variable. (id sync only) + +commit 1466bd25a8d1ff7ae455a795d2d7d52dc17d2938 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:42:05 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:24:48 + [localcommand.sh] + use backticks for portability. (id sync only) + +commit 05b5e518c9969d63471f2ccfd85b1de6e724d30b +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:41:07 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:23:52 + [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh] + Use SUDO when cat'ing pid files and running the sshd log wrapper so that + it works with a restrictive umask and the pid files are not world readable. + Changes from -portable. (id sync only) + +commit dd669173f93ea8c8397e0af758eaf13ab4f1c591 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:39:57 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 10:16:26 + [regress/try-ciphers.sh] + use expr for math to keep diffs vs portable down + (id sync only) + +commit 044f32f4c6fd342f9f5949bb0ca77624c0db4494 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:12:57 2013 +1000 + + - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by + rev 1.6 which calls wait. + +commit 9cc8ff7b63f175661c8807006f6d2649d56ac402 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 20:01:52 2013 +1000 + + - (dtucker) [regress/runtests.sh] Remove obsolete test driver script. + +commit f8d5b3451726530a864b172c556c311370c244e1 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 19:53:25 2013 +1000 + + - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5 + helper function to the portable part of test-exec.sh. + +commit 6f66981ed3c6bb83b937959f329323975e356c33 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 19:28:51 2013 +1000 + + - (dtucker) [regress/test-exec.sh] Move the portable-specific functions + together and add a couple of missing lines from openbsd. + +commit 5f1a89a3b67264f4aa83e057cd4f74fd60b9ffa4 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 19:17:58 2013 +1000 + + - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh] + Move the jot helper function to portable-specific part of test-exec.sh. + +commit 96457a54d05dea81f34ecb4e059d2f8b98382b85 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 19:03:38 2013 +1000 + + - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd. + +commit 7f193236594e8328ad133ea05eded31f837b45b5 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 19:02:28 2013 +1000 + + - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd. + +commit 8654dd2d737800d09e7730b3dfc2a54411f4cf90 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 16:03:48 2013 +1000 + + - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits. + +commit 59d928d3b47e8298f4a8b4b3fb37fb8c8ce1b098 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 15:32:29 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 04:29:14 + [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh + regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh + regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh + regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh + regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh + regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh + regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh + regress/multiplex.sh] + Move the setting of DATA and COPY into test-exec.sh + +commit 34035be27b7ddd84706fe95c39d37cba7d5c9572 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 14:47:51 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 01:32:11 + [regress/integrity.sh] + don't print output from ssh before getting it (it's available in ssh.log) + +commit b8b96b0aa634d440feba4331c80ae4de9dda2081 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 14:46:20 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 01:16:09 + [regress/agent-timeout.sh] + Pull back some portability changes from -portable: + - TIMEOUT is a read-only variable in some shells + - not all greps have -q so redirect to /dev/null instead. + (ID sync only) + +commit a40d97ff46831c9081a6a4472036689360847fb1 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 14:44:53 2013 +1000 + + sync missing ID + +commit 56347efe796a0506e846621ae65562b978e45f1d +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 13:28:36 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/17 00:37:40 + [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh + regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh + regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh + regress/ssh-com.sh] + replace 'echo -n' with 'printf' since it's more portable + also remove "echon" hack. + +commit 91af05c5167fe0aa5bd41d2e4a83757d9f627c18 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 13:16:59 2013 +1000 + + - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange + methods. When the openssl version doesn't support ECDH then next one on + the list is DH group exchange, but that causes a bit more traffic which can + mean that the tests flip bits in the initial exchange rather than the MACed + traffic and we get different errors to what the tests look for. + +commit 6e1e60c3c2e16c32bb7ca0876caaa6182a4e4b2c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 