summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2016-08-06 10:49:59 +0100
committerColin Watson <cjwatson@debian.org>2016-08-07 12:18:58 +0100
commit477bb7636238c106f8cd7c868a8c0c5eabcfb3db (patch)
tree601176af2ecf358c36b766776a86845ad7a3cd6f /ChangeLog
parent747fac2de0d889183f67f6900194c0462c558544 (diff)
parent4c914ccd85bbf391c4dc61b85e3c178fef465e3f (diff)
New upstream release (7.3p1).
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog3379
1 files changed, 1838 insertions, 1541 deletions
diff --git a/ChangeLog b/ChangeLog
index 1e4346715..f66ca4b1e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,16 +1,1847 @@
1commit 5c35450a0c901d9375fb23343a8dc82397da5f75 1commit 99522ba7ec6963a05c04a156bf20e3ba3605987c
2Author: Damien Miller <djm@mindrot.org> 2Author: Damien Miller <djm@mindrot.org>
3Date: Thu Mar 10 05:04:48 2016 +1100 3Date: Thu Jul 28 08:54:27 2016 +1000
4 4
5 update versions for release 5 define _OPENBSD_SOURCE for reallocarray on NetBSD
6
7 Report by and debugged with Hisashi T Fujinaka, dtucker nailed
8 the problem (lack of prototype causing return type confusion).
9
10commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187
11Author: Damien Miller <djm@mindrot.org>
12Date: Wed Jul 27 08:25:42 2016 +1000
13
14 KNF
15
16commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331
17Author: Damien Miller <djm@mindrot.org>
18Date: Wed Jul 27 08:25:23 2016 +1000
19
20 Linux auditing also needs packet.h
21
22commit 393bd381a45884b589baa9aed4394f1d250255ca
23Author: Damien Miller <djm@mindrot.org>
24Date: Wed Jul 27 08:18:05 2016 +1000
25
26 fix auditing on Linux
27
28 get_remote_ipaddr() was replaced with ssh_remote_ipaddr()
29
30commit 80e766fb089de4f3c92b1600eb99e9495e37c992
31Author: Damien Miller <djm@mindrot.org>
32Date: Sun Jul 24 21:50:13 2016 +1000
33
34 crank version numbers
35
36commit b1a478792d458f2e938a302e64bab2b520edc1b3
37Author: djm@openbsd.org <djm@openbsd.org>
38Date: Sun Jul 24 11:45:36 2016 +0000
39
40 upstream commit
41
42 openssh-7.3
43
44 Upstream-ID: af106a7eb665f642648cf1993e162c899f358718
45
46commit 353766e0881f069aeca30275ab706cd60a1a8fdd
47Author: Darren Tucker <dtucker@zip.com.au>
48Date: Sat Jul 23 16:14:42 2016 +1000
49
50 Move Cygwin IPPORT_RESERVED overrride to defines.h
51
52 Patch from vinschen at redhat.com.
53
54commit 368dd977ae07afb93f4ecea23615128c95ab2b32
55Author: djm@openbsd.org <djm@openbsd.org>
56Date: Sat Jul 23 02:54:08 2016 +0000
57
58 upstream commit
59
60 fix pledge violation with ssh -f; reported by Valentin
61 Kozamernik ok dtucker@
62
63 Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa
64
65commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e
66Author: djm@openbsd.org <djm@openbsd.org>
67Date: Fri Jul 22 07:00:46 2016 +0000
68
69 upstream commit
70
71 improve wording; suggested by jmc@
72
73 Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8
74
75commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8
76Author: dtucker@openbsd.org <dtucker@openbsd.org>
77Date: Fri Jul 22 05:46:11 2016 +0000
78
79 upstream commit
80
81 Lower loglevel for "Authenticated with partial success"
82 message similar to other similar level. bz#2599, patch from cgallek at
83 gmail.com, ok markus@
84
85 Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
86
87commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6
88Author: Damien Miller <djm@mindrot.org>
89Date: Fri Jul 22 14:06:36 2016 +1000
90
91 retry waitpid on EINTR failure
92
93 patch from Jakub Jelen on bz#2581; ok dtucker@
94
95commit da88a70a89c800e74ea8e5661ffa127a3cc79a92
96Author: djm@openbsd.org <djm@openbsd.org>
97Date: Fri Jul 22 03:47:36 2016 +0000
98
99 upstream commit
100
101 constify a few functions' arguments; patch from Jakub
102 Jelen bz#2581
103
104 Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d
105
106commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf
107Author: djm@openbsd.org <djm@openbsd.org>
108Date: Fri Jul 22 03:39:13 2016 +0000
109
110 upstream commit
111
112 move debug("%p", key) to before key is free'd; probable
113 undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581
114
115 Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
116
117commit 286f5a77c3bfec1e8892ca268087ac885ac871bf
118Author: djm@openbsd.org <djm@openbsd.org>
119Date: Fri Jul 22 03:35:11 2016 +0000
120
121 upstream commit
122
123 reverse the order in which -J/JumpHost proxies are visited to
124 be more intuitive and document
125
126 reported by and manpage bits naddy@
127
128 Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a
129
130commit fcd135c9df440bcd2d5870405ad3311743d78d97
131Author: dtucker@openbsd.org <dtucker@openbsd.org>
132Date: Thu Jul 21 01:39:35 2016 +0000
133
134 upstream commit
135
136 Skip passwords longer than 1k in length so clients can't
137 easily DoS sshd by sending very long passwords, causing it to spend CPU
138 hashing them. feedback djm@, ok markus@.
139
140 Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
141 360.cn and coredump at autistici.org
142
143 Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
144
145commit 324583e8fb3935690be58790425793df619c6d4d
146Author: naddy@openbsd.org <naddy@openbsd.org>
147Date: Wed Jul 20 10:45:27 2016 +0000
148
149 upstream commit
150
151 Do not clobber the global jump_host variables when
152 parsing an inactive configuration. ok djm@
153
154 Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31
155
156commit 32d921c323b989d28405e78d0a8923d12913d737
157Author: jmc@openbsd.org <jmc@openbsd.org>
158Date: Tue Jul 19 12:59:16 2016 +0000
159
160 upstream commit
161
162 tweak previous;
163
164 Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534
165
166commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025
167Author: dtucker@openbsd.org <dtucker@openbsd.org>
168Date: Tue Jul 19 11:38:53 2016 +0000
169
170 upstream commit
171
172 Allow wildcard for PermitOpen hosts as well as ports.
173 bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok
174 markus@
175
176 Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2
177
178commit b98a2a8348e907b3d71caafd80f0be8fdd075943
179Author: markus@openbsd.org <markus@openbsd.org>
180Date: Mon Jul 18 11:35:33 2016 +0000
181
182 upstream commit
183
184 Reduce timing attack against obsolete CBC modes by always
185 computing the MAC over a fixed size of data. Reported by Jean Paul
186 Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@
187
188 Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912
189
190commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc
191Author: Darren Tucker <dtucker@zip.com.au>
192Date: Thu Jul 21 14:17:31 2016 +1000
193
194 Search users for one with a valid salt.
195
196 If the root account is locked (eg password "!!" or "*LK*") keep looking
197 until we find a user with a valid salt to use for crypting passwords of
198 invalid users. ok djm@
199
200commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782
201Author: Darren Tucker <dtucker@zip.com.au>
202Date: Mon Jul 18 17:22:49 2016 +1000
203
204 Explicitly specify source files for regress tools.
205
206 Since adding $(REGRESSLIBS), $? is wrong because it includes only the
207 changed source files. $< seems like it'd be right however it doesn't
208 seem to work on some non-GNU makes, so do what works everywhere.
209
210commit eac1bbd06872c273f16ac0f9976b0aef026b701b
211Author: Darren Tucker <dtucker@zip.com.au>
212Date: Mon Jul 18 17:12:22 2016 +1000
213
214 Conditionally include err.h.
215
216commit 0a454147568746c503f669e1ba861f76a2e7a585
217Author: Darren Tucker <dtucker@zip.com.au>
218Date: Mon Jul 18 16:26:26 2016 +1000
219
220 Remove local implementation of err, errx.
221
222 We now have a shared implementation in libopenbsd-compat.
223
224commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1
225Author: djm@openbsd.org <djm@openbsd.org>
226Date: Mon Jul 18 06:08:01 2016 +0000
227
228 upstream commit
229
230 Add some unsigned overflow checks for extra_pad. None of
231 these are reachable with the amount of padding that we use internally.
232 bz#2566, pointed out by Torben Hansen. ok markus@
233
234 Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76
235
236commit c71ba790c304545464bb494de974cdf0f4b5cf1e
237Author: Darren Tucker <dtucker@zip.com.au>
238Date: Mon Jul 18 15:43:25 2016 +1000
239
240 Add dependency on libs for unit tests.
241
242 Makes "./configure && make tests" work again. ok djm@
243
244commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8
245Author: Darren Tucker <dtucker@zip.com.au>
246Date: Mon Jul 18 13:47:39 2016 +1000
247
248 Correct location for kexfuzz in clean target.
249
250commit 01558b7b07af43da774d3a11a5c51fa9c310849d
251Author: Darren Tucker <dtucker@zip.com.au>
252Date: Mon Jul 18 09:33:25 2016 +1000
253
254 Handle PAM_MAXTRIES from modules.
255
256 bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer
257 password and keyboard-interative authentication methods. Should prevent
258 "sshd ignoring max retries" warnings in the log. ok djm@
259
260 It probably won't trigger with keyboard-interactive in the default
261 configuration because the retry counter is stored in module-private
262 storage which goes away with the sshd PAM process (see bz#688). On the
263 other hand, those cases probably won't log a warning either.
264
265commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc
266Author: djm@openbsd.org <djm@openbsd.org>
267Date: Sun Jul 17 04:20:16 2016 +0000
268
269 upstream commit
270
271 support UTF-8 characters in ssh(1) banners using
272 schwarze@'s safe fmprintf printer; bz#2058
273
274 feedback schwarze@ ok dtucker@
275
276 Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
277
278commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7
279Author: jmc@openbsd.org <jmc@openbsd.org>
280Date: Sat Jul 16 06:57:55 2016 +0000
281
282 upstream commit
283
284 - add proxyjump to the options list - formatting fixes -
285 update usage()
286
287 ok djm
288
289 Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457
290
291commit af1f084857621f14bd9391aba8033d35886c2455
292Author: dtucker@openbsd.org <dtucker@openbsd.org>
293Date: Fri Jul 15 05:01:58 2016 +0000
294
295 upstream commit
296
297 Reduce the syslog level of some relatively common protocol
298 events from LOG_CRIT by replacing fatal() calls with logdie(). Part of
299 bz#2585, ok djm@
300
301 Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5
302
303commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f
304Author: Damien Miller <djm@mindrot.org>
305Date: Fri Jul 15 19:14:48 2016 +1000
306
307 missing openssl/dh.h
308
309commit 4a984fd342effe5f0aad874a0d538c4322d973c0
310Author: Damien Miller <djm@mindrot.org>
311Date: Fri Jul 15 18:47:07 2016 +1000
312
313 cast to avoid type warning in error message
314
315commit 5abfb15ced985c340359ae7fb65a625ed3692b3e
316Author: Darren Tucker <dtucker@zip.com.au>
317Date: Fri Jul 15 14:48:30 2016 +1000
318
319 Move VA_COPY macro into compat header.
320
321 Some AIX compilers unconditionally undefine va_copy but don't set it back
322 to an internal function, causing link errors. In some compat code we
323 already use VA_COPY instead so move the two existing instances into the
324 shared header and use for sshbuf-getput-basic.c too. Should fix building
325 with at lease some versions of AIX's compiler. bz#2589, ok djm@
326
327commit 832b7443b7a8e181c95898bc5d73497b7190decd
328Author: Damien Miller <djm@mindrot.org>
329Date: Fri Jul 15 14:45:34 2016 +1000
330
331 disable ciphers not supported by OpenSSL
332
333 bz#2466 ok dtucker@
334
335commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8
336Author: Damien Miller <djm@mindrot.org>
337Date: Fri Jul 15 13:54:31 2016 +1000
338
339 add a --disable-pkcs11 knob
340
341commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9
342Author: Damien Miller <djm@mindrot.org>
343Date: Fri Jul 15 13:44:38 2016 +1000
344
345 fix newline escaping for unsupported_algorithms
346
347 The hmac-ripemd160 was incorrect and could lead to broken
348 Makefiles on systems that lacked support for it, but I made
349 all the others consistent too.
350
351commit ed877ef653847d056bb433975d731b7a1132a979
352Author: djm@openbsd.org <djm@openbsd.org>
353Date: Fri Jul 15 00:24:30 2016 +0000
354
355 upstream commit
356
357 Add a ProxyJump ssh_config(5) option and corresponding -J
358 ssh(1) command-line flag to allow simplified indirection through a SSH
359 bastion or "jump host".
360
361 These options construct a proxy command that connects to the
362 specified jump host(s) (more than one may be specified) and uses
363 port-forwarding to establish a connection to the next destination.
364
365 This codifies the safest way of indirecting connections through SSH
366 servers and makes it easy to use.
367
368 ok markus@
369
370 Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397
371
372commit 5c02dd126206a26785379e80f2d3848e4470b711
373Author: Darren Tucker <dtucker@zip.com.au>
374Date: Fri Jul 15 12:56:39 2016 +1000
375
376 Map umac_ctx struct name too.
377
378 Prevents size mismatch linker warnings on Solaris 11.
379
380commit 283b97ff33ea2c641161950849931bd578de6946
381Author: Darren Tucker <dtucker@zip.com.au>
382Date: Fri Jul 15 13:49:44 2016 +1000
383
384 Mitigate timing of disallowed users PAM logins.
385
386 When sshd decides to not allow a login (eg PermitRootLogin=no) and
387 it's using PAM, it sends a fake password to PAM so that the timing for
388 the failure is not noticeably different whether or not the password
389 is correct. This behaviour can be detected by sending a very long
390 password string which is slower to hash than the fake password.
391
392 Mitigate by constructing an invalid password that is the same length
393 as the one from the client and thus takes the same time to hash.
394 Diff from djm@
395
396commit 9286875a73b2de7736b5e50692739d314cd8d9dc
397Author: Darren Tucker <dtucker@zip.com.au>
398Date: Fri Jul 15 13:32:45 2016 +1000
399
400 Determine appropriate salt for invalid users.
401
402 When sshd is processing a non-PAM login for a non-existent user it uses
403 the string from the fakepw structure as the salt for crypt(3)ing the
404 password supplied by the client. That string has a Blowfish prefix, so on
405 systems that don't understand that crypt will fail fast due to an invalid
406 salt, and even on those that do it may have significantly different timing
407 from the hash methods used for real accounts (eg sha512). This allows
408 user enumeration by, eg, sending large password strings. This was noted
409 by EddieEzra.Harari at verint.com (CVE-2016-6210).
