summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2014-10-07 13:33:15 +0100
committerColin Watson <cjwatson@debian.org>2014-10-07 14:27:30 +0100
commitf0b009aea83e9ff3a50be30f51012099a5143c16 (patch)
tree3825e6f7e3b7ea4481d06ed89aba9a7a95150df5 /ChangeLog
parent47f0bad4330b16ec3bad870fcf9839c196e42c12 (diff)
parent762c062828f5a8f6ed189ed6e44ad38fd92f8b36 (diff)
Merge 6.7p1.
* New upstream release (http://www.openssh.com/txt/release-6.7): - sshd(8): The default set of ciphers and MACs has been altered to remove unsafe algorithms. In particular, CBC ciphers and arcfour* are disabled by default. The full set of algorithms remains available if configured explicitly via the Ciphers and MACs sshd_config options. - ssh(1), sshd(8): Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket (closes: #236718). - ssh(1), ssh-keygen(1): Add support for SSHFP DNS records for ED25519 key types. - sftp(1): Allow resumption of interrupted uploads. - ssh(1): When rekeying, skip file/DNS lookups of the hostkey if it is the same as the one sent during initial key exchange. - sshd(8): Allow explicit ::1 and 127.0.0.1 forwarding bind addresses when GatewayPorts=no; allows client to choose address family. - sshd(8): Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys option. - ssh(1): Add a %C escape sequence for LocalCommand and ControlPath that expands to a unique identifer based on a hash of the tuple of (local host, remote user, hostname, port). Helps avoid exceeding miserly pathname limits for Unix domain sockets in multiplexing control paths. - sshd(8): Make the "Too many authentication failures" message include the user, source address, port and protocol in a format similar to the authentication success / failure messages. - Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC when it is available. It considers time spent suspended, thereby ensuring timeouts (e.g. for expiring agent keys) fire correctly (closes: #734553). - Use prctl() to prevent sftp-server from accessing /proc/self/{mem,maps}. * Restore TCP wrappers support, removed upstream in 6.7. It is true that dropping this reduces preauth attack surface in sshd. On the other hand, this support seems to be quite widely used, and abruptly dropping it (from the perspective of users who don't read openssh-unix-dev) could easily cause more serious problems in practice. It's not entirely clear what the right long-term answer for Debian is, but it at least probably doesn't involve dropping this feature shortly before a freeze. * Replace patch to disable OpenSSL version check with an updated version of Kurt Roeckx's patch from #732940 to just avoid checking the status field.
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog932
1 files changed, 931 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 38de846ff..63aeae556 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,934 @@
120131006
2 - (djm) Release OpenSSH-6.7
3
420141003
5 - (djm) [sshd_config.5] typo; from Iain Morgan
6
720141001
8 - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]
9 [openbsd-compat/openbsd-compat.h] Kludge around bad glibc
10 _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets;
11 ok dtucker@
12
1320140910
14 - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;
15 patch from Felix von Leitner; ok dtucker
16
1720140908
18 - (dtucker) [INSTALL] Update info about egd. ok djm@
19
2020140904
21 - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG
22
2320140903
24 - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and
25 conditionalise to avoid duplicate definition.
26 - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to
27 permissions/ACLs; from Corinna Vinschen
28
2920140830
30 - (djm) [openbsd-compat/openssl-compat.h] add
31 OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
32 - (djm) [misc.c] Missing newline between functions
33 - (djm) [openbsd-compat/openssl-compat.h] add include guard
34 - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@
35
3620140827
37 - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
38 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
39 [regress/unittests/sshkey/common.c]
40 [regress/unittests/sshkey/test_file.c]
41 [regress/unittests/sshkey/test_fuzz.c]
42 [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
43 on !ECC OpenSSL systems
44 - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth
45 monitor, not preauth; bz#2263
46 - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
47 using memset_s() where possible; improve fallback to indirect bzero
48 via a volatile pointer to give it more of a chance to avoid being
49 optimised away.
50
5120140825
52 - (djm) [bufec.c] Skip this file on !ECC OpenSSL
53 - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,
54 update OpenSSL version requirement.
55
5620140824
57 - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not
58 PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
59
6020140823
61 - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on
62 lastlog writing on platforms with high UIDs; bz#2263
63 - (djm) [configure.ac] We now require a working vsnprintf everywhere (not
64 just for systems that lack asprintf); check for it always and extend
65 test to catch more brokenness. Fixes builds on Solaris <= 9
66
6720140822
68 - (djm) [configure.ac] include leading zero characters in OpenSSL version
69 number; fixes test for unsupported versions
70 - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC
71 - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/
72 definition mismatch) and warning for broken/missing snprintf case.
73 - (djm) [configure.ac] double braces to appease autoconf
74
7520140821
76 - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.
77 - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL
78 - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
79 don't set __progname. Diagnosed by Tom Christensen.
80
8120140820
82 - (djm) [configure.ac] Check OpenSSL version is supported at configure time;
83 suggested by Kevin Brott
84 - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than
85 -L/-l; fixes linking problems on some platforms
86 - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC
87 - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna
88
8920140819
90 - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen
91 - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.
92 - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG
93 - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]
94 [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions
95 of TCP wrappers.
96
9720140811
98 - (djm) [myproposal.h] Make curve25519 KEX dependent on
99 HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
100
10120140810
102 - (djm) [README contrib/caldera/openssh.spec]
103 [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
104
10520140801
106 - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
107 a better solution, but this will have to do for now.
