From 0c80faa259cc48986b7f44190d4775041aaae6ad Mon Sep 17 00:00:00 2001 From: des Date: Thu, 21 Jan 2016 11:54:34 +0000 Subject: [PATCH] Upgrade to OpenSSH 7.1p2. --- crypto/openssh/ChangeLog | 1933 ++------------------ crypto/openssh/README | 6 +- crypto/openssh/auth.c | 4 +- crypto/openssh/bitmap.c | 2 +- crypto/openssh/compat.c | 15 +- crypto/openssh/contrib/README | 2 +- crypto/openssh/contrib/redhat/openssh.spec | 2 +- crypto/openssh/contrib/suse/openssh.spec | 2 +- crypto/openssh/dns.c | 4 +- crypto/openssh/kex.c | 10 +- crypto/openssh/mux.c | 6 +- crypto/openssh/packet.c | 7 +- crypto/openssh/sftp-server.c | 6 +- crypto/openssh/sftp.c | 6 +- crypto/openssh/ssh-keygen.1 | 8 +- crypto/openssh/ssh-keygen.c | 5 +- crypto/openssh/ssh-pkcs11-helper.c | 6 +- crypto/openssh/ssh_config | 2 +- crypto/openssh/ssh_config.5 | 8 +- crypto/openssh/sshbuf-getput-crypto.c | 12 +- crypto/openssh/sshbuf-misc.c | 10 +- crypto/openssh/sshbuf.c | 12 +- crypto/openssh/sshconnect.c | 4 +- crypto/openssh/sshd.c | 10 +- crypto/openssh/sshd_config | 2 +- crypto/openssh/sshd_config.5 | 12 +- crypto/openssh/sshkey.c | 3 +- crypto/openssh/version.h | 8 +- 28 files changed, 301 insertions(+), 1806 deletions(-) diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog index ed050211565..35a1a76b146 100644 --- a/crypto/openssh/ChangeLog +++ b/crypto/openssh/ChangeLog @@ -1,3 +1,204 @@ +commit c88ac102f0eb89f2eaa314cb2e2e0ca3c890c443 +Author: Damien Miller +Date: Thu Jan 14 11:08:19 2016 +1100 + + bump version numbers + +commit 302bc21e6fadacb04b665868cd69b625ef69df90 +Author: Damien Miller +Date: Thu Jan 14 11:04:04 2016 +1100 + + openssh-7.1p2 + +commit 6b33763242c063e4e0593877e835eeb1fd1b60aa +Author: Damien Miller +Date: Thu Jan 14 11:02:58 2016 +1100 + + forcibly disable roaming support in the client + +commit 34d364f0d2e1e30a444009f0e04299bb7c94ba13 +Author: djm@openbsd.org +Date: Mon Oct 5 17:11:21 2015 +0000 + + upstream commit + + some more bzero->explicit_bzero, from Michael McConville + + Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0 + +commit 8f5b93026797b9f7fba90d0c717570421ccebbd3 +Author: guenther@openbsd.org +Date: Fri Sep 11 08:50:04 2015 +0000 + + upstream commit + + Use explicit_bzero() when zeroing before free() + + from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu) + ok millert@ djm@ + + Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50 + +commit d77148e3a3ef6c29b26ec74331455394581aa257 +Author: djm@openbsd.org +Date: Sun Nov 8 21:59:11 2015 +0000 + + upstream commit + + fix OOB read in packet code caused by missing return + statement found by Ben Hawkes; ok markus@ deraadt@ + + Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62 + +commit 076d849e17ab12603627f87b301e2dca71bae518 +Author: Damien Miller +Date: Sat Nov 14 18:44:49 2015 +1100 + + read back from libcrypto RAND when privdropping + + makes certain libcrypto implementations cache a /dev/urandom fd + in preparation of sandboxing. Based on patch by Greg Hartman. + +commit f72adc0150011a28f177617a8456e1f83733099d +Author: djm@openbsd.org +Date: Sun Dec 13 22:42:23 2015 +0000 + + upstream commit + + unbreak connections with peers that set + first_kex_follows; fix from Matt Johnston va bz#2515 + + Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b + +commit 04bd8d019ccd906cac1a2b362517b8505f3759e6 +Author: djm@openbsd.org +Date: Tue Jan 12 23:42:54 2016 +0000 + + upstream commit + + use explicit_bzero() more liberally in the buffer code; ok + deraadt + + Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf + +commit e91346dc2bbf460246df2ab591b7613908c1b0ad +Author: Damien Miller +Date: Fri Aug 21 14:49:03 2015 +1000 + + we don't use Github for issues/pull-requests + +commit a4f5b507c708cc3dc2c8dd2d02e4416d7514dc23 +Author: Damien Miller +Date: Fri Aug 21 14:43:55 2015 +1000 + + fix URL for connect.c + +commit d026a8d3da0f8186598442997c7d0a28e7275414 +Author: Damien Miller +Date: Fri Aug 21 13:47:10 2015 +1000 + + update version numbers for 7.1 + +commit 78f8f589f0ca1c9f41e5a9bae3cda5ce8a6b42ed +Author: djm@openbsd.org +Date: Fri Aug 21 03:45:26 2015 +0000 + + upstream commit + + openssh-7.1 + + Upstream-ID: ff7b1ef4b06caddfb45e08ba998128c88be3d73f + +commit 32a181980c62fce94f7f9ffaf6a79d90f0c309cf +Author: djm@openbsd.org +Date: Fri Aug 21 03:42:19 2015 +0000 + + upstream commit + + fix inverted logic that broke PermitRootLogin; reported + by Mantas Mikulenas; ok markus@ + + Upstream-ID: 260dd6a904c1bb7e43267e394b1c9cf70bdd5ea5 + +commit ce445b0ed927e45bd5bdce8f836eb353998dd65c +Author: deraadt@openbsd.org +Date: Thu Aug 20 22:32:42 2015 +0000 + + upstream commit + + Do not cast result of malloc/calloc/realloc* if stdlib.h + is in scope ok krw millert + + Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667 + +commit 05291e5288704d1a98bacda269eb5a0153599146 +Author: naddy@openbsd.org +Date: Thu Aug 20 19:20:06 2015 +0000 + + upstream commit + + In the certificates section, be consistent about using + "host_key" and "user_key" for the respective key types. ok sthen@ deraadt@ + + Upstream-ID: 9e037ea3b15577b238604c5533e082a3947f13cb + +commit 8543d4ef6f2e9f98c3e6b77c894ceec30c5e4ae4 +Author: djm@openbsd.org +Date: Wed Aug 19 23:21:42 2015 +0000 + + upstream commit + + Better compat matching for WinSCP, add compat matching + for FuTTY (fork of PuTTY); ok markus@ deraadt@ + + Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389 + +commit ec6eda16ebab771aa3dfc90629b41953b999cb1e +Author: djm@openbsd.org +Date: Wed Aug 19 23:19:01 2015 +0000 + + upstream commit + + fix double-free() in error path of DSA key generation + reported by Mateusz Kocielski; ok markus@ + + Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c + +commit 45b0eb752c94954a6de046bfaaf129e518ad4b5b +Author: djm@openbsd.org +Date: Wed Aug 19 23:18:26 2015 +0000 + + upstream commit + + fix free() of uninitialised pointer reported by Mateusz + Kocielski; ok markus@ + + Upstream-ID: 519552b050618501a06b7b023de5cb104e2c5663 + +commit c837643b93509a3ef538cb6624b678c5fe32ff79 +Author: djm@openbsd.org +Date: Wed Aug 19 23:17:51 2015 +0000 + + upstream commit + + fixed unlink([uninitialised memory]) reported by Mateusz + Kocielski; ok markus@ + + Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109 + +commit 1f8d3d629cd553031021068eb9c646a5f1e50994 +Author: jmc@openbsd.org +Date: Fri Aug 14 15:32:41 2015 +0000 + + upstream commit + + match myproposal.h order; from brian conway (i snuck in a + tweak while here) + + ok dtucker + + Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67 + commit 1dc8d93ce69d6565747eb44446ed117187621b26 Author: deraadt@openbsd.org Date: Thu Aug 6 14:53:21 2015 +0000 @@ -7412,1735 +7613,3 @@ Date: Thu Jan 16 18:42:10 2014 +1100 [sftp-client.c] needless and incorrect cast to size_t can break resumption of large download; patch from tobias@ - -commit 91b580e4bec55118bf96ab3cdbe5a50839e75d0a -Author: Damien Miller -Date: Sun Jan 12 19:21:22 2014 +1100 - - - djm@cvs.openbsd.org 2014/01/12 08:13:13 - [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c] - [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c] - avoid use of OpenSSL BIGNUM type and functions for KEX with - Curve25519 by adding a buffer_put_bignum2_from_string() that stores - a string using the bignum encoding rules. Will make it easier to - build a reduced-feature OpenSSH without OpenSSL in the future; - ok markus@ - -commit af5d4481f4c7c8c3c746e68b961bb85ef907800e -Author: Damien Miller -Date: Sun Jan 12 19:20:47 2014 +1100 - - - djm@cvs.openbsd.org 2014/01/10 05:59:19 - [sshd_config] - the /etc/ssh/ssh_host_ed25519_key is loaded by default too - -commit 58cd63bc63038acddfb4051ed14e11179d8f4941 -Author: Damien Miller -Date: Fri Jan 10 10:59:24 2014 +1100 - - - djm@cvs.openbsd.org 2014/01/09 23:26:48 - [sshconnect.c sshd.c] - ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient, - deranged and might make some attacks on KEX easier; ok markus@ - -commit b3051d01e505c9c2dc00faab472a0d06fa6b0e65 -Author: Damien Miller -Date: Fri Jan 10 10:58:53 2014 +1100 - - - djm@cvs.openbsd.org 2014/01/09 23:20:00 - [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c] - [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c] - [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c] - [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c] - Introduce digest API and use it to perform all hashing operations - rather than calling OpenSSL EVP_Digest* directly. Will make it easier - to build a reduced-feature OpenSSH without OpenSSL in future; - feedback, ok markus@ - -commit e00e413dd16eb747fb2c15a099971d91c13cf70f -Author: Damien Miller -Date: Fri Jan 10 10:40:45 2014 +1100 - - - guenther@cvs.openbsd.org 2014/01/09 03:26:00 - [sftp-common.c] - When formating the time for "ls -l"-style output, show dates in the future - with the year, and rearrange a comparison to avoid a potentional signed - arithmetic overflow that would give the wrong result. - - ok djm@ - -commit 3e49853650448883685cfa32fa382d0ba6d51d48 -Author: Damien Miller -Date: Fri Jan 10 10:37:05 2014 +1100 - - - tedu@cvs.openbsd.org 2014/01/04 17:50:55 - [mac.c monitor_mm.c monitor_mm.h xmalloc.c] - use standard types and formats for size_t like variables. ok dtucker - -commit a9c1e500ef609795cbc662848edb1a1dca279c81 -Author: Damien Miller -Date: Wed Jan 8 16:13:12 2014 +1100 - - - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@ - -commit 324541e5264e1489ca0babfaf2b39612eb80dfb3 -Author: Damien Miller -Date: Tue Dec 31 12:25:40 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/30 23:52:28 - [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] - [sshconnect.c sshconnect2.c sshd.c] - refuse RSA keys from old proprietary clients/servers that use the - obsolete RSA+MD5 signature scheme. it will still be possible to connect - with these clients/servers but only DSA keys will be accepted, and we'll - deprecate them entirely in a future release. ok markus@ - -commit 9f4c8e797ea002a883307ca906f1f1f815010e78 -Author: Damien Miller -Date: Sun Dec 29 17:57:46 2013 +1100 - - - (djm) [regress/Makefile] Add some generated files for cleaning - -commit 106bf1ca3c7a5fdc34f9fd7a1fe651ca53085bc5 -Author: Damien Miller -Date: Sun Dec 29 17:54:03 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 05:57:02 - [sshconnect.c] - when showing other hostkeys, don't forget Ed25519 keys - -commit 0fa47cfb32c239117632cab41e4db7d3e6de5e91 -Author: Damien Miller -Date: Sun Dec 29 17:53:39 