410
411 To mitigate, use the same hash algorithm that root uses for hashing
412 passwords for users that do not exist on the system. ok djm@
413
414commit a162dd5e58ca5b224d7500abe35e1ef32b5de071
415Author: Darren Tucker <dtucker@zip.com.au>
416Date: Thu Jul 14 21:19:59 2016 +1000
417
418 OpenSSL 1.1.x not currently supported.
419
420commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb
421Author: Darren Tucker <dtucker@zip.com.au>
422Date: Thu Jul 14 12:25:24 2016 +1000
423
424 Check for VIS_ALL.
425
426 If we don't have it, set BROKEN_STRNVIS to activate the compat replacement.
427
428commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0
429Author: dtucker@openbsd.org <dtucker@openbsd.org>
430Date: Thu Jul 14 01:24:21 2016 +0000
431
432 upstream commit
433
434 Correct equal in test.
435
436 Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a
437
438commit 372807c2065c8572fdc6478b25cc5ac363743073
439Author: tb@openbsd.org <tb@openbsd.org>
440Date: Mon Jul 11 21:38:13 2016 +0000
441
442 upstream commit
443
444 Add missing "recvfd" pledge promise: Raf Czlonka reported
445 ssh coredumps when Control* keywords were set in ssh_config. This patch also
446 fixes similar problems with scp and sftp.
447
448 ok deraadt, looks good to millert
449
450 Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b
451
452commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd
453Author: tedu@openbsd.org <tedu@openbsd.org>
454Date: Mon Jul 11 03:19:44 2016 +0000
455
456 upstream commit
457
458 obsolete note about fascistloggin is obsolete. ok djm
459 dtucker
460
461 Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a
462
463commit a2333584170a565adf4f209586772ef8053b10b8
464Author: Darren Tucker <dtucker@zip.com.au>
465Date: Thu Jul 14 10:59:09 2016 +1000
466
467 Add compat code for missing wcwidth.
468
469 If we don't have wcwidth force fallback implementations of nl_langinfo
470 and mbtowc. Based on advice from Ingo Schwarze.
471
472commit 8aaec7050614494014c47510b7e94daf6e644c62
473Author: Damien Miller <djm@mindrot.org>
474Date: Thu Jul 14 09:48:48 2016 +1000
475
476 fix missing include for systems with err.h
477
478commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243
479Author: Darren Tucker <dtucker@zip.com.au>
480Date: Wed Jul 13 14:42:35 2016 +1000
481
482 Move err.h replacements into compat lib.
483
484 Move implementations of err.h replacement functions into their own file
485 in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@
486
487commit f3f2cc8386868f51440c45210098f65f9787449a
488Author: Darren Tucker <dtucker@zip.com.au>
489Date: Mon Jul 11 17:23:38 2016 +1000
490
491 Check for wchar.h and langinfo.h
492
493 Wrap includes in the appropriate #ifdefs.
494
495commit b9c50614eba9d90939b2b119b6e1b7e03b462278
496Author: Damien Miller <djm@mindrot.org>
497Date: Fri Jul 8 13:59:13 2016 +1000
498
499 whitelist more architectures for seccomp-bpf
500
501 bz#2590 - testing and patch from Jakub Jelen
502
503commit 18813a32b6fd964037e0f5e1893cb4468ac6a758
504Author: guenther@openbsd.org <guenther@openbsd.org>
505Date: Mon Jul 4 18:01:44 2016 +0000
506
507 upstream commit
508
509 DEBUGLIBS has been broken since the gcc4 switch, so delete
510 it. CFLAGS contains -g by default anyway
511
512 problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
513 ok millert@ kettenis@ deraadt@
514
515 Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542
516
517commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7
518Author: djm@openbsd.org <djm@openbsd.org>
519Date: Fri Jul 8 03:44:42 2016 +0000
520
521 upstream commit
522
523 Improve crypto ordering for Encrypt-then-MAC (EtM) mode
524 MAC algorithms.
525
526 Previously we were computing the MAC, decrypting the packet and then
527 checking the MAC. This gave rise to the possibility of creating a
528 side-channel oracle in the decryption step, though no such oracle has
529 been identified.
530
531 This adds a mac_check() function that computes and checks the MAC in
532 one pass, and uses it to advance MAC checking for EtM algorithms to
533 before payload decryption.
534
535 Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and
536 Martin Albrecht. feedback and ok markus@
537
538 Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b
539
540commit 71f5598f06941f645a451948c4a5125c83828e1c
541Author: guenther@openbsd.org <guenther@openbsd.org>
542Date: Mon Jul 4 18:01:44 2016 +0000
543
544 upstream commit
545
546 DEBUGLIBS has been broken since the gcc4 switch, so
547 delete it. CFLAGS contains -g by default anyway
548
549 problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
550 ok millert@ kettenis@ deraadt@
551
552 Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603
553
554commit e683fc6f1c8c7295648dbda679df8307786ec1ce
555Author: dtucker@openbsd.org <dtucker@openbsd.org>
556Date: Thu Jun 30 05:17:05 2016 +0000
557
558 upstream commit
559
560 Explicitly check for 100% completion to avoid potential
561 floating point rounding error, which could cause progressmeter to report 99%
562 on completion. While there invert the test so the 100% case is clearer. with
563 & ok djm@
564
565 Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d
566
567commit 772e6cec0ed740fc7db618dc30b4134f5a358b43
568Author: jmc@openbsd.org <jmc@openbsd.org>
569Date: Wed Jun 29 17:14:28 2016 +0000
570
571 upstream commit
572
573 sort the -o list;
574
575 Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac
576
577commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af
578Author: djm@openbsd.org <djm@openbsd.org>
579Date: Thu Jun 23 05:17:51 2016 +0000
580
581 upstream commit
582
583 fix AuthenticationMethods during configuration re-parse;
584 reported by Juan Francisco Cantero Hurtado
585
586 Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4
587
588commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e
589Author: djm@openbsd.org <djm@openbsd.org>
590Date: Sun Jun 19 07:48:02 2016 +0000
591
592 upstream commit
593
594 revert 1.34; causes problems loading public keys
595
596 reported by semarie@
597
598 Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179
599
600commit ad23a75509f4320d43f628c50f0817e3ad12bfa7
601Author: jmc@openbsd.org <jmc@openbsd.org>
602Date: Fri Jun 17 06:33:30 2016 +0000
603
604 upstream commit
605
606 grammar fix;
607
608 Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463
609
610commit 5e28b1a2a3757548b40018cc2493540a17c82e27
611Author: djm@openbsd.org <djm@openbsd.org>
612Date: Fri Jun 17 05:06:23 2016 +0000
613
614 upstream commit
615
616 translate OpenSSL error codes to something more
617 meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
618
619 Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5
620
621commit b64faeb5eda7eff8210c754d00464f9fe9d23de5
622Author: djm@openbsd.org <djm@openbsd.org>
623Date: Fri Jun 17 05:03:40 2016 +0000
624
625 upstream commit
626
627 ban AuthenticationMethods="" and accept
628 AuthenticationMethods=any for the default behaviour of not requiring multiple
629 authentication
630
631 bz#2398 from Jakub Jelen; ok dtucker@
632
633 Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27
634
635commit 9816fc5daee5ca924dd5c4781825afbaab728877
636Author: dtucker@openbsd.org <dtucker@openbsd.org>
637Date: Thu Jun 16 11:00:17 2016 +0000
638
639 upstream commit
640
641 Include stdarg.h for va_copy as per man page.
642
643 Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd
644
645commit b6cf84b51bc0f5889db48bf29a0c771954ade283
646Author: jmc@openbsd.org <jmc@openbsd.org>
647Date: Thu Jun 16 06:10:45 2016 +0000
648
649 upstream commit
650
651 keys stored in openssh format can have comments too; diff
652 from yonas yanfa, tweaked a bit;
653
654 ok djm
655
656 Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27
657
658commit aa37768f17d01974b6bfa481e5e83841b6c76f86
659Author: Darren Tucker <dtucker@zip.com.au>
660Date: Mon Jun 20 15:55:34 2016 +1000
661
662 get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX
663
664 Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip
665 change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX.
666 Fixes build on AIX.
667
668commit 009891afc8df37bc2101e15d1e0b6433cfb90549
669Author: Darren Tucker <dtucker@zip.com.au>
670Date: Fri Jun 17 14:34:09 2016 +1000
671
672 Remove duplicate code from PAM. ok djm@
673
674commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba
675Author: dtucker@openbsd.org <dtucker@openbsd.org>
676Date: Wed Jun 15 00:40:40 2016 +0000
677
678 upstream commit
679
680 Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message
681 about forward and reverse DNS not matching. We haven't supported IP-based
682 auth methods for a very long time so it's now misleading. part of bz#2585,
683 ok markus@
684
685 Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29
686
687commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd
688Author: Darren Tucker <dtucker@zip.com.au>
689Date: Wed Jun 15 11:22:38 2016 +1000
690
691 Move platform_disable_tracing into its own file.
692
693 Prevents link errors resolving the extern "options" when platform.o
694 gets linked into ssh-agent when building --with-pam.
695
696commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070
697Author: Darren Tucker <dtucker@zip.com.au>
698Date: Tue Jun 14 13:55:12 2016 +1000
699
700 Track skipped upstream commit IDs.
701
702 There are a small number of "upstream" commits that do not correspond to
703 a file in -portable. This file tracks those so that we can reconcile
704 OpenBSD and Portable to ensure that no commits are accidentally missed.
705
706 If you add something to .skipped-commit-ids please also add an upstream
707 ID line in the following format when you commit it.
708
709 Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35
710 Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca
711 Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7
712 Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120
713 Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a
714 Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef
715 Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2
716 Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660
717 Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae
718 Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee
719
720commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f
721Author: Darren Tucker <dtucker@zip.com.au>
722Date: Tue Jun 14 13:51:01 2016 +1000
723
724 Remove now-defunct .cvsignore files. ok djm
725
726commit 68777faf271efb2713960605c748f6c8a4b26d55
727Author: dtucker@openbsd.org <dtucker@openbsd.org>
728Date: Wed Jun 8 02:13:01 2016 +0000
729
730 upstream commit
731
732 Back out rev 1.28 "Check min and max sizes sent by the
733 client" change. It caused "key_verify failed for server_host_key" in clients
734 that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY.
735 ok djm@
736
737 Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65
738
739commit a86ec4d0737ac5879223e7cd9d68c448df46e169
740Author: Darren Tucker <dtucker@zip.com.au>
741Date: Tue Jun 14 10:48:27 2016 +1000
742
743 Use Solaris setpflags(__PROC_PROTECT, ...).
744
745 Where possible, use Solaris setpflags to disable process tracing on
746 ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee
747 at oracle.com, ok djm.
748
749commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573
750Author: Darren Tucker <dtucker@zip.com.au>
751Date: Tue Jun 14 10:43:53 2016 +1000
752
753 Shorten prctl code a tiny bit.
754
755commit 0fb7f5985351fbbcd2613d8485482c538e5123be
756Author: Darren Tucker <dtucker@zip.com.au>
757Date: Thu Jun 9 16:23:07 2016 +1000
758
759 Move prctl PR_SET_DUMPABLE into platform.c.
760
761 This should make it easier to add additional platform support such as
762 Solaris (bz#2584).
763
764commit e6508898c3cd838324ecfe1abd0eb8cf802e7106
765Author: dtucker@openbsd.org <dtucker@openbsd.org>
766Date: Fri Jun 3 04:10:41 2016 +0000
767
768 upstream commit
769
770 Add a test for ssh(1)'s config file parsing.
771
772 Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601
773
774commit ab0a536066dfa32def0bd7272c096ebb5eb25b11
775Author: dtucker@openbsd.org <dtucker@openbsd.org>
776Date: Fri Jun 3 03:47:59 2016 +0000
777
778 upstream commit
779
780 Add 'sshd' to the test ID as I'm about to add a similar
781 set for ssh.
782
783 Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a
784
785commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb
786Author: schwarze@openbsd.org <schwarze@openbsd.org>
787Date: Mon May 30 12:14:08 2016 +0000
788
789 upstream commit
790
791 stricter malloc.conf(5) options for utf8 tests
792
793 Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6
794
795commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc
796Author: schwarze@openbsd.org <schwarze@openbsd.org>
797Date: Mon May 30 12:05:56 2016 +0000
798
799 upstream commit
800
801 Fix two rare edge cases: 1. If vasprintf() returns < 0,
802 do not access a NULL pointer in snmprintf(), and do not free() the pointer
803 returned from vasprintf() because on some systems other than OpenBSD, it
804 might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
805 rather than -1 and NULL.
806
807 Besides, free(dst) is pointless after failure (not a bug).
808
809 One half OK martijn@, the other half OK deraadt@;
810 committing quickly before people get hurt.
811
812 Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4
813
814commit 016881eb33a7948028848c90f4c7ac42e3af0e87
815Author: schwarze@openbsd.org <schwarze@openbsd.org>
816Date: Thu May 26 19:14:25 2016 +0000
817
818 upstream commit
819
820 test the new utf8 module
821
822 Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3
823
824commit d4219028bdef448e089376f3afe81ef6079da264
825Author: dtucker@openbsd.org <dtucker@openbsd.org>
826Date: Tue May 3 15:30:46 2016 +0000
827
828 upstream commit
829
830 Set umask to prevent "Bad owner or permissions" errors.
831
832 Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417
833
834commit 07d5608bb237e9b3fe86a2aeaa429392230faebf
835Author: djm@openbsd.org <djm@openbsd.org>
836Date: Tue May 3 14:41:04 2016 +0000
837
838 upstream commit
839
840 support doas
841
842 Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38
843
844commit 01cabf10adc7676cba5f40536a34d3b246edb73f
845Author: djm@openbsd.org <djm@openbsd.org>
846Date: Tue May 3 13:48:33 2016 +0000
847
848 upstream commit
849
850 unit tests for sshbuf_dup_string()
851
852 Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d
853
854commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372
855Author: jmc@openbsd.org <jmc@openbsd.org>
856Date: Fri Jun 3 06:44:12 2016 +0000
857
858 upstream commit
859
860 tweak previous;
861
862 Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698
863
864commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4
865Author: dtucker@openbsd.org <dtucker@openbsd.org>
866Date: Fri Jun 3 04:09:38 2016 +0000
867
868 upstream commit
869
870 Allow ExitOnForwardFailure and ClearAllForwardings to be
871 overridden when using ssh -W (but still default to yes in that case).
872 bz#2577, ok djm@.
873
874 Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4
875
876commit 8543ff3f5020fe659839b15f05b8c522bde6cee5
877Author: dtucker@openbsd.org <dtucker@openbsd.org>
878Date: Fri Jun 3 03:14:41 2016 +0000
879
880 upstream commit
881
882 Move the host and port used by ssh -W into the Options
883 struct. This will make future changes a bit easier. ok djm@
884
885 Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382
886
887commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368
888Author: dtucker@openbsd.org <dtucker@openbsd.org>
889Date: Wed Jun 1 04:19:49 2016 +0000
890
891 upstream commit
892
893 Check min and max sizes sent by the client against what
894 we support before passing them to the monitor. ok djm@
895
896 Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece
897
898commit 564cd2a8926ccb1dca43a535073540935b5e0373
899Author: dtucker@openbsd.org <dtucker@openbsd.org>
900Date: Tue May 31 23:46:14 2016 +0000
901
902 upstream commit
903
904 Ensure that the client's proposed DH-GEX max value is at
905 least as big as the minimum the server will accept. ok djm@
906
907 Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775
908
909commit df820722e40309c9b3f360ea4ed47a584ed74333
910Author: Darren Tucker <dtucker@zip.com.au>
911Date: Mon Jun 6 11:36:13 2016 +1000
912
913 Add compat bits to utf8.c.
914
915commit 05c6574652571becfe9d924226c967a3f4b3f879
916Author: Darren Tucker <dtucker@zip.com.au>
917Date: Mon Jun 6 11:33:43 2016 +1000
918
919 Fix utf->utf8 typo.
920
921commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce
922Author: schwarze@openbsd.org <schwarze@openbsd.org>
923Date: Mon May 30 18:34:41 2016 +0000
924
925 upstream commit
926
927 Backout rev. 1.43 for now.
928
929 The function update_progress_meter() calls refresh_progress_meter()
930 which calls snmprintf() which calls malloc(); but update_progress_meter()
931 acts as the SIGALRM signal handler.
