summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2011-01-24 12:43:25 +0000
committerColin Watson <cjwatson@debian.org>2011-01-24 12:43:25 +0000
commit626f1d986ff72aa514da63e34744e1de9cf21b9a (patch)
treed215a5280bc2e57251e4a9e08bfd3674ad824a94 /ChangeLog
parent6ed622cb6fe8f71bbe0d998cdd12280410bfb420 (diff)
parent0970072c89b079b022538e3c366fbfa2c53fc821 (diff)
* New upstream release (http://www.openssh.org/txt/release-5.7):
- Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. - sftp(1)/sftp-server(8): add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command. - scp(1): Add a new -3 option to scp: Copies between two remote hosts are transferred through the local host (closes: #508613). - ssh(1): "atomically" create the listening mux socket by binding it on a temporary name and then linking it into position after listen() has succeeded. This allows the mux clients to determine that the server socket is either ready or stale without races (closes: #454784). Stale server sockets are now automatically removed (closes: #523250). - ssh(1): install a SIGCHLD handler to reap expired child process (closes: #594687). - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent temporary directories (closes: #357469, although only if you arrange for ssh-agent to actually see $TMPDIR since the setgid bit will cause it to be stripped off).
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog3428
1 files changed, 685 insertions, 2743 deletions
diff --git a/ChangeLog b/ChangeLog
index e3ac6a925..0356a33c5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,688 @@
120110122
2 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
3 RSA_get_default_method() for the benefit of openssl versions that don't
4 have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott,
5 ok djm@.
6 - OpenBSD CVS Sync
7 - djm@cvs.openbsd.org 2011/01/22 09:18:53
8 [version.h]
9 crank to OpenSSH-5.7
10 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
11 [contrib/suse/openssh.spec] update versions in docs and spec files.
12 - (djm) Release 5.7p1
13
1420110119
15 - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
16 of RPM so build completes. Signatures were changed to .asc since 4.1p1.
17 - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to
18 0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre-
19 release testing (random crashes and failure to load ECC keys).
20 ok dtucker@
21
2220110117
23 - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in
24 $PATH, fix cleanup of droppings; reported by openssh AT
25 roumenpetrov.info; ok dtucker@
26 - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding
27 its unique snowflake of a gdb error to the ones we look for.
28 - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running
29 ssh-add to avoid $SUDO failures on Linux
30 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new
31 Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
32 to the old values. Feedback from vapier at gentoo org and djm, ok djm.
33 - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh]
34 [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
35 disabled on platforms that do not support them; add a "config_defined()"
36 shell function that greps for defines in config.h and use them to decide
37 on feature tests.
38 Convert a couple of existing grep's over config.h to use the new function
39 Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
40 backslash characters in filenames, enable it for Cygwin and use it to turn
41 of tests for quotes backslashes in sftp-glob.sh.
42 based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@
43 - (tim) [regress/agent-getpeereid.sh] shell portability fix.
44 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
45 the tinderbox.
46 - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
47 configure.ac defines.h loginrec.c] Bug #1402: add linux audit subsystem
48 support, based on patches from Tomas Mraz and jchadima at redhat.
49
5020110116
51 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
52 on configurations that don't have it.
53 - OpenBSD CVS Sync
54 - djm@cvs.openbsd.org 2011/01/16 11:50:05
55 [clientloop.c]
56 Use atomicio when flushing protocol 1 std{out,err} buffers at
57 session close. This was a latent bug exposed by setting a SIGCHLD
58 handler and spotted by kevin.brott AT gmail.com; ok dtucker@
59 - djm@cvs.openbsd.org 2011/01/16 11:50:36
60 [sshconnect.c]
61 reset the SIGPIPE handler when forking to execute child processes;
62 ok dtucker@
63 - djm@cvs.openbsd.org 2011/01/16 12:05:59
64 [clientloop.c]
65 a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
66 now that we use atomicio(), convert them from while loops to if statements
67 add test and cast to compile cleanly with -Wsigned
68
6920110114
70 - OpenBSD CVS Sync
71 - djm@cvs.openbsd.org 2011/01/13 21:54:53
72 [mux.c]
73 correct error messages; patch from bert.wesarg AT googlemail.com
74 - djm@cvs.openbsd.org 2011/01/13 21:55:25
75 [PROTOCOL.mux]
76 correct protocol names and add a couple of missing protocol number
77 defines; patch from bert.wesarg AT googlemail.com
78 - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in
79 host-key-force target rather than a substitution that is replaced with a
80 comment so that the Makefile.in is still a syntactically valid Makefile
81 (useful to run the distprep target)
82 - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.
83 - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some
84 ecdsa bits.
85
8620110113
87 - (djm) [misc.c] include time.h for nanosleep() prototype
88 - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm
89 - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
90 ecdsa keys. ok djm.
91 - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
92 gcc warning on platforms where it defaults to int
93 - (djm) [regress/Makefile] add a few more generated files to the clean
94 target
95 - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad
96 #define that was causing diffie-hellman-group-exchange-sha256 to be
97 incorrectly disabled
98 - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
99 should not depend on ECC support
100
10120110112
102 - OpenBSD CVS Sync
103 - nicm@cvs.openbsd.org 2010/10/08 21:48:42
104 [openbsd-compat/glob.c]
105 Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
106 from ARG_MAX to 64K.
107 Fixes glob-using programs (notably ftp) able to be triggered to hit
108 resource limits.
109 Idea from a similar NetBSD change, original problem reported by jasper@.
110 ok millert tedu jasper
111 - djm@cvs.openbsd.org 2011/01/12 01:53:14
112 avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
113 and sanity check arguments (these will be unnecessary when we switch
114 struct glob members from being type into to size_t in the future);
115 "looks ok" tedu@ feedback guenther@
116 - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
117 silly warnings on write() calls we don't care succeed or not.
118 - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler
119 flag tests that don't depend on gcc version at all; suggested by and
120 ok dtucker@
121
12220110111
123 - (tim) [regress/host-expand.sh] Fix for building outside of read only
124 source tree.
125 - (djm) [platform.c] Some missing includes that show up under -Werror
126 - OpenBSD CVS Sync
127 - djm@cvs.openbsd.org 2011/01/08 10:51:51
128 [clientloop.c]
129 use host and not options.hostname, as the latter may have unescaped
130 substitution characters
131 - djm@cvs.openbsd.org 2011/01/11 06:06:09
132 [sshlogin.c]
133 fd leak on error paths; from zinovik@
134 NB. Id sync only; we use loginrec.c that was also audited and fixed
135 recently
136 - djm@cvs.openbsd.org 2011/01/11 06:13:10
137 [clientloop.c ssh-keygen.c sshd.c]
138 some unsigned long long casts that make things a bit easier for
139 portable without resorting to dropping PRIu64 formats everywhere
140
14120110109
142 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by
143 openssh AT roumenpetrov.info
144
14520110108
146 - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress
147 test on OSX and others. Reported by imorgan AT nas.nasa.gov
148
14920110107
150 - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test
151 for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
152 - djm@cvs.openbsd.org 2011/01/06 22:23:53
153 [ssh.c]
154 unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
155 googlemail.com; ok markus@
156 - djm@cvs.openbsd.org 2011/01/06 22:23:02
157 [clientloop.c]
158 when exiting due to ServerAliveTimeout, mention the hostname that caused
159 it (useful with backgrounded controlmaster)
160 - djm@cvs.openbsd.org 2011/01/06 22:46:21
161 [regress/Makefile regress/host-expand.sh]
162 regress test for LocalCommand %n expansion from bert.wesarg AT
163 googlemail.com; ok markus@
164 - djm@cvs.openbsd.org 2011/01/06 23:01:35
165 [sshconnect.c]
166 reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
167 ok markus@
168
16920110106
170 - (djm) OpenBSD CVS Sync
171 - markus@cvs.openbsd.org 2010/12/08 22:46:03
172 [scp.1 scp.c]
173 add a new -3 option to scp: Copies between two remote hosts are
174 transferred through the local host. Without this option the data
175 is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
176 - jmc@cvs.openbsd.org 2010/12/09 14:13:33
177 [scp.1 scp.c]
178 scp.1: grammer fix
179 scp.c: add -3 to usage()
180 - markus@cvs.openbsd.org 2010/12/14 11:59:06
181 [sshconnect.c]
182 don't mention key type in key-changed-warning, since we also print
183 this warning if a new key type appears. ok djm@
184 - djm@cvs.openbsd.org 2010/12/15 00:49:27
185 [readpass.c]
186 fix ControlMaster=ask regression
187 reset SIGCHLD handler before fork (and restore it after) so we don't miss
188 the the askpass child's exit status. Correct test for exit status/signal to
189 account for waitpid() failure; with claudio@ ok claudio@ markus@
190 - djm@cvs.openbsd.org 2010/12/24 21:41:48
191 [auth-options.c]
192 don't send the actual forced command in a debug message; ok markus deraadt
193 - otto@cvs.openbsd.org 2011/01/04 20:44:13
194 [ssh-keyscan.c]
195 handle ecdsa-sha2 with various key lengths; hint and ok djm@
196
19720110104
198 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
199 formatter if it is present, followed by nroff and groff respectively.
200 Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
201 in favour of mandoc). feedback and ok tim
202
20320110103
204 - (djm) [Makefile.in] revert local hack I didn't intend to commit
205
20620110102
207 - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker
208 - (djm) [configure.ac] Check whether libdes is needed when building
209 with Heimdal krb5 support. On OpenBSD this library no longer exists,
210 so linking it unconditionally causes a build failure; ok dtucker
211
21220101226
213 - (dtucker) OpenBSD CVS Sync
214 - djm@cvs.openbsd.org 2010/12/08 04:02:47
215 [ssh_config.5 sshd_config.5]
216 explain that IPQoS arguments are separated by whitespace; iirc requested
217 by jmc@ a while back
218
21920101205
220 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from
221 debugging. Spotted by djm.
222 - (dtucker) OpenBSD CVS Sync
223 - djm@cvs.openbsd.org 2010/12/03 23:49:26
224 [schnorr.c]
225 check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao
226 (this code is still disabled, but apprently people are treating it as
227 a reference implementation)
228 - djm@cvs.openbsd.org 2010/12/03 23:55:27
229 [auth-rsa.c]
230 move check for revoked keys to run earlier (in auth_rsa_key_allowed)
231 bz#1829; patch from ldv AT altlinux.org; ok markus@
232 - djm@cvs.openbsd.org 2010/12/04 00:18:01
233 [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
234 add a protocol extension to support a hard link operation. It is
235 available through the "ln" command in the client. The old "ln"
236 behaviour of creating a symlink is available using its "-s" option
237 or through the preexisting "symlink" command; based on a patch from
238 miklos AT szeredi.hu in bz#1555; ok markus@
239 - djm@cvs.openbsd.org 2010/12/04 13:31:37
240 [hostfile.c]
241 fix fd leak; spotted and ok dtucker
242 - djm@cvs.openbsd.org 2010/12/04 00:21:19
243 [regress/sftp-cmds.sh]
244 adjust for hard-link support
245 - (dtucker) [regress/Makefile] Id sync.
246
24720101204
248 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
249 instead of (arc4random() % range)
250 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] Add
251 shims for the new, non-deprecated OpenSSL key generation functions for
252 platforms that don't have the new interfaces.
253
25420101201
255 - OpenBSD CVS Sync
256 - deraadt@cvs.openbsd.org 2010/11/20 05:12:38
257 [auth2-pubkey.c]
258 clean up cases of ;;
259 - djm@cvs.openbsd.org 2010/11/21 01:01:13
260 [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
261 honour $TMPDIR for client xauth and ssh-agent temporary directories;
262 feedback and ok markus@
263 - djm@cvs.openbsd.org 2010/11/21 10:57:07
264 [authfile.c]
265 Refactor internals of private key loading and saving to work on memory
266 buffers rather than directly on files. This will make a few things
267 easier to do in the future; ok markus@
268 - djm@cvs.openbsd.org 2010/11/23 02:35:50
269 [auth.c]
270 use strict_modes already passed as function argument over referencing
271 global options.strict_modes
272 - djm@cvs.openbsd.org 2010/11/23 23:57:24
273 [clientloop.c]
274 avoid NULL deref on receiving a channel request on an unknown or invalid
275 channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
276 - djm@cvs.openbsd.org 2010/11/24 01:24:14
277 [channels.c]
278 remove a debug() that pollutes stderr on client connecting to a server
279 in debug mode (channel_close_fds is called transitively from the session
280 code post-fork); bz#1719, ok dtucker
281 - djm@cvs.openbsd.org 2010/11/25 04:10:09
282 [session.c]
283 replace close() loop for fds 3->64 with closefrom();
284 ok markus deraadt dtucker
285 - djm@cvs.openbsd.org 2010/11/26 05:52:49
286 [scp.c]
287 Pass through ssh command-line flags and options when doing remote-remote
288 transfers, e.g. to enable agent forwarding which is particularly useful
289 in this case; bz#1837 ok dtucker@
290 - markus@cvs.openbsd.org 2010/11/29 18:57:04
291 [authfile.c]
292 correctly load comment for encrypted rsa1 keys;
293 report/fix Joachim Schipper; ok djm@
294 - djm@cvs.openbsd.org 2010/11/29 23:45:51
295 [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c]
296 [sshconnect.h sshconnect2.c]
297 automatically order the hostkeys requested by the client based on
298 which hostkeys are already recorded in known_hosts. This avoids
299 hostkey warnings when connecting to servers with new ECDSA keys
300 that are preferred by default; with markus@
301
30220101124
303 - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
304 into the platform-specific code Only affects SCO, tested by and ok tim@.
305 - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
306 group read/write. ok dtucker@
307 - (dtucker) [packet.c] Remove redundant local declaration of "int tos".
308 - (djm) [defines.h] Add IP DSCP defines
309
31020101122
311 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
312 from vapier at gentoo org.
313
31420101120
315 - OpenBSD CVS Sync
316 - djm@cvs.openbsd.org 2010/11/05 02:46:47
317 [packet.c]
318 whitespace KNF
319 - djm@cvs.openbsd.org 2010/11/10 01:33:07
320 [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c]
321 use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED.
322 these have been around for years by this time. ok markus
323 - djm@cvs.openbsd.org 2010/11/13 23:27:51
324 [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
325 [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
326 allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
327 hardcoding lowdelay/throughput.
328
329 bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
330 - jmc@cvs.openbsd.org 2010/11/15 07:40:14
331 [ssh_config.5]
332 libary -> library;
333 - jmc@cvs.openbsd.org 2010/11/18 15:01:00
334 [scp.1 sftp.1 ssh.1 sshd_config.5]
335 add IPQoS to the various -o lists, and zap some trailing whitespace;
336
33720101111
338 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
339 platforms that don't support ECC. Fixes some spurious warnings reported
340 by tim@
341
34220101109
343 - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
344 Feedback from dtucker@
345 - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add
346 support for platforms missing isblank(). ok djm@
347
34820101108
349 - (tim) [regress/Makefile] Fixes to allow building/testing outside source
350 tree.
351 - (tim) [regress/kextype.sh] Shell portability fix.
352
35320101107
354 - (dtucker) [platform.c] includes.h instead of defines.h so that we get
355 the correct typedefs.
356
35720101105
358 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of
359 int. Should fix bz#1817 cleanly; ok dtucker@
360 - OpenBSD CVS Sync
361 - djm@cvs.openbsd.org 2010/09/22 12:26:05
362 [regress/Makefile regress/kextype.sh]
363 regress test for each of the key exchange algorithms that we support
364 - djm@cvs.openbsd.org 2010/10/28 11:22:09
365 [authfile.c key.c key.h ssh-keygen.c]
366 fix a possible NULL deref on loading a corrupt ECDH key
367
368 store ECDH group information in private keys files as "named groups"
369 rather than as a set of explicit group parameters (by setting
370 the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
371 retrieves the group's OpenSSL NID that we need for various things.
372 - jmc@cvs.openbsd.org 2010/10/28 18:33:28
373 [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
374 knock out some "-*- nroff -*-" lines;
375 - djm@cvs.openbsd.org 2010/11/04 02:45:34
376 [sftp-server.c]
377 umask should be parsed as octal. reported by candland AT xmission.com;
378 ok markus@
379 - (dtucker) [configure.ac platform.{c,h} session.c
380 openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
381 Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
382 ok djm@
383 - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
384 after the user's groups are established and move the selinux calls into it.
385 - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
386 platform.c
387 - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
388 - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
389 retain previous behavior.
390 - (dtucker) [platform.c session.c] Move the PAM credential establishment for
391 the LOGIN_CAP case into platform.c.
392 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
393 platform.c
394 - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c.
395 - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
396 platform.c.
397 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
398 non-LOGIN_CAP case into platform.c.
399 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
400 check into platform.c
401 - (dtucker) [regress/keytype.sh] Import new test.
402 - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]
403 Import recent changes to regress/Makefile, pass a flag to enable ECC tests
404 from configure through to regress/Makefile and use it in the tests.
405 - (dtucker) [regress/kextype.sh] Add missing "test".
406 - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not
407 strictly correct since while ECC requires sha256 the reverse is not true
408 however it does prevent spurious test failures.
409 - (dtucker) [platform.c] Need servconf.h and extern options.
410
41120101025
412 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
413 1.12 to unbreak Solaris build.
414 ok djm@
415 - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a
416 native one.
417
41820101024
419 - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.
420 - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms
421 which don't have ECC support in libcrypto.
422 - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms
423 which don't have ECC support in libcrypto.
424 - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't
425 have it.
426 - (dtucker) OpenBSD CVS Sync
427 - sthen@cvs.openbsd.org 2010/10/23 22:06:12
428 [sftp.c]
429 escape '[' in filename tab-completion; fix a type while there.
430 ok djm@
431
43220101021
433 - OpenBSD CVS Sync
434 - dtucker@cvs.openbsd.org 2010/10/12 02:22:24
435 [mux.c]
436 Typo in confirmation message. bz#1827, patch from imorgan at
437 nas nasa gov
438 - djm@cvs.openbsd.org 2010/08/31 12:24:09
439 [regress/cert-hostkey.sh regress/cert-userkey.sh]
440 tests for ECDSA certificates
441
44220101011
443 - (djm) [canohost.c] Zero a4 instead of addr to better match type.
444 bz#1825, reported by foo AT mailinator.com
445 - (djm) [sshconnect.c] Need signal.h for prototype for kill(2)
446
44720101011
448 - (djm) [configure.ac] Use = instead of == in shell tests. Patch from
449 dr AT vasco.com
450
45120101007
452 - (djm) [ssh-agent.c] Fix type for curve name.
453 - (djm) OpenBSD CVS Sync
454 - matthew@cvs.openbsd.org 2010/09/24 13:33:00
455 [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
456 [openbsd-compat/timingsafe_bcmp.c]
457 Add timingsafe_bcmp(3) to libc, mention that it's already in the
458 kernel in kern(9), and remove it from OpenSSH.
459 ok deraadt@, djm@
460 NB. re-added under openbsd-compat/ for portable OpenSSH
461 - djm@cvs.openbsd.org 2010/09/25 09:30:16
462 [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
463 make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
464 rountrips to fetch per-file stat(2) information.
465 NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
466 match.
467 - djm@cvs.openbsd.org 2010/09/26 22:26:33
468 [sftp.c]
469 when performing an "ls" in columnated (short) mode, only call
470 ioctl(TIOCGWINSZ) once to get the window width instead of per-
471 filename
472 - djm@cvs.openbsd.org 2010/09/30 11:04:51
473 [servconf.c]
474 prevent free() of string in .rodata when overriding AuthorizedKeys in
475 a Match block; patch from rein AT basefarm.no
476 - djm@cvs.openbsd.org 2010/10/01 23:05:32
477 [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
478 adapt to API changes in openssl-1.0.0a
479 NB. contains compat code to select correct API for older OpenSSL
480 - djm@cvs.openbsd.org 2010/10/05 05:13:18
481 [sftp.c sshconnect.c]
482 use default shell /bin/sh if $SHELL is ""; ok markus@
483 - djm@cvs.openbsd.org 2010/10/06 06:39:28
484 [clientloop.c ssh.c sshconnect.c sshconnect.h]
485 kill proxy command on fatal() (we already kill it on clean exit);
486 ok markus@
487 - djm@cvs.openbsd.org 2010/10/06 21:10:21
488 [sshconnect.c]
489 swapped args to kill(2)
490 - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.