11:23:41 2013 +1000 + + - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it + in portable and it's long gone in openbsd. + +commit 982b0cbc4c2b5ea14725f4b339393cdf343dd0fe +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:45:12 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 05:48:31 + [regress/rekey.sh] + add tests for RekeyLimit parsing + +commit 14490fe7b0f45b1b19f8a3dc10eb3d214f27f5bd +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:44:20 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 04:26:10 + [regress/rekey.sh] + add server-side rekey test + +commit c31c8729c15f83fba14ef9da0d66bda6215ff69a +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:43:33 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 03:33:30 + [regress/rekey.sh] + test rekeying when there's no data being transferred + +commit a8a62fcc46c19997797846197a6256ed9a777a47 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:42:34 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 02:10:35 + [rekey.sh] + Add test for time-based rekeying + +commit 5e95173715d516e6014485e2b6def1fb3db84036 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:41:33 2013 +1000 + + - djm@cvs.openbsd.org 2013/05/10 03:46:14 + [modpipe.c] + sync some portability changes from portable OpenSSH (id sync only) + +commit a4df65b9fc68a555a7d8781700475fb03ed6e694 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:37:31 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/04/22 07:28:53 + [multiplex.sh] + Add tests for -Oforward and -Ocancel for local and remote forwards + +commit 40aaff7e4bcb05b05e3d24938b6d34885be817da +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:36:20 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/04/22 07:23:08 + [multiplex.sh] + Write mux master logs to regress.log instead of ssh.log to keep separate + +commit f3568fc62b73b50a0a3c8447e4a00f4892cab25e +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:35:26 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/18 02:46:12 + [Makefile regress/sftp-chroot.sh] + test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@ + +commit dfea3bcdd7c980c2335402464b7dd8d8721e426d +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:31:39 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/04/07 02:16:03 + [regress/Makefile regress/rekey.sh regress/integrity.sh + regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh] + use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and + save the output from any failing tests. If a test fails the debug output + from ssh and sshd for the failing tests (and only the failing tests) should + be available in failed-ssh{,d}.log. + +commit 75129025a2d504b630d1718fef0da002f5662f63 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:19:10 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/04/06 06:00:22 + [regress/rekey.sh regress/test-exec.sh regress/integrity.sh + regress/multiplex.sh Makefile regress/cfgmatch.sh] + Split the regress log into 3 parts: the debug output from ssh, the debug + log from sshd and the output from the client command (ssh, scp or sftp). + Somewhat functional now, will become more useful when ssh/sshd -E is added. + +commit 7c8b1e72331293b4707dc6f7f68a69e975a3fa70 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:10:20 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/03/23 11:09:43 + [test-exec.sh] + Only regenerate host keys if they don't exist or if ssh-keygen has changed + since they were. Reduces test runtime by 5-30% depending on machine + speed. + +commit 712de4d1100963b11bc618472f95ce36bf7e2ae3 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 17 09:07:12 2013 +1000 + + - djm@cvs.openbsd.org 2013/03/07 00:20:34 + [regress/proxy-connect.sh] + repeat test with a style appended to the username + +commit 09c0f0325b2f538de9a1073e03b8ef26dece4c16 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:48:57 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 10:44:06 + [servconf.c] + remove another now-unused variable + +commit 9113d0c2381202412c912a20c8083ab7d6824ec9 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:48:14 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 10:43:34 + [servconf.c readconf.c] + remove now-unused variables + +commit e194ba4111ffd47cd1f4c8be1ddc8a4cb673d005 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:47:31 2013 +1000 + + - (dtucker) [configure.ac readconf.c servconf.c + openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled. + +commit b7ee8521448100e5b268111ff90feb017e657e44 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:33:10 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 09:12:31 + [readconf.c servconf.c] + switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@ + +commit dbee308253931f8c1aeebf781d7e7730ff6a0dc1 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:32:29 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 09:08:41 + [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] + Fix some "unused result" warnings found via clang and -portable. + ok markus@ + +commit 64d22946d664dad8165f1fae9e78b53831ed728d +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:31:29 