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 05:42:16 - [ssh.c] - don't forget to load Ed25519 certs too - -commit b9a95490daa04cc307589897f95bfaff324ad2c9 -Author: Damien Miller -Date: Sun Dec 29 17:50:15 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 04:35:50 - [authfile.c] - don't refuse to load Ed25519 certificates - -commit f72cdde6e6fabc51d2a62f4e75b8b926d9d7ee89 -Author: Damien Miller -Date: Sun Dec 29 17:49:55 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 04:29:25 - [authfd.c] - allow deletion of ed25519 keys from the agent - -commit 29ace1cb68cc378a464c72c0fd67aa5f9acd6b5b -Author: Damien Miller -Date: Sun Dec 29 17:49:31 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 04:20:04 - [key.c] - to make sure we don't omit any key types as valid CA keys again, - factor the valid key type check into a key_type_is_valid_ca() - function - -commit 9de4fcdc5a9cff48d49a3e2f6194d3fb2d7ae34d -Author: Damien Miller -Date: Sun Dec 29 17:49:13 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 02:49:52 - [key.c] - correct comment for key_drop_cert() - -commit 5baeacf8a80f054af40731c6f92435f9164b8e02 -Author: Damien Miller -Date: Sun Dec 29 17:48:55 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 02:37:04 - [key.c] - correct comment for key_to_certified() - -commit 83f2fe26cb19330712c952eddbd3c0b621674adc -Author: Damien Miller -Date: Sun Dec 29 17:48:38 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/29 02:28:10 - [key.c] - allow ed25519 keys to appear as certificate authorities - -commit 06122e9a74bb488b0fe0a8f64e1135de870f9cc0 -Author: Damien Miller -Date: Sun Dec 29 17:48:15 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/27 22:37:18 - [ssh-rsa.c] - correct comment - -commit 3e19295c3a253c8dc8660cf45baad7f45fccb969 -Author: Damien Miller -Date: Sun Dec 29 17:47:50 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/27 22:30:17 - [ssh-dss.c ssh-ecdsa.c ssh-rsa.c] - make the original RSA and DSA signing/verification code look more like - the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type - rather than tediously listing all variants, use __func__ for debug/ - error messages - -commit 137977180be6254639e2c90245763e6965f8d815 -Author: Damien Miller -Date: Sun Dec 29 17:47:14 2013 +1100 - - - tedu@cvs.openbsd.org 2013/12/21 07:10:47 - [ssh-keygen.1] - small typo - -commit 339a48fe7ffb3186d22bbaa9efbbc3a053e602fd -Author: Damien Miller -Date: Sun Dec 29 17:46:49 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 22:57:13 - [poly1305.c poly1305.h] - use full name for author, with his permission - -commit 0b36c83148976c7c8268f4f41497359e2fb26251 -Author: Damien Miller -Date: Sun Dec 29 17:45:51 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 01:19:41 - [ssh-agent.c] - bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent - that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; - ok dtucker - -commit 4def184e9b6c36be6d965a9705632fc4c0c2a8af -Author: Damien Miller -Date: Sun Dec 29 17:45:26 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 01:04:36 - [channels.c] - bz#2147: fix multiple remote forwardings with dynamically assigned - listen ports. In the s->c message to open the channel we were sending - zero (the magic number to request a dynamic port) instead of the actual - listen port. The client therefore had no way of discriminating between - them. - - Diagnosis and fix by ronf AT timeheart.net - -commit bf25d114e23a803f8feca8926281b1aaedb6191b -Author: Damien Miller -Date: Sun Dec 29 17:44:56 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 00:27:57 - [auth-options.c] - simplify freeing of source-address certificate restriction - -commit bb3dafe7024a5b4e851252e65ee35d45b965e4a8 -Author: Damien Miller -Date: Sun Dec 29 17:44:29 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/12/19 00:19:12 - [serverloop.c] - Cast client_alive_interval to u_int64_t before assinging to - max_time_milliseconds to avoid potential integer overflow in the timeout. - bz#2170, patch from Loganaden Velvindron, ok djm@ - -commit ef275ead3dcadde4db1efe7a0aa02b5e618ed40c -Author: Damien Miller -Date: Sun Dec 29 17:44:07 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/19 00:10:30 - [ssh-add.c] - skip requesting smartcard PIN when removing keys from agent; bz#2187 - patch from jay AT slushpupie.com; ok dtucker - -commit 7d97fd9a1cae778c3eacf16e09f5da3689d616c6 -Author: Damien Miller -Date: Sun Dec 29 17:40:18 2013 +1100 - - - (djm) [loginrec.c] Check for username truncation when looking up lastlog - entries - -commit 77244afe3b6d013b485e0952eaab89b9db83380f -Author: Darren Tucker -Date: Sat Dec 21 17:02:39 2013 +1100 - - 20131221 - - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. - -commit 53f8e784dc431a82d31c9b0e95b144507f9330e9 -Author: Darren Tucker -Date: Thu Dec 19 11:31:44 2013 +1100 - - - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item(). - Patch from Loganaden Velvindron. - -commit 1fcec9d4f265e38af248c4c845986ca8c174bd68 -Author: Darren Tucker -Date: Thu Dec 19 11:00:12 2013 +1100 - - - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions - greater than 11 either rather than just 11. Patch from Tomas Kuthan. - -commit 6674eb9683afd1ea4eb35670b5e66815543a759e -Author: Damien Miller -Date: Wed Dec 18 17:50:39 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/17 10:36:38 - [crypto_api.h] - I've assempled the header file by cut&pasting from generated headers - and the source files. - -commit d58a5964426ee014384d67d775d16712e93057f3 -Author: Damien Miller -Date: Wed Dec 18 17:50:13 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/15 21:42:35 - [cipher-chachapoly.c] - add some comments and constify a constant - -commit 059321d19af24d87420de3193f79dfab23556078 -Author: Damien Miller -Date: Wed Dec 18 17:49:48 2013 +1100 - - - pascal@cvs.openbsd.org 2013/12/15 18:17:26 - [ssh-add.c] - Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page. - ok markus@ - -commit 155b5a5bf158767f989215479ded2a57f331e1c6 -Author: Damien Miller -Date: Wed Dec 18 17:48:32 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/09 11:08:17 - [crypto_api.h] - remove unused defines - -commit 8a56dc2b6b48b05590810e7f4c3567508410000c -Author: Damien Miller -Date: Wed Dec 18 17:48:11 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/09 11:03:45 - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] - [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] - Add Authors for the public domain ed25519/nacl code. - see also http://nacl.cr.yp.to/features.html - All of the NaCl software is in the public domain. - and http://ed25519.cr.yp.to/software.html - The Ed25519 software is in the public domain. - -commit 6575c3acf31fca117352f31f37b16ae46e664837 -Author: Damien Miller -Date: Wed Dec 18 17:47:02 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/12/08 09:53:27 - [sshd_config.5] - Use a literal for the default value of KEXAlgorithms. ok deraadt jmc - -commit 8ba0ead6985ea14999265136b14ffd5aeec516f9 -Author: Damien Miller -Date: Wed Dec 18 17:46:27 2013 +1100 - - - naddy@cvs.openbsd.org 2013/12/07 11:58:46 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1] - [ssh_config.5 sshd.8 sshd_config.5] - add missing mentions of ed25519; ok djm@ - -commit 4f752cf71cf44bf4bc777541156c2bf56daf9ce9 -Author: Damien Miller -Date: Wed Dec 18 17:45:35 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/07 08:08:26 - [ssh-keygen.1] - document -a and -o wrt new key format - -commit 6d6fcd14e23a9053198342bb379815b15e504084 -Author: Damien Miller -Date: Sun Dec 8 15:53:28 2013 +1100 - - - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh] - [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid - filesystem before running agent-ptrace.sh; ok dtucker - -commit 7e6e42fb532c7dafd7078ef5e9e2d3e47fcf6752 -Author: Damien Miller -Date: Sun Dec 8 08:23:08 2013 +1100 - - - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna - Vinschen - -commit da3ca351b49d52ae85db2e3998265dc3c6617068 -Author: Damien Miller -Date: Sat Dec 7 21:43:46 2013 +1100 - - - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from - Loganaden Velvindron @ AfriNIC in bz#2179 - -commit eb401585bb8336cbf81fe4fc58eb9f7cac3ab874 -Author: Damien Miller -Date: Sat Dec 7 17:07:15 2013 +1100 - - - (djm) [regress/cert-hostkey.sh] Fix merge botch - -commit f54542af3ad07532188b10136ae302314ec69ed6 -Author: Damien Miller -Date: Sat Dec 7 16:32:44 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/06 13:52:46 - [regress/Makefile regress/agent.sh regress/cert-hostkey.sh] - [regress/cert-userkey.sh regress/keytype.sh] - test ed25519 support; from djm@ - -commit f104da263de995f66b6861b4f3368264ee483d7f -Author: Damien Miller -Date: Sat Dec 7 12:37:53 2013 +1100 - - - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in] - [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on - Linux - -commit 1ff130dac9b7aea0628f4ad30683431fe35e0020 -Author: Damien Miller -Date: Sat Dec 7 11:51:51 2013 +1100 - - - [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c] - [openbsd-compat/blf.h openbsd-compat/blowfish.c] - [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in - portable. - -commit 4260828a2958ebe8c96f66d8301dac53f4cde556 -Author: Damien Miller -Date: Sat Dec 7 11:38:03 2013 +1100 - - - [authfile.c] Conditionalise inclusion of util.h - -commit a913442bac8a26fd296a3add51293f8f6f9b3b4c -Author: Damien Miller -Date: Sat Dec 7 11:35:36 2013 +1100 - - - [Makefile.in] Add ed25519 sources - -commit ca570a519cb846da61d002c7f46fa92e39c83e45 -Author: Damien Miller -Date: Sat Dec 7 11:29:09 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/07 00:19:15 - [key.c] - set k->cert = NULL after freeing it - -commit 3cccc0e155229a2f2d86b6df40bd4559b4f960ff -Author: Damien Miller -Date: Sat Dec 7 11:27:47 2013 +1100 - - - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] - [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents - -commit a7827c11b3f0380b7e593664bd62013ff9c131db -Author: Damien Miller -Date: Sat Dec 7 11:24:30 2013 +1100 - - - jmc@cvs.openbsd.org 2013/12/06 15:29:07 - [sshd.8] - missing comma; - -commit 5be9d9e3cbd9c66f24745d25bf2e809c1d158ee0 -Author: Damien Miller -Date: Sat Dec 7 11:24:01 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/06 13:39:49 - [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] - [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] - [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] - [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] - [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] - support