491 - (djm) [cipher-acss.c] Add missing header.
492 - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp
493
49420100924
495 - (djm) OpenBSD CVS Sync
496 - naddy@cvs.openbsd.org 2010/09/10 15:19:29
497 [ssh-keygen.1]
498 * mention ECDSA in more places
499 * less repetition in FILES section
500 * SSHv1 keys are still encrypted with 3DES
501 help and ok jmc@
502 - djm@cvs.openbsd.org 2010/09/11 21:44:20
503 [ssh.1]
504 mention RFC 5656 for ECC stuff
505 - jmc@cvs.openbsd.org 2010/09/19 21:30:05
506 [sftp.1]
507 more wacky macro fixing;
508 - djm@cvs.openbsd.org 2010/09/20 04:41:47
509 [ssh.c]
510 install a SIGCHLD handler to reap expiried child process; ok markus@
511 - djm@cvs.openbsd.org 2010/09/20 04:50:53
512 [jpake.c schnorr.c]
513 check that received values are smaller than the group size in the
514 disabled and unfinished J-PAKE code.
515 avoids catastrophic security failure found by Sebastien Martini
516 - djm@cvs.openbsd.org 2010/09/20 04:54:07
517 [jpake.c]
518 missing #include
519 - djm@cvs.openbsd.org 2010/09/20 07:19:27
520 [mux.c]
521 "atomically" create the listening mux socket by binding it on a temorary
522 name and then linking it into position after listen() has succeeded.
523 this allows the mux clients to determine that the server socket is
524 either ready or stale without races. stale server sockets are now
525 automatically removed
526 ok deraadt
527 - djm@cvs.openbsd.org 2010/09/22 05:01:30
528 [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
529 [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
530 add a KexAlgorithms knob to the client and server configuration to allow
531 selection of which key exchange methods are used by ssh(1) and sshd(8)
532 and their order of preference.
533 ok markus@
534 - jmc@cvs.openbsd.org 2010/09/22 08:30:08
535 [ssh.1 ssh_config.5]
536 ssh.1: add kexalgorithms to the -o list
537 ssh_config.5: format the kexalgorithms in a more consistent
538 (prettier!) way
539 ok djm
540 - djm@cvs.openbsd.org 2010/09/22 22:58:51
541 [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
542 [sftp-client.h sftp.1 sftp.c]
543 add an option per-read/write callback to atomicio
544
545 factor out bandwidth limiting code from scp(1) into a generic bandwidth
546 limiter that can be attached using the atomicio callback mechanism
547
548 add a bandwidth limit option to sftp(1) using the above
549 "very nice" markus@
550 - jmc@cvs.openbsd.org 2010/09/23 13:34:43
551 [sftp.c]
552 add [-l limit] to usage();
553 - jmc@cvs.openbsd.org 2010/09/23 13:36:46
554 [scp.1 sftp.1]
555 add KexAlgorithms to the -o list;
556
55720100910
558 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact
559 return code since it can apparently return -1 under some conditions. From
560 openssh bugs werbittewas de, ok djm@
561 - OpenBSD CVS Sync
562 - djm@cvs.openbsd.org 2010/08/31 12:33:38
563 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
564 reintroduce commit from tedu@, which I pulled out for release
565 engineering:
566 OpenSSL_add_all_algorithms is the name of the function we have a
567 man page for, so use that. ok djm
568 - jmc@cvs.openbsd.org 2010/08/31 17:40:54
569 [ssh-agent.1]
570 fix some macro abuse;
571 - jmc@cvs.openbsd.org 2010/08/31 21:14:58
572 [ssh.1]
573 small text tweak to accommodate previous;
574 - naddy@cvs.openbsd.org 2010/09/01 15:21:35
575 [servconf.c]
576 pick up ECDSA host key by default; ok djm@
577 - markus@cvs.openbsd.org 2010/09/02 16:07:25
578 [ssh-keygen.c]
579 permit -b 256, 384 or 521 as key size for ECDSA; ok djm@
580 - markus@cvs.openbsd.org 2010/09/02 16:08:39
581 [ssh.c]
582 unbreak ControlPersist=yes for ControlMaster=yes; ok djm@
583 - naddy@cvs.openbsd.org 2010/09/02 17:21:50
584 [ssh-keygen.c]
585 Switch ECDSA default key size to 256 bits, which according to RFC5656
586 should still be better than our current RSA-2048 default.
587 ok djm@, markus@
588 - jmc@cvs.openbsd.org 2010/09/03 11:09:29
589 [scp.1]
590 add an EXIT STATUS section for /usr/bin;
591 - jmc@cvs.openbsd.org 2010/09/04 09:38:34
592 [ssh-add.1 ssh.1]
593 two more EXIT STATUS sections;
594 - naddy@cvs.openbsd.org 2010/09/06 17:10:19
595 [sshd_config]
596 add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste
597 <mattieu.b@gmail.com>
598 ok deraadt@
599 - djm@cvs.openbsd.org 2010/09/08 03:54:36
600 [authfile.c]
601 typo
602 - deraadt@cvs.openbsd.org 2010/09/08 04:13:31
603 [compress.c]
604 work around name-space collisions some buggy compilers (looking at you
605 gcc, at least in earlier versions, but this does not forgive your current
606 transgressions) seen between zlib and openssl
607 ok djm
608 - djm@cvs.openbsd.org 2010/09/09 10:45:45
609 [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
610 ECDH/ECDSA compliance fix: these methods vary the hash function they use
611 (SHA256/384/512) depending on the length of the curve in use. The previous
612 code incorrectly used SHA256 in all cases.
613
614 This fix will cause authentication failure when using 384 or 521-bit curve
615 keys if one peer hasn't been upgraded and the other has. (256-bit curve
616 keys work ok). In particular you may need to specify HostkeyAlgorithms
617 when connecting to a server that has not been upgraded from an upgraded
618 client.
619
620 ok naddy@
621 - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
622 [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
623 [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
624 platforms that don't have the requisite OpenSSL support. ok dtucker@
625 - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
626 for missing headers and compiler warnings.
627
62820100831
629 - OpenBSD CVS Sync
630 - jmc@cvs.openbsd.org 2010/08/08 19:36:30
631 [ssh-keysign.8 ssh.1 sshd.8]
632 use the same template for all FILES sections; i.e. -compact/.Pp where we
633 have multiple items, and .Pa for path names;
634 - tedu@cvs.openbsd.org 2010/08/12 23:34:39
635 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
636 OpenSSL_add_all_algorithms is the name of the function we have a man page
637 for, so use that. ok djm
638 - djm@cvs.openbsd.org 2010/08/16 04:06:06
639 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
640 backout previous temporarily; discussed with deraadt@
641 - djm@cvs.openbsd.org 2010/08/31 09:58:37
642 [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
643 [packet.h ssh-dss.c ssh-rsa.c]
644 Add buffer_get_cstring() and related functions that verify that the
645 string extracted from the buffer contains no embedded \0 characters*
646 This prevents random (possibly malicious) crap from being appended to
647 strings where it would not be noticed if the string is used with
648 a string(3) function.
649
650 Use the new API in a few sensitive places.
651
652 * actually, we allow a single one at the end of the string for now because
653 we don't know how many deployed implementations get this wrong, but don't
654 count on this to remain indefinitely.
655 - djm@cvs.openbsd.org 2010/08/31 11:54:45
656 [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
657 [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
658 [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
659 [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
660 [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
661 [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
662 [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
663 Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
664 host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
665 better performance than plain DH and DSA at the same equivalent symmetric
666 key length, as well as much shorter keys.
667
668 Only the mandatory sections of RFC5656 are implemented, specifically the
669 three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
670 ECDSA. Point compression (optional in RFC5656 is NOT implemented).
671
672 Certificate host and user keys using the new ECDSA key types are supported.
673
674 Note that this code has not been tested for interoperability and may be
675 subject to change.
676
677 feedback and ok markus@
678 - (djm) [Makefile.in] Add new ECC files
679 - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include
680 includes.h
681
68220100827
683 - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,
684 remove. Patch from martynas at venck us
685
120100823 68620100823
2 - (djm) Release OpenSSH-5.6p1 687 - (djm) Release OpenSSH-5.6p1
3 688
@@ -517,2746 +1202,3 @@
517 1202
518 ok markus@ 1203 ok markus@
519 1204
52020100410
521 - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo
522 back so we disable the IPv6 tests if we don't have it.
523
52420100409
525 - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong
526 ones. Based on a patch from Roumen Petrov.
527 - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags if we
528 have it and the path is not provided to --with-libedit. Based on a patch
529 from Iain Morgan.
530 - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: enable
531 utmpx support on FreeBSD where possible. Patch from Ed Schouten, ok djm@
532
53320100326
534 - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection
535 for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson
536 - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch originally
537 by Ingo Weinhold via Scott McCreary, ok djm@
538 - (djm) OpenBSD CVS Sync
539 - djm@cvs.openbsd.org 2010/03/25 23:38:28
540 [servconf.c]
541 from portable: getcwd(NULL, 0) doesn't work on all platforms, so
542 use a stack buffer; ok dtucker@
543 - djm@cvs.openbsd.org 2010/03/26 00:26:58
544 [ssh.1]
545 mention that -S none disables connection sharing; from Colin Watson
546 - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms -
547 set up SELinux execution context before chroot() call. From Russell
548 Coker via Colin watson; bz#1726 ok dtucker@
549 - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; bz#1721
550 ok dtucker@
551 - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 using
552 pkg-config, patch from Colin Watson. Needed for newer linkers (ie gold).
553 - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no keys;
554 bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@
555 - (dtucker) OpenBSD CVS Sync
556 - dtucker@cvs.openbsd.org 2010/03/26 01:06:13
557 [ssh_config.5]
558 Reformat default value of PreferredAuthentications entry (current
559 formatting implies ", " is acceptable as a separator, which it's not.
560 ok djm@
561
56220100324
563 - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory
564 containing the services file explicitely case-insensitive. This allows to
565 tweak the Windows services file reliably. Patch from vinschen at redhat.
566
56720100321
568 - (djm) OpenBSD CVS Sync
569 - jmc@cvs.openbsd.org 2010/03/08 09:41:27
570 [ssh-keygen.1]
571 sort the list of constraints (to -O); ok djm
572 - jmc@cvs.openbsd.org 2010/03/10 07:40:35
573 [ssh-keygen.1]
574 typos; from Ross Richardson
575 closes prs 6334 and 6335
576 - djm@cvs.openbsd.org 2010/03/10 23:27:17
577 [auth2-pubkey.c]
578 correct certificate logging and make it more consistent between
579 authorized_keys and TrustedCAKeys; ok markus@
580 - djm@cvs.openbsd.org 2010/03/12 01:06:25
581 [servconf.c]
582 unbreak AuthorizedKeys option with a $HOME-relative path; reported by
583 vinschen AT redhat.com, ok dtucker@
584 - markus@cvs.openbsd.org 2010/03/12 11:37:40
585 [servconf.c]
586 do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths
587 free() (not xfree()) the buffer returned by getcwd()
588 - djm@cvs.openbsd.org 2010/03/13 21:10:38
589 [clientloop.c]
590 protocol conformance fix: send language tag when disconnecting normally;
591 spotted by 1.41421 AT gmail.com, ok markus@ deraadt@
592 - djm@cvs.openbsd.org 2010/03/13 21:45:46
593 [ssh-keygen.1]
594 Certificates are named *-cert.pub, not *_cert.pub; committing a diff
595 from stevesk@ ok me
596 - jmc@cvs.openbsd.org 2010/03/13 23:38:13
597 [ssh-keygen.1]
598 fix a formatting error (args need quoted); noted by stevesk
599 - stevesk@cvs.openbsd.org 2010/03/15 19:40:02
600 [key.c key.h ssh-keygen.c]
601 also print certificate type (user or host) for ssh-keygen -L
602 ok djm kettenis
603 - stevesk@cvs.openbsd.org 2010/03/16 15:46:52
604 [auth-options.c]
605 spelling in error message. ok djm kettenis
606 - djm@cvs.openbsd.org 2010/03/16 16:36:49
607 [version.h]
608 crank version to openssh-5.5 since we have a few fixes since 5.4;
609 requested deraadt@ kettenis@
610 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
611 [contrib/suse/openssh.spec] Crank version numbers
612
61320100314
614 - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix
615 compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot
616 AT fefe.de
617 - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for
618 ssh-pkcs11-helper to repair static builds (we do the same for
619 ssh-keyscan). Reported by felix-mindrot AT fefe.de
620
62120100312
622 - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir)
623 - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets.
624 Patch from Corinna Vinschen.
625 - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to install
626 on a Cygwin installation. Patch from Corinna Vinschen.
627
62820100311
629 - (tim) [contrib/suse/openssh.spec] crank version number here too.
630 report by imorgan AT nas.nasa.gov
631
63220100309
633 - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for BROKEN_GETADDRINFO
634 so setting it in CFLAGS correctly skips IPv6 tests.
635
63620100308
637 - (djm) OpenBSD CVS Sync
638 - djm@cvs.openbsd.org 2010/03/07 22:16:01
639 [ssh-keygen.c]
640 make internal strptime string match strftime format;
641 suggested by vinschen AT redhat.com and markus@
642 - djm@cvs.openbsd.org 2010/03/08 00:28:55
643 [ssh-keygen.1]
644 document permit-agent-forwarding certificate constraint; patch from
645 stevesk@
646 - djm@cvs.openbsd.org 2010/03/07 22:01:32
647 [version.h]
648 openssh-5.4
649 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
650 crank version numbers
651 - (djm) Release OpenSSH-5.4p1
652
65320100307
654 - (dtucker) [auth.c] Bug #1710: call setauthdb on AIX before getpwuid so that
655 it gets the passwd struct from the LAM that knows about the user which is
656 not necessarily the default. Patch from Alexandre Letourneau.
657 - (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and
658 do not set real uid, since that's needed for the chroot, and will be set
659 by permanently_set_uid.
660 - (dtucker) [session.c] Also initialize creds to NULL for handing to
661 setpcred.
662 - (dtucker) OpenBSD CVS Sync
663 - dtucker@cvs.openbsd.org 2010/03/07 11:57:13
664 [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
665 Hold authentication debug messages until after successful authentication.
666 Fixes an info leak of environment variables specified in authorized_keys,
667 reported by Jacob Appelbaum. ok djm@
668
66920100305
670 - OpenBSD CVS Sync
671 - jmc@cvs.openbsd.org 2010/03/04 12:51:25
672 [ssh.1 sshd_config.5]
673 tweak previous;
674 - djm@cvs.openbsd.org 2010/03/04 20:35:08
675 [ssh-keygen.1 ssh-keygen.c]
676 Add a -L flag to print the contents of a certificate; ok markus@
677 - jmc@cvs.openbsd.org 2010/03/04 22:52:40
678 [ssh-keygen.1]
679 fix Bk/Ek;
680 - djm@cvs.openbsd.org 2010/03/04 23:17:25
681 [sshd_config.5]
682 missing word; spotted by jmc@
683 - djm@cvs.openbsd.org 2010/03/04 23:19:29
684 [ssh.1 sshd.8]
685 move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
686 format section and rework it a bit; requested by jmc@
687 - djm@cvs.openbsd.org 2010/03/04 23:27:25
688 [auth-options.c ssh-keygen.c]
689 "force-command" is not spelled "forced-command"; spotted by
690 imorgan AT nas.nasa.gov
691 - djm@cvs.openbsd.org 2010/03/05 02:58:11
692 [auth.c]
693 make the warning for a revoked key louder and more noticable
694 - jmc@cvs.openbsd.org 2010/03/05 06:50:35
695 [ssh.1 sshd.8]
696 tweak previous;
697 - jmc@cvs.openbsd.org 2010/03/05 08:31:20
698 [ssh.1]
699 document certificate authentication; help/ok djm
700 - djm@cvs.openbsd.org 2010/03/05 10:28:21
701 [ssh-add.1 ssh.1 ssh_config.5]
702 mention loading of certificate files from [private]-cert.pub when
703 they are present; feedback and ok jmc@
704 - (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older
705 compilers. OK djm@
706 - (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure
707 on some platforms
708 - (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@
709
71020100304
711 - (djm) [ssh-keygen.c] Use correct local variable, instead of
712 maybe-undefined global "optarg"
713 - (djm) [contrib/redhat/openssh.spec] Replace obsolete BuildPreReq
714 on XFree86-devel with neutral /usr/include/X11/Xlib.h;
715 imorgan AT nas.nasa.gov in bz#1731
716 - (djm) [.cvsignore] Ignore ssh-pkcs11-helper
717 - (djm) [regress/Makefile] Cleanup sshd_proxy_orig
718 - OpenBSD CVS Sync
719 - djm@cvs.openbsd.org 2010/03/03 01:44:36
720 [auth-options.c key.c]
721 reject strings with embedded ASCII nul chars in certificate key IDs,
722 principal names and constraints
723 - djm@cvs.openbsd.org 2010/03/03 22:49:50
724 [sshd.8]
725 the authorized_keys option for CA keys is "cert-authority", not
726 "from=cert-authority". spotted by imorgan AT nas.nasa.gov
727 - djm@cvs.openbsd.org 2010/03/03 22:50:40
728 [PROTOCOL.certkeys]
729 s/similar same/similar/; from imorgan AT nas.nasa.gov
730 - djm@cvs.openbsd.org 2010/03/04 01:44:57
731 [key.c]
732 use buffer_get_string_ptr_ret() where we are checking the return
733 value explicitly instead of the fatal()-causing buffer_get_string_ptr()
734 - djm@cvs.openbsd.org 2010/03/04 10:36:03
735 [auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
736 [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
737 [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
738 Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
739 are trusted to authenticate users (in addition than doing it per-user
740 in authorized_keys).
741
742 Add a RevokedKeys option to sshd_config and a @revoked marker to
743 known_hosts to allow keys to me revoked and banned for user or host
744 authentication.
745
746 feedback and ok markus@
747 - djm@cvs.openbsd.org 2010/03/03 00:47:23
748 [regress/cert-hostkey.sh regress/cert-userkey.sh]
749 add an extra test to ensure that authentication with the wrong
750 certificate fails as it should (and it does)
751 - djm@cvs.openbsd.org 2010/03/04 10:38:23
752 [regress/cert-hostkey.sh regress/cert-userkey.sh]
753 additional regression tests for revoked keys and TrustedUserCAKeys
754
75520100303
756 - (djm) [PROTOCOL.certkeys] Add RCS Ident
757 - OpenBSD CVS Sync
758 - jmc@cvs.openbsd.org 2010/02/26 22:09:28
759 [ssh-keygen.1 ssh.1 sshd.8]
760 tweak previous;
761 - otto@cvs.openbsd.org 2010/03/01 11:07:06
762 [ssh-add.c]
763 zap what seems to be a left-over debug message; ok markus@
764 - djm@cvs.openbsd.org 2010/03/02 23:20:57
765 [ssh-keygen.c]
766 POSIX strptime is stricter than OpenBSD's so do a little dance to
767 appease it.
768 - (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too
769
77020100302
771 - (tim) [config.guess config.sub] Bug 1722: Update to latest versions from
772 http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22
773 respectively).
774
77520100301
776 - (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace
777 "echo -n" with "echon" for portability.
778 - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM
779 adjust log at verbose only, since according to cjwatson in bug #1470
780 some virtualization platforms don't allow writes.
781
78220100228
783 - (djm) [auth.c] On Cygwin, refuse usernames that have differences in
784 case from that matched in the system password database. On this
785 platform, passwords are stored case-insensitively, but sshd requires
786 exact case matching for Match blocks in sshd_config(5). Based on
787 a patch from vinschen AT redhat.com.
788 - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions
789 to make older compilers (gcc 2.95) happy.