932
933 "malloc(): error: recursive call" reported by sobrado@.
934
935 Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e
936
937commit cd9e1eabeb4137182200035ab6fa4522f8d24044
938Author: schwarze@openbsd.org <schwarze@openbsd.org>
939Date: Mon May 30 12:57:21 2016 +0000
940
941 upstream commit
942
943 Even when only writing an unescaped character, the dst
944 buffer may need to grow, or it would be overrun; issue found by tb@ with
945 malloc.conf(5) 'C'.
946
947 While here, reserve an additional byte for the terminating NUL
948 up front such that we don't have to realloc() later just for that.
949
950 OK tb@
951
952 Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff
953
954commit ac284a355f8065eaef2a16f446f3c44cdd17371d
955Author: schwarze@openbsd.org <schwarze@openbsd.org>
956Date: Mon May 30 12:05:56 2016 +0000
957
958 upstream commit
959
960 Fix two rare edge cases: 1. If vasprintf() returns < 0,
961 do not access a NULL pointer in snmprintf(), and do not free() the pointer
962 returned from vasprintf() because on some systems other than OpenBSD, it
963 might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
964 rather than -1 and NULL.
965
966 Besides, free(dst) is pointless after failure (not a bug).
967
968 One half OK martijn@, the other half OK deraadt@;
969 committing quickly before people get hurt.
970
971 Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0
972
973commit 0e059cdf5fd86297546c63fa8607c24059118832
974Author: schwarze@openbsd.org <schwarze@openbsd.org>
975Date: Wed May 25 23:48:45 2016 +0000
976
977 upstream commit
978
979 To prevent screwing up terminal settings when printing to
980 the terminal, for ASCII and UTF-8, escape bytes not forming characters and
981 bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
982 character sets, abort printing of the current string in these cases. In
983 particular, * let scp(1) respect the local user's LC_CTYPE locale(1); *
984 sanitize data received from the remote host; * sanitize filenames, usernames,
985 and similar data even locally; * take character display widths into account
986 for the progressmeter.
987
988 This is believed to be sufficient to keep the local terminal safe
989 on OpenBSD, but bad things can still happen on other systems with
990 state-dependent locales because many places in the code print
991 unencoded ASCII characters into the output stream.
992
993 Using feedback from djm@ and martijn@,
994 various aspects discussed with many others.
995
996 deraadt@ says it should go in now, i probably already hesitated too long
997
998 Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
999
1000commit 8c02e3639acefe1e447e293dbe23a0917abd3734
1001Author: dtucker@openbsd.org <dtucker@openbsd.org>
1002Date: Tue May 24 04:43:45 2016 +0000
1003
1004 upstream commit
1005
1006 KNF compression proposal and simplify the client side a
1007 little. ok djm@
1008
1009 Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
1010
1011commit 7ec4946fb686813eb5f8c57397e465f5485159f4
1012Author: dtucker@openbsd.org <dtucker@openbsd.org>
1013Date: Tue May 24 02:31:57 2016 +0000
1014
1015 upstream commit
1016
1017 Back out 'plug memleak'.
1018
1019 Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
1020
1021commit 82f24c3ddc52053aeb7beb3332fa94c92014b0c5
1022Author: djm@openbsd.org <djm@openbsd.org>
1023Date: Mon May 23 23:30:50 2016 +0000
1024
1025 upstream commit
1026
1027 prefer agent-hosted keys to keys from PKCS#11; ok markus
1028
1029 Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
1030
1031commit a0cb7778fbc9b43458f7072eb68dd858766384d1
1032Author: dtucker@openbsd.org <dtucker@openbsd.org>
1033Date: Mon May 23 00:17:27 2016 +0000
1034
1035 upstream commit
1036
1037 Plug mem leak in filter_proposal. ok djm@
1038
1039 Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
1040
1041commit ae9c0d4d5c581b3040d1f16b5c5f4b1cd1616743
1042Author: Darren Tucker <dtucker@zip.com.au>
1043Date: Fri Jun 3 16:03:44 2016 +1000
1044
1045 Update vis.h and vis.c from OpenBSD.
1046
1047 This will be needed for the upcoming utf8 changes.
1048
1049commit e1d93705f8f48f519433d6ca9fc3d0abe92a1b77
1050Author: Tim Rice <tim@multitalents.net>
1051Date: Tue May 31 11:13:22 2016 -0700
1052
1053 modified: configure.ac
1054 whitspace clean up. No code changes.
1055
1056commit 604a037d84e41e31f0aec9075df0b8740c130200
1057Author: Damien Miller <djm@mindrot.org>
1058Date: Tue May 31 16:45:28 2016 +1000
1059
1060 whitespace at EOL
1061
1062commit 18424200160ff5c923113e0a37ebe21ab7bcd17c
1063Author: Darren Tucker <dtucker@zip.com.au>
1064Date: Mon May 30 19:35:28 2016 +1000
1065
1066 Add missing ssh-host-config --name option
1067
1068 Patch from vinschen@redhat.com.
1069
1070commit 39c0cecaa188a37a2e134795caa68e03f3ced592
1071Author: Darren Tucker <dtucker@zip.com.au>
1072Date: Fri May 20 10:01:58 2016 +1000
1073
1074 Fix comment about sshpam_const and AIX.
1075
1076 From mschwager via github.
1077
1078commit f64062b1f74ad5ee20a8a49aab2732efd0f7ce30
1079Author: Damien Miller <djm@mindrot.org>
1080Date: Fri May 20 09:56:53 2016 +1000
1081
1082 Deny lstat syscalls in seccomp sandbox
1083
1084 Avoids sandbox violations for some krb/gssapi libraries.
1085
1086commit 531c135409b8d8810795b1f3692a4ebfd5c9cae0
1087Author: djm@openbsd.org <djm@openbsd.org>
1088Date: Thu May 19 07:45:32 2016 +0000
1089
1090 upstream commit
1091
1092 fix type of ed25519 values
1093
1094 Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0
1095
1096commit 75e21688f523799c9e0cc6601d76a9c5ca79f787
1097Author: markus@openbsd.org <markus@openbsd.org>
1098Date: Wed May 4 14:32:26 2016 +0000
1099
1100 upstream commit
1101
1102 add IdentityAgent; noticed & ok jmc@
1103
1104 Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a
1105
1106commit 1a75d14daf4b60db903e6103cf50e74e0cd0a76b
1107Author: markus@openbsd.org <markus@openbsd.org>
1108Date: Wed May 4 14:29:58 2016 +0000
1109
1110 upstream commit
1111
1112 allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@
1113
1114 Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac
1115
1116commit 0516454151ae722fc8256c3c56115c6baf24c5b0
1117Author: markus@openbsd.org <markus@openbsd.org>
1118Date: Wed May 4 14:22:33 2016 +0000
1119
1120 upstream commit
1121
1122 move SSH_MSG_NONE, so we don't have to include ssh1.h;
1123 ok deraadt@
1124
1125 Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
1126
1127commit 332ff3d770631e7513fea38cf0d3689f673f0e3f
1128Author: Damien Miller <djm@mindrot.org>
1129Date: Tue May 10 09:51:06 2016 +1000
1130
1131 initialise salen in binresvport_sa
1132
1133 avoids failures with UsePrivilegedPort=yes
1134
1135 patch from Juan Gallego
1136
1137commit c5c1d5d2f04ce00d2ddd6647e61b32f28be39804
1138Author: markus@openbsd.org <markus@openbsd.org>
1139Date: Wed May 4 14:04:40 2016 +0000
1140
1141 upstream commit
1142
1143 missing const in prototypes (ssh1)
1144
1145 Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05
1146
1147commit 9faae50e2e82ba42eb0cb2726bf6830fe7948f28
1148Author: dtucker@openbsd.org <dtucker@openbsd.org>
1149Date: Wed May 4 14:00:09 2016 +0000
1150
1151 upstream commit
1152
1153 Fix inverted logic for updating StreamLocalBindMask which
1154 would cause the server to set an invalid mask. ok djm@
1155
1156 Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587
1157
1158commit b02ad1ce9105bfa7394ac7590c0729dd52e26a81
1159Author: markus@openbsd.org <markus@openbsd.org>
1160Date: Wed May 4 12:21:53 2016 +0000
1161
1162 upstream commit
1163
1164 IdentityAgent for specifying specific agent sockets; ok
1165 djm@
1166
1167 Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1
1168
1169commit 910e59bba09ac309d78ce61e356da35292212935
1170Author: djm@openbsd.org <djm@openbsd.org>
1171Date: Wed May 4 12:16:39 2016 +0000
1172
1173 upstream commit
1174
1175 fix junk characters after quotes
1176
1177 Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578
1178
1179commit 9283884e647b8be50ccd2997537af0065672107d
1180Author: jmc@openbsd.org <jmc@openbsd.org>
1181Date: Tue May 3 18:38:12 2016 +0000
1182
1183 upstream commit
1184
1185 correct article;
1186
1187 Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168
1188
1189commit cfefbcea1057c2623e76c579174a4107a0b6e6cd
1190Author: djm@openbsd.org <djm@openbsd.org>
1191Date: Tue May 3 15:57:39 2016 +0000
1192
1193 upstream commit
1194
1195 fix overriding of StreamLocalBindMask and
1196 StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes
1197
1198 Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2
1199
1200commit 771c2f51ffc0c9a2877b7892fada0c77bd1f6549
1201Author: djm@openbsd.org <djm@openbsd.org>
1202Date: Tue May 3 15:25:06 2016 +0000
1203
1204 upstream commit
1205
1206 don't forget to include StreamLocalBindUnlink in the
1207 config dump output
1208
1209 Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb
1210
1211commit cdcd941994dc430f50d0a4e6a712d32b66e6199e
1212Author: djm@openbsd.org <djm@openbsd.org>
1213Date: Tue May 3 14:54:08 2016 +0000
1214
1215 upstream commit
1216
1217 make nethack^wrandomart fingerprint flag more readily
1218 searchable pointed out by Matt Johnston
1219
1220 Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb
1221
1222commit 05855bf2ce7d5cd0a6db18bc0b4214ed5ef7516d
1223Author: djm@openbsd.org <djm@openbsd.org>
1224Date: Tue May 3 13:10:24 2016 +0000
1225
1226 upstream commit
1227
1228 clarify ordering of subkeys; pointed out by ietf-ssh AT
1229 stbuehler.de
1230
1231 Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463
1232
1233commit cca3b4395807bfb7aaeb83d2838f5c062ce30566
1234Author: dtucker@openbsd.org <dtucker@openbsd.org>
1235Date: Tue May 3 12:15:49 2016 +0000
1236
1237 upstream commit
1238
1239 Use a subshell for constructing key types to work around
1240 different sed behaviours for -portable.
1241
1242 Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d
1243
1244commit fa58208c6502dcce3e0daac0ca991ee657daf1f5
1245Author: djm@openbsd.org <djm@openbsd.org>
1246Date: Tue May 3 10:27:59 2016 +0000
1247
1248 upstream commit
1249
1250 correct some typos and remove a long-stale XXX note.
1251
1252 add specification for ed25519 certificates
1253
1254 mention no host certificate options/extensions are currently defined
1255
1256 pointed out by Simon Tatham
1257
1258 Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a
1259
1260commit b466f956c32cbaff4200bfcd5db6739fe4bc7d04
1261Author: djm@openbsd.org <djm@openbsd.org>
1262Date: Tue May 3 10:24:27 2016 +0000
1263
1264 upstream commit
1265
1266 add ed25519 keys that are supported but missing from this
1267 documents; from Peter Moody
1268
1269 Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b
1270
1271commit 7f3d76319a69dab2efe3a520a8fef5b97e923636
1272Author: dtucker@openbsd.org <dtucker@openbsd.org>
1273Date: Tue May 3 09:03:49 2016 +0000
1274
1275 upstream commit
1276
1277 Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. Patch
1278 from Simon Tatham, ok markus@
1279
1280 Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8
1281
1282commit 31bc01c05d9f51bee3ebe33dc57c4fafb059fb62
1283Author: djm@openbsd.org <djm@openbsd.org>
1284Date: Mon May 2 14:10:58 2016 +0000
1285
1286 upstream commit
1287
1288 unbreak config parsing on reexec from previous commit
1289
1290 Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab
1291
1292commit 67f1459efd2e85bf03d032539283fa8107218936
1293Author: djm@openbsd.org <djm@openbsd.org>
1294Date: Mon May 2 09:52:00 2016 +0000
1295
1296 upstream commit
1297
1298 unit and regress tests for SHA256/512; ok markus
1299
1300 Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6
1301
1302commit 0e8eeec8e75f6d0eaf33317376f773160018a9c7
1303Author: djm@openbsd.org <djm@openbsd.org>
1304Date: Mon May 2 10:26:04 2016 +0000
1305
1306 upstream commit
1307
1308 add support for additional fixed DH groups from
1309 draft-ietf-curdle-ssh-kex-sha2-03
1310
1311 diffie-hellman-group14-sha256 (2K group)
1312 diffie-hellman-group16-sha512 (4K group)
1313 diffie-hellman-group18-sha512 (8K group)
1314
1315 based on patch from Mark D. Baushke and Darren Tucker
1316 ok markus@
1317
1318 Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
1319
1320commit 57464e3934ba53ad8590ee3ccd840f693407fc1e
1321Author: djm@openbsd.org <djm@openbsd.org>
1322Date: Mon May 2 09:36:42 2016 +0000
1323
1324 upstream commit
1325
1326 support SHA256 and SHA512 RSA signatures in certificates;
1327 ok markus@
1328
1329 Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
1330
1331commit 1a31d02b2411c4718de58ce796dbb7b5e14db93e
1332Author: djm@openbsd.org <djm@openbsd.org>
1333Date: Mon May 2 08:49:03 2016 +0000
1334
1335 upstream commit
1336
1337 fix signed/unsigned errors reported by clang-3.7; add
1338 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
1339 better safety checking; feedback and ok markus@
1340
1341 Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
1342
1343commit d2d6bf864e52af8491a60dd507f85b74361f5da3
1344Author: djm@openbsd.org <djm@openbsd.org>
1345Date: Fri Apr 29 08:07:53 2016 +0000
1346
1347 upstream commit
1348
1349 close ControlPersist background process stderr when not
1350 in debug mode or when logging to a file or syslog. bz#1988 ok dtucker
1351
1352 Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24
1353
1354commit 9ee692fa1146e887e008a2b9a3d3ea81770c9fc8
1355Author: djm@openbsd.org <djm@openbsd.org>
1356Date: Thu Apr 28 14:30:21 2016 +0000
1357
1358 upstream commit
1359
1360 fix comment
1361
1362 Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
1363
1364commit ee1e0a16ff2ba41a4d203c7670b54644b6c57fa6
1365Author: jmc@openbsd.org <jmc@openbsd.org>
1366Date: Wed Apr 27 13:53:48 2016 +0000
1367
1368 upstream commit
1369
1370 cidr permitted for {allow,deny}users; from lars nooden ok djm
1371
1372 Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11
1373
1374commit b6e0140a5aa883c27b98415bd8aa9f65fc04ee22
1375Author: djm@openbsd.org <djm@openbsd.org>
1376Date: Thu Apr 21 06:08:02 2016 +0000
1377
1378 upstream commit
1379
1380 make argument == NULL tests more consistent
1381
1382 Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d
1383
1384commit 6aaabc2b610e44bae473457ad9556ffb43d90ee3
1385Author: jmc@openbsd.org <jmc@openbsd.org>
1386Date: Sun Apr 17 14:34:46 2016 +0000
1387
1388 upstream commit
1389
1390 tweak previous;
1391
1392 Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f
1393
1394commit 0f839e5969efa3bda615991be8a9d9311554c573
1395Author: djm@openbsd.org <djm@openbsd.org>
1396Date: Fri Apr 15 02:57:10 2016 +0000
1397
1398 upstream commit
1399
1400 missing bit of Include regress
1401
1402 Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f
1403
1404commit 12e4ac46aed681da55c2bba3cd11dfcab23591be
1405Author: djm@openbsd.org <djm@openbsd.org>
1406Date: Fri Apr 15 02:55:53 2016 +0000
1407
1408 upstream commit
1409
1410 remove redundant CLEANFILES section
1411
1412 Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587
1413
1414commit b1d05aa653ae560c44baf8e8a9756e33f98ea75c
1415Author: djm@openbsd.org <djm@openbsd.org>
1416Date: Fri Apr 15 00:48:01 2016 +0000
1417
1418 upstream commit
1419
1420 sync CLEANFILES with portable, sort
1421
1422 Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed
1423
1424commit 35f22dad263cce5c61d933ae439998cb965b8748
1425Author: djm@openbsd.org <djm@openbsd.org>
1426Date: Fri Apr 15 00:31:10 2016 +0000
1427
1428 upstream commit
1429
1430 regression test for ssh_config Include directive
1431
1432 Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e
1433
1434commit 6b8a1a87005818d4700ce8b42faef746e82c1f51
1435Author: djm@openbsd.org <djm@openbsd.org>
1436Date: Thu Apr 14 23:57:17 2016 +0000
1437
1438 upstream commit
1439
1440 unbreak test for recent ssh de-duplicated forwarding
1441 change
1442
1443 Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3
1444
1445commit 076787702418985a2cc6808212dc28ce7afc01f0
1446Author: djm@openbsd.org <djm@openbsd.org>
1447Date: Thu Apr 14 23:21:42 2016 +0000
1448
1449 upstream commit
1450
1451 add test knob and warning for StrictModes
1452
1453 Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682
1454
1455commit dc7990be865450574c7940c9880567f5d2555b37
1456Author: djm@openbsd.org <djm@openbsd.org>
1457Date: Fri Apr 15 00:30:19 2016 +0000
1458
1459 upstream commit
1460
1461 Include directive for ssh_config(5); feedback & ok markus@
1462
1463 Upstream-ID: ae3b76e2e343322b9f74acde6f1e1c5f027d5fff
1464
1465commit 85bdcd7c92fe7ff133bbc4e10a65c91810f88755
1466Author: Damien Miller <djm@mindrot.org>
1467Date: Wed Apr 13 10:39:57 2016 +1000
1468
1469 ignore PAM environment vars when UseLogin=yes
1470
1471 If PAM is configured to read user-specified environment variables
1472 and UseLogin=yes in sshd_config, then a hostile local user may
1473 attack /bin/login via LD_PRELOAD or similar environment variables
1474 set via PAM.