ed25519 keys (hostkeys and user identities) using the public - domain ed25519 reference code from SUPERCOP, see - http://ed25519.cr.yp.to/software.html - feedback, help & ok djm@ - -commit bcd00abd8451f36142ae2ee10cc657202149201e -Author: Damien Miller -Date: Sat Dec 7 10:41:55 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/06 13:34:54 - [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c] - [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by - default; details in PROTOCOL.key; feedback and lots help from djm; - ok djm@ - -commit f0e9060d236c0e38bec2fa1c6579fb0a2ea6458d -Author: Damien Miller -Date: Sat Dec 7 10:40:26 2013 +1100 - - - markus@cvs.openbsd.org 2013/12/06 13:30:08 - [authfd.c key.c key.h ssh-agent.c] - move private key (de)serialization to key.c; ok djm - -commit 0f8536da23a6ef26e6495177c0d8a4242b710289 -Author: Damien Miller -Date: Sat Dec 7 10:31:37 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/06 03:40:51 - [ssh-keygen.c] - remove duplicated character ('g') in getopt() string; - document the (few) remaining option characters so we don't have to - rummage next time. - -commit 393920745fd328d3fe07f739a3cf7e1e6db45b60 -Author: Damien Miller -Date: Sat Dec 7 10:31:08 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/05 22:59:45 - [sftp-client.c] - fix memory leak in error path in do_readdir(); pointed out by - Loganaden Velvindron @ AfriNIC in bz#2163 - -commit 534b2ccadea5e5e9a8b27226e6faac3ed5552e97 -Author: Damien Miller -Date: Thu Dec 5 14:07:27 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/05 01:16:41 - [servconf.c servconf.h] - bz#2161 - fix AuthorizedKeysCommand inside a Match block and - rearrange things so the same error is harder to make next time; - with and ok dtucker@ - -commit 8369c8e61a3408ec6bb75755fad4ffce29b5fdbe -Author: Darren Tucker -Date: Thu Dec 5 11:00:16 2013 +1100 - - - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct - -L location for libedit. Patch from Serge van den Boom. - -commit 9275df3e0a2a3bc3897f7d664ea86a425c8a092d -Author: Damien Miller -Date: Thu Dec 5 10:26:32 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/04 04:20:01 - [sftp-client.c] - bz#2171: don't leak local_fd on error; from Loganaden Velvindron @ - AfriNIC - -commit 960f6a2b5254e4da082d8aa3700302ed12dc769a -Author: Damien Miller -Date: Thu Dec 5 10:26:14 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/02 03:13:14 - [cipher.c] - correct bzero of chacha20+poly1305 key context. bz#2177 from - Loganaden Velvindron @ AfriNIC - - Also make it a memset for consistency with the rest of cipher.c - -commit f7e8a8796d661c9d6692ab837e1effd4f5ada1c2 -Author: Damien Miller -Date: Thu Dec 5 10:25:51 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/02 03:09:22 - [key.c] - make key_to_blob() return a NULL blob on failure; part of - bz#2175 from Loganaden Velvindron @ AfriNIC - -commit f1e44ea9d9a6d4c1a95a0024132e603bd1778c9c -Author: Damien Miller -Date: Thu Dec 5 10:23:21 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/02 02:56:17 - [ssh-pkcs11-helper.c] - use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC - -commit 114e540b15d57618f9ebf624264298f80bbd8c77 -Author: Damien Miller -Date: Thu Dec 5 10:22:57 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/02 02:50:27 - [PROTOCOL.chacha20poly1305] - typo; from Jon Cave - -commit e4870c090629e32f2cb649dc16d575eeb693f4a8 -Author: Damien Miller -Date: Thu Dec 5 10:22:39 2013 +1100 - - - djm@cvs.openbsd.org 2013/12/01 23:19:05 - [PROTOCOL] - mention curve25519-sha256@libssh.org key exchange algorithm - -commit 1d2f8804a6d33a4e908b876b2e1266b8260ec76b -Author: Damien Miller -Date: Thu Dec 5 10:22:03 2013 +1100 - - - deraadt@cvs.openbsd.org 2013/11/26 19:15:09 - [pkcs11.h] - cleanup 1 << 31 idioms. Resurrection of this issue pointed out by - Eitan Adler ok markus for ssh, implies same change in kerberosV - -commit bdb352a54f82df94a548e3874b22f2d6ae90328d -Author: Damien Miller -Date: Thu Dec 5 10:20:52 2013 +1100 - - - jmc@cvs.openbsd.org 2013/11/26 12:14:54 - [ssh.1 ssh.c] - - put -Q in the right place - - Ar was a poor choice for the arguments to -Q. i've chosen an - admittedly equally poor Cm, at least consistent with the rest - of the docs. also no need for multiple instances - - zap a now redundant Nm - - usage() sync - -commit d937dc084a087090f1cf5395822c3ac958d33759 -Author: Damien Miller -Date: Thu Dec 5 10:19:54 2013 +1100 - - - deraadt@cvs.openbsd.org 2013/11/25 18:04:21 - [ssh.1 ssh.c] - improve -Q usage and such. One usage change is that the option is now - case-sensitive - ok dtucker markus djm - -commit dec0393f7ee8aabc7d9d0fc2c5fddb4bc649112e -Author: Damien Miller -Date: Thu Dec 5 10:18:43 2013 +1100 - - - jmc@cvs.openbsd.org 2013/11/21 08:05:09 - [ssh_config.5 sshd_config.5] - no need for .Pp before displays; - -commit 8a073cf57940aabf85e49799f89f5d5e9b072c1b -Author: Damien Miller -Date: Thu Nov 21 14:26:18 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/21 03:18:51 - [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh] - [regress/try-ciphers.sh] - use new "ssh -Q cipher-auth" query to obtain lists of authenticated - encryption ciphers instead of specifying them manually; ensures that - the new chacha20poly1305@openssh.com mode is tested; - - ok markus@ and naddy@ as part of the diff to add - chacha20poly1305@openssh.com - -commit ea61b2179f63d48968dd2c9617621002bb658bfe -Author: Damien Miller -Date: Thu Nov 21 14:25:15 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/21 03:16:47 - [regress/modpipe.c] - use unsigned long long instead of u_int64_t here to avoid warnings - on some systems portable OpenSSH is built on. - -commit 36aba25b0409d2db6afc84d54bc47a2532d38424 -Author: Damien Miller -Date: Thu Nov 21 14:24:42 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/21 03:15:46 - [regress/krl.sh] - add some reminders for additional tests that I'd like to implement - -commit fa7a20bc289f09b334808d988746bc260a2f60c9 -Author: Damien Miller -Date: Thu Nov 21 14:24:08 2013 +1100 - - - naddy@cvs.openbsd.org 2013/11/18 05:09:32 - [regress/forward-control.sh] - bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164) - to successfully run this; ok djm@ - (ID sync only; our timeouts are already longer) - -commit 0fde8acdad78a4d20cadae974376cc0165f645ee -Author: Damien Miller -Date: Thu Nov 21 14:12:23 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/21 00:45:44 - [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] - [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] - [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] - [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport - cipher "chacha20-poly1305@openssh.com" that combines Daniel - Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an - authenticated encryption mode. - - Inspired by and similar to Adam Langley's proposal for TLS: - http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 - but differs in layout used for the MAC calculation and the use of a - second ChaCha20 instance to separately encrypt packet lengths. - Details are in the PROTOCOL.chacha20poly1305 file. - - Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC - ok markus@ naddy@ - -commit fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a -Author: Damien Miller -Date: Thu Nov 21 13:57:15 2013 +1100 - - - deraadt@cvs.openbsd.org 2013/11/20 20:54:10 - [canohost.c clientloop.c match.c readconf.c sftp.c] - unsigned casts for ctype macros where neccessary - ok guenther millert markus - -commit e00167307e4d3692695441e9bd712f25950cb894 -Author: Damien Miller -Date: Thu Nov 21 13:56:49 2013 +1100 - - - deraadt@cvs.openbsd.org 2013/11/20 20:53:10 - [scp.c] - unsigned casts for ctype macros where neccessary - ok guenther millert markus - -commit 23e00aa6ba9eee0e0c218f2026bf405ad4625832 -Author: Damien Miller -Date: Thu Nov 21 13:56:28 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/20 02:19:01 - [sshd.c] - delay closure of in/out fds until after "Bad protocol version - identification..." message, as get_remote_ipaddr/get_remote_port - require them open. - -commit 867e6934be6521f87f04a5ab86702e2d1b314245 -Author: Damien Miller -Date: Thu Nov 21 13:56:06 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/13 13:48:20 - [ssh-pkcs11.c] - add missing braces found by pedro - -commit 0600c7020f4fe68a780bd7cf21ff541a8d4b568a -Author: Damien Miller -Date: Thu Nov 21 13:55:43 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/08 11:15:19 - [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c] - [uidswap.c] Include stdlib.h for free() as per the man page. - -commit b6a75b0b93b8faa6f79c3a395ab6c71f3f880b80 -Author: Darren Tucker -Date: Sun Nov 10 20:25:22 2013 +1100 - - - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by - querying the ones that are compiled in. - -commit 2c89430119367eb1bc96ea5ee55de83357e4c926 -Author: Darren Tucker -Date: Sun Nov 10 12:38:42 2013 +1100 - - - (dtucker) [key.c] Check for the correct defines for NID_secp521r1. - -commit dd5264db5f641dbd03186f9e5e83e4b14b3d0003 -Author: Darren Tucker -Date: Sat Nov 9 22:32:51 2013 +1100 - - - (dtucker) [configure.ac] Add missing "test". - -commit 95cb2d4eb08117be061f3ff076adef3e9a5372c3 -Author: Darren Tucker -Date: Sat Nov 9 22:02:31 2013 +1100 - - - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test. - -commit 37bcef51b3d9d496caecea6394814d2f49a1357f -Author: Darren Tucker -Date: Sat Nov 9 18:39:25 2013 +1100 - - - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of - NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the - latter actually works before using it. Fedora (at least) has NID_secp521r1 - that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897). - -commit 6e2fe81f926d995bae4be4a6b5b3c88c1c525187 -Author: Darren Tucker -Date: Sat Nov 9 16:55:03 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 - [regress/test-exec.sh regress/rekey.sh] - Use smaller test data files to speed up tests. Grow test datafiles - where necessary for a specific test. - -commit aff7ef1bb8b7c1eeb1f4812129091c5adbf51848 -Author: Darren Tucker -Date: Sat Nov 9 00:19:22 2013 +1100 - - - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation: - rather than testing and generating each key, call ssh-keygen -A. - Patch from vinschen at redhat.com. - -commit 882abfd3fb3c98cfe70b4fc79224770468b570a5 -Author: Darren Tucker -Date: Sat Nov 9 00:17:41 2013 +1100 - - - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform - and pass in TEST_ENV. Unknown options cause stderr to get polluted - and the stderr-data test to fail. - -commit 8c333ec23bdf7da917aa20ac6803a2cdd79182c5 -Author: Darren Tucker -Date: Fri Nov 8 21:12:58 2013 +1100 - - - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile - warnings. - -commit d94240b2f6b376b6e9de187e4a0cd4b89dfc48cb -Author: Darren Tucker -Date: Fri Nov 8 21:10:04 2013 +1100 - - - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256. - -commit 1c8ce34909886288a3932dce770deec5449f7bb5 -Author: Darren Tucker -Date: Fri Nov 8 19:50:32 2013 +1100 - - - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have - EVP_sha256. - -commit ccdb9bec46bcc88549b26a94aa0bae2b9f51031c -Author: Darren Tucker -Date: Fri Nov 8 18:54:38 2013 +1100 - - - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of - arc4random_stir for platforms that have arc4random but don't have - arc4random_stir (right now this is only OpenBSD -current). - -commit 3420a50169b52cc8d2775d51316f9f866c73398f -Author: Damien Miller -Date: Fri Nov 8 16:48:13 2013 +1100 - - - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Update version numbers following release. - -commit 3ac4a234df842fd8c94d9cb0ad198e1fe84b895b -Author: Damien Miller -Date: Fri Nov 8 12:39:49 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/08 01:38:11 - [version.h] - openssh-6.4 - -commit 6c81fee693038de7d4a5559043350391db2a2761 -Author: Damien Miller -Date: Fri Nov 8 12:19:55 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/08 00:39:15 - [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] - [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] - [sftp-client.c sftp-glob.c] - use calloc for all structure allocations; from markus@ - -commit 690d989008e18af3603a5e03f1276c9bad090370 -Author: Damien Miller -Date: Fri Nov 8 12:16:49 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 11:58:27 - [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] - Output the effective values of Ciphers, MACs and KexAlgorithms when - the default has not been overridden. ok markus@ - -commit 08998c5fb9c7c1d248caa73b76e02ca0482e6d85 -Author: Darren Tucker -Date: Fri Nov 8 12:11:46 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 - [regress/rekey.sh] - Rekey less frequently during tests to speed them up - -commit 4bf7e50e533aa956366df7402c132f202e841a48 -Author: Darren Tucker -Date: Thu Nov 7 22:33:48 2013 +1100 - - - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment - variable. It's no longer used now that we get the supported MACs from - ssh -Q. - -commit 6e9d6f411288374d1dee4b7debbfa90bc7e73035 -Author: Darren Tucker -Date: Thu Nov 7 15:32:37 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 04:26:56 - [regress/kextype.sh] - trailing space - -commit 74cbc22529f3e5de756e1b7677b7624efb28f62c -Author: Darren Tucker -Date: Thu Nov 7 15:26:12 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 03:55:41 - [regress/kextype.sh] - Use ssh -Q to get kex types instead of a static list. - -commit a955041c930e63405159ff7d25ef14272f36eab3 -Author: Darren Tucker -Date: Thu Nov 7 15:21:19 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 02:48:38 - [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] - Use ssh -Q instead of hardcoding lists of ciphers or MACs. - -commit 06595d639577577bc15d359e037a31eb83563269 -Author: Darren Tucker -Date: Thu Nov 7 15:08:02 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 01:12:51 - [regress/rekey.sh] - Factor out the data transfer rekey tests - -commit 651dc8b2592202dac6b16ee3b82ce5b331be7da3 -Author: Darren Tucker -Date: Thu Nov 7 15:04:44 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/07 00:12:05 - [regress/rekey.sh] - Test rekeying for every Cipher, MAC and KEX, plus test every KEX with - the GCM ciphers. - -commit 234557762ba1096a867ca6ebdec07efebddb5153 -Author: Darren Tucker -Date: Thu Nov 7 15:00:51 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/11/04 12:27:42 - [regress/rekey.sh] - Test rekeying with all KexAlgorithms. - -commit bbfb9b0f386aab0c3e19d11f136199ef1b9ad0ef -Author: Darren Tucker -Date: Thu Nov 7 14:56:43 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:39:53 - [regress/kextype.sh] - add curve25519-sha256@libssh.org - -commit aa19548a98c0f89283ebd7354abd746ca6bc4fdf -Author: Darren Tucker -Date: Thu Nov 7 14:50:09 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/09 23:44:14 - [regress/Makefile] (ID sync only) - regression test for sftp request white/blacklisting and readonly mode. - -commit c8908aabff252f5da772d4e679479c2b7d18cac1 -Author: Damien Miller -Date: Thu Nov 7 13:38:35 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/06 23:05:59 - [ssh-pkcs11.c] - from portable: s/true/true_val/ to avoid name collisions on dump platforms - RCSID sync only - -commit 49c145c5e89b9d7d48e84328d6347d5ad640b567 -Author: Damien Miller -Date: Thu Nov 7 13:35:39 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/06 16:52:11 - [monitor_wrap.c] - fix rekeying for AES-GCM modes; ok deraadt - -commit 67a8800f290b39fd60e379988c700656ae3f2539 -Author: Damien Miller -Date: Thu Nov 7 13:32:51 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/04 11:51:16 - [monitor.c] - fix rekeying for KEX_C25519_SHA256; noted by dtucker@ - RCSID sync only; I thought this was a merge botch and fixed it already - -commit df8b030b15fcec7baf38ec7944f309f9ca8cc9a7 -Author: Damien Miller -Date: Thu Nov 7 13:28:16 2013 +1100 - - - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms - that lack it but have arc4random_uniform() - -commit a6fd1d3c38a562709374a70fa76423859160aa90 -Author: Damien Miller -Date: Thu Nov 7 12:03:26 2013 +1100 - - - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these - -commit c98319750b0bbdd0d1794420ec97d65dd9244613 -Author: Damien Miller -Date: Thu Nov 7 12:00:23 2013 +1100 - - - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff - -commit 61c5c2319e84a58210810d39b062c8b8e3321160 -Author: Damien Miller -Date: Thu Nov 7 11:34:14 2013 +1100 - - - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) - that got lost in recent merge. - -commit 094003f5454a9f5a607674b2739824a7e91835f4 -Author: Damien Miller -Date: Mon Nov 4 22:59:27 2013 +1100 - - - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from - KEX/curve25519 change - -commit ca67a7eaf8766499ba67801d0be8cdaa550b9a50 -Author: Damien Miller -Date: Mon Nov 4 09:05:17 2013 +1100 - - - djm@cvs.openbsd.org 2013/11/03 10:37:19 - [roaming_common.c] - fix a couple of function definitions foo() -> foo(void) - (-Wold-style-definition) - -commit 0bd8f1519d51af8d4229be81e8f2f4903a1d440b -Author: Damien Miller -Date: Mon Nov 4 08:55:43 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:39:19 - [ssh_config.5 sshd_config.5] - the default kex is now curve25519-sha256@libssh.org - -commit 4c3ba0767fbe4a8a2a748df4035aaf86651f6b30 -Author: Damien Miller -Date: Mon Nov 4 08:40:13 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:34:01 - [auth-options.c] - no need to include monitor_wrap.h and ssh-gss.h - -commit 660621b2106b987b874c2f120218bec249d0f6ba -Author: Damien Miller -Date: Mon Nov 4 08:37:51 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:24:24 - [kexdhs.c kexecdhs.c] - no need to include ssh-gss.h - -commit abdca986decfbbc008c895195b85e879ed460ada -Author: Damien Miller -Date: Mon Nov 4 08:30:05 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 22:10:15 - [kexdhs.c kexecdhs.c] - no need to include monitor_wrap.h - -commit 1e1242604eb0fd510fe93f81245c529237ffc513 -Author: Damien Miller -Date: Mon Nov 4 08:26:52 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 21:59:15 - [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] - use curve25519 for default key exchange (curve25519-sha256@libssh.org); - initial patch from Aris Adamantiadis; ok djm@ - -commit d2252c79191d069372ed6effce7c7a2de93448cd -Author: Damien Miller -Date: Mon Nov 4 07:41:48 2013 +1100 - - - markus@cvs.openbsd.org 2013/11/02 20:03:54 - [ssh-pkcs11.c] - support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys; - fixes bz#1908; based on patch from Laurent Barbe; ok djm - -commit 007e3b357e880caa974d5adf9669298ba0751c78 -Author: Darren Tucker -Date: Sun Nov 3 18:43:55 2013 +1100 - - - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t - for platforms that don't have them. - -commit 710f3747352fb93a63e5b69b12379da37f5b3fa9 -Author: Darren Tucker -Date: Sun Nov 3 17:20:34 2013 +1100 - - - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd - vsnprintf. From eric at openbsd via chl@. - -commit d52770452308e5c2e99f4da6edaaa77ef078b610 -Author: Darren Tucker -Date: Sun Nov 3 16:30:46 2013 +1100 - - - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep. - From OpenSMTPD where it prevents "implicit declaration" warnings (it's - a no-op in OpenSSH). From chl at openbsd. - -commit 63857c9340d3482746a5622ffdacc756751f6448 -Author: Damien Miller -Date: Wed Oct 30 22:31:06 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/29 18:49:32 - [sshd_config.5] - pty(4), not pty(7); - -commit 5ff30c6b68adeee767dd29bf2369763c6a13c0b3 -Author: Damien Miller -Date: Wed Oct 30 22:21:50 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/29 09:48:02 - [servconf.c servconf.h session.c sshd_config sshd_config.5] - shd_config PermitTTY to disallow TTY allocation, mirroring the - longstanding no-pty authorized_keys option; - bz#2070, patch from Teran McKinney; ok markus@ - -commit 4a3a9d4bbf8048473f5cc202cd8db7164d5e6b8d -Author: Damien Miller -Date: Wed Oct 30 22:19:47 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/29 09:42:11 - [key.c key.h] - fix potential stack exhaustion caused by nested certificates; - report by Mateusz Kocielski; ok dtucker@ markus@ - -commit 28631ceaa7acd9bc500f924614431542893c6a21 -Author: Damien Miller -Date: Sat Oct 26 10:07:56 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/25 23:04:51 - [ssh.c] - fix crash when using ProxyCommand caused by previous commit - was calling - freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@ - -commit 26506ad29350c5681815745cc90b3952a84cf118 -Author: Damien Miller -Date: Sat Oct 26 10:05:46 2013 +1100 - - - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove - unnecessary arc4random_stir() calls. The only ones left are to ensure - that the PRNG gets a different state after fork() for platforms that - have broken the