790
79120100227
792 - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded
793 - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment
794 variables copied into sshd child processes. From vinschen AT redhat.com
795
79620100226
797 - OpenBSD CVS Sync
798 - djm@cvs.openbsd.org 2010/02/26 20:29:54
799 [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
800 [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
801 [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
802 [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
803 [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
804 [sshconnect2.c sshd.8 sshd.c sshd_config.5]
805 Add support for certificate key types for users and hosts.
806
807 OpenSSH certificate key types are not X.509 certificates, but a much
808 simpler format that encodes a public key, identity information and
809 some validity constraints and signs it with a CA key. CA keys are
810 regular SSH keys. This certificate style avoids the attack surface
811 of X.509 certificates and is very easy to deploy.
812
813 Certified host keys allow automatic acceptance of new host keys
814 when a CA certificate is marked as trusted in ~/.ssh/known_hosts.
815 see VERIFYING HOST KEYS in ssh(1) for details.
816
817 Certified user keys allow authentication of users when the signing
818 CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
819 FILE FORMAT" in sshd(8) for details.
820
821 Certificates are minted using ssh-keygen(1), documentation is in
822 the "CERTIFICATES" section of that manpage.
823
824 Documentation on the format of certificates is in the file
825 PROTOCOL.certkeys
826
827 feedback and ok markus@
828 - djm@cvs.openbsd.org 2010/02/26 20:33:21
829 [Makefile regress/cert-hostkey.sh regress/cert-userkey.sh]
830 regression tests for certified keys
831
83220100224
833 - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
834 [ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable
835 - (djm) OpenBSD CVS Sync
836 - djm@cvs.openbsd.org 2010/02/11 20:37:47
837 [pathnames.h]
838 correct comment
839 - dtucker@cvs.openbsd.org 2009/11/09 04:20:04
840 [regress/Makefile]
841 add regression test for ssh-keygen pubkey conversions
842 - dtucker@cvs.openbsd.org 2010/01/11 02:53:44
843 [regress/forwarding.sh]
844 regress test for stdio forwarding
845 - djm@cvs.openbsd.org 2010/02/09 04:57:36
846 [regress/addrmatch.sh]
847 clean up droppings
848 - djm@cvs.openbsd.org 2010/02/09 06:29:02
849 [regress/Makefile]
850 turn on all the malloc(3) checking options when running regression
851 tests. this has caught a few bugs for me in the past; ok dtucker@
852 - djm@cvs.openbsd.org 2010/02/24 06:21:56
853 [regress/test-exec.sh]
854 wait for sshd to fully stop in cleanup() function; avoids races in tests
855 that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@
856 - markus@cvs.openbsd.org 2010/02/08 10:52:47
857 [regress/agent-pkcs11.sh]
858 test for PKCS#11 support (currently disabled)
859 - (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper
860 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
861 [contrib/suse/openssh.spec] Add PKCS#11 helper binary and manpage
862
86320100212
864 - (djm) OpenBSD CVS Sync
865 - djm@cvs.openbsd.org 2010/02/02 22:49:34
866 [bufaux.c]
867 make buffer_get_string_ret() really non-fatal in all cases (it was
868 using buffer_get_int(), which could fatal() on buffer empty);
869 ok markus dtucker
870 - markus@cvs.openbsd.org 2010/02/08 10:50:20
871 [pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
872 [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
873 replace our obsolete smartcard code with PKCS#11.
874 ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
875 ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
876 provider (shared library) while ssh-agent(1) delegates PKCS#11 to
877 a forked a ssh-pkcs11-helper process.
878 PKCS#11 is currently a compile time option.
879 feedback and ok djm@; inspired by patches from Alon Bar-Lev
880 - jmc@cvs.openbsd.org 2010/02/08 22:03:05
881 [ssh-add.1 ssh-keygen.1 ssh.1 ssh.c]
882 tweak previous; ok markus
883 - djm@cvs.openbsd.org 2010/02/09 00:50:36
884 [ssh-agent.c]
885 fallout from PKCS#11: unbreak -D
886 - djm@cvs.openbsd.org 2010/02/09 00:50:59
887 [ssh-keygen.c]
888 fix -Wall
889 - djm@cvs.openbsd.org 2010/02/09 03:56:28
890 [buffer.c buffer.h]
891 constify the arguments to buffer_len, buffer_ptr and buffer_dump
892 - djm@cvs.openbsd.org 2010/02/09 06:18:46
893 [auth.c]
894 unbreak ChrootDirectory+internal-sftp by skipping check for executable
895 shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
896 - markus@cvs.openbsd.org 2010/02/10 23:20:38
897 [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
898 pkcs#11 is no longer optional; improve wording; ok jmc@
899 - jmc@cvs.openbsd.org 2010/02/11 13:23:29
900 [ssh.1]
901 libarary -> library;
902 - (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c]
903 [scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java]
904 Remove obsolete smartcard support
905 - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
906 Make it compile on OSX
907 - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
908 Use ssh_get_progname to fill __progname
909 - (djm) [configure.ac] Enable PKCS#11 support only when we find a working
910 dlopen()
911
91220100210
913 - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
914 getseuserbyname; patch from calebcase AT gmail.com via
915 cjwatson AT debian.org
916
91720100202
918 - (djm) OpenBSD CVS Sync
919 - djm@cvs.openbsd.org 2010/01/30 21:08:33
920 [sshd.8]
921 debug output goes to stderr, not "the system log"; ok markus dtucker
922 - djm@cvs.openbsd.org 2010/01/30 21:12:08
923 [channels.c]
924 fake local addr:port when stdio fowarding as some servers (Tectia at
925 least) validate that they are well-formed;
926 reported by imorgan AT nas.nasa.gov
927 ok dtucker
928
92920100130
930 - (djm) OpenBSD CVS Sync
931 - djm@cvs.openbsd.org 2010/01/28 00:21:18
932 [clientloop.c]
933 downgrade an error() to a debug() - this particular case can be hit in
934 normal operation for certain sequences of mux slave vs session closure
935 and is harmless
936 - djm@cvs.openbsd.org 2010/01/29 00:20:41
937 [sshd.c]
938 set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com
939 ok dtucker@
940 - djm@cvs.openbsd.org 2010/01/29 20:16:17
941 [mux.c]
942 kill correct channel (was killing already-dead mux channel, not
943 its session channel)
944 - djm@cvs.openbsd.org 2010/01/30 02:54:53
945 [mux.c]
946 don't mark channel as read failed if it is already closing; suppresses
947 harmless error messages when connecting to SSH.COM Tectia server
948 report by imorgan AT nas.nasa.gov
949
95020100129
951 - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()
952 after registering the hardware engines, which causes the openssl.cnf file to
953 be processed. See OpenSSL's man page for OPENSSL_config(3) for details.
954 Patch from Solomon Peachy, ok djm@.
955
95620100128
957 - (djm) OpenBSD CVS Sync
958 - djm@cvs.openbsd.org 2010/01/26 02:15:20
959 [mux.c]
960 -Wuninitialized and remove a // comment; from portable
961 (Id sync only)
962 - djm@cvs.openbsd.org 2010/01/27 13:26:17
963 [mux.c]
964 fix bug introduced in mux rewrite:
965
966 In a mux master, when a socket to a mux slave closes before its server
967 session (as may occur when the slave has been signalled), gracefully
968 close the server session rather than deleting its channel immediately.
969 A server may have more messages on that channel to send (e.g. an exit
970 message) that will fatal() the client if they are sent to a channel that
971 has been prematurely deleted.
972
973 spotted by imorgan AT nas.nasa.gov
974 - djm@cvs.openbsd.org 2010/01/27 19:21:39
975 [sftp.c]
976 add missing "p" flag to getopt optstring;
977 bz#1704 from imorgan AT nas.nasa.gov
978
97920100126
980 - (djm) OpenBSD CVS Sync
981 - tedu@cvs.openbsd.org 2010/01/17 21:49:09
982 [ssh-agent.1]
983 Correct and clarify ssh-add's password asking behavior.
984 Improved text dtucker and ok jmc
985 - dtucker@cvs.openbsd.org 2010/01/18 01:50:27
986 [roaming_client.c]
987 s/long long unsigned/unsigned long long/, from tim via portable
988 (Id sync only, change already in portable)
989 - djm@cvs.openbsd.org 2010/01/26 01:28:35
990 [channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c]
991 rewrite ssh(1) multiplexing code to a more sensible protocol.
992
993 The new multiplexing code uses channels for the listener and
994 accepted control sockets to make the mux master non-blocking, so
995 no stalls when processing messages from a slave.
996
997 avoid use of fatal() in mux master protocol parsing so an errant slave
998 process cannot take down a running master.
999
1000 implement requesting of port-forwards over multiplexed sessions. Any
1001 port forwards requested by the slave are added to those the master has
1002 established.
1003
1004 add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
1005
1006 document master/slave mux protocol so that other tools can use it to
1007 control a running ssh(1). Note: there are no guarantees that this
1008 protocol won't be incompatibly changed (though it is versioned).
1009
1010 feedback Salvador Fandino, dtucker@
1011 channel changes ok markus@
1012
101320100122
1014 - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of
1015 socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size
1016 in Cygwin to 65535. Patch from Corinna Vinschen.
1017
101820100117
1019 - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too.
1020 - (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions
1021 snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf().
1022
102320100116
1024 - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h
1025 so we correctly detect whether or not we have a native user_from_uid.
1026 - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid
1027 and group_from_gid.
1028 - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by
1029 Tim.
1030 - (dtucker) OpenBSD CVS Sync
1031 - markus@cvs.openbsd.org 2010/01/15 09:24:23
1032 [sftp-common.c]
1033 unused
1034 - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused
1035 variable warnings.
1036 - (dtucker) [openbsd-compat/openbsd-compat.h] Typo.
1037 - (tim) [regress/portnum.sh] Shell portability fix.
1038 - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native
1039 getaddrinfo() is too old and limited for addr_pton() in addrmatch.c.
1040 - (tim) [roaming_client.c] Use of <sys/queue.h> is not really portable so we
1041 use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/
1042 to keep USL compilers happy.
1043
104420100115
1045 - (dtucker) OpenBSD CVS Sync
1046 - jmc@cvs.openbsd.org 2010/01/13 12:48:34
1047 [sftp.1 sftp.c]
1048 sftp.1: put ls -h in the right place
1049 sftp.c: as above, plus add -p to get/put, and shorten their arg names
1050 to keep the help usage nicely aligned
1051 ok djm
1052 - djm@cvs.openbsd.org 2010/01/13 23:47:26
1053 [auth.c]
1054 when using ChrootDirectory, make sure we test for the existence of the
1055 user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu;
1056 ok dtucker
1057 - dtucker@cvs.openbsd.org 2010/01/14 23:41:49
1058 [sftp-common.c]
1059 use user_from{uid,gid} to lookup up ids since it keeps a small cache.
1060 ok djm
1061 - guenther@cvs.openbsd.org 2010/01/15 00:05:22
1062 [sftp.c]
1063 Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp
1064 inherited SIGTERM as ignored it will still be able to kill the ssh it
1065 starts.
1066 ok dtucker@
1067 - (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no
1068 changes yet but there will be some to come).
1069 - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability
1070 for pwcache. Also, added caching of negative hits.
1071
107220100114
1073 - (djm) [platform.h] Add missing prototype for
1074 platform_krb5_get_principal_name
1075
107620100113
1077 - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs.
1078 - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18:
1079 missing restore of SIGTTOU and some whitespace.
1080 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21.
1081 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22.
1082 Fixes bz #1590, where sometimes you could not interrupt a connection while
1083 ssh was prompting for a passphrase or password.
1084 - (dtucker) OpenBSD CVS Sync
1085 - dtucker@cvs.openbsd.org 2010/01/13 00:19:04
1086 [sshconnect.c auth.c]
1087 Fix a couple of typos/mispellings in comments
1088 - dtucker@cvs.openbsd.org 2010/01/13 01:10:56
1089 [key.c]
1090 Ignore and log any Protocol 1 keys where the claimed size is not equal to
1091 the actual size. Noted by Derek Martin, ok djm@
1092 - dtucker@cvs.openbsd.org 2010/01/13 01:20:20
1093 [canohost.c ssh-keysign.c sshconnect2.c]
1094 Make HostBased authentication work with a ProxyCommand. bz #1569, patch
1095 from imorgan at nas nasa gov, ok djm@
1096 - djm@cvs.openbsd.org 2010/01/13 01:40:16
1097 [sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h]
1098 support '-h' (human-readable units) for sftp's ls command, just like
1099 ls(1); ok dtucker@
1100 - djm@cvs.openbsd.org 2010/01/13 03:48:13
1101 [servconf.c servconf.h sshd.c]
1102 avoid run-time failures when specifying hostkeys via a relative
1103 path by prepending the cwd in these cases; bz#1290; ok dtucker@
1104 - djm@cvs.openbsd.org 2010/01/13 04:10:50
1105 [sftp.c]
1106 don't append a space after inserting a completion of a directory (i.e.
1107 a path ending in '/') for a slightly better user experience; ok dtucker@
1108 - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef.
1109 - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG.
1110 feedback and ok dtucker@
1111
111220100112
1113 - (dtucker) OpenBSD CVS Sync
1114 - dtucker@cvs.openbsd.org 2010/01/11 01:39:46
1115 [ssh_config channels.c ssh.1 channels.h ssh.c]
1116 Add a 'netcat mode' (ssh -W). This connects stdio on the client to a
1117 single port forward on the server. This allows, for example, using ssh as
1118 a ProxyCommand to route connections via intermediate servers.
1119 bz #1618, man page help from jmc@, ok markus@
1120 - dtucker@cvs.openbsd.org 2010/01/11 04:46:45
1121 [authfile.c sshconnect2.c]
1122 Do not prompt for a passphrase if we fail to open a keyfile, and log the
1123 reason the open failed to debug.
1124 bz #1693, found by tj AT castaglia org, ok djm@
1125 - djm@cvs.openbsd.org 2010/01/11 10:51:07
1126 [ssh-keygen.c]
1127 when converting keys, truncate key comments at 72 chars as per RFC4716;
1128 bz#1630 reported by tj AT castaglia.org; ok markus@
1129 - dtucker@cvs.openbsd.org 2010/01/12 00:16:47
1130 [authfile.c]
1131 Fix bug introduced in r1.78 (incorrect brace location) that broke key auth.
1132 Patch from joachim joachimschipper nl.
1133 - djm@cvs.openbsd.org 2010/01/12 00:58:25
1134 [monitor_fdpass.c]
1135 avoid spinning when fd passing on nonblocking sockets by calling poll()
1136 in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@
1137 - djm@cvs.openbsd.org 2010/01/12 00:59:29
1138 [roaming_common.c]
1139 delete with extreme prejudice a debug() that fired with every keypress;
1140 ok dtucker deraadt
1141 - dtucker@cvs.openbsd.org 2010/01/12 01:31:05
1142 [session.c]
1143 Do not allow logins if /etc/nologin exists but is not readable by the user
1144 logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
1145 - djm@cvs.openbsd.org 2010/01/12 01:36:08
1146 [buffer.h bufaux.c]
1147 add a buffer_get_string_ptr_ret() that does the same as
1148 buffer_get_string_ptr() but does not fatal() on error; ok dtucker@
1149 - dtucker@cvs.openbsd.org 2010/01/12 08:33:17
1150 [session.c]
1151 Add explicit stat so we reliably detect nologin with bad perms.
1152 ok djm markus
1153
115420100110
1155 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
1156 Remove hacks add for RoutingDomain in preparation for its removal.
1157 - (dtucker) OpenBSD CVS Sync
1158 - dtucker@cvs.openbsd.org 2010/01/09 23:04:13
1159 [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
1160 ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
1161 readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
1162 Remove RoutingDomain from ssh since it's now not needed. It can be
1163 replaced with "route exec" or "nc -V" as a proxycommand. "route exec"
1164 also ensures that trafic such as DNS lookups stays withing the specified
1165 routingdomain. For example (from reyk):
1166 # route -T 2 exec /usr/sbin/sshd
1167 or inherited from the parent process
1168 $ route -T 2 exec sh
1169 $ ssh 10.1.2.3
1170 ok deraadt@ markus@ stevesk@ reyk@
1171 - dtucker@cvs.openbsd.org 2010/01/10 03:51:17
1172 [servconf.c]
1173 Add ChrootDirectory to sshd.c test-mode output
1174 - dtucker@cvs.openbsd.org 2010/01/10 07:15:56
1175 [auth.c]
1176 Output a debug if we can't open an existing keyfile. bz#1694, ok djm@
1177
117820100109
1179 - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't
1180 have it.
1181 - (dtucker) [defines.h] define PRIu64 for platforms that don't have it.
1182 - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef.
1183 - (dtucker) [loginrec.c] Use the SUSv3 specified name for the user name
1184 when using utmpx. Patch from Ed Schouten.
1185 - (dtucker) OpenBSD CVS Sync
1186 - djm@cvs.openbsd.org 2010/01/09 00:20:26
1187 [sftp-server.c sftp-server.8]
1188 add a 'read-only' mode to sftp-server(8) that disables open in write mode
1189 and all other fs-modifying protocol methods. bz#430 ok dtucker@
1190 - djm@cvs.openbsd.org 2010/01/09 00:57:10
1191 [PROTOCOL]
1192 tweak language
1193 - jmc@cvs.openbsd.org 2010/01/09 03:36:00
1194 [sftp-server.8]
1195 bad place to forget a comma...
1196 - djm@cvs.openbsd.org 2010/01/09 05:04:24
1197 [mux.c sshpty.h clientloop.c sshtty.c]
1198 quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we
1199 usually don't actually have a tty to read/set; bz#1686 ok dtucker@
1200 - dtucker@cvs.openbsd.org 2010/01/09 05:17:00
1201 [roaming_client.c]
1202 Remove a PRIu64 format string that snuck in with roaming. ok djm@
1203 - dtucker@cvs.openbsd.org 2010/01/09 11:13:02
1204 [sftp.c]
1205 Prevent sftp from derefing a null pointer when given a "-" without a
1206 command. Also, allow whitespace to follow a "-". bz#1691, path from
1207 Colin Watson via Debian. ok djm@ deraadt@
1208 - dtucker@cvs.openbsd.org 2010/01/09 11:17:56
1209 [sshd.c]
1210 Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs
1211 itself. Prevents two HUPs in quick succession from resulting in sshd
1212 dying. bz#1692, patch from Colin Watson via Ubuntu.
1213 - (dtucker) [defines.h] Remove now-undeeded PRIu64 define.
1214
121520100108
1216 - (dtucker) OpenBSD CVS Sync
1217 - andreas@cvs.openbsd.org 2009/10/24 11:11:58
1218 [roaming.h]
1219 Declarations needed for upcoming changes.
1220 ok markus@
1221 - andreas@cvs.openbsd.org 2009/10/24 11:13:54
1222 [sshconnect2.c kex.h kex.c]
1223 Let the client detect if the server supports roaming by looking
1224 for the resume@appgate.com kex algorithm.
1225 ok markus@
1226 - andreas@cvs.openbsd.org 2009/10/24 11:15:29
1227 [clientloop.c]
1228 client_loop() must detect if the session has been suspended and resumed,
1229 and take appropriate action in that case.
1230 From Martin Forssen, maf at appgate dot com
1231 - andreas@cvs.openbsd.org 2009/10/24 11:19:17
1232 [ssh2.h]
1233 Define the KEX messages used when resuming a suspended connection.
1234 ok markus@
1235 - andreas@cvs.openbsd.org 2009/10/24 11:22:37
1236 [roaming_common.c]
1237 Do the actual suspend/resume in the client. This won't be useful until
1238 the server side supports roaming.
1239 Most code from Martin Forssen, maf at appgate dot com. Some changes by
1240 me and markus@
1241 ok markus@
1242 - andreas@cvs.openbsd.org 2009/10/24 11:23:42
1243 [ssh.c]
1244 Request roaming to be enabled if UseRoaming is true and the server
1245 supports it.
1246 ok markus@
1247 - reyk@cvs.openbsd.org 2009/10/28 16:38:18
1248 [ssh_config.5 sshd.c misc.h ssh-keyscan.1 readconf.h sshconnect.c
1249 channels.c channels.h servconf.h servconf.c ssh.1 ssh-keyscan.c scp.1
1250 sftp.1 sshd_config.5 readconf.c ssh.c misc.c]
1251 Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.