1475
1476 CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
1477
1478commit dce19bf6e4a2a3d0b13a81224de63fc316461ab9
1479Author: djm@openbsd.org <djm@openbsd.org>
1480Date: Sat Apr 9 12:39:30 2016 +0000
1481
1482 upstream commit
1483
1484 make private key loading functions consistently handle NULL
1485 key pointer arguments; ok markus@
1486
1487 Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
1488
1489commit 5f41f030e2feb5295657285aa8c6602c7810bc4b
1490Author: Darren Tucker <dtucker@zip.com.au>
1491Date: Fri Apr 8 21:14:13 2016 +1000
1492
1493 Remove NO_IPPORT_RESERVED_CONCEPT
1494
1495 Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have
1496 the same effect without causing problems syncing patches with OpenBSD.
1497 Resync the two affected functions with OpenBSD. ok djm, sanity checked
1498 by Corinna.
1499
1500commit 34a01b2cf737d946ddb140618e28c3048ab7a229
1501Author: djm@openbsd.org <djm@openbsd.org>
1502Date: Fri Apr 8 08:19:17 2016 +0000
1503
1504 upstream commit
1505
1506 whitespace at EOL
1507
1508 Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6
1509
1510commit 90ee563fa6b54c59896c6c332c5188f866c5e75f
1511Author: djm@openbsd.org <djm@openbsd.org>
1512Date: Fri Apr 8 06:35:54 2016 +0000
1513
1514 upstream commit
1515
1516 We accidentally send an empty string and a zero uint32 with
1517 every direct-streamlocal@openssh.com channel open, in contravention of our
1518 own spec.
1519
1520 Fixing this is too hard wrt existing versions that expect these
1521 fields to be present and fatal() if they aren't, so document them
1522 as "reserved" fields in the PROTOCOL spec as though we always
1523 intended this and let us never speak of it again.
1524
1525 bz#2529, reported by Ron Frederick
1526
1527 Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7
1528
1529commit 0ccbd5eca0f0dd78e71a4b69c66f03a66908d558
1530Author: djm@openbsd.org <djm@openbsd.org>
1531Date: Wed Apr 6 06:42:17 2016 +0000
1532
1533 upstream commit
1534
1535 don't record duplicate LocalForward and RemoteForward
1536 entries; fixes failure with ExitOnForwardFailure+hostname canonicalisation
1537 where the same forwards are added on the second pass through the
1538 configuration file. bz#2562; ok dtucker@
1539
1540 Upstream-ID: 40a51d68b6300f1cc61deecdb7d4847b8b7b0de1
1541
1542commit 574def0eb493cd6efeffd4ff2e9257abcffee0c8
1543Author: krw@openbsd.org <krw@openbsd.org>
1544Date: Sat Apr 2 14:37:42 2016 +0000
1545
1546 upstream commit
1547
1548 Another use for fcntl() and thus of the superfluous 3rd
1549 parameter is when sanitising standard fd's before calling daemon().
1550
1551 Use a tweaked version of the ssh(1) function in all three places
1552 found using fcntl() this way.
1553
1554 ok jca@ beck@
1555
1556 Upstream-ID: f16811ffa19a1c5f4ef383c5f0fecb843c84e218
1557
1558commit b3413534aa9d71a941005df2760d1eec2c2b0854
1559Author: Darren Tucker <dtucker@zip.com.au>
1560Date: Mon Apr 4 11:09:21 2016 +1000
1561
1562 Tidy up openssl header test.
1563
1564commit 815bcac0b94bb448de5acdd6ba925b8725240b4f
1565Author: Darren Tucker <dtucker@zip.com.au>
1566Date: Mon Apr 4 11:07:59 2016 +1000
1567
1568 Fix configure-time warnings for openssl test.
1569
1570commit 95687f5831ae680f7959446d8ae4b52452ee05dd
1571Author: djm@openbsd.org <djm@openbsd.org>
1572Date: Fri Apr 1 02:34:10 2016 +0000
1573
1574 upstream commit
1575
1576 whitespace at EOL
1577
1578 Upstream-ID: 40ae2203d07cb14e0a89e1a0d4c6120ee8fd8c3a
1579
1580commit fdfbf4580de09d84a974211715e14f88a5704b8e
1581Author: dtucker@openbsd.org <dtucker@openbsd.org>
1582Date: Thu Mar 31 05:24:06 2016 +0000
1583
1584 upstream commit
1585
1586 Remove fallback from moduli to "primes" file that was
1587 deprecated in 2001 and fix log messages referring to primes file. Based on
1588 patch from xnox at ubuntu.com via bz#2559. "kill it" deraadt@
1589
1590 Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713
1591
1592commit 0235a5fa67fcac51adb564cba69011a535f86f6b
1593Author: djm@openbsd.org <djm@openbsd.org>
1594Date: Thu Mar 17 17:19:43 2016 +0000
1595
1596 upstream commit
1597
1598 UseDNS affects ssh hostname processing in authorized_keys,
1599 not known_hosts; bz#2554 reported by jjelen AT redhat.com
1600
1601 Upstream-ID: c1c1bb895dde46095fc6d81d8653703928437591
1602
1603commit 8c4739338f5e379d05b19d6e544540114965f07e
1604Author: Darren Tucker <dtucker@zip.com.au>
1605Date: Tue Mar 15 09:24:43 2016 +1100
1606
1607 Don't call Solaris setproject() with UsePAM=yes.
1608
1609 When Solaris Projects are enabled along with PAM setting the project
1610 is PAM's responsiblity. bz#2425, based on patch from
1611 brent.paulson at gmail.com.
1612
1613commit cff26f373c58457a32cb263e212cfff53fca987b
1614Author: Damien Miller <djm@mindrot.org>
1615Date: Tue Mar 15 04:30:21 2016 +1100
1616
1617 remove slogin from *.spec
1618
1619commit c38905ba391434834da86abfc988a2b8b9b62477
1620Author: djm@openbsd.org <djm@openbsd.org>
1621Date: Mon Mar 14 16:20:54 2016 +0000
1622
1623 upstream commit
1624
1625 unbreak authentication using lone certificate keys in
1626 ssh-agent: when attempting pubkey auth with a certificate, if no separate
1627 private key is found among the keys then try with the certificate key itself.
1628
1629 bz#2550 reported by Peter Moody
1630
1631 Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966
1632
1633commit 4b4bfb01cd40b9ddb948e6026ddd287cc303d871
1634Author: djm@openbsd.org <djm@openbsd.org>
1635Date: Thu Mar 10 11:47:57 2016 +0000
1636
1637 upstream commit
1638
1639 sanitise characters destined for xauth reported by
1640 github.com/tintinweb feedback and ok deraadt and markus
1641
1642 Upstream-ID: 18ad8d0d74cbd2ea3306a16595a306ee356aa261
1643
1644commit 732b463d37221722b1206f43aa59563766a6a968
1645Author: Darren Tucker <dtucker@zip.com.au>
1646Date: Mon Mar 14 16:04:23 2016 +1100
1647
1648 Pass supported malloc options to connect-privsep.
1649
1650 This allows us to activate only the supported options during the malloc
1651 option portion of the connect-privsep test.
1652
1653commit d29c5b9b3e9f27394ca97a364ed4bb4a55a59744
1654Author: Darren Tucker <dtucker@zip.com.au>
1655Date: Mon Mar 14 09:30:58 2016 +1100
1656
1657 Remove leftover roaming.h file.
1658
1659 Pointed out by des at des.no.
1660
1661commit 8ff20ec95f4377021ed5e9b2331320f5c5a34cea
1662Author: Darren Tucker <dtucker@zip.com.au>
1663Date: Mon Mar 14 09:24:03 2016 +1100
1664
1665 Quote variables that may contain whitespace.
1666
1667 The variable $L_TMP_ID_FILE needs to be surrounded by quotes in order to
1668 survive paths containing whitespace. bz#2551, from Corinna Vinschen via
1669 Philip Hands.
1670
1671commit 627824480c01f0b24541842c7206ab9009644d02
1672Author: Darren Tucker <dtucker@zip.com.au>
1673Date: Fri Mar 11 14:47:41 2016 +1100
1674
1675 Include priv.h for priv_set_t.
1676
1677 From alex at cooperi.net.
1678
1679commit e960051f9a264f682c4d2fefbeecffcfc66b0ddf
1680Author: Darren Tucker <dtucker@zip.com.au>
1681Date: Wed Mar 9 13:14:18 2016 +1100
1682
1683 Wrap stdint.h inside #ifdef HAVE_STDINT_H.
1684
1685commit 2c48bd344d2c4b5e08dae9aea5ff44fc19a5e363
1686Author: Darren Tucker <dtucker@zip.com.au>
1687Date: Wed Mar 9 12:46:50 2016 +1100
1688
1689 Add compat to monotime_double().
1690
1691 Apply all of the portability changes in monotime() to monotime() double.
1692 Fixes build on at least older FreeBSD systems.
1693
1694commit 7b40ef6c2eef40c339f6ea8920cb8a44838e10c9
1695Author: Damien Miller <djm@mindrot.org>
1696Date: Tue Mar 8 14:12:58 2016 -0800
1697
1698 make a regress-binaries target
1699
1700 Easier to build all the regression/unit test binaries in one pass
1701 than going through all of ${REGRESS_BINARIES}
1702
1703commit c425494d6b6181beb54a1b3763ef9e944fd3c214
1704Author: Damien Miller <djm@mindrot.org>
1705Date: Tue Mar 8 14:03:54 2016 -0800
1706
1707 unbreak kexfuzz for -Werror without __bounded__
1708
1709commit 3ed9218c336607846563daea5d5ab4f701f4e042
1710Author: Damien Miller <djm@mindrot.org>
1711Date: Tue Mar 8 14:01:29 2016 -0800
1712
1713 unbreak PAM after canohost refactor
1714
1715commit 885fb2a44ff694f01e4f6470f803629e11f62961
1716Author: Darren Tucker <dtucker@zip.com.au>
1717Date: Tue Mar 8 11:58:43 2016 +1100
1718
1719 auth_get_canonical_hostname in portable code.
1720
1721 "refactor canohost.c" replaced get_canonical_hostname, this makes the
1722 same change to some portable-specific code.
1723
1724commit 95767262caa6692eff1e1565be1f5cb297949a89
1725Author: djm@openbsd.org <djm@openbsd.org>
1726Date: Mon Mar 7 19:02:43 2016 +0000
6 1727
7commit 9d47b8d3f50c3a6282896df8274147e3b9a38c56 1728 upstream commit
1729
1730 refactor canohost.c: move functions that cache results closer
1731 to the places that use them (authn and session code). After this, no state is
1732 cached in canohost.c
1733
1734 feedback and ok markus@
1735
1736 Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e
1737
1738commit af0bb38ffd1f2c4f9f43b0029be2efe922815255
8Author: Damien Miller <djm@mindrot.org> 1739Author: Damien Miller <djm@mindrot.org>
9Date: Thu Mar 10 05:03:39 2016 +1100 1740Date: Fri Mar 4 15:11:55 2016 +1100
1741
1742 hook unittests/misc/kexfuzz into build
1743
1744commit 331b8e07ee5bcbdca12c11cc8f51a7e8de09b248
1745Author: dtucker@openbsd.org <dtucker@openbsd.org>
1746Date: Fri Mar 4 02:48:06 2016 +0000
1747
1748 upstream commit
1749
1750 Filter debug messages out of log before picking the last
1751 two lines. Should prevent problems if any more debug output is added late in
1752 the connection.
1753
1754 Upstream-Regress-ID: 345d0a9589c381e7d640a4ead06cfaadf4db1363
1755
1756commit 0892edaa3ce623381d3a7635544cbc69b31cf9cb
1757Author: djm@openbsd.org <djm@openbsd.org>
1758Date: Fri Mar 4 02:30:36 2016 +0000
1759
1760 upstream commit
1761
1762 add KEX fuzzer harness; ok deraadt@
1763
1764 Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1
1765
1766commit ae2562c47d41b68dbb00240fd6dd60bed205367a
1767Author: dtucker@openbsd.org <dtucker@openbsd.org>
1768Date: Thu Mar 3 00:46:53 2016 +0000
1769
1770 upstream commit
1771
1772 Look back 3 lines for possible error messages. Changes
1773 to the code mean that "Bad packet length" errors are 3 lines back instead of
1774 the previous two, which meant we didn't skip some offsets that we intended
1775 to.