2013 +1000 + + - jmc@cvs.openbsd.org 2013/05/16 06:30:06 + [sshd_config.5] + oops! avoid Xr to self; + +commit 63e0df2b936770baadc8844617b99e5174b476d0 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:30:31 2013 +1000 + + - jmc@cvs.openbsd.org 2013/05/16 06:28:45 + [ssh_config.5] + put IgnoreUnknown in the right place; + +commit 0763698f71efef8b3f8460c5700758359219eb7c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:30:03 2013 +1000 + + - djm@cvs.openbsd.org 2013/05/16 04:27:50 + [ssh_config.5 readconf.h readconf.c] + add the ability to ignore specific unrecognised ssh_config options; + bz#866; ok markus@ + +commit 5f96f3b4bee11ae2b9b32ff9b881c3693e210f96 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:29:28 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 04:09:14 + [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config + sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing + rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man + page. + +commit c53c2af173cf67fd1c26f98e7900299b1b65b6ec +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:28:16 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/16 02:00:34 + [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c + ssh_config.5 packet.h] + Add an optional second argument to RekeyLimit in the client to allow + rekeying based on elapsed time in addition to amount of traffic. + with djm@ jmc@, ok djm + +commit 64c6fceecd27e1739040b42de8f3759454260b39 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:27:14 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/10 10:13:50 + [ssh-pkcs11-helper.c] + remove unused extern optarg. ok markus@ + +commit caf00109346e4ab6bb495b0e22bc5b1e7ee22f26 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:26:18 2013 +1000 + + - djm@cvs.openbsd.org 2013/05/10 04:08:01 + [key.c] + memleak in cert_free(), wasn't actually freeing the struct; + bz#2096 from shm AT digitalsun.pl + +commit 7e831edbf7a1b0b9aeeb08328b9fceafaad1bf22 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:25:40 2013 +1000 + + add missing attribution + +commit 54da6be320495604ddf65d10ac4cc8cf7849c533 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:25:04 2013 +1000 + + - djm@cvs.openbsd.org 2013/05/10 03:40:07 + [sshconnect2.c] + fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from + +commit 5d8b702d95c0dfc338726fecfbb709695afd1377 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:24:23 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/05/06 07:35:12 + [sftp-server.8] + Reference the version of the sftp draft we actually implement. ok djm@ + +commit 026d9db3fbe311b5a7e98d62472cb666aa559648 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:23:52 2013 +1000 + + - tedu@cvs.openbsd.org 2013/04/24 16:01:46 + [misc.c] + remove extra parens noticed by nicm + +commit 2ca51bf140ef2c2409fd220778529dc17c11d8fa +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu May 16 20:22:46 2013 +1000 + + - tedu@cvs.openbsd.org 2013/04/23 17:49:45 + [misc.c] + use xasprintf instead of a series of strlcats and strdup. ok djm + +commit 6aa3eacc5e5f39702b6dd5b27970d9fd97bc2383 +Author: Damien Miller <djm@mindrot.org> +Date: Thu May 16 11:10:17 2013 +1000 + + - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be + executed if mktemp failed; bz#2105 ok dtucker@ + +commit c54e3e0741a27119b3badd8ff92b1988b7e9bd50 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 10 18:53:14 2013 +1000 + + - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so + we don't get a warning on compilers that *don't* support it. Add + -Wno-unknown-warning-option. Move both to the start of the list for + maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9. + +commit a75d247a18a5099c60226395354eb252c097ac86 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 10 18:11:55 2013 +1000 + + - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the + underlying libraries support them. + +commit 0abfb559e3f79d1f217773510d7626c3722aa3c1 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 10 18:08:49 2013 +1000 + + - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c + openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb + in to use it when we're using our own getopt. + +commit ccfdfceacb7e23d1479ed4cc91976c5ac6e23c56 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 10 16:28:55 2013 +1000 + + - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c + openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add + portability code to getopt_long.c and switch over Makefile and the ugly + hack in modpipe.c. Fixes bz#1448. + +commit 39332020078aa8fd4fc28e00b336438dc64b0f5a +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 10 15:38:11 2013 +1000 + + - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No + portability changes yet. + +commit 35b2fe99bee4f332d1c1efa49107cdb3c67da07a +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 10 15:35:26 2013 +1000 + + - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to + getopt.c. Preprocessed source is identical other than line numbers. + +commit abbc7a7c02e45787d023f50a30f62d7a3e14fe9e +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri May 10 13:54:23 2013 +1000 + + - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler + supports it. Mentioned by Colin Watson in bz#2100, ok djm. + +commit bc02f163f6e882d390abfb925b47b41e13ae523b +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 19:25:49 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/04/22 01:17:18 + [mux.c] + typo in debug output: evitval->exitval + +commit f8b894e31dc3530c7eb6d0a378848260d54f74c4 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 19:25:29 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/19 12:07:08 + [kex.c] + remove duplicated list entry pointed out by naddy@ + +commit 34bd20a1e53b63ceb01f06c1654d9112e6784b0a +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 19:25:00 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/19 11:10:18 + [ssh.c] + add -Q to usage; reminded by jmc@ + +commit ea11119eee3c5e2429b1f5f8688b25b028fa991a +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 19:24:32 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/19 01:06:50 + [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] + [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] + add the ability to query supported ciphers, MACs, key type and KEX + algorithms to ssh. Includes some refactoring of KEX and key type handling + to be table-driven; ok markus@ + +commit a56086b9903b62c1c4fdedf01b68338fe4dc90e4 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:24:18 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/19 01:03:01 + [session.c] + reintroduce 1.262 without the connection-killing bug: + fatal() when ChrootDirectory specified by running without root privileges; + ok markus@ + +commit 0d6771b4648889ae5bc4235f9e3fc6cd82b710bd +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:23:24 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/19 01:01:00 + [ssh-keygen.c] + fix some memory leaks; bz#2088 ok dtucker@ + +commit 467b00c38ba244f9966466e57a89d003f3afb159 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:23:07 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/19 01:00:10 + [sshd_config.5] + document the requirment that the AuthorizedKeysCommand be owned by root; + ok dtucker@ markus@ + +commit 9303e6527bb5ca7630c765f28624702c212bfd6c +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:22:40 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/18 02:16:07 + [sftp.c] + make "sftp -q" do what it says on the sticker: hush everything but errors; + +commit f1a02aea35504e8bef2ed9eef6f9ddeab12bacb3 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:22:13 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/04/17 09:04:09 + [session.c] + revert rev 1.262; it fails because uid is already set here. ok djm@ + +commit d5edefd27a30768cc7a4817302e964b6cb2f9be7 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:21:39 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/11 02:27:50 + [packet.c] + quiet disconnect notifications on the server from error() back to logit() + if it is a normal client closure; bz#2057 ok+feedback dtucker@ + +commit 6901032b05291fc5d2bd4067fc47904de3506fda +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:21:24 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/04/07 09:40:27 + [sshd.8] + clarify -e text. suggested by & ok jmc@ + +commit 03d4d7e60b16f913c75382e32e136ddfa8d6485f +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:21:06 2013 +1000 + + - dtucker@cvs.openbsd.org 2013/04/07 02:10:33 + [log.c log.h ssh.1 ssh.c sshd.8 sshd.c] + Add -E option to ssh and sshd to append debugging logs to a specified file + instead of stderr or syslog. ok markus@, man page help jmc@ + +commit 37f1c08473b1ef2a188ee178ce2e11e841f88563 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:20:43 2013 +1000 + + - markus@cvs.openbsd.org 2013/04/06 16:07:00 + [channels.c sshd.c] + handle ECONNABORTED for accept(); ok deraadt some time ago... + +commit 172859cff7df9fd8a29a1f0a4de568f644bbda50 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:19:27 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/05 00:58:51 + [mux.c] + cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too + (in addition to ones already in OPEN); bz#2079, ok dtucker@ + +commit 9f12b5dcd5f7772e633fb2786c63bfcbea1f1aea +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:19:11 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/05 00:31:49 + [pathnames.h] + use the existing _PATH_SSH_USER_RC define to construct the other + pathnames; bz#2077, ok dtucker@ (no binary change) + +commit d677ad14ff7efedf21745ee1694058350e758e18 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:18:51 2013 +1000 + + - djm@cvs.openbsd.org 2013/04/05 00:14:00 + [auth2-gss.c krl.c sshconnect2.c] + hush some {unused, printf type} warnings + +commit 508b6c3d3b95c8ec078fd4801368597ab29b2db9 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:18:28 2013 +1000 + + - djm@cvs.openbsd.org 2013/03/08 06:32:58 + [ssh.c] + allow "ssh -f none ..." ok markus@ + +commit 91a55f28f35431f9000b95815c343b5a18fda712 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:18:10 2013 +1000 + + - markus@cvs.openbsd.org 2013/03/07 19:27:25 + [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] + add