1252 ok markus@
1253 - jmc@cvs.openbsd.org 2009/10/28 21:45:08
1254 [sshd_config.5 sftp.1]
1255 tweak previous;
1256 - djm@cvs.openbsd.org 2009/11/10 02:56:22
1257 [ssh_config.5]
1258 explain the constraints on LocalCommand some more so people don't
1259 try to abuse it.
1260 - djm@cvs.openbsd.org 2009/11/10 02:58:56
1261 [sshd_config.5]
1262 clarify that StrictModes does not apply to ChrootDirectory. Permissions
1263 and ownership are always checked when chrooting. bz#1532
1264 - dtucker@cvs.openbsd.org 2009/11/10 04:30:45
1265 [sshconnect2.c channels.c sshconnect.c]
1266 Set close-on-exec on various descriptors so they don't get leaked to
1267 child processes. bz #1643, patch from jchadima at redhat, ok deraadt.
1268 - markus@cvs.openbsd.org 2009/11/11 21:37:03
1269 [channels.c channels.h]
1270 fix race condition in x11/agent channel allocation: don't read after
1271 the end of the select read/write fdset and make sure a reused FD
1272 is not touched before the pre-handlers are called.
1273 with and ok djm@
1274 - djm@cvs.openbsd.org 2009/11/17 05:31:44
1275 [clientloop.c]
1276 fix incorrect exit status when multiplexing and channel ID 0 is recycled
1277 bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker
1278 - djm@cvs.openbsd.org 2009/11/19 23:39:50
1279 [session.c]
1280 bz#1606: error when an attempt is made to connect to a server
1281 with ForceCommand=internal-sftp with a shell session (i.e. not a
1282 subsystem session). Avoids stuck client when attempting to ssh to such a
1283 service. ok dtucker@
1284 - dtucker@cvs.openbsd.org 2009/11/20 00:15:41
1285 [session.c]
1286 Warn but do not fail if stat()ing the subsystem binary fails. This helps
1287 with chrootdirectory+forcecommand=sftp-server and restricted shells.
1288 bz #1599, ok djm.
1289 - djm@cvs.openbsd.org 2009/11/20 00:54:01
1290 [sftp.c]
1291 bz#1588 change "Connecting to host..." message to "Connected to host."
1292 and delay it until after the sftp protocol connection has been established.
1293 Avoids confusing sequence of messages when the underlying ssh connection
1294 experiences problems. ok dtucker@
1295 - dtucker@cvs.openbsd.org 2009/11/20 00:59:36
1296 [sshconnect2.c]
1297 Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@
1298 - djm@cvs.openbsd.org 2009/11/20 03:24:07
1299 [misc.c]
1300 correct off-by-one in percent_expand(): we would fatal() when trying
1301 to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually
1302 work. Note that nothing in OpenSSH actually uses close to this limit at
1303 present. bz#1607 from Jan.Pechanec AT Sun.COM
1304 - halex@cvs.openbsd.org 2009/11/22 13:18:00
1305 [sftp.c]
1306 make passing of zero-length arguments to ssh safe by
1307 passing "-<switch>" "<value>" rather than "-<switch><value>"
1308 ok dtucker@, guenther@, djm@
1309 - dtucker@cvs.openbsd.org 2009/12/06 23:41:15
1310 [sshconnect2.c]
1311 zap unused variable and strlen; from Steve McClellan, ok djm
1312 - djm@cvs.openbsd.org 2009/12/06 23:53:45
1313 [roaming_common.c]
1314 use socklen_t for getsockopt optlen parameter; reported by
1315 Steve.McClellan AT radisys.com, ok dtucker@
1316 - dtucker@cvs.openbsd.org 2009/12/06 23:53:54
1317 [sftp.c]
1318 fix potential divide-by-zero in sftp's "df" output when talking to a server
1319 that reports zero files on the filesystem (Unix filesystems always have at
1320 least the root inode). From Steve McClellan at radisys, ok djm@
1321 - markus@cvs.openbsd.org 2009/12/11 18:16:33
1322 [key.c]
1323 switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537
1324 for the RSA public exponent; discussed with provos; ok djm@
1325 - guenther@cvs.openbsd.org 2009/12/20 07:28:36
1326 [ssh.c sftp.c scp.c]
1327 When passing user-controlled options with arguments to other programs,
1328 pass the option and option argument as separate argv entries and
1329 not smashed into one (e.g., as -l foo and not -lfoo). Also, always
1330 pass a "--" argument to stop option parsing, so that a positional
1331 argument that starts with a '-' isn't treated as an option. This
1332 fixes some error cases as well as the handling of hostnames and
1333 filenames that start with a '-'.
1334 Based on a diff by halex@
1335 ok halex@ djm@ deraadt@
1336 - djm@cvs.openbsd.org 2009/12/20 23:20:40
1337 [PROTOCOL]
1338 fix an incorrect magic number and typo in PROTOCOL; bz#1688
1339 report and fix from ueno AT unixuser.org
1340 - stevesk@cvs.openbsd.org 2009/12/25 19:40:21
1341 [readconf.c servconf.c misc.h ssh-keyscan.c misc.c]
1342 validate routing domain is in range 0-RT_TABLEID_MAX.
1343 'Looks right' deraadt@
1344 - stevesk@cvs.openbsd.org 2009/12/29 16:38:41
1345 [sshd_config.5 readconf.c ssh_config.5 scp.1 servconf.c sftp.1 ssh.1]
1346 Rename RDomain config option to RoutingDomain to be more clear and
1347 consistent with other options.
1348 NOTE: if you currently use RDomain in the ssh client or server config,
1349 or ssh/sshd -o, you must update to use RoutingDomain.
1350 ok markus@ djm@
1351 - jmc@cvs.openbsd.org 2009/12/29 18:03:32
1352 [sshd_config.5 ssh_config.5]
1353 sort previous;
1354 - dtucker@cvs.openbsd.org 2010/01/04 01:45:30
1355 [sshconnect2.c]
1356 Don't escape backslashes in the SSH2 banner. bz#1533, patch from
1357 Michal Gorny via Gentoo.
1358 - djm@cvs.openbsd.org 2010/01/04 02:03:57
1359 [sftp.c]
1360 Implement tab-completion of commands, local and remote filenames for sftp.
1361 Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009
1362 Google Summer of Code) and polished to a fine sheen by myself again.
1363 It should deal more-or-less correctly with the ikky corner-cases presented
1364 by quoted filenames, but the UI could still be slightly improved.
1365 In particular, it is quite slow for remote completion on large directories.
1366 bz#200; ok markus@
1367 - djm@cvs.openbsd.org 2010/01/04 02:25:15
1368 [sftp-server.c]
1369 bz#1566 don't unnecessarily dup() in and out fds for sftp-server;
1370 ok markus@
1371 - dtucker@cvs.openbsd.org 2010/01/08 21:50:49
1372 [sftp.c]
1373 Fix two warnings: possibly used unitialized and use a nul byte instead of
1374 NULL pointer. ok djm@
1375 - (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import new
1376 files for roaming and add to Makefile.
1377 - (dtucker) [Makefile.in] .c files do not belong in the OBJ lines.
1378 - (dtucker) [sftp.c] ifdef out the sftp completion bits for platforms that
1379 don't have libedit.
1380 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] Make
1381 RoutingDomain an unsupported option on platforms that don't have it.
1382 - (dtucker) [sftp.c] Expand ifdef for libedit to cover complete_is_remote
1383 too.
1384 - (dtucker) [misc.c] Move the routingdomain ifdef to allow the socket to
1385 be created.
1386 - (dtucker] [misc.c] Shrink the area covered by USE_ROUTINGDOMAIN more
1387 to eliminate an unused variable warning.
1388 - (dtucker) [roaming_serv.c] Include includes.h for u_intXX_t types.
1389
139020091226
1391 - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1
1392 Gzip all man pages. Patch from Corinna Vinschen.
1393
139420091221
1395 - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}]
1396 Bug #1583: Use system's kerberos principal name on AIX if it's available.
1397 Based on a patch from and tested by Miguel Sanders
1398
139920091208
1400 - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux,
1401 based on a patch from Vaclav Ovsik and Colin Watson. ok djm.
1402
140320091207
1404 - (dtucker) Bug #1160: use pkg-config for opensc config if it's available.
1405 Tested by Martin Paljak.
1406 - (dtucker) Bug #1677: add conditionals around the source for ssh-askpass.
1407
140820091121
1409 - (tim) [opensshd.init.in] If PidFile is set in sshd_config, use it.
1410 Bug 1628. OK dtucker@
1411
141220091120
1413 - (djm) [ssh-rand-helper.c] Print error and usage() when passed command-
1414 line arguments as none are supported. Exit when passed unrecognised
1415 commandline flags. bz#1568 from gson AT araneus.fi
1416
141720091118
1418 - (djm) [channels.c misc.c misc.h sshd.c] add missing setsockopt() to
1419 set IPV6_V6ONLY for local forwarding with GatwayPorts=yes. Unify
1420 setting IPV6_V6ONLY behind a new function misc.c:sock_set_v6only()
1421 bz#1648, report and fix from jan.kratochvil AT redhat.com
1422 - (djm) [contrib/gnome-ssh-askpass2.c] Make askpass dialog desktop-modal.
1423 bz#1645, patch from jchadima AT redhat.com
1424
142520091107
1426 - (dtucker) [authfile.c] Fall back to 3DES for the encryption of private
1427 keys when built with OpenSSL versions that don't do AES.
1428
142920091105
1430 - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with
1431 older versions of OpenSSL.
1432
143320091024
1434 - (dtucker) OpenBSD CVS Sync
1435 - djm@cvs.openbsd.org 2009/10/11 23:03:15
1436 [hostfile.c]
1437 mention the host name that we are looking for in check_host_in_hostfile()
1438 - sobrado@cvs.openbsd.org 2009/10/17 12:10:39
1439 [sftp-server.c]
1440 sort flags.
1441 - sobrado@cvs.openbsd.org 2009/10/22 12:35:53
1442 [ssh.1 ssh-agent.1 ssh-add.1]
1443 use the UNIX-related macros (.At and .Ux) where appropriate.
1444 ok jmc@
1445 - sobrado@cvs.openbsd.org 2009/10/22 15:02:12
1446 [ssh-agent.1 ssh-add.1 ssh.1]
1447 write UNIX-domain in a more consistent way; while here, replace a
1448 few remaining ".Tn UNIX" macros with ".Ux" ones.
1449 pointed out by ratchov@, thanks!
1450 ok jmc@
1451 - djm@cvs.openbsd.org 2009/10/22 22:26:13
1452 [authfile.c]
1453 switch from 3DES to AES-128 for encryption of passphrase-protected
1454 SSH protocol 2 private keys; ok several
1455 - djm@cvs.openbsd.org 2009/10/23 01:57:11
1456 [sshconnect2.c]
1457 disallow a hostile server from checking jpake auth by sending an
1458 out-of-sequence success message. (doesn't affect code enabled by default)
1459 - dtucker@cvs.openbsd.org 2009/10/24 00:48:34
1460 [ssh-keygen.1]
1461 ssh-keygen now uses AES-128 for private keys
1462 - (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro.
1463 - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux
1464 is enabled set the security context to "sftpd_t" before running the
1465 internal sftp server Based on a patch from jchadima at redhat.
1466
146720091011
1468 - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for
1469 dirent d_type and DTTOIF as we've switched OpenBSD to the more portable
1470 lstat.
1471 - (dtucker) OpenBSD CVS Sync
1472 - markus@cvs.openbsd.org 2009/10/08 14:03:41
1473 [sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5]
1474 disable protocol 1 by default (after a transition period of about 10 years)
1475 ok deraadt
1476 - jmc@cvs.openbsd.org 2009/10/08 20:42:12
1477 [sshd_config.5 ssh_config.5 sshd.8 ssh.1]
1478 some tweaks now that protocol 1 is not offered by default; ok markus
1479 - dtucker@cvs.openbsd.org 2009/10/11 10:41:26
1480 [sftp-client.c]
1481 d_type isn't portable so use lstat to get dirent modes. Suggested by and
1482 "looks sane" deraadt@
1483 - markus@cvs.openbsd.org 2009/10/08 18:04:27
1484 [regress/test-exec.sh]
1485 re-enable protocol v1 for the tests.
1486
148720091007
1488 - (dtucker) OpenBSD CVS Sync
1489 - djm@cvs.openbsd.org 2009/08/12 00:13:00
1490 [sftp.c sftp.1]
1491 support most of scp(1)'s commandline arguments in sftp(1), as a first
1492 step towards making sftp(1) a drop-in replacement for scp(1).
1493 One conflicting option (-P) has not been changed, pending further
1494 discussion.
1495 Patch from carlosvsilvapt@gmail.com as part of his work in the
1496 Google Summer of Code
1497 - jmc@cvs.openbsd.org 2009/08/12 06:31:42
1498 [sftp.1]
1499 sort options;
1500 - djm@cvs.openbsd.org 2009/08/13 01:11:19
1501 [sftp.1 sftp.c]
1502 Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
1503 add "-P port" to match scp(1). Fortunately, the -P option is only really
1504 used by our regression scripts.
1505 part of larger patch from carlosvsilvapt@gmail.com for his Google Summer
1506 of Code work; ok deraadt markus
1507 - jmc@cvs.openbsd.org 2009/08/13 13:39:54
1508 [sftp.1 sftp.c]
1509 sync synopsis and usage();
1510 - djm@cvs.openbsd.org 2009/08/14 18:17:49
1511 [sftp-client.c]
1512 make the "get_handle: ..." error messages vaguely useful by allowing
1513 callers to specify their own error message strings.
1514 - fgsch@cvs.openbsd.org 2009/08/15 18:56:34
1515 [auth.h]
1516 remove unused define. markus@ ok.
1517 (Id sync only, Portable still uses this.)
1518 - dtucker@cvs.openbsd.org 2009/08/16 23:29:26
1519 [sshd_config.5]
1520 Add PubkeyAuthentication to the list allowed in a Match block (bz #1577)
1521 - djm@cvs.openbsd.org 2009/08/18 18:36:21
1522 [sftp-client.h sftp.1 sftp-client.c sftp.c]
1523 recursive transfer support for get/put and on the commandline
1524 work mostly by carlosvsilvapt@gmail.com for the Google Summer of Code
1525 with some tweaks by me; "go for it" deraadt@
1526 - djm@cvs.openbsd.org 2009/08/18 21:15:59
1527 [sftp.1]
1528 fix "get" command usage, spotted by jmc@
1529 - jmc@cvs.openbsd.org 2009/08/19 04:56:03
1530 [sftp.1]
1531 ether -> either;
1532 - dtucker@cvs.openbsd.org 2009/08/20 23:54:28
1533 [mux.c]
1534 subsystem_flag is defined in ssh.c so it's extern; ok djm
1535 - djm@cvs.openbsd.org 2009/08/27 17:28:52
1536 [sftp-server.c]
1537 allow setting an explicit umask on the commandline to override whatever
1538 default the user has. bz#1229; ok dtucker@ deraadt@ markus@
1539 - djm@cvs.openbsd.org 2009/08/27 17:33:49
1540 [ssh-keygen.c]
1541 force use of correct hash function for random-art signature display
1542 as it was inheriting the wrong one when bubblebabble signatures were
1543 activated; bz#1611 report and patch from fwojcik+openssh AT besh.com;
1544 ok markus@
1545 - djm@cvs.openbsd.org 2009/08/27 17:43:00
1546 [sftp-server.8]
1547 allow setting an explicit umask on the commandline to override whatever
1548 default the user has. bz#1229; ok dtucker@ deraadt@ markus@
1549 - djm@cvs.openbsd.org 2009/08/27 17:44:52
1550 [authfd.c ssh-add.c authfd.h]
1551 Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
1552 when the agent refuses the constrained add request. This was a useful
1553 migration measure back in 2002 when constraints were new, but just
1554 adds risk now.
1555 bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
1556 - djm@cvs.openbsd.org 2009/08/31 20:56:02
1557 [sftp-server.c]
1558 check correct variable for error message, spotted by martynas@
1559 - djm@cvs.openbsd.org 2009/08/31 21:01:29
1560 [sftp-server.8]
1561 document -e and -h; prodded by jmc@
1562 - djm@cvs.openbsd.org 2009/09/01 14:43:17
1563 [ssh-agent.c]
1564 fix a race condition in ssh-agent that could result in a wedged or
1565 spinning agent: don't read off the end of the allocated fd_sets, and
1566 don't issue blocking read/write on agent sockets - just fall back to
1567 select() on retriable read/write errors. bz#1633 reported and tested
1568 by "noodle10000 AT googlemail.com"; ok dtucker@ markus@
1569 - grunk@cvs.openbsd.org 2009/10/01 11:37:33
1570 [dh.c]
1571 fix a cast
1572 ok djm@ markus@
1573 - djm@cvs.openbsd.org 2009/10/06 04:46:40
1574 [session.c]
1575 bz#1596: fflush(NULL) before exec() to ensure that everying (motd
1576 in particular) has made it out before the streams go away.
1577 - djm@cvs.openbsd.org 2008/12/07 22:17:48
1578 [regress/addrmatch.sh]
1579 match string "passwordauthentication" only at start of line, not anywhere
1580 in sshd -T output
1581 - dtucker@cvs.openbsd.org 2009/05/05 07:51:36
1582 [regress/multiplex.sh]
1583 Always specify ssh_config for multiplex tests: prevents breakage caused
1584 by options in ~/.ssh/config. From Dan Peterson.
1585 - djm@cvs.openbsd.org 2009/08/13 00:57:17
1586 [regress/Makefile]
1587 regression test for port number parsing. written as part of the a2port
1588 change that went into 5.2 but I forgot to commit it at the time...
1589 - djm@cvs.openbsd.org 2009/08/13 01:11:55
1590 [regress/sftp-batch.sh regress/sftp-badcmds.sh regress/sftp.sh
1591 regress/sftp-cmds.sh regres/sftp-glob.sh]
1592 date: 2009/08/13 01:11:19; author: djm; state: Exp; lines: +10 -7
1593 Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
1594 add "-P port" to match scp(1). Fortunately, the -P option is only really
1595 used by our regression scripts.
1596 part of larger patch from carlosvsilvapt@gmail.com for his Google Summer
1597 of Code work; ok deraadt markus
1598 - djm@cvs.openbsd.org 2009/08/20 18:43:07
1599 [regress/ssh-com-sftp.sh]
1600 fix one sftp -D ... => sftp -P ... conversion that I missed; from Carlos
1601 Silva for Google Summer of Code
1602 - dtucker@cvs.openbsd.org 2009/10/06 23:51:49
1603 [regress/ssh2putty.sh]
1604 Add OpenBSD tag to make syncs easier
1605 - (dtucker) [regress/portnum.sh] Import new test.
1606 - (dtucker) [configure.ac sftp-client.c] DTOTIF is in fs/ffs/dir.h on at
1607 least dragonflybsd.
1608 - (dtucker) d_type is not mandated by POSIX, so add fallback code using
1609 stat(), needed on at least cygwin.
1610
161120091002
1612 - (djm) [Makefile.in] Mention readconf.o in ssh-keysign's make deps.
1613 spotted by des AT des.no
1614
161520090926
1616 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
1617 [contrib/suse/openssh.spec] Update for release
1618 - (djm) [README] update relnotes URL
1619 - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere
1620 - (djm) Release 5.3p1
1621
162220090911
1623 - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X
1624 10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query). Patch
1625 from jbasney at ncsa uiuc edu.
1626
162720090908
1628 - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port
1629 (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@
1630
163120090901
1632 - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for
1633 krb5-config if it's not in the location specified by --with-kerberos5.
1634 Patch from jchadima at redhat.
1635
163620090829
1637 - (dtucker) [README.platform] Add text about development packages, based on
1638 text from Chris Pepper in bug #1631.
1639
164020090828
1641 - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently
1642 causes problems in some Tru64 configurations.
1643 - (djm) [sshd_config.5] downgrade mention of login.conf to be an example
1644 and mention PAM as another provider for ChallengeResponseAuthentication;
1645 bz#1408; ok dtucker@
1646 - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when
1647 attempting atomic rename(); ok dtucker@
1648 - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables
1649 in argv, so pass them in the environment; ok dtucker@
1650 - (dtucker) [channels.c configure.ac] Bug #1528: skip the tcgetattr call on
1651 the pty master on Solaris, since it never succeeds and can hang if large
1652 amounts of data is sent to the slave (eg a copy-paste). Based on a patch
1653 originally from Doke Scott, ok djm@
1654 - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer
1655 size a compile-time option and set it to 64k on Cygwin, since Corinna
1656 reports that it makes a significant difference to performance. ok djm@
1657 - (dtucker) [configure.ac] Fix the syntax of the Solaris tcgetattr entry.