1776
1777 Upstream-Regress-ID: 24f36912740a634d509a3144ebc8eb7c09b9c684
10 1778
11 sanitise characters destined for xauth(1) 1779commit 988e429d903acfb298bfddfd75e7994327adfed0
1780Author: djm@openbsd.org <djm@openbsd.org>
1781Date: Fri Mar 4 03:35:44 2016 +0000
1782
1783 upstream commit
12 1784
13 reported by github.com/tintinweb 1785 fix ClientAliveInterval when a time-based RekeyLimit is
1786 set; previously keepalive packets were not being sent. bz#2252 report and
1787 analysis by Christian Wittenhorst and Garrett Lee feedback and ok dtucker@
1788
1789 Upstream-ID: d48f9deadd35fdacdd5106b41bb07630ddd4aa81
1790
1791commit 8ef04d7a94bcdb8b0085fdd2a79a844b7d40792d
1792Author: dtucker@openbsd.org <dtucker@openbsd.org>
1793Date: Wed Mar 2 22:43:52 2016 +0000
1794
1795 upstream commit
1796
1797 Improve accuracy of reported transfer speeds by waiting
1798 for the ack from the other end. Pointed out by mmcc@, ok deraadt@ markus@
1799
1800 Upstream-ID: 99f1cf15c9a8f161086b814d414d862795ae153d
1801
1802commit b8d4eafe29684fe4f5bb587f7eab948e6ed62723
1803Author: dtucker@openbsd.org <dtucker@openbsd.org>
1804Date: Wed Mar 2 22:42:40 2016 +0000
1805
1806 upstream commit
1807
1808 Improve precision of progressmeter for sftp and scp by
1809 storing sub-second timestamps. Pointed out by mmcc@, ok deraadt@ markus@
1810
1811 Upstream-ID: 38fd83a3d83dbf81c8ff7b5d1302382fe54970ab
1812
1813commit 18f64b969c70ed00e74b9d8e50359dbe698ce4c0
1814Author: jca@openbsd.org <jca@openbsd.org>
1815Date: Mon Feb 29 20:22:36 2016 +0000
1816
1817 upstream commit
1818
1819 Print ssize_t with %zd; ok deraadt@ mmcc@
1820
1821 Upstream-ID: 0590313bbb013ff6692298c98f7e0be349d124bd
1822
1823commit 6e7f68ce38130c794ec1fb8d2a6091fbe982628d
1824Author: djm@openbsd.org <djm@openbsd.org>
1825Date: Sun Feb 28 22:27:00 2016 +0000
1826
1827 upstream commit
1828
1829 rearrange DH public value tests to be a little more clear
1830
1831 rearrange DH private value generation to explain rationale more
1832 clearly and include an extra sanity check.
1833
1834 ok deraadt
1835
1836 Upstream-ID: 9ad8a07e1a12684e1b329f9bd88941b249d4b2ad
1837
1838commit 2ed17aa34008bdfc8db674315adc425a0712be11
1839Author: Darren Tucker <dtucker@zip.com.au>
1840Date: Tue Mar 1 15:24:20 2016 +1100
1841
1842 Import updated moduli file from OpenBSD.
1843
1844 Note that 1.5k bit groups have been removed.
14 1845
15commit 72b061d4ba0f909501c595d709ea76e06b01e5c9 1846commit 72b061d4ba0f909501c595d709ea76e06b01e5c9
16Author: Darren Tucker <dtucker@zip.com.au> 1847Author: Darren Tucker <dtucker@zip.com.au>
@@ -7369,1537 +9200,3 @@ Date: Fri Aug 1 12:26:49 2014 +1000
7369 9200
7370 - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need 9201 - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
7371 a better solution, but this will have to do for now. 9202 a better solution, but this will have to do for now.
7372
7373commit 426117b2e965e43f47015942b5be8dd88fe74b88
7374Author: Damien Miller <djm@mindrot.org>
7375Date: Wed Jul 30 12:33:20 2014 +1000
7376
7377 - schwarze@cvs.openbsd.org 2014/07/28 15:40:08
7378 [sftp-server.8 sshd_config.5]
7379 some systems no longer need /dev/log;
7380 issue noticed by jirib;
7381 ok deraadt
7382
7383commit f497794b6962eaf802ab4ac2a7b22ae591cca1d5
7384Author: Damien Miller <djm@mindrot.org>
7385Date: Wed Jul 30 12:32:46 2014 +1000
7386
7387 - dtucker@cvs.openbsd.org 2014/07/25 21:22:03
7388 [ssh-agent.c]
7389 Clear buffer used for handling messages. This prevents keys being
7390 left in memory after they have been expired or deleted in some cases
7391 (but note that ssh-agent is setgid so you would still need root to
7392 access them). Pointed out by Kevin Burns, ok deraadt
7393
7394commit a8a0f65c57c8ecba94d65948e9090da54014dfef
7395Author: Damien Miller <djm@mindrot.org>
7396Date: Wed Jul 30 12:32:28 2014 +1000
7397
7398 - OpenBSD CVS Sync
7399 - millert@cvs.openbsd.org 2014/07/24 22:57:10
7400 [ssh.1]
7401 Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@
7402
7403commit 56b840f2b81e14a2f95c203403633a72566736f8
7404Author: Damien Miller <djm@mindrot.org>
7405Date: Fri Jul 25 08:11:30 2014 +1000
7406
7407 - (djm) [regress/multiplex.sh] restore incorrectly deleted line;
7408 pointed out by Christian Hesse
7409
7410commit dd417b60d5ca220565d1014e92b7f8f43dc081eb
7411Author: Darren Tucker <dtucker@zip.com.au>
7412Date: Wed Jul 23 10:41:21 2014 +1000
7413
7414 - dtucker@cvs.openbsd.org 2014/07/22 23:35:38
7415 [regress/unittests/sshkey/testdata/*]
7416 Regenerate test keys with certs signed with ed25519 instead of ecdsa.
7417 These can be used in -portable on platforms that don't support ECDSA.
7418
7419commit 40e50211896369dba8f64f3b5e5fd58b76f5ac3f
7420Author: Darren Tucker <dtucker@zip.com.au>
7421Date: Wed Jul 23 10:35:45 2014 +1000
7422
7423 - dtucker@cvs.openbsd.org 2014/07/22 23:57:40
7424 [regress/unittests/sshkey/mktestdata.sh]
7425 Add $OpenBSD tag to make syncs easier
7426
7427commit 07e644251e809b1d4c062cf85bd1146a7e3f5a8a
7428Author: Darren Tucker <dtucker@zip.com.au>
7429Date: Wed Jul 23 10:34:26 2014 +1000
7430
7431 - dtucker@cvs.openbsd.org 2014/07/22 23:23:22
7432 [regress/unittests/sshkey/mktestdata.sh]
7433 Sign test certs with ed25519 instead of ecdsa so that they'll work in
7434 -portable on platforms that don't have ECDSA in their OpenSSL. ok djm
7435
7436commit cea099a7c4eaecb01b001e5453bb4e5c25006c22
7437Author: Darren Tucker <dtucker@zip.com.au>
7438Date: Wed Jul 23 10:04:02 2014 +1000
7439
7440 - djm@cvs.openbsd.org 2014/07/22 01:32:12
7441 [regress/multiplex.sh]
7442 change the test for still-open Unix domain sockets to be robust against
7443 nc implementations that produce error messages. from -portable
7444 (Id sync only)
7445
7446commit 31eb78078d349b32ea41952ecc944b3ad6cb0d45
7447Author: Darren Tucker <dtucker@zip.com.au>
7448Date: Wed Jul 23 09:43:42 2014 +1000
7449
7450 - guenther@cvs.openbsd.org 2014/07/22 07:13:42
7451 [umac.c]
7452 Convert from <sys/endian.h> to the shiney new <endian.h>
7453 ok dtucker@, who also confirmed that -portable handles this already
7454 (ID sync only, includes.h pulls in endian.h if available.)
7455
7456commit 820763efef2d19d965602533036c2b4badc9d465
7457Author: Darren Tucker <dtucker@zip.com.au>
7458Date: Wed Jul 23 09:40:46 2014 +1000
7459
7460 - dtucker@cvs.openbsd.org 2014/07/22 01:18:50
7461 [key.c]
7462 Prevent spam from key_load_private_pem during hostbased auth. ok djm@
7463
7464commit c4ee219a66f3190fa96cbd45b4d11015685c6306
7465Author: Darren Tucker <dtucker@zip.com.au>
7466Date: Wed Jul 23 04:27:50 2014 +1000
7467
7468 - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
7469 specific tests inside OPENSSL_HAS_ECC.
7470
7471commit 04f4824940ea3edd60835416ececbae16438968a
7472Author: Damien Miller <djm@mindrot.org>
7473Date: Tue Jul 22 11:31:47 2014 +1000
7474
7475 - (djm) [regress/multiplex.sh] change the test for still-open Unix
7476 domain sockets to be robust against nc implementations that produce
7477 error messages.
7478
7479commit 5ea4fe00d55453aaa44007330bb4c3181bd9b796
7480Author: Damien Miller <djm@mindrot.org>
7481Date: Tue Jul 22 09:39:19 2014 +1000
7482
7483 - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;
7484 put it back
7485
7486commit 948a1774a79a85f9deba6d74db95f402dee32c69
7487Author: Darren Tucker <dtucker@zip.com.au>
7488Date: Tue Jul 22 01:07:11 2014 +1000
7489
7490 - (dtucker) [sshkey.c] ifdef out unused variable when compiling without
7491 OPENSSL_HAS_ECC.
7492
7493commit c8f610f6cc57ae129758052439d9baf13699097b
7494Author: Damien Miller <djm@mindrot.org>
7495Date: Mon Jul 21 10:23:27 2014 +1000
7496
7497 - (djm) [regress/multiplex.sh] Not all netcat accept the -N option.
7498
7499commit 0e4e95566cd95c887f69272499b8f3880b3ec0f5
7500Author: Damien Miller <djm@mindrot.org>
7501Date: Mon Jul 21 09:52:54 2014 +1000
7502
7503 - millert@cvs.openbsd.org 2014/07/15 15:54:15
7504 [forwarding.sh multiplex.sh]
7505 Add support for Unix domain socket forwarding. A remote TCP port
7506 may be forwarded to a local Unix domain socket and vice versa or
7507 both ends may be a Unix domain socket. This is a reimplementation
7508 of the streamlocal patches by William Ahern from:
7509 http://www.25thandclement.com/~william/projects/streamlocal.html
7510 OK djm@ markus@
7511
7512commit 93a87ab27ecdc709169fb24411133998f81e2761
7513Author: Darren Tucker <dtucker@zip.com.au>
7514Date: Mon Jul 21 06:30:25 2014 +1000
7515
7516 - (dtucker) [regress/unittests/sshkey/
7517 {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in
7518 ifdefs.
7519
7520commit 5573171352ea23df2dc6d2fe0324d023b7ba697c
7521Author: Darren Tucker <dtucker@zip.com.au>
7522Date: Mon Jul 21 02:24:59 2014 +1000
7523
7524 - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
7525 needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
7526
7527commit 74e28682711d005026c7c8f15f96aea9d3c8b5a3
7528Author: Tim Rice <tim@multitalents.net>
7529Date: Fri Jul 18 20:00:11 2014 -0700
7530
7531 - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
7532 in servconf.h.
7533
7534commit d1a0421f8e5e933fee6fb58ee6b9a22c63c8a613
7535Author: Darren Tucker <dtucker@zip.com.au>
7536Date: Sat Jul 19 07:23:55 2014 +1000
7537
7538 - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC.
7539
7540commit f0fe9ea1be62227c130b317769de3d1e736b6dc1
7541Author: Darren Tucker <dtucker@zip.com.au>
7542Date: Sat Jul 19 06:33:12 2014 +1000
7543
7544 - (dtucker) [Makefile.in] Add a t-exec target to run just the executable
7545 tests.
7546
7547commit 450bc1180d4b061434a4b733c5c8814fa30b022b
7548Author: Darren Tucker <dtucker@zip.com.au>
7549Date: Sat Jul 19 06:23:18 2014 +1000
7550
7551 - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used
7552 in servconf.h.
7553
7554commit ab2ec586baad122ed169285c31927ccf58bc7b28
7555Author: Damien Miller <djm@mindrot.org>
7556Date: Fri Jul 18 15:04:47 2014 +1000
7557
7558 - djm@cvs.openbsd.org 2014/07/18 02:46:01
7559 [ssh-agent.c]
7560 restore umask around listener socket creation (dropped in streamlocal patch
7561 merge)
7562
7563commit 357610d15946381ae90c271837dcdd0cdce7145f
7564Author: Damien Miller <djm@mindrot.org>
7565Date: Fri Jul 18 15:04:10 2014 +1000
7566
7567 - djm@cvs.openbsd.org 2014/07/17 07:22:19
7568 [mux.c ssh.c]
7569 reflect stdio-forward ("ssh -W host:port ...") failures in exit status.
7570 previously we were always returning 0. bz#2255 reported by Brendan
7571 Germain; ok dtucker
7572
7573commit dad9a4a0b7c2b5d78605f8df28718f116524134e
7574Author: Damien Miller <djm@mindrot.org>
7575Date: Fri Jul 18 15:03:49 2014 +1000
7576
7577 - djm@cvs.openbsd.org 2014/07/17 00:12:03
7578 [key.c]
7579 silence "incorrect passphrase" error spam; reported and ok dtucker@
7580
7581commit f42f7684ecbeec6ce50e0310f80b3d6da2aaf533
7582Author: Damien Miller <djm@mindrot.org>
7583Date: Fri Jul 18 15:03:27 2014 +1000
7584
7585 - djm@cvs.openbsd.org 2014/07/17 00:10:18
7586 [mux.c]
7587 preserve errno across syscall
7588
7589commit 1b83320628cb0733e3688b85bfe4d388a7c51909
7590Author: Damien Miller <djm@mindrot.org>
7591Date: Fri Jul 18 15:03:02 2014 +1000
7592
7593 - djm@cvs.openbsd.org 2014/07/17 00:10:56
7594 [sandbox-systrace.c]
7595 ifdef SYS_sendsyslog so this will compile without patching on -stable
7596
7597commit 6d57656331bcd754d912950e4a18ad259d596e61
7598Author: Damien Miller <djm@mindrot.org>
7599Date: Fri Jul 18 15:02:06 2014 +1000
7600
7601 - jmc@cvs.openbsd.org 2014/07/16 14:48:57
7602 [ssh.1]
7603 add the streamlocal* options to ssh's -o list; millert says they're
7604 irrelevant for scp/sftp;
7605
7606 ok markus millert
7607
7608commit 7acefbbcbeab725420ea07397ae35992f505f702
7609Author: Damien Miller <djm@mindrot.org>
7610Date: Fri Jul 18 14:11:24 2014 +1000
7611
7612 - millert@cvs.openbsd.org 2014/07/15 15:54:14
7613 [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
7614 [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
7615 [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
7616 [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
7617 [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
7618 [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
7619 [sshd_config.5 sshlogin.c]
7620 Add support for Unix domain socket forwarding. A remote TCP port
7621 may be forwarded to a local Unix domain socket and vice versa or
7622 both ends may be a Unix domain socket. This is a reimplementation
7623 of the streamlocal patches by William Ahern from:
7624 http://www.25thandclement.com/~william/projects/streamlocal.html
7625 OK djm@ markus@
7626
7627commit 6262d760e00714523633bd989d62e273a3dca99a
7628Author: Damien Miller <djm@mindrot.org>
7629Date: Thu Jul 17 09:52:07 2014 +1000
7630
7631 - tedu@cvs.openbsd.org 2014/07/11 13:54:34
7632 [myproposal.h]
7633 by popular demand, add back hamc-sha1 to server proposal for better compat
7634 with many clients still in use. ok deraadt
7635
7636commit 9d69d937b46ecba17f16d923e538ceda7b705c7a
7637Author: Damien Miller <djm@mindrot.org>
7638Date: Thu Jul 17 09:49:37 2014 +1000
7639
7640 - deraadt@cvs.openbsd.org 2014/07/11 08:09:54
7641 [sandbox-systrace.c]
7642 Permit use of SYS_sendsyslog from inside the sandbox. Clock is ticking,
7643 update your kernels and sshd soon.. libc will start using sendsyslog()
7644 in about 4 days.