108 - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin
109 is closed; avoid regress failures when stdin is /dev/null
110 - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate
111 nc from stdin, it's more portable
112
11320140730
114 - OpenBSD CVS Sync
115 - millert@cvs.openbsd.org 2014/07/24 22:57:10
116 [ssh.1]
117 Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@
118 - dtucker@cvs.openbsd.org 2014/07/25 21:22:03
119 [ssh-agent.c]
120 Clear buffer used for handling messages. This prevents keys being
121 left in memory after they have been expired or deleted in some cases
122 (but note that ssh-agent is setgid so you would still need root to
123 access them). Pointed out by Kevin Burns, ok deraadt
124 - schwarze@cvs.openbsd.org 2014/07/28 15:40:08
125 [sftp-server.8 sshd_config.5]
126 some systems no longer need /dev/log;
127 issue noticed by jirib;
128 ok deraadt
129
13020140725
131 - (djm) [regress/multiplex.sh] restore incorrectly deleted line;
132 pointed out by Christian Hesse
133
13420140722
135 - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;
136 put it back
137 - (djm) [regress/multiplex.sh] change the test for still-open Unix
138 domain sockets to be robust against nc implementations that produce
139 error messages.
140 - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
141 specific tests inside OPENSSL_HAS_ECC.
142 - (dtucker) OpenBSD CVS Sync
143 - dtucker@cvs.openbsd.org 2014/07/22 01:18:50
144 [key.c]
145 Prevent spam from key_load_private_pem during hostbased auth. ok djm@
146 - guenther@cvs.openbsd.org 2014/07/22 07:13:42
147 [umac.c]
148 Convert from <sys/endian.h> to the shiney new <endian.h>
149 ok dtucker@, who also confirmed that -portable handles this already
150 (ID sync only, includes.h pulls in endian.h if available.)
151 - djm@cvs.openbsd.org 2014/07/22 01:32:12
152 [regress/multiplex.sh]
153 change the test for still-open Unix domain sockets to be robust against
154 nc implementations that produce error messages. from -portable
155 (Id sync only)
156 - dtucker@cvs.openbsd.org 2014/07/22 23:23:22
157 [regress/unittests/sshkey/mktestdata.sh]
158 Sign test certs with ed25519 instead of ecdsa so that they'll work in
159 -portable on platforms that don't have ECDSA in their OpenSSL. ok djm
160 - dtucker@cvs.openbsd.org 2014/07/22 23:57:40
161 [regress/unittests/sshkey/mktestdata.sh]
162 Add $OpenBSD tag to make syncs easier
163 - dtucker@cvs.openbsd.org 2014/07/22 23:35:38
164 [regress/unittests/sshkey/testdata/*]
165 Regenerate test keys with certs signed with ed25519 instead of ecdsa.
166 These can be used in -portable on platforms that don't support ECDSA.
167
16820140721
169 - OpenBSD CVS Sync
170 - millert@cvs.openbsd.org 2014/07/15 15:54:15
171 [forwarding.sh multiplex.sh]
172 Add support for Unix domain socket forwarding. A remote TCP port
173 may be forwarded to a local Unix domain socket and vice versa or
174 both ends may be a Unix domain socket. This is a reimplementation
175 of the streamlocal patches by William Ahern from:
176 http://www.25thandclement.com/~william/projects/streamlocal.html
177 OK djm@ markus@
178 - (djm) [regress/multiplex.sh] Not all netcat accept the -N option.
179 - (dtucker) [sshkey.c] ifdef out unused variable when compiling without
180 OPENSSL_HAS_ECC.
181
18220140721
183 - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
184 needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
185 - (dtucker) [regress/unittests/sshkey/
186 {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in
187 ifdefs.
188
18920140719
190 - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
191 in servconf.h.
192
19320140718
194 - OpenBSD CVS Sync
195 - millert@cvs.openbsd.org 2014/07/15 15:54:14
196 [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
197 [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
198 [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
199 [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
200 [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
201 [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
202 [sshd_config.5 sshlogin.c]
203 Add support for Unix domain socket forwarding. A remote TCP port
204 may be forwarded to a local Unix domain socket and vice versa or
205 both ends may be a Unix domain socket. This is a reimplementation
206 of the streamlocal patches by William Ahern from:
207 http://www.25thandclement.com/~william/projects/streamlocal.html
208 OK djm@ markus@
209 - jmc@cvs.openbsd.org 2014/07/16 14:48:57
210 [ssh.1]
211 add the streamlocal* options to ssh's -o list; millert says they're
212 irrelevant for scp/sftp;
213 ok markus millert
214 - djm@cvs.openbsd.org 2014/07/17 00:10:56
215 [sandbox-systrace.c]
216 ifdef SYS_sendsyslog so this will compile without patching on -stable
217 - djm@cvs.openbsd.org 2014/07/17 00:10:18
218 [mux.c]
219 preserve errno across syscall
220 - djm@cvs.openbsd.org 2014/07/17 00:12:03
221 [key.c]
222 silence "incorrect passphrase" error spam; reported and ok dtucker@
223 - djm@cvs.openbsd.org 2014/07/17 07:22:19
224 [mux.c ssh.c]
225 reflect stdio-forward ("ssh -W host:port ...") failures in exit status.
226 previously we were always returning 0. bz#2255 reported by Brendan
227 Germain; ok dtucker
228 - djm@cvs.openbsd.org 2014/07/18 02:46:01
229 [ssh-agent.c]
230 restore umask around listener socket creation (dropped in streamlocal patch
231 merge)
232 - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used
233 in servconf.h.
234 - (dtucker) [Makefile.in] Add a t-exec target to run just the executable
235 tests.