1658
165920090820
1660 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not
1661 using it since the type conflicts can cause problems on FreeBSD. Patch
1662 from Jonathan Chen.
1663 - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move
1664 the setpcred call on AIX to immediately before the permanently_set_uid().
1665 Ensures that we still have privileges when we call chroot and
1666 pam_open_sesson. Based on a patch from David Leonard.
1667
166820090817
1669 - (dtucker) [configure.ac] Check for headers before libraries for openssl an
1670 zlib, which should make the errors slightly more meaningful on platforms
1671 where there's separate "-devel" packages for those.
1672 - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make
1673 PrintLastLog work on AIX. Based in part on a patch from Miguel Sanders.
1674
167520090729
1676 - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error
1677 function. Patch from Corinna Vinschen.
1678
167920090713
1680 - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it
1681 fits into 16 bits to work around a bug in glibc's resolver where it masks
1682 off the buffer size at 16 bits. Patch from Hauke Lampe, ok djm jakob.
1683
168420090712
1685 - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test,
1686 prevents configure complaining on older BSDs.
1687 - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch
1688 from Corinna Vinschen.
1689 - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on
1690 logout to after the session close. Patch from Anicka Bernathova,
1691 originally from Andreas Schwab via Novelll ok djm.
1692
169320090707
1694 - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated
1695 scripts and fix usage of eval. Patch from Corinna Vinschen.
1696
169720090705
1698 - (dtucker) OpenBSD CVS Sync
1699 - andreas@cvs.openbsd.org 2009/06/27 09:29:06
1700 [packet.h packet.c]
1701 packet_bacup_state() and packet_restore_state() will be used to
1702 temporarily save the current state ren resuming a suspended connection.
1703 ok markus@
1704 - andreas@cvs.openbsd.org 2009/06/27 09:32:43
1705 [roaming_common.c roaming.h]
1706 It may be necessary to retransmit some data when resuming, so add it
1707 to a buffer when roaming is enabled.
1708 Most of this code was written by Martin Forssen, maf at appgate dot com.
1709 ok markus@
1710 - andreas@cvs.openbsd.org 2009/06/27 09:35:06
1711 [readconf.h readconf.c]
1712 Add client option UseRoaming. It doesn't do anything yet but will
1713 control whether the client tries to use roaming if enabled on the
1714 server. From Martin Forssen.
1715 ok markus@
1716 - markus@cvs.openbsd.org 2009/06/30 14:54:40
1717 [version.h]
1718 crank version; ok deraadt
1719 - dtucker@cvs.openbsd.org 2009/07/02 02:11:47
1720 [ssh.c]
1721 allow for long home dir paths (bz #1615). ok deraadt
1722 (based in part on a patch from jchadima at redhat)
1723 - stevesk@cvs.openbsd.org 2009/07/05 19:28:33
1724 [clientloop.c]
1725 only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@
1726 ok deraadt@ markus@
1727
172820090622
1729 - (dtucker) OpenBSD CVS Sync
1730 - dtucker@cvs.openbsd.org 2009/06/22 05:39:28
1731 [monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
1732 alphabetize includes; reduces diff vs portable and style(9).
1733 ok stevesk djm
1734 (Id sync only; these were already in order in -portable)
1735
173620090621
1737 - (dtucker) OpenBSD CVS Sync
1738 - markus@cvs.openbsd.org 2009/03/17 21:37:00
1739 [ssh.c]
1740 pass correct argv[0] to openlog(); ok djm@
1741 - jmc@cvs.openbsd.org 2009/03/19 15:15:09
1742 [ssh.1]
1743 for "Ciphers", just point the reader to the keyword in ssh_config(5), just
1744 as we do for "MACs": this stops us getting out of sync when the lists
1745 change;
1746 fixes documentation/6102, submitted by Peter J. Philipp
1747 alternative fix proposed by djm
1748 ok markus
1749 - tobias@cvs.openbsd.org 2009/03/23 08:31:19
1750 [ssh-agent.c]
1751 Fixed a possible out-of-bounds memory access if the environment variable
1752 SHELL is shorter than 3 characters.
1753 with input by and ok dtucker
1754 - tobias@cvs.openbsd.org 2009/03/23 19:38:04
1755 [ssh-agent.c]
1756 My previous commit didn't fix the problem at all, so stick at my first
1757 version of the fix presented to dtucker.
1758 Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de).
1759 ok dtucker
1760 - sobrado@cvs.openbsd.org 2009/03/26 08:38:39
1761 [sftp-server.8 sshd.8 ssh-agent.1]
1762 fix a few typographical errors found by spell(1).
1763 ok dtucker@, jmc@
1764 - stevesk@cvs.openbsd.org 2009/04/13 19:07:44
1765 [sshd_config.5]
1766 fix possessive; ok djm@
1767 - stevesk@cvs.openbsd.org 2009/04/14 16:33:42
1768 [sftp-server.c]
1769 remove unused option character from getopt() optstring; ok markus@
1770 - jj@cvs.openbsd.org 2009/04/14 21:10:54
1771 [servconf.c]
1772 Fixed a few the-the misspellings in comments. Skipped a bunch in
1773 binutils,gcc and so on. ok jmc@
1774 - stevesk@cvs.openbsd.org 2009/04/17 19:23:06
1775 [session.c]
1776 use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server;
1777 ok djm@ markus@
1778 - stevesk@cvs.openbsd.org 2009/04/17 19:40:17
1779 [sshd_config.5]
1780 clarify that even internal-sftp needs /dev/log for logging to work; ok
1781 markus@
1782 - jmc@cvs.openbsd.org 2009/04/18 18:39:10
1783 [sshd_config.5]
1784 tweak previous; ok stevesk
1785 - stevesk@cvs.openbsd.org 2009/04/21 15:13:17
1786 [sshd_config.5]
1787 clarify we cd to user's home after chroot; ok markus@ on
1788 earlier version; tweaks and ok jmc@
1789 - andreas@cvs.openbsd.org 2009/05/25 06:48:01
1790 [channels.c packet.c clientloop.c packet.h serverloop.c monitor_wrap.c
1791 monitor.c]
1792 Put the globals in packet.c into a struct and don't access it directly
1793 from other files. No functional changes.
1794 ok markus@ djm@
1795 - andreas@cvs.openbsd.org 2009/05/27 06:31:25
1796 [canohost.h canohost.c]
1797 Add clear_cached_addr(), needed for upcoming changes allowing the peer
1798 address to change.
1799 ok markus@
1800 - andreas@cvs.openbsd.org 2009/05/27 06:33:39
1801 [clientloop.c]
1802 Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger
1803 change from Martin Forssen, maf at appgate dot com.
1804 ok markus@
1805 - andreas@cvs.openbsd.org 2009/05/27 06:34:36
1806 [kex.c kex.h]
1807 Move the KEX_COOKIE_LEN define to kex.h
1808 ok markus@
1809 - andreas@cvs.openbsd.org 2009/05/27 06:36:07
1810 [packet.h packet.c]
1811 Add packet_put_int64() and packet_get_int64(), part of a larger change
1812 from Martin Forssen.
1813 ok markus@
1814 - andreas@cvs.openbsd.org 2009/05/27 06:38:16
1815 [sshconnect.h sshconnect.c]
1816 Un-static ssh_exchange_identification(), part of a larger change from
1817 Martin Forssen and needed for upcoming changes.
1818 ok markus@
1819 - andreas@cvs.openbsd.org 2009/05/28 16:50:16
1820 [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c
1821 monitor.c Added roaming.h roaming_common.c roaming_dummy.c]
1822 Keep track of number of bytes read and written. Needed for upcoming
1823 changes. Most code from Martin Forssen, maf at appgate dot com.
1824 ok markus@
1825 Also, applied appropriate changes to Makefile.in
1826 - andreas@cvs.openbsd.org 2009/06/12 20:43:22
1827 [monitor.c packet.c]
1828 Fix warnings found by chl@ and djm@ and change roaming_atomicio's
1829 return type to match atomicio's
1830 Diff from djm@, ok markus@
1831 - andreas@cvs.openbsd.org 2009/06/12 20:58:32
1832 [packet.c]
1833 Move some more statics into session_state
1834 ok markus@ djm@
1835 - dtucker@cvs.openbsd.org 2009/06/21 07:37:15
1836 [kexdhs.c kexgexs.c]
1837 abort if key_sign fails, preventing possible null deref. Based on report
1838 from Paolo Ganci, ok markus@ djm@
1839 - dtucker@cvs.openbsd.org 2009/06/21 09:04:03
1840 [roaming.h roaming_common.c roaming_dummy.c]
1841 Add tags for the benefit of the sync scripts
1842 Also: pull in the changes for 1.1->1.2 missed in the previous sync.
1843 - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and
1844 header-order changes to reduce diff vs OpenBSD.
1845 - (dtucker) [servconf.c sshd.c] More whitespace sync.
1846 - (dtucker) [roaming_common.c roaming_dummy.c] Wrap #include <inttypes.h> in
1847 ifdef.
1848
184920090616
1850 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t
1851 is a struct with a __val member. Fixes build on, eg, Redhat 6.2.
1852
185320090504
1854 - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include
1855 variable declarations. Should prevent unused warnings anywhere it's set
1856 (only Crays as far as I can tell) and be a no-op everywhere else.
1857
185820090318
1859 - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem
1860 that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005.
1861 Based on patch from vinschen at redhat com.
1862
186320090308
1864 - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c
1865 auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h}
1866 openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old
1867 version of Cygwin. Patch from vinschen at redhat com.
1868
186920090307
1870 - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it
1871 exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS
1872 has a /dev/random).
1873 - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add
1874 EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c
1875 to use them. Allows building with older OpenSSL versions.
1876 - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed.
1877 - (dtucker) [configure.ac] Missing comma in type list.
1878 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]
1879 EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg
1880 in openssl 0.9.6) so add an explicit test for it.
1881
188220090306
1883 - (djm) OpenBSD CVS Sync
1884 - djm@cvs.openbsd.org 2009/03/05 07:18:19
1885 [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
1886 [sshconnect2.c]
1887 refactor the (disabled) Schnorr proof code to make it a little more
1888 generally useful
1889 - djm@cvs.openbsd.org 2009/03/05 11:30:50
1890 [uuencode.c]
1891 document what these functions do so I don't ever have to recuse into
1892 b64_pton/ntop to remember their return values
1893
189420090223
1895 - (djm) OpenBSD CVS Sync
1896 - djm@cvs.openbsd.org 2009/02/22 23:50:57
1897 [ssh_config.5 sshd_config.5]
1898 don't advertise experimental options
1899 - djm@cvs.openbsd.org 2009/02/22 23:59:25
1900 [sshd_config.5]
1901 missing period
1902 - djm@cvs.openbsd.org 2009/02/23 00:06:15
1903 [version.h]
1904 openssh-5.2
1905 - (djm) [README] update for 5.2
1906 - (djm) Release openssh-5.2p1
1907
190820090222
1909 - (djm) OpenBSD CVS Sync
1910 - tobias@cvs.openbsd.org 2009/02/21 19:32:04
1911 [misc.c sftp-server-main.c ssh-keygen.c]
1912 Added missing newlines in error messages.
1913 ok dtucker
1914
191520090221
1916 - (djm) OpenBSD CVS Sync
1917 - djm@cvs.openbsd.org 2009/02/17 01:28:32
1918 [ssh_config]
1919 sync with revised default ciphers; pointed out by dkrause@
1920 - djm@cvs.openbsd.org 2009/02/18 04:31:21
1921 [schnorr.c]
1922 signature should hash over the entire group, not just the generator
1923 (this is still disabled code)
1924 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
1925 [contrib/suse/openssh.spec] Prepare for 5.2p1
1926
192720090216
1928 - (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh]
1929 [regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled
1930 interop tests from FATAL error to a warning. Allows some interop
1931 tests to proceed if others are missing necessary prerequisites.
1932 - (djm) [configure.ac] support GNU/kFreeBSD and GNU/kOpensolaris
1933 systems; patch from Aurelien Jarno via rmh AT aybabtu.com
1934
193520090214
1936 - (djm) OpenBSD CVS Sync
1937 - dtucker@cvs.openbsd.org 2009/02/02 11:15:14
1938 [sftp.c]
1939 Initialize a few variables to prevent spurious "may be used
1940 uninitialized" warnings from newer gcc's. ok djm@
1941 - djm@cvs.openbsd.org 2009/02/12 03:00:56
1942 [canohost.c canohost.h channels.c channels.h clientloop.c readconf.c]
1943 [readconf.h serverloop.c ssh.c]
1944 support remote port forwarding with a zero listen port (-R0:...) to
1945 dyamically allocate a listen port at runtime (this is actually
1946 specified in rfc4254); bz#1003 ok markus@
1947 - djm@cvs.openbsd.org 2009/02/12 03:16:01
1948 [serverloop.c]
1949 tighten check for -R0:... forwarding: only allow dynamic allocation
1950 if want_reply is set in the packet
1951 - djm@cvs.openbsd.org 2009/02/12 03:26:22
1952 [monitor.c]
1953 some paranoia: check that the serialised key is really KEY_RSA before
1954 diddling its internals
1955 - djm@cvs.openbsd.org 2009/02/12 03:42:09
1956 [ssh.1]
1957 document -R0:... usage
1958 - djm@cvs.openbsd.org 2009/02/12 03:44:25
1959 [ssh.1]
1960 consistency: Dq => Ql
1961 - djm@cvs.openbsd.org 2009/02/12 03:46:17
1962 [ssh_config.5]
1963 document RemoteForward usage with 0 listen port
1964 - jmc@cvs.openbsd.org 2009/02/12 07:34:20
1965 [ssh_config.5]
1966 kill trailing whitespace;
1967 - markus@cvs.openbsd.org 2009/02/13 11:50:21
1968 [packet.c]
1969 check for enc !=NULL in packet_start_discard
1970 - djm@cvs.openbsd.org 2009/02/14 06:35:49
1971 [PROTOCOL]
1972 mention that eow and no-more-sessions extensions are sent only to
1973 OpenSSH peers
1974
197520090212
1976 - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
1977 set ownership and modes, so avoid explicitly setting them
1978 - (djm) [configure.ac loginrec.c] bz#1421: fix lastlog support for OSX.
1979 OSX provides a getlastlogxbyname function that automates the reading of
1980 a lastlog file. Also, the pututxline function will update lastlog so
1981 there is no need for loginrec.c to do it explicitly. Collapse some
1982 overly verbose code while I'm in there.
1983
198420090201
1985 - (dtucker) [defines.h sshconnect.c] INET6_ADDRSTRLEN is now needed in
1986 channels.c too, so move the definition for non-IP6 platforms to defines.h
1987 where it can be shared.
1988
198920090129
1990 - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.
1991 If the CYGWIN environment variable is empty, the installer script
1992 should not install the service with an empty CYGWIN variable, but
1993 rather without setting CYGWNI entirely.
1994 - (tim) [contrib/cygwin/ssh-host-config] Whitespace cleanup. No code changes.
1995
199620090128
1997 - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.
1998 Changes to work on Cygwin 1.5.x as well as on the new Cygwin 1.7.x.
1999 The information given for the setting of the CYGWIN environment variable
2000 is wrong for both releases so I just removed it, together with the
2001 unnecessary (Cygwin 1.5.x) or wrong (Cygwin 1.7.x) default setting.
2002
200320081228
2004 - (djm) OpenBSD CVS Sync
2005 - stevesk@cvs.openbsd.org 2008/12/09 03:20:42
2006 [channels.c servconf.c]
2007 channel_print_adm_permitted_opens() should deal with all the printing
2008 for that config option. suggested by markus@; ok markus@ djm@
2009 dtucker@
2010 - djm@cvs.openbsd.org 2008/12/09 04:32:22
2011 [auth2-chall.c]
2012 replace by-hand string building with xasprinf(); ok deraadt@
2013 - sobrado@cvs.openbsd.org 2008/12/09 15:35:00
2014 [sftp.1 sftp.c]
2015 update for the synopses displayed by the 'help' command, there are a
2016 few missing flags; add 'bye' to the output of 'help'; sorting and spacing.
2017 jmc@ suggested replacing .Oo/.Oc with a single .Op macro.
2018 ok jmc@
2019 - stevesk@cvs.openbsd.org 2008/12/09 22:37:33
2020 [clientloop.c]
2021 fix typo in error message
2022 - stevesk@cvs.openbsd.org 2008/12/10 03:55:20
2023 [addrmatch.c]
2024 o cannot be NULL here but use xfree() to be consistent; ok djm@
2025 - stevesk@cvs.openbsd.org 2008/12/29 01:12:36
2026 [ssh-keyscan.1]
2027 fix example, default key type is rsa for 3+ years; from
2028 frederic.perrin@resel.fr
2029 - stevesk@cvs.openbsd.org 2008/12/29 02:23:26
2030 [pathnames.h]
2031 no need to escape single quotes in comments
2032 - okan@cvs.openbsd.org 2008/12/30 00:46:56
2033 [sshd_config.5]
2034 add AllowAgentForwarding to available Match keywords list
2035 ok djm
2036 - djm@cvs.openbsd.org 2009/01/01 21:14:35
2037 [channels.c]
2038 call channel destroy callbacks on receipt of open failure messages.
2039 fixes client hangs when connecting to a server that has MaxSessions=0
2040 set spotted by imorgan AT nas.nasa.gov; ok markus@
2041 - djm@cvs.openbsd.org 2009/01/01 21:17:36
2042 [kexgexs.c]
2043 fix hash calculation for KEXGEX: hash over the original client-supplied
2044 values and not the sanity checked versions that we acutally use;
2045 bz#1540 reported by john.smith AT arrows.demon.co.uk
2046 ok markus@
2047 - djm@cvs.openbsd.org 2009/01/14 01:38:06
2048 [channels.c]
2049 support SOCKS4A protocol, from dwmw2 AT infradead.org via bz#1482;
2050 "looks ok" markus@
2051 - stevesk@cvs.openbsd.org 2009/01/15 17:38:43
2052 [readconf.c]
2053 1) use obsolete instead of alias for consistency
2054 2) oUserKnownHostsFile not obsolete but oGlobalKnownHostsFile2 is
2055 so move the comment.
2056 3) reorder so like options are together
2057 ok djm@
2058 - djm@cvs.openbsd.org 2009/01/22 09:46:01
2059 [channels.c channels.h session.c]
2060 make Channel->path an allocated string, saving a few bytes here and
2061 there and fixing bz#1380 in the process; ok markus@
2062 - djm@cvs.openbsd.org 2009/01/22 09:49:57
2063 [channels.c]
2064 oops! I committed the wrong version of the Channel->path diff,
2065 it was missing some tweaks suggested by stevesk@
2066 - djm@cvs.openbsd.org 2009/01/22 10:02:34
2067 [clientloop.c misc.c readconf.c readconf.h servconf.c servconf.h]
2068 [serverloop.c ssh-keyscan.c ssh.c sshd.c]
2069 make a2port() return -1 when it encounters an invalid port number
2070 rather than 0, which it will now treat as valid (needed for future work)
2071 adjust current consumers of a2port() to check its return value is <= 0,
2072 which in turn required some things to be converted from u_short => int
2073 make use of int vs. u_short consistent in some other places too
2074 feedback & ok markus@
2075 - djm@cvs.openbsd.org 2009/01/22 10:09:16
2076 [auth-options.c]
2077 another chunk of a2port() diff that got away. wtfdjm??
2078 - djm@cvs.openbsd.org 2009/01/23 07:58:11
2079 [myproposal.h]
2080 prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC
2081 modes; ok markus@
2082 - naddy@cvs.openbsd.org 2009/01/24 17:10:22
2083 [ssh_config.5 sshd_config.5]
2084 sync list of preferred ciphers; ok djm@
2085 - markus@cvs.openbsd.org 2009/01/26 09:58:15
2086 [cipher.c cipher.h packet.c]
2087 Work around the CPNI-957037 Plaintext Recovery Attack by always
2088 reading 256K of data on packet size or HMAC errors (in CBC mode only).