submethod support to AuthenticationMethods; ok and freedback djm@ + +commit 4ce189d9108c62090a0dd5dea973d175328440db +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:17:52 2013 +1000 + + - djm@cvs.openbsd.org 2013/03/07 00:19:59 + [auth2-pubkey.c monitor.c] + reconstruct the original username that was sent by the client, which may + have included a style (e.g. "root:skey") when checking public key + signatures. Fixes public key and hostbased auth when the client specified + a style; ok markus@ + +commit 5cbec4c25954b184e43bf3d3ac09e65eb474f5f9 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:17:12 2013 +1000 + + - djm@cvs.openbsd.org 2013/03/06 23:36:53 + [readconf.c] + g/c unused variable (-Wunused) + +commit 998cc56b65682d490c9bbf5977dceb1aa84a0233 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:16:43 2013 +1000 + + - djm@cvs.openbsd.org 2013/03/06 23:35:23 + [session.c] + fatal() when ChrootDirectory specified by running without root privileges; + ok markus@ + +commit 62e9c4f9b6027620f9091a2f43328e057bdb33f1 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 15:15:49 2013 +1000 + + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2013/03/05 20:16:09 + [sshconnect2.c] + reset pubkey order on partial success; ok djm@ + +commit 6332da2ae88db623d7da8070dd807efa26d9dfe8 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 23 14:25:52 2013 +1000 + + - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support + platforms, such as Android, that lack struct passwd.pw_gecos. Report + and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@ + +commit ce1c9574fcfaf753a062276867335c1e237f725c +Author: Darren Tucker <dtucker@zip.com.au> +Date: Thu Apr 18 21:36:19 2013 +1000 + + - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from + unused argument warnings (in particular, -fno-builtin-memset) from clang. + +commit bc68f2451b836e6a3fa65df8774a8b1f10049ded +Author: Damien Miller <djm@mindrot.org> +Date: Thu Apr 18 11:26:25 2013 +1000 + + - (djm) [config.guess config.sub] Update to last versions before they switch + to GPL3. ok dtucker@ + +commit 15fd19c4c9943cf02bc6f462d52c86ee6a8f422e +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Apr 5 11:22:26 2013 +1100 + + - djm@cvs.openbsd.org 2013/02/22 22:09:01 + [ssh.c] + Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier + version) + +commit 5d1d9541a7c83963cd887b6b36e25b46463a05d4 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Apr 5 11:20:00 2013 +1100 + + - markus@cvs.openbsd.org 2013/02/22 19:13:56 + [sshconnect.c] + support ProxyCommand=- (stdin/out already point to the proxy); ok djm@ + +commit aefa3682431f59cf1ad9a0f624114b135135aa44 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Apr 5 11:18:35 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/02/22 04:45:09 + [ssh.c readconf.c readconf.h] + Don't complain if IdentityFiles specified in system-wide configs are + missing. ok djm, deraadt + +commit f3c38142435622d056582e851579d8647a233c7f +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Apr 5 11:16:52 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/02/19 02:12:47 + [krl.c] + Remove bogus include. ok djm + (id sync only) + +commit 1910478c2d2c3d0e1edacaeff21ed388d70759e9 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Apr 5 11:13:08 2013 +1100 + + - dtucker@cvs.openbsd.org 2013/02/17 23:16:57 + [readconf.c ssh.c readconf.h sshconnect2.c] + Keep track of which IndentityFile options were manually supplied and which + were default options, and don't warn if the latter are missing. + ok markus@ + +commit c9627cdbc65b25da943f24e6a953da899f08eefc +Author: Darren Tucker <dtucker@zip.com.au> +Date: Mon Apr 1 12:40:48 2013 +1100 + + - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h + to avoid conflicting definitions of __int64, adding the required bits. + Patch from Corinna Vinschen. + +commit 75db01d2ce29a85f8e5a2aff2011446896cf3f8a +Author: Tim Rice <tim@multitalents.net> +Date: Fri Mar 22 10:14:32 2013 -0700 + + - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit. + +commit 221b4b2436ac78a65c3b775c25ccd396a1fed208 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Mar 22 12:51:09 2013 +1100 + + - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before + defining it again. Prevents warnings if someone, eg, sets it in CFLAGS. + +commit c8a0f27c6d761d1335d13ed84d773e9ddf1d95c8 +Author: Darren Tucker <dtucker@zip.com.au> +Date: Fri Mar 22 12:49:14 2013 +1100 + + - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype. + +commit eed8dc261018aea4d6b8606ca3addc9f8cf9ed1e +Author: Damien Miller <djm@mindrot.org> +Date: Fri Mar 22 10:25:22 2013 +1100 + + - (djm) Release 6.2p1 + +commit 83efe7c86168cc07b8e6cc6df6b54f7ace3b64a3 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Mar 22 10:17:36 2013 +1100 + + - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil + Hands' greatly revised version. + +commit 63b4bcd04e1c57b77eabb4e4d359508a4b2af685 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Mar 20 12:55:14 2013 +1100 + + - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c] + [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's + so mark it as broken. Patch from des AT des.no |