236 - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC.
237
23820140717
239 - (djm) [digest-openssl.c] Preserve array order when disabling digests.
240 Reported by Petr Lautrbach.
241 - OpenBSD CVS Sync
242 - deraadt@cvs.openbsd.org 2014/07/11 08:09:54
243 [sandbox-systrace.c]
244 Permit use of SYS_sendsyslog from inside the sandbox. Clock is ticking,
245 update your kernels and sshd soon.. libc will start using sendsyslog()
246 in about 4 days.
247 - tedu@cvs.openbsd.org 2014/07/11 13:54:34
248 [myproposal.h]
249 by popular demand, add back hamc-sha1 to server proposal for better compat
250 with many clients still in use. ok deraadt
251
25220140715
253 - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto
254 has been located; fixes builds agains libressl-portable
255
25620140711
257 - OpenBSD CVS Sync
258 - benno@cvs.openbsd.org 2014/07/09 14:15:56
259 [ssh-add.c]
260 fix ssh-add crash while loading more than one key
261 ok markus@
262
26320140709
264 - OpenBSD CVS Sync
265 - djm@cvs.openbsd.org 2014/07/07 08:19:12
266 [ssh_config.5]
267 mention that ProxyCommand is executed using shell "exec" to avoid
268 a lingering process; bz#1977
269 - djm@cvs.openbsd.org 2014/07/09 01:45:10
270 [sftp.c]
271 more useful error message when GLOB_NOSPACE occurs;
272 bz#2254, patch from Orion Poplawski
273 - djm@cvs.openbsd.org 2014/07/09 03:02:15
274 [key.c]
275 downgrade more error() to debug() to better match what old authfile.c
276 did; suppresses spurious errors with hostbased authentication enabled
277 - djm@cvs.openbsd.org 2014/07/06 07:42:03
278 [multiplex.sh test-exec.sh]
279 add a hook to the cleanup() function to kill $SSH_PID if it is set
280
281 use it to kill the mux master started in multiplex.sh (it was being left
282 around on fatal failures)
283 - djm@cvs.openbsd.org 2014/07/07 08:15:26
284 [multiplex.sh]
285 remove forced-fatal that I stuck in there to test the new cleanup
286 logic and forgot to remove...
287
28820140706
289 - OpenBSD CVS Sync
290 - djm@cvs.openbsd.org 2014/07/03 23:18:35
291 [authfile.h]
292 remove leakmalloc droppings
293 - djm@cvs.openbsd.org 2014/07/05 23:11:48
294 [channels.c]
295 fix remote-forward cancel regression; ok markus@
296
29720140704
298 - OpenBSD CVS Sync
299 - jsing@cvs.openbsd.org 2014/07/03 12:42:16
300 [cipher-chachapoly.c]
301 Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this
302 makes it easier to verify that chacha_encrypt_bytes() is only called once
303 per chacha_ivsetup() call.
304 ok djm@
305 - djm@cvs.openbsd.org 2014/07/03 22:23:46
306 [sshconnect.c]
307 when rekeying, skip file/DNS lookup if it is the same as the key sent
308 during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@
309 - djm@cvs.openbsd.org 2014/07/03 22:33:41
310 [channels.c]
311 allow explicit ::1 and 127.0.0.1 forwarding bind addresses when
312 GatewayPorts=no; allows client to choose address family;
313 bz#2222 ok markus@
314 - djm@cvs.openbsd.org 2014/07/03 22:40:43
315 [servconf.c servconf.h session.c sshd.8 sshd_config.5]
316 Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
317 executed, mirroring the no-user-rc authorized_keys option;
318 bz#2160; ok markus@
319
32020140703
321 - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto
322 doesn't support it.
323 - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist;
324 bz#2237
325 - OpenBSD CVS Sync
326 - djm@cvs.openbsd.org 2014/07/03 01:45:38
327 [sshkey.c]
328 make Ed25519 keys' title fit properly in the randomart border; bz#2247
329 based on patch from Christian Hesse
330 - djm@cvs.openbsd.org 2014/07/03 03:11:03
331 [ssh-agent.c]
332 Only cleanup agent socket in the main agent process and not in any
333 subprocesses it may have started (e.g. forked askpass). Fixes
334 agent sockets being zapped when askpass processes fatal();
335 bz#2236 patch from Dmitry V. Levin
336 - djm@cvs.openbsd.org 2014/07/03 03:15:01
337 [ssh-add.c]
338 make stdout line-buffered; saves partial output getting lost when
339 ssh-add fatal()s part-way through (e.g. when listing keys from an
340 agent that supports key types that ssh-add doesn't);
341 bz#2234, reported by Phil Pennock
342 - djm@cvs.openbsd.org 2014/07/03 03:26:43
343 [digest-openssl.c]
344 use EVP_Digest() for one-shot hash instead of creating, updating,
345 finalising and destroying a context.