2089 Help, feedback and ok djm@
2090 Feedback from Martin Albrecht and Paterson Kenny
2091
209220090107
2093 - (djm) [uidswap.c] bz#1412: Support >16 supplemental groups in OS X.
2094 Patch based on one from vgiffin AT apple.com; ok dtucker@
2095 - (djm) [channels.c] bz#1419: support "on demand" X11 forwarding via
2096 launchd on OS X; patch from vgiffin AT apple.com, slightly tweaked;
2097 ok dtucker@
2098 - (djm) [contrib/ssh-copy-id.1 contrib/ssh-copy-id] bz#1492: Make
2099 ssh-copy-id copy id_rsa.pub by default (instead of the legacy "identity"
2100 key). Patch from cjwatson AT debian.org
2101
210220090107
2103 - (tim) [configure.ac defines.h openbsd-compat/port-uw.c
2104 openbsd-compat/xcrypt.c] Add SECUREWARE support to OpenServer 6 SVR5 ABI.
2105 OK djm@ dtucker@
2106 - (tim) [configure.ac] Move check_for_libcrypt_later=1 in *-*-sysv5*) section.
2107 OpenServer 6 doesn't need libcrypt.
2108
210920081209
2110 - (djm) OpenBSD CVS Sync
2111 - djm@cvs.openbsd.org 2008/12/09 02:38:18
2112 [clientloop.c]
2113 The ~C escape handler does not work correctly for multiplexed sessions -
2114 it opens a commandline on the master session, instead of on the slave
2115 that requested it. Disable it on slave sessions until such time as it
2116 is fixed; bz#1543 report from Adrian Bridgett via Colin Watson
2117 ok markus@
2118 - djm@cvs.openbsd.org 2008/12/09 02:39:59
2119 [sftp.c]
2120 Deal correctly with failures in remote stat() operation in sftp,
2121 correcting fail-on-error behaviour in batchmode. bz#1541 report and
2122 fix from anedvedicky AT gmail.com; ok markus@
2123 - djm@cvs.openbsd.org 2008/12/09 02:58:16
2124 [readconf.c]
2125 don't leave junk (free'd) pointers around in Forward *fwd argument on
2126 failure; avoids double-free in ~C -L handler when given an invalid
2127 forwarding specification; bz#1539 report from adejong AT debian.org
2128 via Colin Watson; ok markus@ dtucker@
2129 - djm@cvs.openbsd.org 2008/12/09 03:02:37
2130 [sftp.1 sftp.c]
2131 correct sftp(1) and corresponding usage syntax;
2132 bz#1518 patch from imorgan AT nas.nasa.gov; ok deraadt@ improved diff jmc@
2133
213420081208
2135 - (djm) [configure.ac] bz#1538: better test for ProPolice/SSP: actually
2136 use some stack in main().
2137 Report and suggested fix from vapier AT gentoo.org
2138 - (djm) OpenBSD CVS Sync
2139 - markus@cvs.openbsd.org 2008/12/02 19:01:07
2140 [clientloop.c]
2141 we have to use the recipient's channel number (RFC 4254) for
2142 SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages,
2143 otherwise we trigger 'Non-public channel' error messages on sshd
2144 systems with clientkeepalive enabled; noticed by sturm; ok djm;
2145 - markus@cvs.openbsd.org 2008/12/02 19:08:59
2146 [serverloop.c]
2147 backout 1.149, since it's not necessary and openssh clients send
2148 broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@
2149 - markus@cvs.openbsd.org 2008/12/02 19:09:38
2150 [channels.c]
2151 s/remote_id/id/ to be more consistent with other code; ok djm@
2152
215320081201
2154 - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files
2155 and tweak the is-sshd-running check in ssh-host-config. Patch from
2156 vinschen at redhat com.
2157 - (dtucker) OpenBSD CVS Sync
2158 - markus@cvs.openbsd.org 2008/11/21 15:47:38
2159 [packet.c]
2160 packet_disconnect() on padding error, too. should reduce the success
2161 probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18
2162 ok djm@
2163 - dtucker@cvs.openbsd.org 2008/11/30 11:59:26
2164 [monitor_fdpass.c]
2165 Retry sendmsg/recvmsg on EAGAIN and EINTR; ok djm@
2166
216720081123
2168 - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some
2169 declarations, removing an unnecessary union member and adding whitespace.
2170 cmsgbuf.tmp thing spotted by des at des no, ok djm some time ago.
2171
217220081118
2173 - (tim) [addrmatch.c configure.ac] Some platforms do not have sin6_scope_id
2174 member of sockaddr_in6. Also reported in Bug 1491 by David Leonard. OK and
2175 feedback by djm@
2176
217720081111
2178 - (dtucker) OpenBSD CVS Sync
2179 - jmc@cvs.openbsd.org 2008/11/05 11:22:54
2180 [servconf.c]
2181 passord -> password;
2182 fixes user/5975 from Rene Maroufi
2183 - stevesk@cvs.openbsd.org 2008/11/07 00:42:12
2184 [ssh-keygen.c]
2185 spelling/typo in comment
2186 - stevesk@cvs.openbsd.org 2008/11/07 18:50:18
2187 [nchan.c]
2188 add space to some log/debug messages for readability; ok djm@ markus@
2189 - dtucker@cvs.openbsd.org 2008/11/07 23:34:48
2190 [auth2-jpake.c]
2191 Move JPAKE define to make life easier for portable. ok djm@
2192 - tobias@cvs.openbsd.org 2008/11/09 12:34:47
2193 [session.c ssh.1]
2194 typo fixed (overriden -> overridden)
2195 ok espie, jmc
2196 - stevesk@cvs.openbsd.org 2008/11/11 02:58:09
2197 [servconf.c]
2198 USE_AFS not referenced so remove #ifdef. fixes sshd -T not printing
2199 kerberosgetafstoken. ok dtucker@
2200 (Id sync only, we still want the ifdef in portable)
2201 - stevesk@cvs.openbsd.org 2008/11/11 03:55:11
2202 [channels.c]
2203 for sshd -T print 'permitopen any' vs. 'permitopen' for case of no
2204 permitopen's; ok and input dtucker@
2205 - djm@cvs.openbsd.org 2008/11/10 02:06:35
2206 [regress/putty-ciphers.sh]
2207 PuTTY supports AES CTR modes, so interop test against them too
2208
220920081105
2210 - OpenBSD CVS Sync
2211 - djm@cvs.openbsd.org 2008/11/03 08:59:41
2212 [servconf.c]
2213 include MaxSessions in sshd -T output; patch from imorgan AT nas.nasa.gov
2214 - djm@cvs.openbsd.org 2008/11/04 07:58:09
2215 [auth.c]
2216 need unistd.h for close() prototype
2217 (ID sync only)
2218 - djm@cvs.openbsd.org 2008/11/04 08:22:13
2219 [auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
2220 [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
2221 [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
2222 [Makefile.in]
2223 Add support for an experimental zero-knowledge password authentication
2224 method using the J-PAKE protocol described in F. Hao, P. Ryan,
2225 "Password Authenticated Key Exchange by Juggling", 16th Workshop on
2226 Security Protocols, Cambridge, April 2008.
2227
2228 This method allows password-based authentication without exposing
2229 the password to the server. Instead, the client and server exchange
2230 cryptographic proofs to demonstrate of knowledge of the password while
2231 revealing nothing useful to an attacker or compromised endpoint.
2232
2233 This is experimental, work-in-progress code and is presently
2234 compiled-time disabled (turn on -DJPAKE in Makefile.inc).
2235
2236 "just commit it. It isn't too intrusive." deraadt@
2237 - stevesk@cvs.openbsd.org 2008/11/04 19:18:00
2238 [readconf.c]
2239 because parse_forward() is now used to parse all forward types (DLR),
2240 and it malloc's space for host variables, we don't need to malloc
2241 here. fixes small memory leaks.
2242
2243 previously dynamic forwards were not parsed in parse_forward() and
2244 space was not malloc'd in that case.
2245
2246 ok djm@
2247 - stevesk@cvs.openbsd.org 2008/11/05 03:23:09
2248 [clientloop.c ssh.1]
2249 add dynamic forward escape command line; ok djm@
2250
225120081103
2252 - OpenBSD CVS Sync
2253 - sthen@cvs.openbsd.org 2008/07/24 23:55:30
2254 [ssh-keygen.1]
2255 Add "ssh-keygen -F -l" to synopsis (displays fingerprint from
2256 known_hosts). ok djm@
2257 - grunk@cvs.openbsd.org 2008/07/25 06:56:35
2258 [ssh_config]
2259 Add VisualHostKey to example file, ok djm@
2260 - grunk@cvs.openbsd.org 2008/07/25 07:05:16
2261 [key.c]
2262 In random art visualization, make sure to use the end marker only at the
2263 end. Initial diff by Dirk Loss, tweaks and ok djm@
2264 - markus@cvs.openbsd.org 2008/07/31 14:48:28
2265 [sshconnect2.c]
2266 don't allocate space for empty banners; report t8m at centrum.cz;
2267 ok deraadt
2268 - krw@cvs.openbsd.org 2008/08/02 04:29:51
2269 [ssh_config.5]
2270 whitepsace -> whitespace. From Matthew Clarke via bugs@.
2271 - djm@cvs.openbsd.org 2008/08/21 04:09:57
2272 [session.c]
2273 allow ForceCommand internal-sftp with arguments. based on patch from
2274 michael.barabanov AT gmail.com; ok markus@
2275 - djm@cvs.openbsd.org 2008/09/06 12:24:13
2276 [kex.c]
2277 OpenSSL 0.9.8h supplies a real EVP_sha256 so we do not need our
2278 replacement anymore
2279 (ID sync only for portable - we still need this)
2280 - markus@cvs.openbsd.org 2008/09/11 14:22:37
2281 [compat.c compat.h nchan.c ssh.c]
2282 only send eow and no-more-sessions requests to openssh 5 and newer;
2283 fixes interop problems with broken ssh v2 implementations; ok djm@
2284 - millert@cvs.openbsd.org 2008/10/02 14:39:35
2285 [session.c]
2286 Convert an unchecked strdup to xstrdup. OK deraadt@
2287 - jmc@cvs.openbsd.org 2008/10/03 13:08:12
2288 [sshd.8]
2289 do not give an example of how to chmod files: we can presume the user
2290 knows that. removes an ambiguity in the permission of authorized_keys;
2291 ok deraadt
2292 - deraadt@cvs.openbsd.org 2008/10/03 23:56:28
2293 [sshconnect2.c]
2294 Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the
2295 function.
2296 spotted by des@freebsd, who commited an incorrect fix to the freebsd tree
2297 and (as is fairly typical) did not report the problem to us. But this fix
2298 is correct.
2299 ok djm
2300 - djm@cvs.openbsd.org 2008/10/08 23:34:03
2301 [ssh.1 ssh.c]
2302 Add -y option to force logging via syslog rather than stderr.
2303 Useful for daemonised ssh connection (ssh -f). Patch originally from
2304 and ok'd by markus@
2305 - djm@cvs.openbsd.org 2008/10/09 03:50:54
2306 [servconf.c sshd_config.5]
2307 support setting PermitEmptyPasswords in a Match block
2308 requested in PR3891; ok dtucker@
2309 - jmc@cvs.openbsd.org 2008/10/09 06:54:22
2310 [ssh.c]
2311 add -y to usage();
2312 - stevesk@cvs.openbsd.org 2008/10/10 04:55:16
2313 [scp.c]
2314 spelling in comment; ok djm@
2315 - stevesk@cvs.openbsd.org 2008/10/10 05:00:12
2316 [key.c]
2317 typo in error message; ok djm@
2318 - stevesk@cvs.openbsd.org 2008/10/10 16:43:27
2319 [ssh_config.5]
2320 use 'Privileged ports can be forwarded only when logging in as root on
2321 the remote machine.' for RemoteForward just like ssh.1 -R.
2322 ok djm@ jmc@
2323 - stevesk@cvs.openbsd.org 2008/10/14 18:11:33
2324 [sshconnect.c]
2325 use #define ROQUIET here; no binary change. ok dtucker@
2326 - stevesk@cvs.openbsd.org 2008/10/17 18:36:24
2327 [ssh_config.5]
2328 correct and clarify VisualHostKey; ok jmc@
2329 - stevesk@cvs.openbsd.org 2008/10/30 19:31:16
2330 [clientloop.c sshd.c]
2331 don't need to #include "monitor_fdpass.h"
2332 - stevesk@cvs.openbsd.org 2008/10/31 15:05:34
2333 [dispatch.c]
2334 remove unused #define DISPATCH_MIN; ok markus@
2335 - djm@cvs.openbsd.org 2008/11/01 04:50:08
2336 [sshconnect2.c]
2337 sprinkle ARGSUSED on dispatch handlers
2338 nuke stale unusued prototype
2339 - stevesk@cvs.openbsd.org 2008/11/01 06:43:33
2340 [channels.c]
2341 fix some typos in log messages; ok djm@
2342 - sobrado@cvs.openbsd.org 2008/11/01 11:14:36
2343 [ssh-keyscan.1 ssh-keyscan.c]
2344 the ellipsis is not an optional argument; while here, improve spacing.
2345 - stevesk@cvs.openbsd.org 2008/11/01 17:40:33
2346 [clientloop.c readconf.c readconf.h ssh.c]
2347 merge dynamic forward parsing into parse_forward();
2348 'i think this is OK' djm@
2349 - stevesk@cvs.openbsd.org 2008/11/02 00:16:16
2350 [ttymodes.c]
2351 protocol 2 tty modes support is now 7.5 years old so remove these
2352 debug3()s; ok deraadt@
2353 - stevesk@cvs.openbsd.org 2008/11/03 01:07:02
2354 [readconf.c]
2355 remove valueless comment
2356 - stevesk@cvs.openbsd.org 2008/11/03 02:44:41
2357 [readconf.c]
2358 fix comment
2359 - (djm) [contrib/caldera/ssh-host-keygen contrib/suse/rc.sshd]
2360 Make example scripts generate keys with default sizes rather than fixed,
2361 non-default 1024 bits; patch from imorgan AT nas.nasa.gov
2362 - (djm) [contrib/sshd.pam.generic contrib/caldera/sshd.pam]
2363 [contrib/redhat/sshd.pam] Move pam_nologin to account group from
2364 incorrect auth group in example files;
2365 patch from imorgan AT nas.nasa.gov
2366
236720080906
2368 - (dtucker) [config.guess config.sub] Update to latest versions from
2369 http://git.savannah.gnu.org/gitweb/ (2008-04-14 and 2008-06-16
2370 respectively).
2371
237220080830
2373 - (dtucker) [openbsd-compat/bsd-poll.c] correctly check for number of FDs
2374 larger than FD_SETSIZE (OpenSSH only ever uses poll with one fd). Patch
2375 from Nicholas Marriott.
2376
237720080721
2378 - (djm) OpenBSD CVS Sync
2379 - djm@cvs.openbsd.org 2008/07/23 07:36:55
2380 [servconf.c]
2381 do not try to print options that have been compile-time disabled
2382 in config test mode (sshd -T); report from nix-corp AT esperi.org.uk
2383 ok dtucker@
2384 - (djm) [servconf.c] Print UsePAM option in config test mode (when it
2385 has been compiled in); report from nix-corp AT esperi.org.uk
2386 ok dtucker@
2387
238820080721
2389 - (djm) OpenBSD CVS Sync
2390 - jmc@cvs.openbsd.org 2008/07/18 22:51:01
2391 [sftp-server.8]
2392 no need for .Pp before or after .Sh;
2393 - djm@cvs.openbsd.org 2008/07/21 08:19:07
2394 [version.h]
2395 openssh-5.1
2396 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
2397 [contrib/suse/openssh.spec] Update version number in README and RPM specs
2398 - (djm) Release OpenSSH-5.1
2399
240020080717
2401 - (djm) OpenBSD CVS Sync
2402 - djm@cvs.openbsd.org 2008/07/17 08:48:00
2403 [sshconnect2.c]
2404 strnvis preauth banner; pointed out by mpf@ ok markus@
2405 - djm@cvs.openbsd.org 2008/07/17 08:51:07
2406 [auth2-hostbased.c]
2407 strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes
2408 report and patch from res AT qoxp.net (bz#1200); ok markus@
2409 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Remove long-unneeded compat
2410 code, replace with equivalent cygwin library call. Patch from vinschen
2411 at redhat.com, ok djm@.
2412 - (djm) [sshconnect2.c] vis.h isn't available everywhere
2413
241420080716
2415 - OpenBSD CVS Sync
2416 - djm@cvs.openbsd.org 2008/07/15 02:23:14
2417 [sftp.1]
2418 number of pipelined requests is now 64;
2419 prodded by Iain.Morgan AT nasa.gov
2420 - djm@cvs.openbsd.org 2008/07/16 11:51:14
2421 [clientloop.c]
2422 rename variable first_gc -> last_gc (since it is actually the last
2423 in the list).
2424 - djm@cvs.openbsd.org 2008/07/16 11:52:19
2425 [channels.c]
2426 this loop index should be automatic, not static
2427
242820080714
2429 - (djm) OpenBSD CVS Sync
2430 - sthen@cvs.openbsd.org 2008/07/13 21:22:52
2431 [ssh-keygen.c]
2432 Change "ssh-keygen -F [host] -l" to not display random art unless
2433 -v is also specified, making it consistent with the manual and other
2434 uses of -l.
2435 ok grunk@
2436 - djm@cvs.openbsd.org 2008/07/13 22:13:07
2437 [channels.c]
2438 use struct sockaddr_storage instead of struct sockaddr for accept(2)
2439 address argument. from visibilis AT yahoo.com in bz#1485; ok markus@
2440 - djm@cvs.openbsd.org 2008/07/13 22:16:03
2441 [sftp.c]
2442 increase number of piplelined requests so they properly fill the
2443 (recently increased) channel window. prompted by rapier AT psc.edu;
2444 ok markus@
2445 - djm@cvs.openbsd.org 2008/07/14 01:55:56
2446 [sftp-server.8]
2447 mention requirement for /dev/log inside chroot when using sftp-server
2448 with ChrootDirectory
2449 - (djm) [openbsd-compat/bindresvport.c] Rename variables s/sin/in/ to
2450 avoid clash with sin(3) function; reported by
2451 cristian.ionescu-idbohrn AT axis.com
2452 - (djm) [openbsd-compat/rresvport.c] Add unistd.h for missing close()
2453 prototype; reported by cristian.ionescu-idbohrn AT axis.com
2454 - (djm) [umac.c] Rename variable s/buffer_ptr/bufp/ to avoid clash;
2455 reported by cristian.ionescu-idbohrn AT axis.com
2456 - (djm) [contrib/cygwin/Makefile contrib/cygwin/ssh-host-config]
2457 [contrib/cygwin/ssh-user-config contrib/cygwin/sshd-inetd]
2458 Revamped and simplified Cygwin ssh-host-config script that uses
2459 unified csih configuration tool. Requires recent Cygwin.
2460 Patch from vinschen AT redhat.com
2461
246220080712
2463 - (djm) OpenBSD CVS Sync
2464 - djm@cvs.openbsd.org 2008/07/12 04:52:50
2465 [channels.c]
2466 unbreak; move clearing of cctx struct to before first use
2467 reported by dkrause@
2468 - djm@cvs.openbsd.org 2008/07/12 05:33:41
2469 [scp.1]
2470 better description for -i flag:
2471 s/RSA authentication/public key authentication/
2472 - (djm) [openbsd-compat/fake-rfc2553.c openbsd-compat/fake-rfc2553.h]
2473 return EAI_FAMILY when trying to lookup unsupported address family;
2474 from vinschen AT redhat.com
2475
247620080711
2477 - (djm) OpenBSD CVS Sync
2478 - stevesk@cvs.openbsd.org 2008/07/07 00:31:41
2479 [ttymodes.c]
2480 we don't need arg after the debug3() was removed. from lint.