7645
7646commit f6293a0b4129826fc2e37e4062f96825df43c326
7647Author: Damien Miller <djm@mindrot.org>
7648Date: Thu Jul 17 09:01:25 2014 +1000
7649
7650 - (djm) [digest-openssl.c] Preserve array order when disabling digests.
7651 Reported by Petr Lautrbach.
7652
7653commit 00f9cd230709c04399ef5ff80492d70a55230694
7654Author: Damien Miller <djm@mindrot.org>
7655Date: Tue Jul 15 10:41:38 2014 +1000
7656
7657 - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto
7658 has been located; fixes builds agains libressl-portable
7659
7660commit 1d0df3249c87019556b83306c28d4769375c2edc
7661Author: Damien Miller <djm@mindrot.org>
7662Date: Fri Jul 11 09:19:04 2014 +1000
7663
7664 - OpenBSD CVS Sync
7665 - benno@cvs.openbsd.org 2014/07/09 14:15:56
7666 [ssh-add.c]
7667 fix ssh-add crash while loading more than one key
7668 ok markus@
7669
7670commit 7a57eb3d105aa4ced15fb47001092c58811e6d9d
7671Author: Damien Miller <djm@mindrot.org>
7672Date: Wed Jul 9 13:22:31 2014 +1000
7673
7674 - djm@cvs.openbsd.org 2014/07/07 08:15:26
7675 [multiplex.sh]
7676 remove forced-fatal that I stuck in there to test the new cleanup
7677 logic and forgot to remove...
7678
7679commit 612f965239a30fe536b11ece1834d9f470aeb029
7680Author: Damien Miller <djm@mindrot.org>
7681Date: Wed Jul 9 13:22:03 2014 +1000
7682
7683 - djm@cvs.openbsd.org 2014/07/06 07:42:03
7684 [multiplex.sh test-exec.sh]
7685 add a hook to the cleanup() function to kill $SSH_PID if it is set
7686
7687 use it to kill the mux master started in multiplex.sh (it was being left
7688 around on fatal failures)
7689
7690commit d0bb950485ba121e43a77caf434115ed6417b46f
7691Author: Damien Miller <djm@mindrot.org>
7692Date: Wed Jul 9 13:07:28 2014 +1000
7693
7694 - djm@cvs.openbsd.org 2014/07/09 03:02:15
7695 [key.c]
7696 downgrade more error() to debug() to better match what old authfile.c
7697 did; suppresses spurious errors with hostbased authentication enabled
7698
7699commit 0070776a038655c57f57e70cd05e4c38a5de9d84
7700Author: Damien Miller <djm@mindrot.org>
7701Date: Wed Jul 9 13:07:06 2014 +1000
7702
7703 - djm@cvs.openbsd.org 2014/07/09 01:45:10
7704 [sftp.c]
7705 more useful error message when GLOB_NOSPACE occurs;
7706 bz#2254, patch from Orion Poplawski
7707
7708commit 079bac2a43c74ef7cf56850afbab3b1932534c50
7709Author: Damien Miller <djm@mindrot.org>
7710Date: Wed Jul 9 13:06:25 2014 +1000
7711
7712 - djm@cvs.openbsd.org 2014/07/07 08:19:12
7713 [ssh_config.5]
7714 mention that ProxyCommand is executed using shell "exec" to avoid
7715 a lingering process; bz#1977
7716
7717commit 3a48cc090096cf99b9de592deb5f90e444edebfb
7718Author: Damien Miller <djm@mindrot.org>
7719Date: Sun Jul 6 09:32:49 2014 +1000
7720
7721 - djm@cvs.openbsd.org 2014/07/05 23:11:48
7722 [channels.c]
7723 fix remote-forward cancel regression; ok markus@
7724
7725commit 48bae3a38cb578713e676708164f6e7151cc64fa
7726Author: Damien Miller <djm@mindrot.org>
7727Date: Sun Jul 6 09:27:06 2014 +1000
7728
7729 - djm@cvs.openbsd.org 2014/07/03 23:18:35
7730 [authfile.h]
7731 remove leakmalloc droppings
7732
7733commit 72e6b5c9ed5e72ca3a6ccc3177941b7c487a0826
7734Author: Damien Miller <djm@mindrot.org>
7735Date: Fri Jul 4 09:00:04 2014 +1000
7736
7737 - djm@cvs.openbsd.org 2014/07/03 22:40:43
7738 [servconf.c servconf.h session.c sshd.8 sshd_config.5]
7739 Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
7740 executed, mirroring the no-user-rc authorized_keys option;
7741 bz#2160; ok markus@
7742
7743commit 602943d1179a08dfa70af94f62296ea5e3d6ebb8
7744Author: Damien Miller <djm@mindrot.org>
7745Date: Fri Jul 4 08:59:41 2014 +1000
7746
7747 - djm@cvs.openbsd.org 2014/07/03 22:33:41
7748 [channels.c]
7749 allow explicit ::1 and 127.0.0.1 forwarding bind addresses when
7750 GatewayPorts=no; allows client to choose address family;
7751 bz#2222 ok markus@
7752
7753commit 6b37fbb7921d156b31e2c8f39d9e1b6746c34983
7754Author: Damien Miller <djm@mindrot.org>
7755Date: Fri Jul 4 08:59:24 2014 +1000
7756
7757 - djm@cvs.openbsd.org 2014/07/03 22:23:46
7758 [sshconnect.c]
7759 when rekeying, skip file/DNS lookup if it is the same as the key sent
7760 during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@
7761
7762commit d2c3cd5f2e47ee24cf7093ce8e948c2e79dfc3fd
7763Author: Damien Miller <djm@mindrot.org>
7764Date: Fri Jul 4 08:59:01 2014 +1000
7765
7766 - jsing@cvs.openbsd.org 2014/07/03 12:42:16
7767 [cipher-chachapoly.c]
7768 Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this
7769 makes it easier to verify that chacha_encrypt_bytes() is only called once
7770 per chacha_ivsetup() call.
7771 ok djm@
7772
7773commit 686feb560ec43a06ba04da82b50f3c183c947309
7774Author: Damien Miller <djm@mindrot.org>
7775Date: Thu Jul 3 21:29:38 2014 +1000
7776
7777 - djm@cvs.openbsd.org 2014/07/03 11:16:55
7778 [auth.c auth.h auth1.c auth2.c]
7779 make the "Too many authentication failures" message include the
7780 user, source address, port and protocol in a format similar to the
7781 authentication success / failure messages; bz#2199, ok dtucker
7782
7783commit 0f12341402e18fd9996ec23189b9418d2722453f
7784Author: Damien Miller <djm@mindrot.org>
7785Date: Thu Jul 3 21:28:09 2014 +1000
7786
7787 - jmc@cvs.openbsd.org 2014/07/03 07:45:27
7788 [ssh_config.5]
7789 escape %C since groff thinks it part of an Rs/Re block;
7790
7791commit 9c38643c5cd47a19db2cc28279dcc28abadc22b3
7792Author: Damien Miller <djm@mindrot.org>
7793Date: Thu Jul 3 21:27:46 2014 +1000
7794
7795 - djm@cvs.openbsd.org 2014/07/03 06:39:19
7796 [ssh.c ssh_config.5]
7797 Add a %C escape sequence for LocalCommand and ControlPath that expands
7798 to a unique identifer based on a has of the tuple of (local host,
7799 remote user, hostname, port).
7800
7801 Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
7802 control paths.
7803
7804 bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
7805
7806commit 49d9bfe2b2f3e90cc158a215dffa7675e57e7830
7807Author: Damien Miller <djm@mindrot.org>
7808Date: Thu Jul 3 21:26:42 2014 +1000
7809
7810 - djm@cvs.openbsd.org 2014/07/03 05:38:17
7811 [ssh.1]
7812 document that -g will only work in the multiplexed case if applied to
7813 the mux master
7814
7815commit ef9f13ba4c58057b2166d1f2e790535da402fbe5
7816Author: Damien Miller <djm@mindrot.org>
7817Date: Thu Jul 3 21:26:21 2014 +1000
7818
7819 - djm@cvs.openbsd.org 2014/07/03 05:32:36
7820 [ssh_config.5]
7821 mention '%%' escape sequence in HostName directives and how it may
7822 be used to specify IPv6 link-local addresses
7823
7824commit e6a407789e5432dd2e53336fb73476cc69048c54
7825Author: Damien Miller <djm@mindrot.org>
7826Date: Thu Jul 3 21:25:03 2014 +1000
7827
7828 - djm@cvs.openbsd.org 2014/07/03 04:36:45
7829 [digest.h]
7830 forward-declare struct sshbuf so consumers don't need to include sshbuf.h
7831
7832commit 4a1d3d50f02d0a8a4ef95ea4749293cbfb89f919
7833Author: Damien Miller <djm@mindrot.org>
7834Date: Thu Jul 3 21:24:40 2014 +1000
7835
7836 - djm@cvs.openbsd.org 2014/07/03 03:47:27
7837 [ssh-keygen.c]
7838 When hashing or removing hosts using ssh-keygen, don't choke on
7839 @revoked markers and don't remove @cert-authority markers;
7840 bz#2241, reported by mlindgren AT runelind.net
7841
7842commit e5c0d52ceb575c3db8c313e0b1aa3845943d7ba8
7843Author: Damien Miller <djm@mindrot.org>
7844Date: Thu Jul 3 21:24:19 2014 +1000
7845
7846 - djm@cvs.openbsd.org 2014/07/03 03:34:09
7847 [gss-serv.c session.c ssh-keygen.c]
7848 standardise on NI_MAXHOST for gethostname() string lengths; about
7849 1/2 the cases were using it already. Fixes bz#2239 en passant
7850
7851commit c174a3b7c14e0d178c61219de2aa1110e209950c
7852Author: Damien Miller <djm@mindrot.org>
7853Date: Thu Jul 3 21:23:24 2014 +1000
7854
7855 - djm@cvs.openbsd.org 2014/07/03 03:26:43
7856 [digest-openssl.c]
7857 use EVP_Digest() for one-shot hash instead of creating, updating,
7858 finalising and destroying a context.
7859 bz#2231, based on patch from Timo Teras
7860
7861commit d7ca2cd31ecc4d63a055e2dcc4bf35c13f2db4c5
7862Author: Damien Miller <djm@mindrot.org>
7863Date: Thu Jul 3 21:23:01 2014 +1000
7864
7865 - djm@cvs.openbsd.org 2014/07/03 03:15:01
7866 [ssh-add.c]
7867 make stdout line-buffered; saves partial output getting lost when
7868 ssh-add fatal()s part-way through (e.g. when listing keys from an
7869 agent that supports key types that ssh-add doesn't);
7870 bz#2234, reported by Phil Pennock
7871
7872commit b1e967c8d7c7578dd0c172d85b3046cf54ea42ba
7873Author: Damien Miller <djm@mindrot.org>
7874Date: Thu Jul 3 21:22:40 2014 +1000
7875
7876 - djm@cvs.openbsd.org 2014/07/03 03:11:03
7877 [ssh-agent.c]
7878 Only cleanup agent socket in the main agent process and not in any
7879 subprocesses it may have started (e.g. forked askpass). Fixes
7880 agent sockets being zapped when askpass processes fatal();
7881 bz#2236 patch from Dmitry V. Levin
7882
7883commit 61e28e55c3438d796b02ef878bcd28620d452670
7884Author: Damien Miller <djm@mindrot.org>
7885Date: Thu Jul 3 21:22:22 2014 +1000
7886
7887 - djm@cvs.openbsd.org 2014/07/03 01:45:38
7888 [sshkey.c]
7889 make Ed25519 keys' title fit properly in the randomart border; bz#2247
7890 based on patch from Christian Hesse
7891
7892commit 9eb4cd9a32c32d40d36450b68ed93badc6a94c68
7893Author: Damien Miller <djm@mindrot.org>
7894Date: Thu Jul 3 13:29:50 2014 +1000
7895
7896 - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist;
7897 bz#2237
7898
7899commit 8da0fa24934501909408327298097b1629b89eaa
7900Author: Damien Miller <djm@mindrot.org>
7901Date: Thu Jul 3 11:54:19 2014 +1000
7902
7903 - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto
7904 doesn't support it.