346 bz#2231, based on patch from Timo Teras
347 - djm@cvs.openbsd.org 2014/07/03 03:34:09
348 [gss-serv.c session.c ssh-keygen.c]
349 standardise on NI_MAXHOST for gethostname() string lengths; about
350 1/2 the cases were using it already. Fixes bz#2239 en passant
351 - djm@cvs.openbsd.org 2014/07/03 03:47:27
352 [ssh-keygen.c]
353 When hashing or removing hosts using ssh-keygen, don't choke on
354 @revoked markers and don't remove @cert-authority markers;
355 bz#2241, reported by mlindgren AT runelind.net
356 - djm@cvs.openbsd.org 2014/07/03 04:36:45
357 [digest.h]
358 forward-declare struct sshbuf so consumers don't need to include sshbuf.h
359 - djm@cvs.openbsd.org 2014/07/03 05:32:36
360 [ssh_config.5]
361 mention '%%' escape sequence in HostName directives and how it may
362 be used to specify IPv6 link-local addresses
363 - djm@cvs.openbsd.org 2014/07/03 05:38:17
364 [ssh.1]
365 document that -g will only work in the multiplexed case if applied to
366 the mux master
367 - djm@cvs.openbsd.org 2014/07/03 06:39:19
368 [ssh.c ssh_config.5]
369 Add a %C escape sequence for LocalCommand and ControlPath that expands
370 to a unique identifer based on a has of the tuple of (local host,
371 remote user, hostname, port).
372
373 Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
374 control paths.
375
376 bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
377 - jmc@cvs.openbsd.org 2014/07/03 07:45:27
378 [ssh_config.5]
379 escape %C since groff thinks it part of an Rs/Re block;
380 - djm@cvs.openbsd.org 2014/07/03 11:16:55
381 [auth.c auth.h auth1.c auth2.c]
382 make the "Too many authentication failures" message include the
383 user, source address, port and protocol in a format similar to the
384 authentication success / failure messages; bz#2199, ok dtucker
385
38620140702
387 - OpenBSD CVS Sync
388 - deraadt@cvs.openbsd.org 2014/06/13 08:26:29
389 [sandbox-systrace.c]
390 permit SYS_getentropy
391 from matthew
392 - matthew@cvs.openbsd.org 2014/06/18 02:59:13
393 [sandbox-systrace.c]
394 Now that we have a dedicated getentropy(2) system call for
395 arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace
396 sandbox.
397
398 ok djm
399 - naddy@cvs.openbsd.org 2014/06/18 15:42:09
400 [sshbuf-getput-crypto.c]
401 The ssh_get_bignum functions must accept the same range of bignums
402 the corresponding ssh_put_bignum functions create. This fixes the
403 use of 16384-bit RSA keys (bug reported by Eivind Evensen).
404 ok djm@
405 - djm@cvs.openbsd.org 2014/06/24 00:52:02
406 [krl.c]
407 fix bug in KRL generation: multiple consecutive revoked certificate
408 serial number ranges could be serialised to an invalid format.
409
410 Readers of a broken KRL caused by this bug will fail closed, so no
411 should-have-been-revoked key will be accepted.
412 - djm@cvs.openbsd.org 2014/06/24 01:13:21
413 [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
414 [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
415 [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
416 [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
417 [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
418 [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
419 [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
420 [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
421 [sshconnect2.c sshd.c sshkey.c sshkey.h
422 [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
423 New key API: refactor key-related functions to be more library-like,
424 existing API is offered as a set of wrappers.
425
426 with and ok markus@
427
428 Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
429 Dempsky and Ron Bowes for a detailed review a few months ago.
430 NB. This commit also removes portable OpenSSH support for OpenSSL
431 <0.9.8e.
432 - djm@cvs.openbsd.org 2014/06/24 02:19:48
433 [ssh.c]
434 don't fatal() when hostname canonicalisation fails with a
435 ProxyCommand in use; continue and allow the ProxyCommand to
436 connect anyway (e.g. to a host with a name outside the DNS
437 behind a bastion)
438 - djm@cvs.openbsd.org 2014/06/24 02:21:01
439 [scp.c]
440 when copying local->remote fails during read, don't send uninitialised
441 heap to the remote end. Reported by Jann Horn
442 - deraadt@cvs.openbsd.org 2014/06/25 14:16:09
443 [sshbuf.c]
444 unblock SIGSEGV before raising it
445 ok djm
446 - markus@cvs.openbsd.org 2014/06/27 16:41:56
447 [channels.c channels.h clientloop.c ssh.c]
448 fix remote fwding with same listen port but different listen address
449 with gerhard@, ok djm@
450 - markus@cvs.openbsd.org 2014/06/27 18:50:39
451 [ssh-add.c]
452 fix loading of private keys
453 - djm@cvs.openbsd.org 2014/06/30 12:54:39
454 [key.c]
455 suppress spurious error message when loading key with a passphrase;
456 reported by kettenis@ ok markus@
457 - djm@cvs.openbsd.org 2014/07/02 04:59:06
458 [cipher-3des1.c]
459 fix ssh protocol 1 on the server that regressed with the sshkey change
460 (sometimes fatal() after auth completed), make file return useful status
461 codes.
462 NB. Id sync only for these two. They were bundled into the sshkey merge
463 above, since it was easier to sync the entire file and then apply
464 portable-specific changed atop it.
465 - djm@cvs.openbsd.org 2014/04/30 05:32:00
466 [regress/Makefile]