2481 ok djm@
2482 - stevesk@cvs.openbsd.org 2008/07/07 23:32:51
2483 [key.c]
2484 /*NOTREACHED*/ for lint warning:
2485 warning: function key_equal falls off bottom without returning value
2486 ok djm@
2487 - markus@cvs.openbsd.org 2008/07/10 18:05:58
2488 [channels.c]
2489 missing bzero; from mickey; ok djm@
2490 - markus@cvs.openbsd.org 2008/07/10 18:08:11
2491 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
2492 sync v1 and v2 traffic accounting; add it to sshd, too;
2493 ok djm@, dtucker@
2494
249520080709
2496 - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass
2497 - (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM
2498 account check failure path. The vulnerable format buffer is supplied
2499 from PAM and should not contain attacker-supplied data.
2500 - (djm) [auth.c] Missing unistd.h for close()
2501 - (djm) [configure.ac] Add -Wformat-security to CFLAGS for gcc 3.x and 4.x
2502
250320080705
2504 - (djm) [auth.c] Fixed test for locked account on HP/UX with shadowed
2505 passwords disabled. bz#1083 report & patch from senthilkumar_sen AT
2506 hotpop.com, w/ dtucker@
2507 - (djm) [atomicio.c configure.ac] Disable poll() fallback in atomiciov for
2508 Tru64. readv doesn't seem to be a comparable object there.
2509 bz#1386, patch from dtucker@ ok me
2510 - (djm) [Makefile.in] Pass though pass to conch for interop tests
2511 - (djm) [configure.ac] unbreak: remove extra closing brace
2512 - (djm) OpenBSD CVS Sync
2513 - djm@cvs.openbsd.org 2008/07/04 23:08:25
2514 [packet.c]
2515 handle EINTR in packet_write_poll()l ok dtucker@
2516 - djm@cvs.openbsd.org 2008/07/04 23:30:16
2517 [auth1.c auth2.c]
2518 Make protocol 1 MaxAuthTries logic match protocol 2's.
2519 Do not treat the first protocol 2 authentication attempt as
2520 a failure IFF it is for method "none".
2521 Makes MaxAuthTries' user-visible behaviour identical for
2522 protocol 1 vs 2.
2523 ok dtucker@
2524 - djm@cvs.openbsd.org 2008/07/05 05:16:01
2525 [PROTOCOL]
2526 grammar
2527
252820080704
2529 - (dtucker) OpenBSD CVS Sync
2530 - djm@cvs.openbsd.org 2008/07/02 13:30:34
2531 [auth2.c]
2532 really really remove the freebie "none" auth try for protocol 2
2533 - djm@cvs.openbsd.org 2008/07/02 13:47:39
2534 [ssh.1 ssh.c]
2535 When forking after authentication ("ssh -f") with ExitOnForwardFailure
2536 enabled, delay the fork until after replies for any -R forwards have
2537 been seen. Allows for robust detection of -R forward failure when
2538 using -f (similar to bz#92); ok dtucker@
2539 - otto@cvs.openbsd.org 2008/07/03 21:46:58
2540 [auth2-pubkey.c]
2541 avoid nasty double free; ok dtucker@ djm@
2542 - djm@cvs.openbsd.org 2008/07/04 03:44:59
2543 [servconf.c groupaccess.h groupaccess.c]
2544 support negation of groups in "Match group" block (bz#1315); ok dtucker@
2545 - dtucker@cvs.openbsd.org 2008/07/04 03:47:02
2546 [monitor.c]
2547 Make debug a little clearer. ok djm@
2548 - djm@cvs.openbsd.org 2008/06/30 08:07:34
2549 [regress/key-options.sh]
2550 shell portability: use "=" instead of "==" in test(1) expressions,
2551 double-quote string with backslash escaped /
2552 - djm@cvs.openbsd.org 2008/06/30 10:31:11
2553 [regress/{putty-transfer,putty-kex,putty-ciphers}.sh]
2554 remove "set -e" left over from debugging
2555 - djm@cvs.openbsd.org 2008/06/30 10:43:03
2556 [regress/conch-ciphers.sh]
2557 explicitly disable conch options that could interfere with the test
2558 - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link
2559 returns EXDEV. Patch from Mike Garrison, ok djm@
2560 - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]
2561 [packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
2562 [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
2563 some platforms (HP nonstop) it is a distinct errno;
2564 bz#1467 reported by sconeu AT yahoo.com; ok dtucker@
2565
256620080702
2567 - (dtucker) OpenBSD CVS Sync
2568 - djm@cvs.openbsd.org 2008/06/30 08:05:59
2569 [PROTOCOL.agent]
2570 typo: s/constraint_date/constraint_data/
2571 - djm@cvs.openbsd.org 2008/06/30 12:15:39
2572 [serverloop.c]
2573 only pass channel requests on session channels through to the session
2574 channel handler, avoiding spurious log messages; ok! markus@
2575 - djm@cvs.openbsd.org 2008/06/30 12:16:02
2576 [nchan.c]
2577 only send eow@openssh.com notifications for session channels; ok! markus@
2578 - djm@cvs.openbsd.org 2008/06/30 12:18:34
2579 [PROTOCOL]
2580 clarify that eow@openssh.com is only sent on session channels
2581 - dtucker@cvs.openbsd.org 2008/07/01 07:20:52
2582 [sshconnect.c]
2583 Check ExitOnForwardFailure if forwardings are disabled due to a failed
2584 host key check. ok djm@
2585 - dtucker@cvs.openbsd.org 2008/07/01 07:24:22
2586 [sshconnect.c sshd.c]
2587 Send CR LF during protocol banner exchanges, but only for Protocol 2 only,
2588 in order to comply with RFC 4253. bz #1443, ok djm@
2589 - stevesk@cvs.openbsd.org 2008/07/01 23:12:47
2590 [PROTOCOL.agent]
2591 fix some typos; ok djm@
2592 - djm@cvs.openbsd.org 2008/07/02 02:24:18
2593 [sshd_config sshd_config.5 sshd.8 servconf.c]
2594 increase default size of ssh protocol 1 ephemeral key from 768 to 1024
2595 bits; prodded by & ok dtucker@ ok deraadt@
2596 - dtucker@cvs.openbsd.org 2008/07/02 12:03:51
2597 [auth-rsa.c auth.c auth2-pubkey.c auth.h]
2598 Merge duplicate host key file checks, based in part on a patch from Rob
2599 Holland via bz #1348 . Also checks for non-regular files during protocol
2600 1 RSA auth. ok djm@
2601 - djm@cvs.openbsd.org 2008/07/02 12:36:39
2602 [auth2-none.c auth2.c]
2603 Make protocol 2 MaxAuthTries behaviour a little more sensible:
2604 Check whether client has exceeded MaxAuthTries before running
2605 an authentication method and skip it if they have, previously it
2606 would always allow one try (for "none" auth).
2607 Preincrement failure count before post-auth test - previously this
2608 checked and postincremented, also to allow one "none" try.
2609 Together, these two changes always count the "none" auth method
2610 which could be skipped by a malicious client (e.g. an SSH worm)
2611 to get an extra attempt at a real auth method. They also make
2612 MaxAuthTries=0 a useful way to block users entirely (esp. in a
2613 sshd_config Match block).
2614 Also, move sending of any preauth banner from "none" auth method
2615 to the first call to input_userauth_request(), so worms that skip
2616 the "none" method get to see it too.
2617
261820080630
2619 - (djm) OpenBSD CVS Sync
2620 - dtucker@cvs.openbsd.org 2008/06/10 23:13:43
2621 [regress/Makefile regress/key-options.sh]
2622 Add regress test for key options. ok djm@
2623 - dtucker@cvs.openbsd.org 2008/06/11 23:11:40
2624 [regress/Makefile]
2625 Don't run cipher-speed test by default; mistakenly enabled by me
2626 - djm@cvs.openbsd.org 2008/06/28 13:57:25
2627 [regress/Makefile regress/test-exec.sh regress/conch-ciphers.sh]
2628 very basic regress test against Twisted Conch in "make interop"
2629 target (conch is available in ports/devel/py-twisted/conch);
2630 ok markus@
2631 - (djm) [regress/Makefile] search for conch by path, like we do putty
2632
263320080629
2634 - (djm) OpenBSD CVS Sync
2635 - martynas@cvs.openbsd.org 2008/06/21 07:46:46
2636 [sftp.c]
2637 use optopt to get invalid flag, instead of return value of getopt,
2638 which is always '?'; ok djm@
2639 - otto@cvs.openbsd.org 2008/06/25 11:13:43
2640 [key.c]
2641 add key length to visual fingerprint; zap magical constants;
2642 ok grunk@ djm@
2643 - djm@cvs.openbsd.org 2008/06/26 06:10:09
2644 [sftp-client.c sftp-server.c]
2645 allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky
2646 bits. Note that this only affects explicit setting of modes (e.g. via
2647 sftp(1)'s chmod command) and not file transfers. (bz#1310)
2648 ok deraadt@ at c2k8
2649 - djm@cvs.openbsd.org 2008/06/26 09:19:40
2650 [dh.c dh.h moduli.c]
2651 when loading moduli from /etc/moduli in sshd(8), check that they
2652 are of the expected "safe prime" structure and have had
2653 appropriate primality tests performed;
2654 feedback and ok dtucker@
2655 - grunk@cvs.openbsd.org 2008/06/26 11:46:31
2656 [readconf.c readconf.h ssh.1 ssh_config.5 sshconnect.c]
2657 Move SSH Fingerprint Visualization away from sharing the config option
2658 CheckHostIP to an own config option named VisualHostKey.
2659 While there, fix the behaviour that ssh would draw a random art picture
2660 on every newly seen host even when the option was not enabled.
2661 prodded by deraadt@, discussions,
2662 help and ok markus@ djm@ dtucker@
2663 - jmc@cvs.openbsd.org 2008/06/26 21:11:46
2664 [ssh.1]
2665 add VisualHostKey to the list of options listed in -o;
2666 - djm@cvs.openbsd.org 2008/06/28 07:25:07
2667 [PROTOCOL]
2668 spelling fixes
2669 - djm@cvs.openbsd.org 2008/06/28 13:58:23
2670 [ssh-agent.c]
2671 refuse to add a key that has unknown constraints specified;
2672 ok markus
2673 - djm@cvs.openbsd.org 2008/06/28 14:05:15
2674 [ssh-agent.c]
2675 reset global compat flag after processing a protocol 2 signature
2676 request with the legacy DSA encoding flag set; ok markus
2677 - djm@cvs.openbsd.org 2008/06/28 14:08:30
2678 [PROTOCOL PROTOCOL.agent]
2679 document the protocol used by ssh-agent; "looks ok" markus@
2680
268120080628
2682 - (djm) [RFC.nroff contrib/cygwin/Makefile contrib/suse/openssh.spec]
2683 RFC.nroff lacks a license, remove it (it is long gone in OpenBSD).
2684
268520080626
2686 - (djm) [Makefile.in moduli.5] Include moduli(5) manpage from OpenBSD.
2687 (bz#1372)
2688 - (djm) [ contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
2689 [contrib/suse/openssh.spec] Include moduli.5 in RPM spec files.
2690
269120080616
2692 - (dtucker) OpenBSD CVS Sync
2693 - dtucker@cvs.openbsd.org 2008/06/16 13:22:53
2694 [session.c channels.c]
2695 Rename the isatty argument to is_tty so we don't shadow
2696 isatty(3). ok markus@
2697 - (dtucker) [channels.c] isatty -> is_tty here too.
2698
269920080615
2700 - (dtucker) [configure.ac] Enable -fno-builtin-memset when using gcc.
2701 - OpenBSD CVS Sync
2702 - dtucker@cvs.openbsd.org 2008/06/14 15:49:48
2703 [sshd.c]
2704 wrap long line at 80 chars
2705 - dtucker@cvs.openbsd.org 2008/06/14 17:07:11
2706 [sshd.c]
2707 ensure default umask disallows at least group and world write; ok djm@
2708 - djm@cvs.openbsd.org 2008/06/14 18:33:43
2709 [session.c]
2710 suppress the warning message from chdir(homedir) failures
2711 when chrooted (bz#1461); ok dtucker
2712 - dtucker@cvs.openbsd.org 2008/06/14 19:42:10
2713 [scp.1]
2714 Mention that scp follows symlinks during -r. bz #1466,
2715 from nectar at apple
2716 - dtucker@cvs.openbsd.org 2008/06/15 16:55:38
2717 [sshd_config.5]
2718 MaxSessions is allowed in a Match block too
2719 - dtucker@cvs.openbsd.org 2008/06/15 16:58:40
2720 [servconf.c sshd_config.5]
2721 Allow MaxAuthTries within a Match block. ok djm@
2722 - djm@cvs.openbsd.org 2008/06/15 20:06:26
2723 [channels.c channels.h session.c]
2724 don't call isatty() on a pty master, instead pass a flag down to
2725 channel_set_fds() indicating that te fds refer to a tty. Fixes a
2726 hang on exit on Solaris (bz#1463) in portable but is actually
2727 a generic bug; ok dtucker deraadt markus
2728
272920080614
2730 - (djm) [openbsd-compat/sigact.c] Avoid NULL derefs in ancient sigaction
2731 replacement code; patch from ighighi AT gmail.com in bz#1240;
2732 ok dtucker
2733
273420080613
2735 - (dtucker) OpenBSD CVS Sync
2736 - deraadt@cvs.openbsd.org 2008/06/13 09:44:36
2737 [packet.c]
2738 compile on older gcc; no decl after code
2739 - dtucker@cvs.openbsd.org 2008/06/13 13:56:59
2740 [monitor.c]
2741 Clear key options in the monitor on failed authentication, prevents
2742 applying additional restrictions to non-pubkey authentications in
2743 the case where pubkey fails but another method subsequently succeeds.
2744 bz #1472, found by Colin Watson, ok markus@ djm@
2745 - dtucker@cvs.openbsd.org 2008/06/13 14:18:51
2746 [auth2-pubkey.c auth-rhosts.c]
2747 Include unistd.h for close(), prevents warnings in -portable
2748 - dtucker@cvs.openbsd.org 2008/06/13 17:21:20
2749 [mux.c]
2750 Friendlier error messages for mux fallback. ok djm@
2751 - dtucker@cvs.openbsd.org 2008/06/13 18:55:22
2752 [scp.c]
2753 Prevent -Wsign-compare warnings on LP64 systems. bz #1192, ok deraadt@
2754 - grunk@cvs.openbsd.org 2008/06/13 20:13:26
2755 [ssh.1]
2756 Explain the use of SSH fpr visualization using random art, and cite the
2757 original scientific paper inspiring that technique.
2758 Much help with English and nroff by jmc@, thanks.
2759 - (dtucker) [configure.ac] Bug #1276: avoid linking against libgssapi, which
2760 despite its name doesn't seem to implement all of GSSAPI. Patch from
2761 Jan Engelhardt, sanity checked by Simon Wilkinson.
2762
276320080612
2764 - (dtucker) OpenBSD CVS Sync
2765 - jmc@cvs.openbsd.org 2008/06/11 07:30:37
2766 [sshd.8]
2767 kill trailing whitespace;
2768 - grunk@cvs.openbsd.org 2008/06/11 21:01:35
2769 [ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
2770 sshconnect.c]
2771 Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
2772 graphical hash visualization schemes known as "random art", and by
2773 Dan Kaminsky's musings on the subject during a BlackOp talk at the
2774 23C3 in Berlin.
2775 Scientific publication (original paper):
2776 "Hash Visualization: a New Technique to improve Real-World Security",
2777 Perrig A. and Song D., 1999, International Workshop on Cryptographic
2778 Techniques and E-Commerce (CrypTEC '99)
2779 http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
2780 The algorithm used here is a worm crawling over a discrete plane,
2781 leaving a trace (augmenting the field) everywhere it goes.
2782 Movement is taken from dgst_raw 2bit-wise. Bumping into walls
2783 makes the respective movement vector be ignored for this turn,
2784 thus switching to the other color of the chessboard.
2785 Graphs are not unambiguous for now, because circles in graphs can be
2786 walked in either direction.
2787 discussions with several people,
2788 help, corrections and ok markus@ djm@
2789 - grunk@cvs.openbsd.org 2008/06/11 21:38:25
2790 [ssh-keygen.c]
2791 ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
2792 would not display you the random art as intended, spotted by canacar@
2793 - grunk@cvs.openbsd.org 2008/06/11 22:20:46
2794 [ssh-keygen.c ssh-keygen.1]
2795 ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
2796 that is not how it was envisioned.
2797 Also correct manpage saying that -v is needed along with -l for it to work.
2798 spotted by naddy@
2799 - otto@cvs.openbsd.org 2008/06/11 23:02:22
2800 [key.c]
2801 simpler way of computing the augmentations; ok grunk@
2802 - grunk@cvs.openbsd.org 2008/06/11 23:03:56
2803 [ssh_config.5]
2804 CheckHostIP set to ``fingerprint'' will display both hex and random art
2805 spotted by naddy@
2806 - grunk@cvs.openbsd.org 2008/06/11 23:51:57
2807 [key.c]
2808 #define statements that are not atoms need braces around them, else they
2809 will cause trouble in some cases.
2810 Also do a computation of -1 once, and not in a loop several times.
2811 spotted by otto@
2812 - dtucker@cvs.openbsd.org 2008/06/12 00:03:49
2813 [dns.c canohost.c sshconnect.c]
2814 Do not pass "0" strings as ports to getaddrinfo because the lookups
2815 can slow things down and we never use the service info anyway. bz
2816 #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi. ok
2817 deraadt@ djm@
2818 djm belives that the reason for the "0" strings is to ensure that
2819 it's not possible to call getaddrinfo with both host and port being
2820 NULL. In the case of canohost.c host is a local array. In the
2821 case of sshconnect.c, it's checked for null immediately before use.
2822 In dns.c it ultimately comes from ssh.c:main() and is guaranteed to
2823 be non-null but it's not obvious, so I added a warning message in
2824 case it is ever passed a null.
2825 - grunk@cvs.openbsd.org 2008/06/12 00:13:55
2826 [sshconnect.c]
2827 Make ssh print the random art also when ssh'ing to a host using IP only.
2828 spotted by naddy@, ok and help djm@ dtucker@
2829 - otto@cvs.openbsd.org 2008/06/12 00:13:13
2830 [key.c]
2831 use an odd number of rows and columns and a separate start marker, looks
2832 better; ok grunk@
2833 - djm@cvs.openbsd.org 2008/06/12 03:40:52
2834 [clientloop.h mux.c channels.c clientloop.c channels.h]
2835 Enable ~ escapes for multiplex slave sessions; give each channel
2836 its own escape state and hook the escape filters up to muxed
2837 channels. bz #1331
2838 Mux slaves do not currently support the ~^Z and ~& escapes.
2839 NB. this change cranks the mux protocol version, so a new ssh
2840 mux client will not be able to connect to a running old ssh
2841 mux master.
2842 ok dtucker@
2843 - djm@cvs.openbsd.org 2008/06/12 04:06:00
2844 [clientloop.h ssh.c clientloop.c]
2845 maintain an ordered queue of outstanding global requests that we
2846 expect replies to, similar to the per-channel confirmation queue.
2847 Use this queue to verify success or failure for remote forward
2848 establishment in a race free way.
2849 ok dtucker@
2850 - djm@cvs.openbsd.org 2008/06/12 04:17:47
2851 [clientloop.c]
2852 thall shalt not code past the eightieth column
2853 - djm@cvs.openbsd.org 2008/06/12 04:24:06
2854 [ssh.c]
2855 thal shalt not code past the eightieth column
2856 - djm@cvs.openbsd.org 2008/06/12 05:15:41
2857 [PROTOCOL]
2858 document tun@openssh.com forwarding method
2859 - djm@cvs.openbsd.org 2008/06/12 05:32:30
2860 [mux.c]
2861 some more TODO for me
2862 - grunk@cvs.openbsd.org 2008/06/12 05:42:46
2863 [key.c]
2864 supply the key type (rsa1, rsa, dsa) as a caption in the frame of the
2865 random art. while there, stress the fact that the field base should at
2866 least be 8 characters for the pictures to make sense.
2867 comment and ok djm@
2868 - grunk@cvs.openbsd.org 2008/06/12 06:32:59
2869 [key.c]
2870 We already mark the start of the worm, now also mark the end of the worm
2871 in our random art drawings.