7905
7906commit 81309c857dd0dbc0a1245a16d621c490ad48cfbb
7907Author: Damien Miller <djm@mindrot.org>
7908Date: Wed Jul 2 17:45:55 2014 +1000
7909
7910 - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test
7911
7912commit 82b2482ce68654815ee049b9bf021bb362a35ff2
7913Author: Damien Miller <djm@mindrot.org>
7914Date: Wed Jul 2 17:43:41 2014 +1000
7915
7916 - (djm) [sshkey.c] Conditionalise inclusion of util.h
7917
7918commit dd8b1dd7933eb6f5652641b0cdced34a387f2e80
7919Author: Damien Miller <djm@mindrot.org>
7920Date: Wed Jul 2 17:38:31 2014 +1000
7921
7922 - djm@cvs.openbsd.org 2014/06/24 01:14:17
7923 [Makefile.in regress/Makefile regress/unittests/Makefile]
7924 [regress/unittests/sshkey/Makefile]
7925 [regress/unittests/sshkey/common.c]
7926 [regress/unittests/sshkey/common.h]
7927 [regress/unittests/sshkey/mktestdata.sh]
7928 [regress/unittests/sshkey/test_file.c]
7929 [regress/unittests/sshkey/test_fuzz.c]
7930 [regress/unittests/sshkey/test_sshkey.c]
7931 [regress/unittests/sshkey/tests.c]
7932 [regress/unittests/sshkey/testdata/dsa_1]
7933 [regress/unittests/sshkey/testdata/dsa_1-cert.fp]
7934 [regress/unittests/sshkey/testdata/dsa_1-cert.pub]
7935 [regress/unittests/sshkey/testdata/dsa_1.fp]
7936 [regress/unittests/sshkey/testdata/dsa_1.fp.bb]
7937 [regress/unittests/sshkey/testdata/dsa_1.param.g]
7938 [regress/unittests/sshkey/testdata/dsa_1.param.priv]
7939 [regress/unittests/sshkey/testdata/dsa_1.param.pub]
7940 [regress/unittests/sshkey/testdata/dsa_1.pub]
7941 [regress/unittests/sshkey/testdata/dsa_1_pw]
7942 [regress/unittests/sshkey/testdata/dsa_2]
7943 [regress/unittests/sshkey/testdata/dsa_2.fp]
7944 [regress/unittests/sshkey/testdata/dsa_2.fp.bb]
7945 [regress/unittests/sshkey/testdata/dsa_2.pub]
7946 [regress/unittests/sshkey/testdata/dsa_n]
7947 [regress/unittests/sshkey/testdata/dsa_n_pw]
7948 [regress/unittests/sshkey/testdata/ecdsa_1]
7949 [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp]
7950 [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub]
7951 [regress/unittests/sshkey/testdata/ecdsa_1.fp]
7952 [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb]
7953 [regress/unittests/sshkey/testdata/ecdsa_1.param.curve]
7954 [regress/unittests/sshkey/testdata/ecdsa_1.param.priv]
7955 [regress/unittests/sshkey/testdata/ecdsa_1.param.pub]
7956 [regress/unittests/sshkey/testdata/ecdsa_1.pub]
7957 [regress/unittests/sshkey/testdata/ecdsa_1_pw]
7958 [regress/unittests/sshkey/testdata/ecdsa_2]
7959 [regress/unittests/sshkey/testdata/ecdsa_2.fp]
7960 [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb]
7961 [regress/unittests/sshkey/testdata/ecdsa_2.param.curve]
7962 [regress/unittests/sshkey/testdata/ecdsa_2.param.priv]
7963 [regress/unittests/sshkey/testdata/ecdsa_2.param.pub]
7964 [regress/unittests/sshkey/testdata/ecdsa_2.pub]
7965 [regress/unittests/sshkey/testdata/ecdsa_n]
7966 [regress/unittests/sshkey/testdata/ecdsa_n_pw]
7967 [regress/unittests/sshkey/testdata/ed25519_1]
7968 [regress/unittests/sshkey/testdata/ed25519_1-cert.fp]
7969 [regress/unittests/sshkey/testdata/ed25519_1-cert.pub]
7970 [regress/unittests/sshkey/testdata/ed25519_1.fp]
7971 [regress/unittests/sshkey/testdata/ed25519_1.fp.bb]
7972 [regress/unittests/sshkey/testdata/ed25519_1.pub]
7973 [regress/unittests/sshkey/testdata/ed25519_1_pw]
7974 [regress/unittests/sshkey/testdata/ed25519_2]
7975 [regress/unittests/sshkey/testdata/ed25519_2.fp]
7976 [regress/unittests/sshkey/testdata/ed25519_2.fp.bb]
7977 [regress/unittests/sshkey/testdata/ed25519_2.pub]
7978 [regress/unittests/sshkey/testdata/pw]
7979 [regress/unittests/sshkey/testdata/rsa1_1]
7980 [regress/unittests/sshkey/testdata/rsa1_1.fp]
7981 [regress/unittests/sshkey/testdata/rsa1_1.fp.bb]
7982 [regress/unittests/sshkey/testdata/rsa1_1.param.n]
7983 [regress/unittests/sshkey/testdata/rsa1_1.pub]
7984 [regress/unittests/sshkey/testdata/rsa1_1_pw]
7985 [regress/unittests/sshkey/testdata/rsa1_2]
7986 [regress/unittests/sshkey/testdata/rsa1_2.fp]
7987 [regress/unittests/sshkey/testdata/rsa1_2.fp.bb]
7988 [regress/unittests/sshkey/testdata/rsa1_2.param.n]
7989 [regress/unittests/sshkey/testdata/rsa1_2.pub]
7990 [regress/unittests/sshkey/testdata/rsa_1]
7991 [regress/unittests/sshkey/testdata/rsa_1-cert.fp]
7992 [regress/unittests/sshkey/testdata/rsa_1-cert.pub]
7993 [regress/unittests/sshkey/testdata/rsa_1.fp]
7994 [regress/unittests/sshkey/testdata/rsa_1.fp.bb]
7995 [regress/unittests/sshkey/testdata/rsa_1.param.n]
7996 [regress/unittests/sshkey/testdata/rsa_1.param.p]
7997 [regress/unittests/sshkey/testdata/rsa_1.param.q]
7998 [regress/unittests/sshkey/testdata/rsa_1.pub]
7999 [regress/unittests/sshkey/testdata/rsa_1_pw]
8000 [regress/unittests/sshkey/testdata/rsa_2]
8001 [regress/unittests/sshkey/testdata/rsa_2.fp]
8002 [regress/unittests/sshkey/testdata/rsa_2.fp.bb]
8003 [regress/unittests/sshkey/testdata/rsa_2.param.n]
8004 [regress/unittests/sshkey/testdata/rsa_2.param.p]
8005 [regress/unittests/sshkey/testdata/rsa_2.param.q]
8006 [regress/unittests/sshkey/testdata/rsa_2.pub]
8007 [regress/unittests/sshkey/testdata/rsa_n]
8008 [regress/unittests/sshkey/testdata/rsa_n_pw]
8009 unit and fuzz tests for new key API
8010
8011commit c1dc24b71f087f385b92652b9673f52af64e0428
8012Author: Damien Miller <djm@mindrot.org>
8013Date: Wed Jul 2 17:02:03 2014 +1000
8014
8015 - djm@cvs.openbsd.org 2014/06/24 01:04:43
8016 [regress/krl.sh]
8017 regress test for broken consecutive revoked serial number ranges
8018
8019commit 43d3ed2dd3feca6d0326c7dc82588d2faa115e92
8020Author: Damien Miller <djm@mindrot.org>
8021Date: Wed Jul 2 17:01:08 2014 +1000
8022
8023 - djm@cvs.openbsd.org 2014/05/21 07:04:21
8024 [regress/integrity.sh]
8025 when failing because of unexpected output, show the offending output
8026
8027commit 5a96707ffc8d227c2e7d94fa6b0317f8a152cf4e
8028Author: Damien Miller <djm@mindrot.org>
8029Date: Wed Jul 2 15:38:05 2014 +1000
8030
8031 - djm@cvs.openbsd.org 2014/04/30 05:32:00
8032 [regress/Makefile]
8033 unit tests for new buffer API; including basic fuzz testing
8034 NB. Id sync only.
8035
8036commit 3ff92ba756aee48e4ae3e0aeff7293517b3dd185
8037Author: Damien Miller <djm@mindrot.org>
8038Date: Wed Jul 2 15:33:09 2014 +1000
8039
8040 - djm@cvs.openbsd.org 2014/06/30 12:54:39
8041 [key.c]
8042 suppress spurious error message when loading key with a passphrase;
8043 reported by kettenis@ ok markus@
8044 - djm@cvs.openbsd.org 2014/07/02 04:59:06
8045 [cipher-3des1.c]
8046 fix ssh protocol 1 on the server that regressed with the sshkey change
8047 (sometimes fatal() after auth completed), make file return useful status
8048 codes.
8049 NB. Id sync only for these two. They were bundled into the sshkey merge
8050 above, since it was easier to sync the entire file and then apply
8051 portable-specific changed atop it.
8052
8053commit ec3d0e24a1e46873d80507f5cd8ee6d0d03ac5dc
8054Author: Damien Miller <djm@mindrot.org>
8055Date: Wed Jul 2 15:30:00 2014 +1000
8056
8057 - markus@cvs.openbsd.org 2014/06/27 18:50:39
8058 [ssh-add.c]
8059 fix loading of private keys
8060
8061commit 4b3ed647d5b328cf68e6a8ffbee490d8e0683e82
8062Author: Damien Miller <djm@mindrot.org>
8063Date: Wed Jul 2 15:29:40 2014 +1000
8064
8065 - markus@cvs.openbsd.org 2014/06/27 16:41:56
8066 [channels.c channels.h clientloop.c ssh.c]
8067 fix remote fwding with same listen port but different listen address
8068 with gerhard@, ok djm@
8069
8070commit 9e01ff28664921ce9b6500681333e42fb133b4d0
8071Author: Damien Miller <djm@mindrot.org>
8072Date: Wed Jul 2 15:29:21 2014 +1000
8073
8074 - deraadt@cvs.openbsd.org 2014/06/25 14:16:09
8075 [sshbuf.c]
8076 unblock SIGSEGV before raising it
8077 ok djm
8078
8079commit 1845fe6bda0729e52f4c645137f4fc3070b5438a
8080Author: Damien Miller <djm@mindrot.org>
8081Date: Wed Jul 2 15:29:01 2014 +1000
8082
8083 - djm@cvs.openbsd.org 2014/06/24 02:21:01
8084 [scp.c]
8085 when copying local->remote fails during read, don't send uninitialised
8086 heap to the remote end. Reported by Jann Horn
8087
8088commit 19439e9a2a0ac0b4b3b1210e89695418beb1c883
8089Author: Damien Miller <djm@mindrot.org>
8090Date: Wed Jul 2 15:28:40 2014 +1000
8091
8092 - djm@cvs.openbsd.org 2014/06/24 02:19:48
8093 [ssh.c]
8094 don't fatal() when hostname canonicalisation fails with a
8095 ProxyCommand in use; continue and allow the ProxyCommand to
8096 connect anyway (e.g. to a host with a name outside the DNS
8097 behind a bastion)
8098
8099commit 8668706d0f52654fe64c0ca41a96113aeab8d2b8
8100Author: Damien Miller <djm@mindrot.org>
8101Date: Wed Jul 2 15:28:02 2014 +1000
8102
8103 - djm@cvs.openbsd.org 2014/06/24 01:13:21
8104 [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
8105 [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
8106 [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
8107 [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
8108 [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
8109 [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
8110 [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
8111 [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
8112 [sshconnect2.c sshd.c sshkey.c sshkey.h
8113 [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
8114 New key API: refactor key-related functions to be more library-like,
8115 existing API is offered as a set of wrappers.
8116
8117 with and ok markus@
8118
8119 Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
8120 Dempsky and Ron Bowes for a detailed review a few months ago.
8121
8122 NB. This commit also removes portable OpenSSH support for OpenSSL
8123 <0.9.8e.
8124
8125commit 2cd7929250cf9e9f658d70dcd452f529ba08c942
8126Author: Damien Miller <djm@mindrot.org>
8127Date: Wed Jul 2 12:48:30 2014 +1000
8128
8129 - djm@cvs.openbsd.org 2014/06/24 00:52:02
8130 [krl.c]
8131 fix bug in KRL generation: multiple consecutive revoked certificate
8132 serial number ranges could be serialised to an invalid format.
8133
8134 Readers of a broken KRL caused by this bug will fail closed, so no
8135 should-have-been-revoked key will be accepted.
8136
8137commit 99db840ee8dbbd2b3fbc6c45d0ee2f6a65e96898
8138Author: Damien Miller <djm@mindrot.org>
8139Date: Wed Jul 2 12:48:04 2014 +1000
8140
8141 - naddy@cvs.openbsd.org 2014/06/18 15:42:09
8142 [sshbuf-getput-crypto.c]
8143 The ssh_get_bignum functions must accept the same range of bignums
8144 the corresponding ssh_put_bignum functions create. This fixes the
8145 use of 16384-bit RSA keys (bug reported by Eivind Evensen).
8146 ok djm@
8147
8148commit 84a89161a9629239b64171ef3e22ef6a3e462d51
8149Author: Damien Miller <djm@mindrot.org>
8150Date: Wed Jul 2 12:47:48 2014 +1000
8151
8152 - matthew@cvs.openbsd.org 2014/06/18 02:59:13
8153 [sandbox-systrace.c]
8154 Now that we have a dedicated getentropy(2) system call for
8155 arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace
8156 sandbox.
8157
8158 ok djm
8159
8160commit 51504ceec627c0ad57b9f75585c7b3d277f326be
8161Author: Damien Miller <djm@mindrot.org>
8162Date: Wed Jul 2 12:47:25 2014 +1000
8163
8164 - deraadt@cvs.openbsd.org 2014/06/13 08:26:29
8165 [sandbox-systrace.c]
8166 permit SYS_getentropy
8167 from matthew
8168
8169commit a261b8df59117f7dc52abb3a34b35a40c2c9fa88
8170Author: Tim Rice <tim@multitalents.net>
8171Date: Wed Jun 18 16:17:28 2014 -0700
8172
8173 - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare
8174
8175commit 316fac6f18f87262a315c79bcf68b9f92c9337e4
8176Author: Darren Tucker <dtucker@zip.com.au>
8177Date: Tue Jun 17 23:06:07 2014 +1000
8178
8179 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
8180 openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
8181 Move the OpenSSL header/library version test into its own function and add
8182 tests for it. Fix it to allow fix version upgrades (but not downgrades).
8183 Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
8184 ok djm@ chl@
8185
8186commit af665bb7b092a59104db1e65577851cf35b86e32
8187Author: Darren Tucker <dtucker@zip.com.au>
8188Date: Mon Jun 16 22:50:55 2014 +1000
8189
8190 - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via
8191 OpenSMTPD and chl@
8192
8193commit f9696566fb41320820f3b257ab564fa321bb3751
8194Author: Darren Tucker <dtucker@zip.com.au>
8195Date: Fri Jun 13 11:06:04 2014 +1000
8196
8197 - (dtucker) [configure.ac] Remove tcpwrappers support, support has already
8198 been removed from sshd.c.
8199
8200commit 5e2b8894b0b24af4ad0a2f7aa33ebf255df7a8bc
8201Author: Tim Rice <tim@multitalents.net>
8202Date: Wed Jun 11 18:31:10 2014 -0700
8203
8204 - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for
8205 u_intXX_t types.
8206
8207commit 985ee2cbc3e43bc65827c3c0d4df3faa99160c37
8208Author: Darren Tucker <dtucker@zip.com.au>
8209Date: Thu Jun 12 05:32:29 2014 +1000
8210
8211 - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*]
8212 Wrap stdlib.h include an ifdef for platforms that don't have it.
8213
8214commit cf5392c2db2bb1dbef9818511d34056404436109
8215Author: Darren Tucker <dtucker@zip.com.au>
8216Date: Thu Jun 12 05:22:49 2014 +1000
8217
8218 - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from
8219 openbsd-compat/bsd-asprintf.c.
8220
8221commit 58538d795e0b662f2f4e5a7193f1204bbe992ddd
8222Author: Darren Tucker <dtucker@zip.com.au>
8223Date: Wed Jun 11 13:39:24 2014 +1000
8224
8225 - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for
8226 compat stuff, specifically whether or not OpenSSL has ECC.
8227
8228commit eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08
8229Author: Darren Tucker <dtucker@zip.com.au>
8230Date: Wed Jun 11 13:10:00 2014 +1000
8231
8232 - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an
8233 assigment that might get optimized out. ok djm@
8234
8235commit b9609fd86c623d6d440e630f5f9a63295f7aea20
8236Author: Darren Tucker <dtucker@zip.com.au>
8237Date: Wed Jun 11 08:04:02 2014 +1000
8238
8239 - (dtucker) [sshbuf.h] Only declare ECC functions if building without
8240 OpenSSL or if OpenSSL has ECC.
8241
8242commit a54a040f66944c6e8913df8635a01a2327219be9
8243Author: Darren Tucker <dtucker@zip.com.au>
8244Date: Wed Jun 11 07:58:35 2014 +1000
8245
8246 - dtucker@cvs.openbsd.org 2014/06/10 21:46:11
8247 [sshbuf.h]
8248 Group ECC functions together to make things a little easier in -portable.
8249 "doesn't bother me" deraadt@
8250
8251commit 9f92c53bad04a89067756be8198d4ec2d8a08875
8252Author: Darren Tucker <dtucker@zip.com.au>
8253Date: Wed Jun 11 07:57:58 2014 +1000
8254
8255 - djm@cvs.openbsd.org 2014/06/05 22:17:50
8256 [sshconnect2.c]
8257 fix inverted test that caused PKCS#11 keys that were explicitly listed
8258 not to be preferred. Reported by Dirk-Willem van Gulik
8259
8260commit 15c254a25394f96643da2ad0f674acdc51e89856
8261Author: Darren Tucker <dtucker@zip.com.au>
8262Date: Wed Jun 11 07:38:49 2014 +1000
8263
8264 - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef
8265 ECC variable too.
8266
8267commit d7af0cc5bf273eeed0897a99420bc26841d07d8f
8268Author: Darren Tucker <dtucker@zip.com.au>
8269Date: Wed Jun 11 07:37:25 2014 +1000
8270
8271 - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in
8272 the proposal if the version of OpenSSL we're using doesn't support ECC.