467 unit tests for new buffer API; including basic fuzz testing
468 NB. Id sync only.
469 - djm@cvs.openbsd.org 2014/05/21 07:04:21
470 [regress/integrity.sh]
471 when failing because of unexpected output, show the offending output
472 - djm@cvs.openbsd.org 2014/06/24 01:04:43
473 [regress/krl.sh]
474 regress test for broken consecutive revoked serial number ranges
475 - djm@cvs.openbsd.org 2014/06/24 01:14:17
476 [Makefile.in regress/Makefile regress/unittests/Makefile]
477 [regress/unittests/sshkey/Makefile]
478 [regress/unittests/sshkey/common.c]
479 [regress/unittests/sshkey/common.h]
480 [regress/unittests/sshkey/mktestdata.sh]
481 [regress/unittests/sshkey/test_file.c]
482 [regress/unittests/sshkey/test_fuzz.c]
483 [regress/unittests/sshkey/test_sshkey.c]
484 [regress/unittests/sshkey/tests.c]
485 [regress/unittests/sshkey/testdata/dsa_1]
486 [regress/unittests/sshkey/testdata/dsa_1-cert.fp]
487 [regress/unittests/sshkey/testdata/dsa_1-cert.pub]
488 [regress/unittests/sshkey/testdata/dsa_1.fp]
489 [regress/unittests/sshkey/testdata/dsa_1.fp.bb]
490 [regress/unittests/sshkey/testdata/dsa_1.param.g]
491 [regress/unittests/sshkey/testdata/dsa_1.param.priv]
492 [regress/unittests/sshkey/testdata/dsa_1.param.pub]
493 [regress/unittests/sshkey/testdata/dsa_1.pub]
494 [regress/unittests/sshkey/testdata/dsa_1_pw]
495 [regress/unittests/sshkey/testdata/dsa_2]
496 [regress/unittests/sshkey/testdata/dsa_2.fp]
497 [regress/unittests/sshkey/testdata/dsa_2.fp.bb]
498 [regress/unittests/sshkey/testdata/dsa_2.pub]
499 [regress/unittests/sshkey/testdata/dsa_n]
500 [regress/unittests/sshkey/testdata/dsa_n_pw]
501 [regress/unittests/sshkey/testdata/ecdsa_1]
502 [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp]
503 [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub]
504 [regress/unittests/sshkey/testdata/ecdsa_1.fp]
505 [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb]
506 [regress/unittests/sshkey/testdata/ecdsa_1.param.curve]
507 [regress/unittests/sshkey/testdata/ecdsa_1.param.priv]
508 [regress/unittests/sshkey/testdata/ecdsa_1.param.pub]
509 [regress/unittests/sshkey/testdata/ecdsa_1.pub]
510 [regress/unittests/sshkey/testdata/ecdsa_1_pw]
511 [regress/unittests/sshkey/testdata/ecdsa_2]
512 [regress/unittests/sshkey/testdata/ecdsa_2.fp]
513 [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb]
514 [regress/unittests/sshkey/testdata/ecdsa_2.param.curve]
515 [regress/unittests/sshkey/testdata/ecdsa_2.param.priv]
516 [regress/unittests/sshkey/testdata/ecdsa_2.param.pub]
517 [regress/unittests/sshkey/testdata/ecdsa_2.pub]
518 [regress/unittests/sshkey/testdata/ecdsa_n]
519 [regress/unittests/sshkey/testdata/ecdsa_n_pw]
520 [regress/unittests/sshkey/testdata/ed25519_1]
521 [regress/unittests/sshkey/testdata/ed25519_1-cert.fp]
522 [regress/unittests/sshkey/testdata/ed25519_1-cert.pub]
523 [regress/unittests/sshkey/testdata/ed25519_1.fp]
524 [regress/unittests/sshkey/testdata/ed25519_1.fp.bb]
525 [regress/unittests/sshkey/testdata/ed25519_1.pub]
526 [regress/unittests/sshkey/testdata/ed25519_1_pw]
527 [regress/unittests/sshkey/testdata/ed25519_2]
528 [regress/unittests/sshkey/testdata/ed25519_2.fp]
529 [regress/unittests/sshkey/testdata/ed25519_2.fp.bb]
530 [regress/unittests/sshkey/testdata/ed25519_2.pub]
531 [regress/unittests/sshkey/testdata/pw]
532 [regress/unittests/sshkey/testdata/rsa1_1]
533 [regress/unittests/sshkey/testdata/rsa1_1.fp]
534 [regress/unittests/sshkey/testdata/rsa1_1.fp.bb]
535 [regress/unittests/sshkey/testdata/rsa1_1.param.n]
536 [regress/unittests/sshkey/testdata/rsa1_1.pub]
537 [regress/unittests/sshkey/testdata/rsa1_1_pw]
538 [regress/unittests/sshkey/testdata/rsa1_2]
539 [regress/unittests/sshkey/testdata/rsa1_2.fp]
540 [regress/unittests/sshkey/testdata/rsa1_2.fp.bb]
541 [regress/unittests/sshkey/testdata/rsa1_2.param.n]
542 [regress/unittests/sshkey/testdata/rsa1_2.pub]
543 [regress/unittests/sshkey/testdata/rsa_1]
544 [regress/unittests/sshkey/testdata/rsa_1-cert.fp]
545 [regress/unittests/sshkey/testdata/rsa_1-cert.pub]
546 [regress/unittests/sshkey/testdata/rsa_1.fp]
547 [regress/unittests/sshkey/testdata/rsa_1.fp.bb]
548 [regress/unittests/sshkey/testdata/rsa_1.param.n]
549 [regress/unittests/sshkey/testdata/rsa_1.param.p]
550 [regress/unittests/sshkey/testdata/rsa_1.param.q]
551 [regress/unittests/sshkey/testdata/rsa_1.pub]
552 [regress/unittests/sshkey/testdata/rsa_1_pw]
553 [regress/unittests/sshkey/testdata/rsa_2]
554 [regress/unittests/sshkey/testdata/rsa_2.fp]
555 [regress/unittests/sshkey/testdata/rsa_2.fp.bb]
556 [regress/unittests/sshkey/testdata/rsa_2.param.n]
557 [regress/unittests/sshkey/testdata/rsa_2.param.p]
558 [regress/unittests/sshkey/testdata/rsa_2.param.q]
559 [regress/unittests/sshkey/testdata/rsa_2.pub]
560 [regress/unittests/sshkey/testdata/rsa_n]
561 [regress/unittests/sshkey/testdata/rsa_n_pw]
562 unit and fuzz tests for new key API
563 - (djm) [sshkey.c] Conditionalise inclusion of util.h
564 - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test
565
56620140618
567 - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare
568
56920140617
570 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
571 openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
572 Move the OpenSSL header/library version test into its own function and add
573 tests for it. Fix it to allow fix version upgrades (but not downgrades).