API. - -commit bd43e8872325e9bbb3319c89da593614709f317c -Author: Tim Rice -Date: Thu Oct 24 12:22:49 2013 -0700 - - - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd" - -commit a90c0338083ee0e4064c4bdf61f497293a699be0 -Author: Damien Miller -Date: Thu Oct 24 21:03:17 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/24 08:19:36 - [ssh.c] - fix bug introduced in hostname canonicalisation commit: don't try to - resolve hostnames when a ProxyCommand is set unless the user has forced - canonicalisation; spotted by Iain Morgan - -commit cf31f3863425453ffcda540fbefa9df80088c8d1 -Author: Damien Miller -Date: Thu Oct 24 21:02:56 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/10/24 00:51:48 - [readconf.c servconf.c ssh_config.5 sshd_config.5] - Disallow empty Match statements and add "Match all" which matches - everything. ok djm, man page help jmc@ - -commit 4bedd4032a09ce87322ae5ea80f193f109e5c607 -Author: Damien Miller -Date: Thu Oct 24 21:02:26 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/10/24 00:49:49 - [moduli.c] - Periodically print progress and, if possible, expected time to completion - when screening moduli for DH groups. ok deraadt djm - -commit 5ecb41629860687b145be63b8877fabb6bae5eda -Author: Damien Miller -Date: Thu Oct 24 21:02:02 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/23 23:35:32 - [sshd.c] - include local address and port in "Connection from ..." message (only - shown at loglevel>=verbose) - -commit 03bf2e61ad6ac59a362a1f11b105586cb755c147 -Author: Damien Miller -Date: Thu Oct 24 21:01:26 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/10/23 05:40:58 - [servconf.c] - fix comment - -commit 8f1873191478847773906af961c8984d02a49dd6 -Author: Damien Miller -Date: Thu Oct 24 10:53:02 2013 +1100 - - - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check - rather than full client name which may be of form user@REALM; - patch from Miguel Sanders; ok dtucker@ - -commit 5b01b0dcb417eb615df77e7ce1b59319bf04342c -Author: Damien Miller -Date: Wed Oct 23 16:31:31 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/23 04:16:22 - [ssh-keygen.c] - Make code match documentation: relative-specified certificate expiry time - should be relative to current time and not the validity start time. - Reported by Petr Lautrbach; ok deraadt@ - -commit eff5cada589f25793dbe63a76aba9da39837a148 -Author: Damien Miller -Date: Wed Oct 23 16:31:10 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/23 03:05:19 - [readconf.c ssh.c] - comment - -commit 084bcd24e9fe874020e4df4e073e7408e1b17fb7 -Author: Damien Miller -Date: Wed Oct 23 16:30:51 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/23 03:03:07 - [readconf.c] - Hostname may have %h sequences that should be expanded prior to Match - evaluation; spotted by Iain Morgan - -commit 8e5a67f46916def40b2758bb7755350dd2eee843 -Author: Damien Miller -Date: Wed Oct 23 16:30:25 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/20 18:00:13 - [ssh_config.5] - tweak the "exec" description, as worded by djm; - -commit c0049bd0bca02890cd792babc594771c563f91f2 -Author: Damien Miller -Date: Wed Oct 23 16:29:59 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/20 09:51:26 - [scp.1 sftp.1] - add canonicalisation options to -o lists - -commit 8a04be795fc28514a09e55a54b2e67968f2e1b3a -Author: Damien Miller -Date: Wed Oct 23 16:29:40 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/20 06:19:28 - [readconf.c ssh_config.5] - rename "command" subclause of the recently-added "Match" keyword to - "exec"; it's shorter, clearer in intent and we might want to add the - ability to match against the command being executed at the remote end in - the future. - -commit 5c86ebdf83b636b6741db4b03569ef4a53b89a58 -Author: Damien Miller -Date: Wed Oct 23 16:29:12 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/20 04:39:28 - [ssh_config.5] - document % expansions performed by "Match command ..." - -commit 4502f88774edc56194707167443f94026d3c7cfa -Author: Damien Miller -Date: Fri Oct 18 10:17:36 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/17 22:08:04 - [sshd.c] - include remote port in bad banner message; bz#2162 - -commit 1edcbf65ebd2febeaf10a836468f35e519eed7ca -Author: Damien Miller -Date: Fri Oct 18 10:17:17 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/17 07:35:48 - [sftp.1 sftp.c] - tweak previous; - -commit a176e1823013dd8533a20235b3a5131f0626f46b -Author: Damien Miller -Date: Fri Oct 18 09:05:41 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/09 23:44:14 - [regress/Makefile regress/sftp-perm.sh] - regression test for sftp request white/blacklisting and readonly mode. - -commit e3ea09494dcfe7ba76536e95765c8328ecfc18fb -Author: Damien Miller -Date: Thu Oct 17 11:57:23 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/17 00:46:49 - [ssh.c] - rearrange check to reduce diff against -portable - (Id sync only) - -commit f29238e67471a7f1088a99c3c3dbafce76b790cf -Author: Damien Miller -Date: Thu Oct 17 11:48:52 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/17 00:30:13 - [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c] - fsync@openssh.com protocol extension for sftp-server - client support to allow calling fsync() faster successful transfer - patch mostly by imorgan AT nas.nasa.gov; bz#1798 - "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@ - -commit 51682faa599550a69d8120e5e2bdbdc0625ef4be -Author: Damien Miller -Date: Thu Oct 17 11:48:31 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/16 22:58:01 - [ssh.c ssh_config.5] - one I missed in previous: s/isation/ization/ - -commit 3850559be93f1a442ae9ed370e8c389889dd5f72 -Author: Damien Miller -Date: Thu Oct 17 11:48:13 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/16 22:49:39 - [readconf.c readconf.h ssh.1 ssh.c ssh_config.5] - s/canonicalise/canonicalize/ for consistency with existing spelling, - e.g. authorized_keys; pointed out by naddy@ - -commit 607af3434b75acc7199a5d99d5a9c11068c01f27 -Author: Damien Miller -Date: Thu Oct 17 11:47:51 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/16 06:42:25 - [ssh_config.5] - tweak previous; - -commit 0faf747e2f77f0f7083bcd59cbed30c4b5448444 -Author: Damien Miller -Date: Thu Oct 17 11:47:23 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/16 02:31:47 - [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5] - [sshconnect.c sshconnect.h] - Implement client-side hostname canonicalisation to allow an explicit - search path of domain suffixes to use to convert unqualified host names - to fully-qualified ones for host key matching. - This is particularly useful for host certificates, which would otherwise - need to list unqualified names alongside fully-qualified ones (and this - causes a number of problems). - "looks fine" markus@ - -commit d77b81f856e078714ec6b0f86f61c20249b7ead4 -Author: Damien Miller -Date: Thu Oct 17 11:39:00 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/15 14:10:25 - [ssh.1 ssh_config.5] - tweak previous; - -commit dcd39f29ce3308dc74a0ff27a9056205a932ce05 -Author: Damien Miller -Date: Thu Oct 17 11:31:40 2013 +1100 - - - [ssh.c] g/c unused variable. - -commit 5359a628ce3763408da25d83271a8eddec597a0c -Author: Damien Miller -Date: Tue Oct 15 12:20:37 2013 +1100 - - - [ssh.c] g/c unused variable. - -commit 386feab0c4736b054585ee8ee372865d5cde8d69 -Author: Damien Miller -Date: Tue Oct 15 12:14:49 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/14 23:31:01 - [ssh.c] - whitespace at EOL; pointed out by markus@ - -commit e9fc72edd6c313b670558cd5219601c38a949b67 -Author: Damien Miller -Date: Tue Oct 15 12:14:12 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/14 23:28:23 - [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c] - refactor client config code a little: - add multistate option partsing to readconf.c, similar to servconf.c's - existing code. - move checking of options that accept "none" as an argument to readconf.c - add a lowercase() function and use it instead of explicit tolower() in - loops - part of a larger diff that was ok markus@ - -commit 194fd904d8597a274b93e075b2047afdf5a175d4 -Author: Damien Miller -Date: Tue Oct 15 12:13:05 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/14 22:22:05 - [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5] - add a "Match" keyword to ssh_config that allows matching on hostname, - user and result of arbitrary commands. "nice work" markus@ - -commit 71df752de2a04f423b1cd18d961a79f4fbccbcee -Author: Damien Miller -Date: Tue Oct 15 12:12:02 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/14 21:20:52 - [session.c session.h] - Add logging of session starts in a useful format; ok markus@ feedback and - ok dtucker@ - -commit 6efab27109b82820e8d32a5d811adb7bfc354f65 -Author: Damien Miller -Date: Tue Oct 15 12:07:05 2013 +1100 - - - jmc@cvs.openbsd.org 2013/10/14 14:18:56 - [sftp-server.8 sftp-server.c] - tweak previous; - ok djm - -commit 61c7de8a94156f6d7e9718ded9be8c65bb902b66 -Author: Damien Miller -Date: Tue Oct 15 12:06:45 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/11 02:53:45 - [sftp-client.h] - obsolete comment - -commit 2f93d0556e4892208c9b072624caa8cc5ddd839d -Author: Damien Miller -Date: Tue Oct 15 12:06:27 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/11 02:52:23 - [sftp-client.c] - missed one arg reorder - -commit bda5c8445713ae592d969a5105ed1a65da22bc96 -Author: Damien Miller -Date: Tue Oct 15 12:05:58 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/11 02:45:36 - [sftp-client.c] - rename flag arguments to be more clear and consistent. - reorder some internal function arguments to make adding additional flags - easier. - no functional change - -commit 61ee4d68ca0fcc793a826fc7ec70f3b8ffd12ab6 -Author: Damien Miller -Date: Tue Oct 15 11:56:47 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/10 01:43:03 - [sshd.c] - bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly - updated; ok dtucker@ - -commit 73600e51af9ee734a19767e0c084bbbc5eb5b8da -Author: Damien Miller -Date: Tue Oct 15 11:56:25 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/10 00:53:25 - [sftp-server.c] - add -Q, -P and -p to usage() before jmc@ catches me - -commit 6eaeebf27d92f39a38c772aa3f20c2250af2dd29 -Author: Damien Miller -Date: Tue Oct 15 11:55:57 2013 +1100 - - - djm@cvs.openbsd.org 2013/10/09 23:42:17 - [sftp-server.8 sftp-server.c] - Add ability to whitelist and/or blacklist sftp protocol requests by name. - Refactor dispatch loop and