2872 ok djm@
2873 - djm@cvs.openbsd.org 2008/06/12 15:19:17
2874 [clientloop.h channels.h clientloop.c channels.c mux.c]
2875 The multiplexing escape char handler commit last night introduced a
2876 small memory leak per session; plug it.
2877 - dtucker@cvs.openbsd.org 2008/06/12 16:35:31
2878 [ssh_config.5 ssh.c]
2879 keyword expansion for localcommand. ok djm@
2880 - jmc@cvs.openbsd.org 2008/06/12 19:10:09
2881 [ssh_config.5 ssh-keygen.1]
2882 tweak the ascii art text; ok grunk
2883 - dtucker@cvs.openbsd.org 2008/06/12 20:38:28
2884 [sshd.c sshconnect.c packet.h misc.c misc.h packet.c]
2885 Make keepalive timeouts apply while waiting for a packet, particularly
2886 during key renegotiation (bz #1363). With djm and Matt Day, ok djm@
2887 - djm@cvs.openbsd.org 2008/06/12 20:47:04
2888 [sftp-client.c]
2889 print extension revisions for extensions that we understand
2890 - djm@cvs.openbsd.org 2008/06/12 21:06:25
2891 [clientloop.c]
2892 I was coalescing expected global request confirmation replies at
2893 the wrong end of the queue - fix; prompted by markus@
2894 - grunk@cvs.openbsd.org 2008/06/12 21:14:46
2895 [ssh-keygen.c]
2896 make ssh-keygen -lf show the key type just as ssh-add -l would do it
2897 ok djm@ markus@
2898 - grunk@cvs.openbsd.org 2008/06/12 22:03:36
2899 [key.c]
2900 add my copyright, ok djm@
2901 - ian@cvs.openbsd.org 2008/06/12 23:24:58
2902 [sshconnect.c]
2903 tweak wording in message, ok deraadt@ jmc@
2904 - dtucker@cvs.openbsd.org 2008/06/13 00:12:02
2905 [sftp.h log.h]
2906 replace __dead with __attribute__((noreturn)), makes things
2907 a little easier to port. Also, add it to sigdie(). ok djm@
2908 - djm@cvs.openbsd.org 2008/06/13 00:16:49
2909 [mux.c]
2910 fall back to creating a new TCP connection on most multiplexing errors
2911 (socket connect fail, invalid version, refused permittion, corrupted
2912 messages, etc.); bz #1329 ok dtucker@
2913 - dtucker@cvs.openbsd.org 2008/06/13 00:47:53
2914 [mux.c]
2915 upcast size_t to u_long to match format arg; ok djm@
2916 - dtucker@cvs.openbsd.org 2008/06/13 00:51:47
2917 [mac.c]
2918 upcast another size_t to u_long to match format
2919 - dtucker@cvs.openbsd.org 2008/06/13 01:38:23
2920 [misc.c]
2921 upcast uid to long with matching %ld, prevents warnings in portable
2922 - djm@cvs.openbsd.org 2008/06/13 04:40:22
2923 [auth2-pubkey.c auth-rhosts.c]
2924 refuse to read ~/.shosts or ~/.ssh/authorized_keys that are not
2925 regular files; report from Solar Designer via Colin Watson in bz#1471
2926 ok dtucker@ deraadt
2927 - (dtucker) [clientloop.c serverloop.c] channel_register_filter now
2928 takes 2 more args. with djm@
2929 - (dtucker) [defines.h] Bug #1112: __dead is, well dead. Based on a patch
2930 from Todd Vierling.
2931 - (dtucker) [auth-sia.c] Bug #1241: support password expiry on Tru64 SIA
2932 systems. Patch from R. Scott Bailey.
2933 - (dtucker) [umac.c] STORE_UINT32_REVERSED and endian_convert are never used
2934 on big endian machines, so ifdef them for little-endian only to prevent
2935 unused function warnings on big-endians.
2936 - (dtucker) [openbsd-compat/setenv.c] Make offsets size_t to prevent
2937 compiler warnings on some platforms. Based on a discussion with otto@
2938
293920080611
2940 - (djm) [channels.c configure.ac]
2941 Do not set SO_REUSEADDR on wildcard X11 listeners (X11UseLocalhost=no)
2942 bz#1464; ok dtucker
2943
294420080610
2945 - (dtucker) OpenBSD CVS Sync
2946 - djm@cvs.openbsd.org 2008/06/10 03:57:27
2947 [servconf.c match.h sshd_config.5]
2948 support CIDR address matching in sshd_config "Match address" blocks, with
2949 full support for negation and fall-back to classic wildcard matching.
2950 For example:
2951 Match address 192.0.2.0/24,3ffe:ffff::/32,!10.*
2952 PasswordAuthentication yes
2953 addrmatch.c code mostly lifted from flowd's addr.c
2954 feedback and ok dtucker@
2955 - djm@cvs.openbsd.org 2008/06/10 04:17:46
2956 [sshd_config.5]
2957 better reference for pattern-list
2958 - dtucker@cvs.openbsd.org 2008/06/10 04:50:25
2959 [sshd.c channels.h channels.c log.c servconf.c log.h servconf.h sshd.8]
2960 Add extended test mode (-T) and connection parameters for test mode (-C).
2961 -T causes sshd to write its effective configuration to stdout and exit.
2962 -C causes any relevant Match rules to be applied before output. The
2963 combination allows tesing of the parser and config files. ok deraadt djm
2964 - jmc@cvs.openbsd.org 2008/06/10 07:12:00
2965 [sshd_config.5]
2966 tweak previous;
2967 - jmc@cvs.openbsd.org 2008/06/10 08:17:40
2968 [sshd.8 sshd.c]
2969 - update usage()
2970 - fix SYNOPSIS, and sort options
2971 - some minor additional fixes
2972 - dtucker@cvs.openbsd.org 2008/06/09 18:06:32
2973 [regress/test-exec.sh]
2974 Don't generate putty keys if we're not going to use them. ok djm
2975 - dtucker@cvs.openbsd.org 2008/06/10 05:23:32
2976 [regress/addrmatch.sh regress/Makefile]
2977 Regress test for Match CIDR rules. ok djm@
2978 - dtucker@cvs.openbsd.org 2008/06/10 15:21:41
2979 [test-exec.sh]
2980 Use a more portable construct for checking if we're running a putty test
2981 - dtucker@cvs.openbsd.org 2008/06/10 15:28:49
2982 [test-exec.sh]
2983 Add quotes
2984 - dtucker@cvs.openbsd.org 2008/06/10 18:21:24
2985 [ssh_config.5]
2986 clarify that Host patterns are space-separated. ok deraadt
2987 - djm@cvs.openbsd.org 2008/06/10 22:15:23
2988 [PROTOCOL ssh.c serverloop.c]
2989 Add a no-more-sessions@openssh.com global request extension that the
2990 client sends when it knows that it will never request another session
2991 (i.e. when session multiplexing is disabled). This allows a server to
2992 disallow further session requests and terminate the session.
2993 Why would a non-multiplexing client ever issue additional session
2994 requests? It could have been attacked with something like SSH'jack:
2995 http://www.storm.net.nz/projects/7
2996 feedback & ok markus
2997 - djm@cvs.openbsd.org 2008/06/10 23:06:19
2998 [auth-options.c match.c servconf.c addrmatch.c sshd.8]
2999 support CIDR address matching in .ssh/authorized_keys from="..." stanzas
3000 ok and extensive testing dtucker@
3001 - dtucker@cvs.openbsd.org 2008/06/10 23:21:34
3002 [bufaux.c]
3003 Use '\0' for a nul byte rather than unadorned 0. ok djm@
3004 - dtucker@cvs.openbsd.org 2008/06/10 23:13:43
3005 [Makefile regress/key-options.sh]
3006 Add regress test for key options. ok djm@
3007 - (dtucker) [openbsd-compat/fake-rfc2553.h] Add sin6_scope_id to sockaddr_in6
3008 since the new CIDR code in addmatch.c references it.
3009 - (dtucker) [Makefile.in configure.ac regress/addrmatch.sh] Skip IPv6
3010 specific tests on platforms that don't do IPv6.
3011 - (dtucker) [Makefile.in] Define TEST_SSH_IPV6 in make's arguments as well
3012 as environment.
3013 - (dtucker) [Makefile.in] Move addrmatch.o to libssh.a where it's needed now.
3014
301520080609
3016 - (dtucker) OpenBSD CVS Sync
3017 - dtucker@cvs.openbsd.org 2008/06/08 17:04:41
3018 [sftp-server.c]
3019 Add case for ENOSYS in errno_to_portable; ok deraadt
3020 - dtucker@cvs.openbsd.org 2008/06/08 20:15:29
3021 [sftp.c sftp-client.c sftp-client.h]
3022 Have the sftp client store the statvfs replies in wire format,
3023 which prevents problems when the server's native sizes exceed the
3024 client's.
3025 Also extends the sizes of the remaining 32bit wire format to 64bit,
3026 they're specified as unsigned long in the standard.
3027 - dtucker@cvs.openbsd.org 2008/06/09 13:02:39
3028 [sftp-server.c]
3029 Extend 32bit -> 64bit values for statvfs extension missed in previous
3030 commit.
3031 - dtucker@cvs.openbsd.org 2008/06/09 13:38:46
3032 [PROTOCOL]
3033 Use a $OpenBSD tag so our scripts will sync changes.
3034
303520080608
3036 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c
3037 openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
3038 openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and
3039 fstatvfs and remove #defines around statvfs code. ok djm@
3040 - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add a
3041 macro to convert fsid to unsigned long for platforms where fsid is a
3042 2-member array.
3043
304420080607
3045 - (dtucker) [mux.c] Include paths.h inside ifdef HAVE_PATHS_H.
3046 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c]
3047 Do not enable statvfs extensions on platforms that do not have statvfs.
3048 - (dtucker) OpenBSD CVS Sync
3049 - djm@cvs.openbsd.org 2008/05/19 06:14:02
3050 [packet.c] unbreak protocol keepalive timeouts bz#1465; ok dtucker@
3051 - djm@cvs.openbsd.org 2008/05/19 15:45:07
3052 [sshtty.c ttymodes.c sshpty.h]
3053 Fix sending tty modes when stdin is not a tty (bz#1199). Previously
3054 we would send the modes corresponding to a zeroed struct termios,
3055 whereas we should have been sending an empty list of modes.
3056 Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@
3057 - djm@cvs.openbsd.org 2008/05/19 15:46:31
3058 [ssh-keygen.c]
3059 support -l (print fingerprint) in combination with -F (find host) to
3060 search for a host in ~/.ssh/known_hosts and display its fingerprint;
3061 ok markus@
3062 - djm@cvs.openbsd.org 2008/05/19 20:53:52
3063 [clientloop.c]
3064 unbreak tree by committing this bit that I missed from:
3065 Fix sending tty modes when stdin is not a tty (bz#1199). Previously
3066 we would send the modes corresponding to a zeroed struct termios,
3067 whereas we should have been sending an empty list of modes.
3068 Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@
3069
307020080604
3071 - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias
3072 in arc4random_uniform with upper_bound in (2^30,2*31). Note that
3073 OpenSSH did not make requests with upper bounds in this range.
3074
307520080519
3076 - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in]
3077 [openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h]
3078 Fix compilation on Linux, including pulling in fmt_scaled(3)
3079 implementation from OpenBSD's libutil.
3080
308120080518
3082 - (djm) OpenBSD CVS Sync
3083 - djm@cvs.openbsd.org 2008/04/04 05:14:38
3084 [sshd_config.5]
3085 ChrootDirectory is supported in Match blocks (in fact, it is most useful
3086 there). Spotted by Minstrel AT minstrel.org.uk
3087 - djm@cvs.openbsd.org 2008/04/04 06:44:26
3088 [sshd_config.5]
3089 oops, some unrelated stuff crept into that commit - backout.
3090 spotted by jmc@
3091 - djm@cvs.openbsd.org 2008/04/05 02:46:02
3092 [sshd_config.5]
3093 HostbasedAuthentication is supported under Match too
3094 - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c]
3095 [configure.ac] Implement arc4random_buf(), import implementation of
3096 arc4random_uniform() from OpenBSD
3097 - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes
3098 - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h
3099 - (djm) OpenBSD CVS Sync
3100 - djm@cvs.openbsd.org 2008/04/13 00:22:17
3101 [dh.c sshd.c]
3102 Use arc4random_buf() when requesting more than a single word of output
3103 Use arc4random_uniform() when the desired random number upper bound
3104 is not a power of two
3105 ok deraadt@ millert@
3106 - djm@cvs.openbsd.org 2008/04/18 12:32:11
3107 [sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h]
3108 introduce sftp extension methods statvfs@openssh.com and
3109 fstatvfs@openssh.com that implement statvfs(2)-like operations,
3110 based on a patch from miklos AT szeredi.hu (bz#1399)
3111 also add a "df" command to the sftp client that uses the
3112 statvfs@openssh.com to produce a df(1)-like display of filesystem
3113 space and inode utilisation
3114 ok markus@
3115 - jmc@cvs.openbsd.org 2008/04/18 17:15:47
3116 [sftp.1]
3117 macro fixage;
3118 - djm@cvs.openbsd.org 2008/04/18 22:01:33
3119 [session.c]
3120 remove unneccessary parentheses
3121 - otto@cvs.openbsd.org 2008/04/29 11:20:31
3122 [monitor_mm.h]
3123 garbage collect two unused fields in struct mm_master; ok markus@
3124 - djm@cvs.openbsd.org 2008/04/30 10:14:03
3125 [ssh-keyscan.1 ssh-keyscan.c]
3126 default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by
3127 larsnooden AT openoffice.org
3128 - pyr@cvs.openbsd.org 2008/05/07 05:49:37
3129 [servconf.c servconf.h session.c sshd_config.5]
3130 Enable the AllowAgentForwarding option in sshd_config (global and match
3131 context), to specify if agents should be permitted on the server.
3132 As the man page states:
3133 ``Note that disabling Agent forwarding does not improve security
3134 unless users are also denied shell access, as they can always install
3135 their own forwarders.''
3136 ok djm@, ok and a mild frown markus@
3137 - pyr@cvs.openbsd.org 2008/05/07 06:43:35
3138 [sshd_config]
3139 push the sshd_config bits in, spotted by ajacoutot@
3140 - jmc@cvs.openbsd.org 2008/05/07 08:00:14
3141 [sshd_config.5]
3142 sort;
3143 - markus@cvs.openbsd.org 2008/05/08 06:59:01
3144 [bufaux.c buffer.h channels.c packet.c packet.h]
3145 avoid extra malloc/copy/free when receiving data over the net;
3146 ~10% speedup for localhost-scp; ok djm@
3147 - djm@cvs.openbsd.org 2008/05/08 12:02:23
3148 [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
3149 [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
3150 [ssh.c sshd.c]
3151 Implement a channel success/failure status confirmation callback
3152 mechanism. Each channel maintains a queue of callbacks, which will
3153 be drained in order (RFC4253 guarantees confirm messages are not
3154 reordered within an channel).
3155 Also includes a abandonment callback to clean up if a channel is
3156 closed without sending confirmation messages. This probably
3157 shouldn't happen in compliant implementations, but it could be
3158 abused to leak memory.
3159 ok markus@ (as part of a larger diff)
3160 - djm@cvs.openbsd.org 2008/05/08 12:21:16
3161 [monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c]
3162 [sshd_config sshd_config.5]
3163 Make the maximum number of sessions run-time controllable via
3164 a sshd_config MaxSessions knob. This is useful for disabling
3165 login/shell/subsystem access while leaving port-forwarding working
3166 (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
3167 simply increasing the number of allows multiplexed sessions.
3168 Because some bozos are sure to configure MaxSessions in excess of the
3169 number of available file descriptors in sshd (which, at peak, might be
3170 as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
3171 on error paths, and make it fail gracefully on out-of-fd conditions -
3172 sending channel errors instead of than exiting with fatal().
3173 bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
3174 ok markus@
3175 - djm@cvs.openbsd.org 2008/05/08 13:06:11
3176 [clientloop.c clientloop.h ssh.c]
3177 Use new channel status confirmation callback system to properly deal
3178 with "important" channel requests that fail, in particular command exec,
3179 shell and subsystem requests. Previously we would optimistically assume
3180 that the requests would always succeed, which could cause hangs if they
3181 did not (e.g. when the server runs out of fds) or were unimplemented by
3182 the server (bz #1384)
3183 Also, properly report failing multiplex channel requests via the mux
3184 client stderr (subject to LogLevel in the mux master) - better than
3185 silently failing.
3186 most bits ok markus@ (as part of a larger diff)
3187 - djm@cvs.openbsd.org 2008/05/09 04:55:56
3188 [channels.c channels.h clientloop.c serverloop.c]
3189 Try additional addresses when connecting to a port forward destination
3190 whose DNS name resolves to more than one address. The previous behaviour
3191 was to try the first address and give up.
3192 Reported by stig AT venaas.com in bz#343
3193 great feedback and ok markus@
3194 - djm@cvs.openbsd.org 2008/05/09 14:18:44
3195 [clientloop.c clientloop.h ssh.c mux.c]
3196 tidy up session multiplexing code, moving it into its own file and
3197 making the function names more consistent - making ssh.c and
3198 clientloop.c a fair bit more readable.
3199 ok markus@
3200 - djm@cvs.openbsd.org 2008/05/09 14:26:08
3201 [ssh.c]
3202 dingo stole my diff hunk
3203 - markus@cvs.openbsd.org 2008/05/09 16:16:06
3204 [session.c]
3205 re-add the USE_PIPES code and enable it.
3206 without pipes shutdown-read from the sshd does not trigger
3207 a SIGPIPE when the forked program does a write.
3208 ok djm@
3209 (Id sync only, USE_PIPES never left portable OpenSSH)
3210 - markus@cvs.openbsd.org 2008/05/09 16:17:51
3211 [channels.c]
3212 error-fd race: don't enable the error fd in the select bitmask
3213 for channels with both in- and output closed, since the channel
3214 will go away before we call select();
3215 report, lots of debugging help and ok djm@
3216 - markus@cvs.openbsd.org 2008/05/09 16:21:13
3217 [channels.h clientloop.c nchan.c serverloop.c]
3218 unbreak
3219 ssh -2 localhost od /bin/ls | true
3220 ignoring SIGPIPE by adding a new channel message (EOW) that signals
3221 the peer that we're not interested in any data it might send.
3222 fixes bz #85; discussion, debugging and ok djm@
3223 - pvalchev@cvs.openbsd.org 2008/05/12 20:52:20
3224 [umac.c]
3225 Ensure nh_result lies on a 64-bit boundary (fixes warnings observed
3226 on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@
3227 - djm@cvs.openbsd.org 2008/05/15 23:52:24
3228 [nchan2.ms]
3229 document eow message in ssh protocol 2 channel state machine;
3230 feedback and ok markus@
3231 - djm@cvs.openbsd.org 2008/05/18 21:29:05
3232 [sftp-server.c]
3233 comment extension announcement
3234 - djm@cvs.openbsd.org 2008/05/16 08:30:42
3235 [PROTOCOL]
3236 document our protocol extensions and deviations; ok markus@
3237 - djm@cvs.openbsd.org 2008/05/17 01:31:56
3238 [PROTOCOL]
3239 grammar and correctness fixes from stevesk@
3240
324120080403
3242 - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
3243 time warnings on LynxOS. Patch from ops AT iki.fi
3244 - (djm) Force string arguments to replacement setproctitle() though
3245 strnvis first. Ok dtucker@
3246
324720080403
3248 - (djm) OpenBSD CVS sync:
3249 - markus@cvs.openbsd.org 2008/04/02 15:36:51
3250 [channels.c]
3251 avoid possible hijacking of x11-forwarded connections (back out 1.183)
3252 CVE-2008-1483; ok djm@
3253 - jmc@cvs.openbsd.org 2008/03/27 22:37:57
3254 [sshd.8]
3255 remove trailing whitespace;
3256 - djm@cvs.openbsd.org 2008/04/03 09:50:14
3257 [version.h]
3258 openssh-5.0
3259 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
3260 [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
3261 - (djm) [README] Update link to release notes
3262 - (djm) Release 5.0p1