574 Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
575 ok djm@ chl@
576
57720140616
578 - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via
579 OpenSMTPD and chl@
580
58120140612
582 - (dtucker) [configure.ac] Remove tcpwrappers support, support has already
583 been removed from sshd.c.
584
58520140611
586 - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from
587 openbsd-compat/bsd-asprintf.c.
588 - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*]
589 Wrap stdlib.h include an ifdef for platforms that don't have it.
590 - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for
591 u_intXX_t types.
592
59320140610
594 - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
595 regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256
596 curve tests if OpenSSL has them.
597 - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in
598 the proposal if the version of OpenSSL we're using doesn't support ECC.
599 - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef
600 ECC variable too.
601 - (dtucker) OpenBSD CVS Sync
602 - djm@cvs.openbsd.org 2014/06/05 22:17:50
603 [sshconnect2.c]
604 fix inverted test that caused PKCS#11 keys that were explicitly listed
605 not to be preferred. Reported by Dirk-Willem van Gulik
606 - dtucker@cvs.openbsd.org 2014/06/10 21:46:11
607 [sshbuf.h]
608 Group ECC functions together to make things a little easier in -portable.
609 "doesn't bother me" deraadt@
610 - (dtucker) [sshbuf.h] Only declare ECC functions if building without
611 OpenSSL or if OpenSSL has ECC.
612 - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an
613 assigment that might get optimized out. ok djm@
614 - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for
615 compat stuff, specifically whether or not OpenSSL has ECC.
616
61720140527
618 - (djm) [cipher.c] Fix merge botch.
619 - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config
620 from Corinna Vinschen, fixing a number of bugs and preparing for
621 Cygwin 1.7.30.
622 - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]
623 [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege
624 separation user at runtime, since it may need to be a domain account.
625 Patch from Corinna Vinschen.
626
62720140522
628 - (djm) [Makefile.in] typo in path
629
63020140521
631 - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use
632 vhangup on Linux. It doens't work for non-root users, and for them
633 it just messes up the tty settings.
634 - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC
635 when it is available. It takes into account time spent suspended,
636 thereby ensuring timeouts (e.g. for expiring agent keys) fire
637 correctly. bz#2228 reported by John Haxby
638
63920140519
640 - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine
641 OpenBSD
642 - OpenBSD CVS Sync
643 - logan@cvs.openbsd.org 2014/04/20 09:24:26
644 [dns.c dns.h ssh-keygen.c]
645 Add support for SSHFP DNS records for ED25519 key types.
646 OK from djm@
647 - logan@cvs.openbsd.org 2014/04/21 14:36:16
648 [sftp-client.c sftp-client.h sftp.c]
649 Implement sftp upload resume support.
650 OK from djm@, with input from guenther@, mlarkin@ and
651 okan@
652 - logan@cvs.openbsd.org 2014/04/22 10:07:12
653 [sftp.c]
654 Sort the sftp command list.
655 OK from djm@
656 - logan@cvs.openbsd.org 2014/04/22 12:42:04
657 [sftp.1]
658 Document sftp upload resume.
659 OK from djm@, with feedback from okan@.
660 - jmc@cvs.openbsd.org 2014/04/22 14:16:30
661 [sftp.1]
662 zap eol whitespace;
663 - djm@cvs.openbsd.org 2014/04/23 12:42:34
664 [readconf.c]
665 don't record duplicate IdentityFiles
666 - djm@cvs.openbsd.org 2014/04/28 03:09:18
667 [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
668 [ssh-keygen.c]
669 buffer_get_string_ptr's return should be const to remind
670 callers that futzing with it will futz with the actual buffer
671 contents
672 - djm@cvs.openbsd.org 2014/04/29 13:10:30
673 [clientloop.c serverloop.c]
674 bz#1818 - don't send channel success/failre replies on channels that
675 have sent a close already; analysis and patch from Simon Tatham;
676 ok markus@
677 - markus@cvs.openbsd.org 2014/04/29 18:01:49
678 [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
679 [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
680 [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
681 [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
682 make compiling against OpenSSL optional (make OPENSSL=no);
683 reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
684 allows us to explore further options; with and ok djm
685 - dtucker@cvs.openbsd.org 2014/04/29 19:58:50
686 [sftp.c]
687 Move nulling of variable next to where it's freed. ok markus@
688 - dtucker@cvs.openbsd.org 2014/04/29 20:36:51
689 [sftp.c]
690 Don't attempt to append a nul quote char to the filename. Should prevent
691 fatal'ing with "el_insertstr failed" when there's a single quote char
692 somewhere in the string. bz#2238, ok markus@
693 - djm@cvs.openbsd.org 2014/04/30 05:29:56
694 [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
695 [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
696 [ssherr.h]
697 New buffer API; the first installment of the conversion/replacement
698 of OpenSSH's internals to make them usable as a standalone library.
699
700 This includes a set of wrappers to make it compatible with the
701 existing buffer API so replacement can occur incrementally.