consolidate read-only mode checks. - Make global variables static, since sftp-server is linked into sshd(8). - ok dtucker@ - -commit df62d71e64d29d1054e7a53d1a801075ef70335f -Author: Darren Tucker -Date: Thu Oct 10 10:32:39 2013 +1100 - - - dtucker@cvs.openbsd.org 2013/10/08 11:42:13 - [dh.c dh.h] - Increase the size of the Diffie-Hellman groups requested for a each - symmetric key size. New values from NIST Special Publication 800-57 with - the upper limit specified by RFC4419. Pointed out by Peter Backes, ok - djm@. - -commit e6e52f8c5dc89a6767702e65bb595aaf7bc8991c -Author: Darren Tucker -Date: Thu Oct 10 10:28:07 2013 +1100 - - - djm@cvs.openbsd.org 2013/09/19 01:26:29 - [sshconnect.c] - bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from - swp AT swp.pp.ru; ok dtucker@ - -commit 71152bc9911bc34a98810b2398dac20df3fe8de3 -Author: Darren Tucker -Date: Thu Oct 10 10:27:21 2013 +1100 - - - djm@cvs.openbsd.org 2013/09/19 01:24:46 - [channels.c] - bz#1297 - tell the client (via packet_send_debug) when their preferred - listen address has been overridden by the server's GatewayPorts; - ok dtucker@ - -commit b59aaf3c4f3f449a4b86d8528668bd979be9aa5f -Author: Darren Tucker -Date: Thu Oct 10 10:26:21 2013 +1100 - - - djm@cvs.openbsd.org 2013/09/19 00:49:12 - [sftp-client.c] - fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan - -commit 5d80e4522d6238bdefe9d0c634f0e6d35a241e41 -Author: Darren Tucker -Date: Thu Oct 10 10:25:09 2013 +1100 - - - djm@cvs.openbsd.org 2013/09/19 00:24:52 - [progressmeter.c] - store the initial file offset so the progress meter doesn't freak out - when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@ - -commit ad92df7e5ed26fea85adfb3f95352d6cd8e86344 -Author: Darren Tucker -Date: Thu Oct 10 10:24:11 2013 +1100 - - - sthen@cvs.openbsd.org 2013/09/16 11:35:43 - [ssh_config] - Remove gssapi config parts from ssh_config, as was already done for - sshd_config. Req by/ok ajacoutot@ - ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular - -commit 720711960b130d36dfdd3d50eb25ef482bdd000e -Author: Damien Miller -Date: Wed Oct 9 10:44:47 2013 +1100 - - - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c] - [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random - implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, - tested tim@ - -commit 9159310087a218e28940a592896808b8eb76a039 -Author: Damien Miller -Date: Wed Oct 9 10:42:32 2013 +1100 - - - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull - in OpenBSD implementation of arc4random, shortly to replace the existing - bsd-arc4random.c - -commit 67f1d557a68d6fa8966a327d7b6dee3408cf0e72 -Author: Damien Miller -Date: Wed Oct 9 09:33:08 2013 +1100 - - correct incorrect years in datestamps; from des - -commit f2bf36c3eb4d969f85ec8aa342e9aecb61cc8bb1 -Author: Darren Tucker -Date: Sun Sep 22 19:02:40 2013 +1000 - - - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj - setting when handling SIGHUP to maintain behaviour over retart. Patch - from Matthew Ife. - -commit e90a06ae570fd259a2f5ced873c7f17390f535a5 -Author: Darren Tucker -Date: Wed Sep 18 15:09:38 2013 +1000 - - - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu. - -commit 13840e0103946982cee2a05c40697be7e57dca41 -Author: Damien Miller -Date: Sat Sep 14 09:49:43 2013 +1000 - - - djm@cvs.openbsd.org 2013/09/13 06:54:34 - [channels.c] - avoid unaligned access in code that reused a buffer to send a - struct in_addr in a reply; simpler just use use buffer_put_int(); - from portable; spotted by and ok dtucker@ - -commit 70182522a47d283513a010338cd028cb80dac2ab -Author: Damien Miller -Date: Sat Sep 14 09:49:19 2013 +1000 - - - djm@cvs.openbsd.org 2013/09/12 01:41:12 - [clientloop.c] - fix connection crash when sending break (~B) on ControlPersist'd session; - ok dtucker@ - -commit ff9d6c2a4171ee32e8fe28fc3b86eb33bd5c845b -Author: Damien Miller -Date: Sat Sep 14 09:48:55 2013 +1000 - - - sthen@cvs.openbsd.org 2013/09/07 13:53:11 - [sshd_config] - Remove commented-out kerberos/gssapi config options from sample config, - kerberos support is currently not enabled in ssh in OpenBSD. Discussed with - various people; ok deraadt@ - ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular - -commit 8bab5e7b5ff6721d926b5ebf05a3a24489889c58 -Author: Damien Miller -Date: Sat Sep 14 09:47:00 2013 +1000 - - - deraadt@cvs.openbsd.org 2013/09/02 22:00:34 - [ssh-keygen.c sshconnect1.c sshd.c] - All the instances of arc4random_stir() are bogus, since arc4random() - does this itself, inside itself, and has for a very long time.. Actually, - this was probably reducing the entropy available. - ok djm - ID SYNC ONLY for portable; we don't trust other arc4random implementations - to do this right. - -commit 61353b3208d548fab863e0e0ac5d2400ee5bb340 -Author: Damien Miller -Date: Sat Sep 14 09:45:32 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/31 00:13:54 - [sftp.c] - make ^w match ksh behaviour (delete previous word instead of entire line) - -commit 660854859cad31d234edb9353fb7ca2780df8128 -Author: Damien Miller -Date: Sat Sep 14 09:45:03 2013 +1000 - - - mikeb@cvs.openbsd.org 2013/08/28 12:34:27 - [ssh-keygen.c] - improve batch processing a bit by making use of the quite flag a bit - more often and exit with a non zero code if asked to find a hostname - in a known_hosts file and it wasn't there; - originally from reyk@, ok djm - -commit 045bda5cb8acf0eb9d71c275ee1247e3154fc9e5 -Author: Damien Miller -Date: Sat Sep 14 09:44:37 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/22 19:02:21 - [sshd.c] - Stir PRNG after post-accept fork. The child gets a different PRNG state - anyway via rexec and explicit privsep reseeds, but it's good to be sure. - ok markus@ - -commit ed4af412da60a084891b20412433a27966613fb8 -Author: Damien Miller -Date: Sat Sep 14 09:40:51 2013 +1000 - - add marker for 6.3p1 release at the point of the last included change - -commit 43968a8e66a0aa1afefb11665bf96f86b113f5d9 -Author: Damien Miller -Date: Wed Aug 28 14:00:54 2013 +1000 - - - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits - until we have configure support. - -commit 04be8b9e53f8388c94b531ebc5d1bd6e10e930d1 -Author: Damien Miller -Date: Wed Aug 28 12:49:43 2013 +1000 - - - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the - 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we - start to use them in the future. - -commit f2f6c315a920a256937e1b6a3702757f3195a592 -Author: Damien Miller -Date: Wed Aug 21 02:44:58 2013 +1000 - - - jmc@cvs.openbsd.org 2013/08/20 06:56:07 - [ssh.1 ssh_config.5] - some proxyusefdpass tweaks; - -commit 1262b6638f7d01ab110fd373dd90d915c882fe1a -Author: Damien Miller -Date: Wed Aug 21 02:44:24 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/20 00:11:38 - [readconf.c readconf.h ssh_config.5 sshconnect.c] - Add a ssh_config ProxyUseFDPass option that supports the use of - ProxyCommands that establish a connection and then pass a connected - file descriptor back to ssh(1). This allows the ProxyCommand to exit - rather than have to shuffle data back and forth and enables ssh to use - getpeername, etc. to obtain address information just like it does with - regular directly-connected sockets. ok markus@ - -commit b7727df37efde4dbe4f5a33b19cbf42022aabf66 -Author: Damien Miller -Date: Wed Aug 21 02:43:49 2013 +1000 - - - jmc@cvs.openbsd.org 2013/08/14 08:39:27 - [scp.1 ssh.1] - some Bx/Ox conversion; - From: Jan Stary - -commit d5d9d7b1fdacf0551de4c747728bd159be40590a -Author: Damien Miller -Date: Wed Aug 21 02:43:27 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/13 18:33:08 - [ssh-keygen.c] - another of the same typo - -commit d234afb0b3a8de1be78cbeafed5fc86912594c3c -Author: Damien Miller -Date: Wed Aug 21 02:42:58 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/13 18:32:08 - [ssh-keygen.c] - typo in error message; from Stephan Rickauer - -commit e0ee727b8281a7c2ae20630ce83f6b200b404059 -Author: Damien Miller -Date: Wed Aug 21 02:42:35 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/09 03:56:42 - [sftp.c] - enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word; - matching ksh's relatively recent change. - -commit fec029f1dc2c338f3fae3fa82aabc988dc07868c -Author: Damien Miller -Date: Wed Aug 21 02:42:12 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/09 03:39:13 - [sftp-client.c] - two problems found by a to-be-committed regress test: 1) msg_id was not - being initialised so was starting at a random value from the heap - (harmless, but confusing). 2) some error conditions were not being - propagated back to the caller - -commit 036d30743fc914089f9849ca52d615891d47e616 -Author: Damien Miller -Date: Wed Aug 21 02:41:46 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/09 03:37:25 - [sftp.c] - do getopt parsing for all sftp commands (with an empty optstring for - commands without arguments) to ensure consistent behaviour - -commit c7dba12bf95eb1d69711881a153cc286c1987663 -Author: Damien Miller -Date: Wed Aug 21 02:41:15 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/08 05:04:03 - [sftp-client.c sftp-client.h sftp.c] - add a "-l" flag for the rename command to force it to use the silly - standard SSH_FXP_RENAME command instead of the POSIX-rename- like - posix-rename@openssh.com extension. - - intended for use in regress tests, so no documentation. - -commit 034f27a0c09e69fe3589045b41f03f6e345b63f5 -Author: Damien Miller -Date: Wed Aug 21 02:40:44 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/08 04:52:04 - [sftp.c] - fix two year old regression: symlinking a file would incorrectly - canonicalise the target path. bz#2129 report from delphij AT freebsd.org - -commit c6895c5c67492144dd28589e5788f783be9152ed -Author: Damien Miller -Date: Wed Aug 21 02:40:21 2013 +1000 - - - jmc@cvs.openbsd.org 2013/08/07 06:24:51 - [sftp.1 sftp.c] - sort -a; - -commit a6d6c1f38ac9b4a5e1bd4df889e1020a8370ed55 -Author: Damien Miller -Date: Wed Aug 21 02:40:01 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/06 23:06:01 - [servconf.c] - add cast to avoid format warning; from portable - -commit eec840673bce3f69ad269672fba7ed8ff05f154f -Author: Damien Miller -Date: Wed Aug 21 02:39:39 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/06 23:05:01 - [sftp.1] - document top-level -a option (the -a option to 'get' was already - documented) - -commit 02e878070d0eddad4e11f2c82644b275418eb112 -Author: Damien Miller -Date: Wed Aug 21 02:38:51 2013 +1000 - - - djm@cvs.openbsd.org 2013/08/06 23:03:49 - [sftp.c] - fix some whitespace at EOL - make list of commands an enum rather than a long list of defines - add -a to usage() diff --git a/crypto/openssh/README b/crypto/openssh/README index c566f7b1bd8..ea6e228dda9 100644 --- a/crypto/openssh/README +++ b/crypto/openssh/README @@ -1,4 +1,8 @@ -See http://www.openssh.com/txt/release-7.0 for the release notes. +See http://www.openssh.com/txt/release-7.1p2 for the release notes. + +Please read http://www.openssh.com/report.html for bug reporting +instructions and note that we do not use Github for bug reporting or +patch/pull-request management. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c index 7dd8eb6b58c..ba908801a16 100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.112 2015/08/06 14:53:21 deraadt Exp $ */ +/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -355,7 +355,7 @@ auth_root_allowed(const char *method) case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || strcmp(method, "hostbased") == 0 || - strcmp(method, "gssapi-with-mic")) + strcmp(method, "gssapi-with-mic") == 0) return 1; break; case PERMIT_FORCED_ONLY: diff --git a/crypto/openssh/bitmap.c b/crypto/openssh/bitmap.c index 19cd2e8e379..f95032250e7 100644 --- a/crypto/openssh/bitmap.c +++ b/crypto/openssh/bitmap.c @@ -53,7 +53,7 @@ void bitmap_free(struct bitmap *b) { if (b != NULL && b->d != NULL) { - memset(b->d, 0, b->len); + explicit_bzero(b->d, b->len); free(b->d); } free(b); diff --git a/crypto/openssh/compat.c b/crypto/openssh/compat.c index eef5fbba5b6..55838044c49 100644 --- a/crypto/openssh/compat.c +++ b/crypto/openssh/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.96 2015/07/28 23:20:42 djm Exp $ */ +/* $OpenBSD: compat.c,v 1.97 2015/08/19 23:21:42 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -176,6 +176,7 @@ compat_datafellows(const char *version) "PuTTY_Release_0.63*," "PuTTY_Release_0.64*", SSH_OLD_DHGEX }, + { "FuTTY*", SSH_OLD_DHGEX }, /* Putty Fork */ { "Probe-*", SSH_BUG_PROBE }, { "TeraTerm SSH*," @@ -189,7 +190,17 @@ compat_datafellows(const char *version) "TTSSH/2.70*," "TTSSH/2.71*," "TTSSH/2.72*", SSH_BUG_HOSTKEYS }, - { "WinSCP*", SSH_OLD_DHGEX }, + { "WinSCP_release_4*," + "WinSCP_release_5.0*," + "WinSCP_release_5.1*," + "WinSCP_release_5.5*," + "WinSCP_release_5.6*," + "WinSCP_release_5.7," + "WinSCP_release_5.7.1," + "WinSCP_release_5.7.2," + "WinSCP_release_5.7.3," + "WinSCP_release_5.7.4", + SSH_OLD_DHGEX }, { NULL, 0 } }; diff --git a/crypto/openssh/contrib/README b/crypto/openssh/contrib/README index c0022386551..60e19ba9faa 100644 --- a/crypto/openssh/contrib/README +++ b/crypto/openssh/contrib/README @@ -11,7 +11,7 @@ which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or https CONNECT style proxy server. His page for connect.c has extensive documentation on its use as well as compiled versions for Win32. -http://www.taiyo.co.jp/~gotoh/ssh/connect.html +https://bitbucket.org/gotoh/connect/wiki/Home X11 SSH Askpass: diff --git a/crypto/openssh/contrib/redhat/openssh.spec b/crypto/openssh/contrib/redhat/openssh.spec index 5de78755505..4c55227e5e9 100644 --- a/crypto/openssh/contrib/redhat/openssh.spec +++ b/crypto/openssh/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 7.0p1 +%define ver 7.1p2 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff --git a/crypto/openssh/contrib/suse/openssh.spec b/crypto/openssh/contrib/suse/openssh.spec index dd9692da145..3ee526805d8 100644 --- a/crypto/openssh/contrib/suse/openssh.spec +++ b/crypto/openssh/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 7.0p1 +Version: 7.1p2 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/crypto/openssh/dns.c b/crypto/openssh/dns.c index f201b602e5f..e813afeae69 100644 --- a/crypto/openssh/dns.c +++ b/crypto/openssh/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.34 2015/01/28 22:36:00 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.35 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -154,7 +154,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, *digest_len = rdata_len - 2; if (*digest_len > 0) { - *digest = (u_char *) xmalloc(*digest_len); + *digest = xmalloc(*digest_len); memcpy(*digest, rdata + 2, *digest_len); } else { *digest = (u_char *)xstrdup(""); diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c index 5100c661d79..b777b7d50f8 100644 --- a/crypto/openssh/kex.c +++ b/crypto/openssh/kex.c @@ -270,13 +270,13 @@ kex_buf2prop(struct sshbuf *raw, int *first_kex_follows, char ***propp) debug2("kex_parse_kexinit: %s", proposal[i]); } /* first kex follows / reserved */ - if ((r = sshbuf_get_u8(b, &v)) != 0 || - (r = sshbuf_get_u32(b, &i)) != 0) + if ((r = sshbuf_get_u8(b, &v)) != 0 || /* first_kex_follows */ + (r = sshbuf_get_u32(b, &i)) != 0) /* reserved */ goto out; if (first_kex_follows != NULL) - *first_kex_follows = i; - debug2("kex_parse_kexinit: first_kex_follows %d ", v); - debug2("kex_parse_kexinit: reserved %u ", i); + *first_kex_follows = v; + debug2("first_kex_follows %d ", v); + debug2("reserved %u ", i); r = 0; *propp = proposal; out: diff --git a/crypto/openssh/mux.c b/crypto/openssh/mux.c index 8ae9cdfe884..1ab93396af4 100644 --- a/crypto/openssh/mux.c +++ b/crypto/openssh/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.53 2015/05/01 04:03:20 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.54 2015/08/19 23:18:26 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -666,6 +666,8 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) u_int lport, cport; int i, ret = 0, freefwd = 1; + memset(&fwd, 0, sizeof(fwd)); + /* XXX - lport/cport check redundant */ if (buffer_get_int_ret(&ftype, m) != 0 || (listen_addr = buffer_get_string_ret(m, NULL)) == NULL || @@ -833,6 +835,8 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) int i, ret = 0; u_int lport, cport; + memset(&fwd, 0, sizeof(fwd)); + if (buffer_get_int_ret(&ftype, m) != 0 || (listen_addr = buffer_get_string_ret(m, NULL)) == NULL || buffer_get_int_ret(&lport, m) != 0 || diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c index d892c74c162..8c1498c1bd2 100644 --- a/crypto/openssh/packet.c +++ b/crypto/openssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.213 2015/07/29 04:43:06 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.214 2015/08/20 22:32:42 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1273,7 +1273,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) DBG(debug("packet_read()")); - setp = (fd_set *)calloc(howmany(state->connection_in + 1, + setp = calloc(howmany(state->connection_in + 1, NFDBITS), sizeof(fd_mask)); if (setp == NULL) return SSH_ERR_ALLOC_FAIL; @@ -1582,6 +1582,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) logit("Bad packet length %u.", state->packlen); if ((r = sshpkt_disconnect(ssh, "Packet corrupt")) != 0) return r; + return SSH_ERR_CONN_CORRUPT; } sshbuf_reset(state->incoming_packet); } else if (state->packlen == 0) { @@ -2037,7 +2038,7 @@ ssh_packet_write_wait(struct ssh *ssh) struct timeval start, timeout, *timeoutp = NULL; struct session_state *state = ssh->state; - setp = (fd_set *)calloc(howmany(state->connection_out + 1, + setp = calloc(howmany(state->connection_out + 1, NFDBITS), sizeof(fd_mask)); if (setp == NULL) return SSH_ERR_ALLOC_FAIL; diff --git a/crypto/openssh/sftp-server.c b/crypto/openssh/sftp-server.c index d1831bf8d8a..eac11d7e695 100644 --- a/crypto/openssh/sftp-server.c +++ b/crypto/openssh/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.106 2015/04/24 01:36:01 deraadt Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.107 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1632,8 +1632,8 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) fatal("%s: sshbuf_new failed", __func__); set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); - rset = (fd_set *)xmalloc(set_size); - wset = (fd_set *)xmalloc(set_size); + rset = xmalloc(set_size); + wset = xmalloc(set_size); if (homedir != NULL) { if (chdir(homedir) != 0) { diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c index cb9b967edc9..788601a8d7f 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.170 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: sftp.c,v 1.171 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1958,7 +1958,7 @@ complete(EditLine *el, int ch) /* Figure out which argument the cursor points to */ cursor = lf->cursor - lf->buffer; - line = (char *)xmalloc(cursor + 1); + line = xmalloc(cursor + 1); memcpy(line, lf->buffer, cursor); line[cursor] = '\0'; argv = makeargv(line, &carg, 1, "e, &terminated); @@ -1966,7 +1966,7 @@ complete(EditLine *el, int ch) /* Get all the arguments on the line */ len = lf->lastchar - lf->buffer; - line = (char *)xmalloc(len + 1); + line = xmalloc(len + 1); memcpy(line, lf->buffer, len); line[len] = '\0'; argv = makeargv(line, &argc, 1, NULL, NULL); diff --git a/crypto/openssh/ssh-keygen.1 b/crypto/openssh/ssh-keygen.1 index 8c3317be702..ed17a08fab2 100644 --- a/crypto/openssh/ssh-keygen.1 +++ b/crypto/openssh/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.126 2015/07/03 03:49:45 djm Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.127 2015/08/20 19:20:06 naddy Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 3 2015 $ +.Dd $Mdocdate: August 20 2015 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -680,7 +680,7 @@ and identifying the CA key by providing its public half as an argument to .Fl s : .Pp -.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub +.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id user_key.pub .Pp In all cases, .Ar key_id @@ -693,7 +693,7 @@ By default, generated certificates are valid for all users or hosts. To generate a certificate for a specified set of principals: .Pp .Dl $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub -.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub" +.