702
703 With and ok markus@
704
705 Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
706 Dempsky and Ron Bowes for a detailed review.
707 - naddy@cvs.openbsd.org 2014/04/30 19:07:48
708 [mac.c myproposal.h umac.c]
709 UMAC can use our local fallback implementation of AES when OpenSSL isn't
710 available. Glue code straight from Ted Krovetz's original umac.c.
711 ok markus@
712 - djm@cvs.openbsd.org 2014/05/02 03:27:54
713 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c]
714 [misc.h poly1305.h ssh-pkcs11.c defines.h]
715 revert __bounded change; it causes way more problems for portable than
716 it solves; pointed out by dtucker@
717 - markus@cvs.openbsd.org 2014/05/03 17:20:34
718 [monitor.c packet.c packet.h]
719 unbreak compression, by re-init-ing the compression code in the
720 post-auth child. the new buffer code is more strict, and requires
721 buffer_init() while the old code was happy after a bzero();
722 originally from djm@
723 - logan@cvs.openbsd.org 2014/05/05 07:02:30
724 [sftp.c]
725 Zap extra whitespace.
726
727 OK from djm@ and dtucker@
728 - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write
729 portability glue to support building without libcrypto
730 - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c]
731 [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes
732 - OpenBSD CVS Sync
733 - djm@cvs.openbsd.org 2014/03/13 20:44:49
734 [login-timeout.sh]
735 this test is a sorry mess of race conditions; add another sleep
736 to avoid a failure on slow machines (at least until I find a
737 better way)
738 - djm@cvs.openbsd.org 2014/04/21 22:15:37
739 [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh]
740 repair regress tests broken by server-side default cipher/kex/mac changes
741 by ensuring that the option under test is included in the server's
742 algorithm list
743 - dtucker@cvs.openbsd.org 2014/05/03 18:46:14
744 [proxy-connect.sh]
745 Add tests for with and without compression, with and without privsep.
746 - logan@cvs.openbsd.org 2014/05/04 10:40:59
747 [connect-privsep.sh]
748 Remove the Z flag from the list of malloc options as it
749 was removed from malloc.c 10 days ago.
750
751 OK from miod@
752 - (djm) [regress/unittests/Makefile]
753 [regress/unittests/Makefile.inc]
754 [regress/unittests/sshbuf/Makefile]
755 [regress/unittests/sshbuf/test_sshbuf.c]
756 [regress/unittests/sshbuf/test_sshbuf_fixed.c]
757 [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
758 [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
759 [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
760 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
761 [regress/unittests/sshbuf/test_sshbuf_misc.c]
762 [regress/unittests/sshbuf/tests.c]
763 [regress/unittests/test_helper/Makefile]
764 [regress/unittests/test_helper/fuzz.c]
765 [regress/unittests/test_helper/test_helper.c]
766 [regress/unittests/test_helper/test_helper.h]
767 Import new unit tests from OpenBSD; not yet hooked up to build.
768 - (djm) [regress/Makefile Makefile.in]
769 [regress/unittests/sshbuf/test_sshbuf.c
770 [regress/unittests/sshbuf/test_sshbuf_fixed.c]
771 [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
772 [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
773 [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
774 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
775 [regress/unittests/sshbuf/test_sshbuf_misc.c]
776 [regress/unittests/sshbuf/tests.c]
777 [regress/unittests/test_helper/fuzz.c]
778 [regress/unittests/test_helper/test_helper.c]
779 Hook new unit tests into the build and "make tests"
780 - (djm) [sshbuf.c] need __predict_false
781
78220140430
783 - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already
784 have it. Only attempt to use __attribute__(__bounded__) for gcc.
785
78620140420
787 - OpenBSD CVS Sync
788 - djm@cvs.openbsd.org 2014/03/03 22:22:30
789 [session.c]
790 ignore enviornment variables with embedded '=' or '\0' characters;
791 spotted by Jann Horn; ok deraadt@
792 Id sync only - portable already has this.
793 - djm@cvs.openbsd.org 2014/03/12 04:44:58
794 [ssh-keyscan.c]
795 scan for Ed25519 keys by default too
796 - djm@cvs.openbsd.org 2014/03/12 04:50:32
797 [auth-bsdauth.c ssh-keygen.c]
798 don't count on things that accept arguments by reference to clear
799 things for us on error; most things do, but it's unsafe form.
800 - djm@cvs.openbsd.org 2014/03/12 04:51:12
801 [authfile.c]
802 correct test that kdf name is not "none" or "bcrypt"
803 - naddy@cvs.openbsd.org 2014/03/12 13:06:59
804 [ssh-keyscan.1]
805 scan for Ed25519 keys by default too
806 - deraadt@cvs.openbsd.org 2014/03/15 17:28:26
807 [ssh-agent.c ssh-keygen.1 ssh-keygen.c]
808 Improve usage() and documentation towards the standard form.
809 In particular, this line saves a lot of man page reading time.
810 usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
811 [-N new_passphrase] [-C comment] [-f output_keyfile]
812 ok schwarze jmc
813 - tedu@cvs.openbsd.org 2014/03/17 19:44:10
814 [ssh.1]
815 old descriptions of des and blowfish are old. maybe ok deraadt
816 - tedu@cvs.openbsd.org 2014/03/19 14:42:44
817 [scp.1]
818 there is no need for rcp anymore
819 ok deraadt millert
820 - markus@cvs.openbsd.org 2014/03/25 09:40:03
821 [myproposal.h]
822 trimm default proposals.