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain host_key.pub" .Pp Additional limitations on the validity and use of user certificates may be specified through certificate options. diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c index ea5f1e49e3d..4e0a8555434 100644 --- a/crypto/openssh/ssh-keygen.c +++ b/crypto/openssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.276 2015/07/03 03:49:45 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.277 2015/08/19 23:17:51 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -1201,7 +1201,8 @@ do_known_hosts(struct passwd *pw, const char *name) exit(1); } else if (delete_host && !ctx.found_key) { logit("Host %s not found in %s", name, identity_file); - unlink(tmp); + if (inplace) + unlink(tmp); } else if (inplace) { /* Backup existing file */ if (unlink(old) == -1 && errno != ENOENT) diff --git a/crypto/openssh/ssh-pkcs11-helper.c b/crypto/openssh/ssh-pkcs11-helper.c index ceabc8ba7fe..f2d58639547 100644 --- a/crypto/openssh/ssh-pkcs11-helper.c +++ b/crypto/openssh/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.10 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.11 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -301,8 +301,8 @@ main(int argc, char **argv) buffer_init(&oqueue); set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); - rset = (fd_set *)xmalloc(set_size); - wset = (fd_set *)xmalloc(set_size); + rset = xmalloc(set_size); + wset = xmalloc(set_size); for (;;) { memset(rset, 0, set_size); diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index 4452d526b60..a07bf296bc2 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -48,4 +48,4 @@ # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h # VerifyHostKeyDNS yes -# VersionAddendum FreeBSD-20160119 +# VersionAddendum FreeBSD-20160121 diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 5157b8766ff..9f67608314b 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.214 2015/07/30 00:01:34 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: July 30 2015 $ +.Dd $Mdocdate: August 14 2015 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -416,9 +416,9 @@ chacha20-poly1305@openssh.com .Pp The default is: .Bd -literal -offset indent +chacha20-poly1305@openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, aes128-gcm@openssh.com,aes256-gcm@openssh.com, -chacha20-poly1305@openssh.com, arcfour256,arcfour128, aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc, aes192-cbc,aes256-cbc,arcfour @@ -1658,7 +1658,7 @@ See also VERIFYING HOST KEYS in Specifies a string to append to the regular version string to identify OS- or site-specific modifications. The default is -.Dq FreeBSD-20160119 . +.Dq FreeBSD-20160121 . The value .Dq none may be used to disable this. diff --git a/crypto/openssh/sshbuf-getput-crypto.c b/crypto/openssh/sshbuf-getput-crypto.c index e2e093c002f..d0d791b50a3 100644 --- a/crypto/openssh/sshbuf-getput-crypto.c +++ b/crypto/openssh/sshbuf-getput-crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -158,10 +158,10 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v) if (len > 0 && (d[1] & 0x80) != 0) prepend = 1; if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) { - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return r; } - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return 0; } @@ -177,13 +177,13 @@ sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v) if (BN_bn2bin(v, d) != (int)len_bytes) return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) { - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return r; } POKE_U16(dp, len_bits); if (len_bytes != 0) memcpy(dp + 2, d, len_bytes); - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return 0; } @@ -210,7 +210,7 @@ sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) } BN_CTX_free(bn_ctx); ret = sshbuf_put_string(buf, d, len); - bzero(d, len); + explicit_bzero(d, len); return ret; } diff --git a/crypto/openssh/sshbuf-misc.c b/crypto/openssh/sshbuf-misc.c index d022065f92a..3da4b80e765 100644 --- a/crypto/openssh/sshbuf-misc.c +++ b/crypto/openssh/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.4 2015/03/24 20:03:44 markus Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.5 2015/10/05 17:11:21 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -103,7 +103,7 @@ sshbuf_dtob64(struct sshbuf *buf) if (SIZE_MAX / 2 <= len || (ret = malloc(plen)) == NULL) return NULL; if ((r = b64_ntop(p, len, ret, plen)) == -1) { - bzero(ret, plen); + explicit_bzero(ret, plen); free(ret); return NULL; } @@ -122,16 +122,16 @@ sshbuf_b64tod(struct sshbuf *buf, const char *b64) if ((p = malloc(plen)) == NULL) return SSH_ERR_ALLOC_FAIL; if ((nlen = b64_pton(b64, p, plen)) < 0) { - bzero(p, plen); + explicit_bzero(p, plen); free(p); return SSH_ERR_INVALID_FORMAT; } if ((r = sshbuf_put(buf, p, nlen)) < 0) { - bzero(p, plen); + explicit_bzero(p, plen); free(p); return r; } - bzero(p, plen); + explicit_bzero(p, plen); free(p); return 0; } diff --git a/crypto/openssh/sshbuf.c b/crypto/openssh/sshbuf.c index dbe0c9192e2..19e162c0748 100644 --- a/crypto/openssh/sshbuf.c +++ b/crypto/openssh/sshbuf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.c,v 1.3 2015/01/20 23:14:00 deraadt Exp $ */ +/* $OpenBSD: sshbuf.c,v 1.4 2015/10/05 17:11:21 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -134,7 +134,7 @@ sshbuf_fromb(struct sshbuf *buf) void sshbuf_init(struct sshbuf *ret) { - bzero(ret, sizeof(*ret)); + explicit_bzero(ret, sizeof(*ret)); ret->alloc = SSHBUF_SIZE_INIT; ret->max_size = SSHBUF_SIZE_MAX; ret->readonly = 0; @@ -177,10 +177,10 @@ sshbuf_free(struct sshbuf *buf) return; dont_free = buf->dont_free; if (!buf->readonly) { - bzero(buf->d, buf->alloc); + explicit_bzero(buf->d, buf->alloc); free(buf->d); } - bzero(buf, sizeof(*buf)); + explicit_bzero(buf, sizeof(*buf)); if (!dont_free) free(buf); } @@ -196,7 +196,7 @@ sshbuf_reset(struct sshbuf *buf) return; } if (sshbuf_check_sanity(buf) == 0) - bzero(buf->d, buf->alloc); + explicit_bzero(buf->d, buf->alloc); buf->off = buf->size = 0; if (buf->alloc != SSHBUF_SIZE_INIT) { if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) { @@ -255,7 +255,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size) rlen = roundup(buf->size, SSHBUF_SIZE_INC); if (rlen > max_size) rlen = max_size; - bzero(buf->d + buf->size, buf->alloc - buf->size); + explicit_bzero(buf->d + buf->size, buf->alloc - buf->size); SSHBUF_DBG(("new alloc = %zu", rlen)); if ((dp = realloc(buf->d, rlen)) == NULL) return SSH_ERR_ALLOC_FAIL; diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index cc0413f759b..11a9cf651cb 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.262 2015/05/28 05:41:29 dtucker Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.263 2015/08/20 22:32:42 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -358,7 +358,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr, goto done; } - fdset = (fd_set *)xcalloc(howmany(sockfd + 1, NFDBITS), + fdset = xcalloc(howmany(sockfd + 1, NFDBITS), sizeof(fd_mask)); FD_SET(sockfd, fdset); ms_to_timeval(&tv, *timeoutp); diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 8cc5562753a..3db3551f1f0 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.457 2015/07/30 00:01:34 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.458 2015/08/20 22:32:42 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -642,6 +642,8 @@ privsep_preauth_child(void) arc4random_buf(rnd, sizeof(rnd)); #ifdef WITH_OPENSSL RAND_seed(rnd, sizeof(rnd)); + if ((RAND_bytes((u_char *)rnd, 1)) != 1) + fatal("%s: RAND_bytes failed", __func__); #endif explicit_bzero(rnd, sizeof(rnd)); @@ -785,6 +787,8 @@ privsep_postauth(Authctxt *authctxt) arc4random_buf(rnd, sizeof(rnd)); #ifdef WITH_OPENSSL RAND_seed(rnd, sizeof(rnd)); + if ((RAND_bytes((u_char *)rnd, 1)) != 1) + fatal("%s: RAND_bytes failed", __func__); #endif explicit_bzero(rnd, sizeof(rnd)); @@ -1276,7 +1280,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) sighup_restart(); if (fdset != NULL) free(fdset); - fdset = (fd_set *)xcalloc(howmany(maxfd + 1, NFDBITS), + fdset = xcalloc(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask)); for (i = 0; i < num_listen_socks; i++) @@ -1459,6 +1463,8 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) arc4random_buf(rnd, sizeof(rnd)); #ifdef WITH_OPENSSL RAND_seed(rnd, sizeof(rnd)); + if ((RAND_bytes((u_char *)rnd, 1)) != 1) + fatal("%s: RAND_bytes failed", __func__); #endif explicit_bzero(rnd, sizeof(rnd)); } diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index d06775935ee..694654d35d4 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -120,7 +120,7 @@ #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none -#VersionAddendum FreeBSD-20160119 +#VersionAddendum FreeBSD-20160121 # no default banner path #Banner none diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index a9a0a2db392..4a0f72d1f25 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.210 2015/08/06 14:53:21 deraadt Exp $ +.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: August 6 2015 $ +.Dd $Mdocdate: August 14 2015 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -477,9 +477,9 @@ chacha20-poly1305@openssh.com .Pp The default is: .Bd -literal -offset indent +chacha20-poly1305@openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, -aes128-gcm@openssh.com,aes256-gcm@openssh.com, -chacha20-poly1305@openssh.com +aes128-gcm@openssh.com,aes256-gcm@openssh.com .Ed .Pp The list of available ciphers may also be obtained using the @@ -1546,7 +1546,7 @@ If this option is set to .Pa ~/.ssh/known_hosts .Cm from and -.Xr sshd_config 5 +.Nm .Cm Match .Cm Host directives. @@ -1614,7 +1614,7 @@ restrictions. Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. The default is -.Dq FreeBSD-20160119 . +.Dq FreeBSD-20160121 . The value .Dq none may be used to disable this. diff --git a/crypto/openssh/sshkey.c b/crypto/openssh/sshkey.c index dbb16e2fd1b..32dd8f2254a 100644 --- a/crypto/openssh/sshkey.c +++ b/crypto/openssh/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.20 2015/07/03 03:43:18 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.21 2015/08/19 23:19:01 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -1556,7 +1556,6 @@ dsa_generate_private_key(u_int bits, DSA **dsap) *dsap = NULL; if (!DSA_generate_parameters_ex(private, bits, NULL, 0, NULL, NULL, NULL) || !DSA_generate_key(private)) { - DSA_free(private); ret = SSH_ERR_LIBCRYPTO_ERROR; goto out; } diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index 9871c4299b8..eb4c3b1f43e 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -1,12 +1,12 @@ -/* $OpenBSD: version.h,v 1.74 2015/08/02 09:56:42 djm Exp $ */ +/* $OpenBSD: version.h,v 1.75 2015/08/21 03:45:26 djm Exp $ */ /* $FreeBSD$ */ -#define SSH_VERSION "OpenSSH_7.0" +#define SSH_VERSION "OpenSSH_7.1" -#define SSH_PORTABLE "p1" +#define SSH_PORTABLE "p2" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -#define SSH_VERSION_FREEBSD "FreeBSD-20160119" +#define SSH_VERSION_FREEBSD "FreeBSD-20160121" #ifdef WITH_OPENSSL #define OPENSSL_VERSION SSLeay_version(SSLEAY_VERSION) -- 2.45.0