823
824 This commit removes the weaker pre-SHA2 hashes, the broken ciphers
825 (arcfour), and the broken modes (CBC) from the default configuration
826 (the patch only changes the default, all the modes are still available
827 for the config files).
828
829 ok djm@, reminded by tedu@ & naddy@ and discussed with many
830 - deraadt@cvs.openbsd.org 2014/03/26 17:16:26
831 [myproposal.h]
832 The current sharing of myproposal[] between both client and server code
833 makes the previous diff highly unpallatable. We want to go in that
834 direction for the server, but not for the client. Sigh.
835 Brought up by naddy.
836 - markus@cvs.openbsd.org 2014/03/27 23:01:27
837 [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
838 disable weak proposals in sshd, but keep them in ssh; ok djm@
839 - djm@cvs.openbsd.org 2014/03/26 04:55:35
840 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
841 [misc.h poly1305.h ssh-pkcs11.c]
842 use __bounded(...) attribute recently added to sys/cdefs.h instead of
843 longform __attribute__(__bounded(...));
844
845 for brevity and a warning free compilation with llvm/clang
846 - tedu@cvs.openbsd.org 2014/03/26 19:58:37
847 [sshd.8 sshd.c]
848 remove libwrap support. ok deraadt djm mfriedl
849 - naddy@cvs.openbsd.org 2014/03/28 05:17:11
850 [ssh_config.5 sshd_config.5]
851 sync available and default algorithms, improve algorithm list formatting
852 help from jmc@ and schwarze@, ok deraadt@
853 - jmc@cvs.openbsd.org 2014/03/31 13:39:34
854 [ssh-keygen.1]
855 the text for the -K option was inserted in the wrong place in -r1.108;
856 fix From: Matthew Clarke
857 - djm@cvs.openbsd.org 2014/04/01 02:05:27
858 [ssh-keysign.c]
859 include fingerprint of key not found
860 use arc4random_buf() instead of loop+arc4random()
861 - djm@cvs.openbsd.org 2014/04/01 03:34:10
862 [sshconnect.c]
863 When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any
864 certificate keys to plain keys and attempt SSHFP resolution.
865
866 Prevents a server from skipping SSHFP lookup and forcing a new-hostkey
867 dialog by offering only certificate keys.
868
869 Reported by mcv21 AT cam.ac.uk
870 - djm@cvs.openbsd.org 2014/04/01 05:32:57
871 [packet.c]
872 demote a debug3 to PACKET_DEBUG; ok markus@
873 - djm@cvs.openbsd.org 2014/04/12 04:55:53
874 [sshd.c]
875 avoid crash at exit: check that pmonitor!=NULL before dereferencing;
876 bz#2225, patch from kavi AT juniper.net
877 - djm@cvs.openbsd.org 2014/04/16 23:22:45
878 [bufaux.c]
879 skip leading zero bytes in buffer_put_bignum2_from_string();
880 reported by jan AT mojzis.com; ok markus@
881 - djm@cvs.openbsd.org 2014/04/16 23:28:12
882 [ssh-agent.1]
883 remove the identity files from this manpage - ssh-agent doesn't deal
884 with them at all and the same information is duplicated in ssh-add.1
885 (which does deal with them); prodded by deraadt@
886 - djm@cvs.openbsd.org 2014/04/18 23:52:25
887 [compat.c compat.h sshconnect2.c sshd.c version.h]
888 OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
889 using the curve25519-sha256@libssh.org KEX exchange method to fail
890 when connecting with something that implements the spec properly.
891
892 Disable this KEX method when speaking to one of the affected
893 versions.
894
895 reported by Aris Adamantiadis; ok markus@
896 - djm@cvs.openbsd.org 2014/04/19 05:54:59
897 [compat.c]
898 missing wildcard; pointed out by naddy@
899 - tedu@cvs.openbsd.org 2014/04/19 14:53:48
900 [ssh-keysign.c sshd.c]
901 Delete futile calls to RAND_seed. ok djm
902 NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
903 - tedu@cvs.openbsd.org 2014/04/19 18:15:16
904 [sshd.8]
905 remove some really old rsh references
906 - tedu@cvs.openbsd.org 2014/04/19 18:42:19
907 [ssh.1]
908 delete .xr to hosts.equiv. there's still an unfortunate amount of
909 documentation referring to rhosts equivalency in here.
910 - djm@cvs.openbsd.org 2014/04/20 02:30:25
911 [misc.c misc.h umac.c]
912 use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
913 strict-alignment architectures; reported by and ok stsp@
914 - djm@cvs.openbsd.org 2014/04/20 02:49:32
915 [compat.c]
916 add a canonical 6.6 + curve25519 bignum fix fake version that I can
917 recommend people use ahead of the openssh-6.7 release
918
91920140401
920 - (djm) On platforms that support it, use prctl() to prevent sftp-server
921 from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
922 - (djm) Use full release (e.g. 6.5p1) in debug output rather than just
923 version. From des@des.no
924
92520140317
926 - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to
927 remind myself to add sandbox violation logging via the log socket.
928
92920140314
930 - (tim) [opensshd.init.in] Add support for ed25519
931
120140313 93220140313
2 - (djm) Release OpenSSH 6.6 933 - (djm) Release OpenSSH 6.6
3 934
@@ -2884,4 +3815,3 @@
2884 [contrib/suse/openssh.spec] Update for release 6.0 3815 [contrib/suse/openssh.spec] Update for release 6.0
2885 - (djm) [README] Update URL to release notes. 3816 - (djm) [README] Update URL to release notes.
2886 - (djm) Release openssh-6.0 3817 - (djm) Release openssh-6.0
2887