8273
8274commit 67508ac2563c33d582be181a3e777c65f549d22f
8275Author: Darren Tucker <dtucker@zip.com.au>
8276Date: Wed Jun 11 06:27:16 2014 +1000
8277
8278 - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
8279 regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256
8280 curve tests if OpenSSL has them.
8281
8282commit 6482d90a65459a88c18c925368525855832272b3
8283Author: Damien Miller <djm@mindrot.org>
8284Date: Tue May 27 14:34:42 2014 +1000
8285
8286 - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]
8287 [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege
8288 separation user at runtime, since it may need to be a domain account.
8289 Patch from Corinna Vinschen.
8290
8291commit f9eb5e0734f7a7f6e975809eb54684d2a06a7ffc
8292Author: Damien Miller <djm@mindrot.org>
8293Date: Tue May 27 14:31:58 2014 +1000
8294
8295 - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config
8296 from Corinna Vinschen, fixing a number of bugs and preparing for
8297 Cygwin 1.7.30.
8298
8299commit eae88744662e6b149f43ef071657727f1a157d95
8300Author: Damien Miller <djm@mindrot.org>
8301Date: Tue May 27 14:27:02 2014 +1000
8302
8303 - (djm) [cipher.c] Fix merge botch.
8304
8305commit 564b5e253c1d95c26a00e8288f0089a2571661c3
8306Author: Damien Miller <djm@mindrot.org>
8307Date: Thu May 22 08:23:59 2014 +1000
8308
8309 - (djm) [Makefile.in] typo in path
8310
8311commit e84d10302aeaf7a1acb05c451f8718143656856a
8312Author: Damien Miller <djm@mindrot.org>
8313Date: Wed May 21 17:13:36 2014 +1000
8314
8315 revert a diff I didn't mean to commit
8316
8317commit 795b86313f1f1aab9691666c4f2d5dae6e4acd50
8318Author: Damien Miller <djm@mindrot.org>
8319Date: Wed May 21 17:12:53 2014 +1000
8320
8321 - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC
8322 when it is available. It takes into account time spent suspended,
8323 thereby ensuring timeouts (e.g. for expiring agent keys) fire
8324 correctly. bz#2228 reported by John Haxby
8325
8326commit 18912775cb97c0b1e75e838d3c7d4b56648137b5
8327Author: Damien Miller <djm@mindrot.org>
8328Date: Wed May 21 17:06:46 2014 +1000
8329
8330 - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use
8331 vhangup on Linux. It doens't work for non-root users, and for them
8332 it just messes up the tty settings.
8333
8334commit 7f1c264d3049cd95234e91970ccb5406e1d15b27
8335Author: Damien Miller <djm@mindrot.org>
8336Date: Thu May 15 18:01:52 2014 +1000
8337
8338 - (djm) [sshbuf.c] need __predict_false
8339
8340commit e7429f2be8643e1100380a8a7389d85cc286c8fe
8341Author: Damien Miller <djm@mindrot.org>
8342Date: Thu May 15 18:01:01 2014 +1000
8343
8344 - (djm) [regress/Makefile Makefile.in]
8345 [regress/unittests/sshbuf/test_sshbuf.c
8346 [regress/unittests/sshbuf/test_sshbuf_fixed.c]
8347 [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
8348 [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
8349 [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
8350 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
8351 [regress/unittests/sshbuf/test_sshbuf_misc.c]
8352 [regress/unittests/sshbuf/tests.c]
8353 [regress/unittests/test_helper/fuzz.c]
8354 [regress/unittests/test_helper/test_helper.c]
8355 Hook new unit tests into the build and "make tests"
8356
8357commit def1de086707b0e6b046fe7e115c60aca0227a99
8358Author: Damien Miller <djm@mindrot.org>
8359Date: Thu May 15 15:17:15 2014 +1000
8360
8361 - (djm) [regress/unittests/Makefile]
8362 [regress/unittests/Makefile.inc]
8363 [regress/unittests/sshbuf/Makefile]
8364 [regress/unittests/sshbuf/test_sshbuf.c]
8365 [regress/unittests/sshbuf/test_sshbuf_fixed.c]
8366 [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
8367 [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
8368 [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
8369 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
8370 [regress/unittests/sshbuf/test_sshbuf_misc.c]
8371 [regress/unittests/sshbuf/tests.c]
8372 [regress/unittests/test_helper/Makefile]
8373 [regress/unittests/test_helper/fuzz.c]
8374 [regress/unittests/test_helper/test_helper.c]
8375 [regress/unittests/test_helper/test_helper.h]
8376 Import new unit tests from OpenBSD; not yet hooked up to build.
8377
8378commit 167685756fde8bc213a8df2c8e1848e312db0f46
8379Author: Damien Miller <djm@mindrot.org>
8380Date: Thu May 15 15:08:40 2014 +1000
8381
8382 - logan@cvs.openbsd.org 2014/05/04 10:40:59
8383 [connect-privsep.sh]
8384 Remove the Z flag from the list of malloc options as it
8385 was removed from malloc.c 10 days ago.
8386
8387 OK from miod@
8388
8389commit d0b69fe90466920d69c96069312e24b581771bd7
8390Author: Damien Miller <djm@mindrot.org>
8391Date: Thu May 15 15:08:19 2014 +1000
8392
8393 - dtucker@cvs.openbsd.org 2014/05/03 18:46:14
8394 [proxy-connect.sh]
8395 Add tests for with and without compression, with and without privsep.
8396
8397commit edb1af50441d19fb2dd9ccb4d75bf14473fca584
8398Author: Damien Miller <djm@mindrot.org>
8399Date: Thu May 15 15:07:53 2014 +1000
8400
8401 - djm@cvs.openbsd.org 2014/04/21 22:15:37
8402 [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh]
8403 repair regress tests broken by server-side default cipher/kex/mac changes
8404 by ensuring that the option under test is included in the server's
8405 algorithm list
8406
8407commit 54343e95c70994695f8842fb22836321350198d3
8408Author: Damien Miller <djm@mindrot.org>
8409Date: Thu May 15 15:07:33 2014 +1000
8410
8411 - djm@cvs.openbsd.org 2014/03/13 20:44:49
8412 [login-timeout.sh]
8413 this test is a sorry mess of race conditions; add another sleep
8414 to avoid a failure on slow machines (at least until I find a
8415 better way)
8416
8417commit e5b9f0f2ee6e133894307e44e862b66426990733
8418Author: Damien Miller <djm@mindrot.org>
8419Date: Thu May 15 14:58:07 2014 +1000
8420
8421 - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c]
8422 [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes
8423
8424commit b9c566788a9ebd6a9d466f47a532124f111f0542
8425Author: Damien Miller <djm@mindrot.org>
8426Date: Thu May 15 14:43:37 2014 +1000
8427
8428 - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write
8429 portability glue to support building without libcrypto
8430
8431commit 3dc27178b42234b653a32f7a87292d7994045ee3
8432Author: Damien Miller <djm@mindrot.org>
8433Date: Thu May 15 14:37:59 2014 +1000
8434
8435 - logan@cvs.openbsd.org 2014/05/05 07:02:30
8436 [sftp.c]
8437 Zap extra whitespace.
8438
8439 OK from djm@ and dtucker@
8440
8441commit c31a0cd5b31961f01c5b731f62a6cb9d4f767472
8442Author: Damien Miller <djm@mindrot.org>
8443Date: Thu May 15 14:37:39 2014 +1000
8444
8445 - markus@cvs.openbsd.org 2014/05/03 17:20:34
8446 [monitor.c packet.c packet.h]
8447 unbreak compression, by re-init-ing the compression code in the
8448 post-auth child. the new buffer code is more strict, and requires
8449 buffer_init() while the old code was happy after a bzero();
8450 originally from djm@
8451
8452commit 686c7d9ee6f44b2be4128d7860b6b37adaeba733
8453Author: Damien Miller <djm@mindrot.org>
8454Date: Thu May 15 14:37:03 2014 +1000
8455
8456 - djm@cvs.openbsd.org 2014/05/02 03:27:54
8457 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c]
8458 [misc.h poly1305.h ssh-pkcs11.c defines.h]
8459 revert __bounded change; it causes way more problems for portable than
8460 it solves; pointed out by dtucker@
8461
8462commit 294c58a007cfb2f3bddc4fc3217e255857ffb9bf
8463Author: Damien Miller <djm@mindrot.org>
8464Date: Thu May 15 14:35:03 2014 +1000
8465
8466 - naddy@cvs.openbsd.org 2014/04/30 19:07:48
8467 [mac.c myproposal.h umac.c]
8468 UMAC can use our local fallback implementation of AES when OpenSSL isn't
8469 available. Glue code straight from Ted Krovetz's original umac.c.
8470 ok markus@
8471
8472commit 05e82c3b963c33048128baf72a6f6b3a1c10b4c1
8473Author: Damien Miller <djm@mindrot.org>
8474Date: Thu May 15 14:33:43 2014 +1000
8475
8476 - djm@cvs.openbsd.org 2014/04/30 05:29:56
8477 [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
8478 [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
8479 [ssherr.h]
8480 New buffer API; the first installment of the conversion/replacement
8481 of OpenSSH's internals to make them usable as a standalone library.
8482
8483 This includes a set of wrappers to make it compatible with the
8484 existing buffer API so replacement can occur incrementally.
8485
8486 With and ok markus@
8487
8488 Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
8489 Dempsky and Ron Bowes for a detailed review.
8490
8491commit 380948180f847a26f2d0c85b4dad3dca2ed2fd8b
8492Author: Damien Miller <djm@mindrot.org>
8493Date: Thu May 15 14:25:18 2014 +1000
8494
8495 - dtucker@cvs.openbsd.org 2014/04/29 20:36:51
8496 [sftp.c]
8497 Don't attempt to append a nul quote char to the filename. Should prevent
8498 fatal'ing with "el_insertstr failed" when there's a single quote char
8499 somewhere in the string. bz#2238, ok markus@
8500
8501commit d7fd8bedd4619a2ec7fd02aae4c4e1db4431ad9f
8502Author: Damien Miller <djm@mindrot.org>
8503Date: Thu May 15 14:24:59 2014 +1000
8504
8505 - dtucker@cvs.openbsd.org 2014/04/29 19:58:50
8506 [sftp.c]
8507 Move nulling of variable next to where it's freed. ok markus@
8508
8509commit 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14
8510Author: Damien Miller <djm@mindrot.org>
8511Date: Thu May 15 14:24:09 2014 +1000
8512
8513 - markus@cvs.openbsd.org 2014/04/29 18:01:49
8514 [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
8515 [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
8516 [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
8517 [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
8518 make compiling against OpenSSL optional (make OPENSSL=no);
8519 reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
8520 allows us to explore further options; with and ok djm
8521
8522commit c5893785564498cea73cb60d2cf199490483e080
8523Author: Damien Miller <djm@mindrot.org>
8524Date: Thu May 15 13:48:49 2014 +1000
8525
8526 - djm@cvs.openbsd.org 2014/04/29 13:10:30
8527 [clientloop.c serverloop.c]
8528 bz#1818 - don't send channel success/failre replies on channels that
8529 have sent a close already; analysis and patch from Simon Tatham;
8530 ok markus@
8531
8532commit 633de33b192d808d87537834c316dc8b75fe1880
8533Author: Damien Miller <djm@mindrot.org>
8534Date: Thu May 15 13:48:26 2014 +1000
8535
8536 - djm@cvs.openbsd.org 2014/04/28 03:09:18
8537 [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
8538 [ssh-keygen.c]
8539 buffer_get_string_ptr's return should be const to remind
8540 callers that futzing with it will futz with the actual buffer
8541 contents
8542
8543commit 15271907843e4ae50dcfc83b3594014cf5e9607b
8544Author: Damien Miller <djm@mindrot.org>
8545Date: Thu May 15 13:47:56 2014 +1000
8546
8547 - djm@cvs.openbsd.org 2014/04/23 12:42:34
8548 [readconf.c]
8549 don't record duplicate IdentityFiles
8550
8551commit 798a02568b13a2e46efebd81f08c8f4bb33a6dc7
8552Author: Damien Miller <djm@mindrot.org>
8553Date: Thu May 15 13:47:37 2014 +1000
8554
8555 - jmc@cvs.openbsd.org 2014/04/22 14:16:30
8556 [sftp.1]
8557 zap eol whitespace;
8558
8559commit d875ff78d2b8436807381051de112f0ebf9b9ae1
8560Author: Damien Miller <djm@mindrot.org>
8561Date: Thu May 15 13:47:15 2014 +1000
8562
8563 - logan@cvs.openbsd.org 2014/04/22 12:42:04
8564 [sftp.1]
8565 Document sftp upload resume.
8566 OK from djm@, with feedback from okan@.
8567
8568commit b15cd7bb097fd80dc99520f45290ef775da1ef19
8569Author: Damien Miller <djm@mindrot.org>
8570Date: Thu May 15 13:46:52 2014 +1000
8571
8572 - logan@cvs.openbsd.org 2014/04/22 10:07:12
8573 [sftp.c]
8574 Sort the sftp command list.
8575 OK from djm@
8576
8577commit d8accc0aa72656ba63d50937165c5ae49db1dcd6
8578Author: Damien Miller <djm@mindrot.org>
8579Date: Thu May 15 13:46:25 2014 +1000
8580
8581 - logan@cvs.openbsd.org 2014/04/21 14:36:16
8582 [sftp-client.c sftp-client.h sftp.c]
8583 Implement sftp upload resume support.
8584 OK from djm@, with input from guenther@, mlarkin@ and
8585 okan@
8586
8587commit 16cd3928a87d20c77b13592a74b60b08621d3ce6
8588Author: Damien Miller <djm@mindrot.org>
8589Date: Thu May 15 13:45:58 2014 +1000
8590
8591 - logan@cvs.openbsd.org 2014/04/20 09:24:26
8592 [dns.c dns.h ssh-keygen.c]
8593 Add support for SSHFP DNS records for ED25519 key types.
8594 OK from djm@
8595
8596commit ec0b67eb3b4e12f296ced1fafa01860c374f7eea
8597Author: Damien Miller <djm@mindrot.org>
8598Date: Thu May 15 13:45:26 2014 +1000
8599
8600 - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine
8601 OpenBSD
8602
8603commit f028460d0b2e5a584355321015cde69bf6fd933e
8604Author: Darren Tucker <dtucker@zip.com.au>
8605Date: Thu May 1 02:24:35 2014 +1000
8606
8607 - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already
8608 have it. Only attempt to use __attribute__(__bounded__) for gcc.
8609
8610commit b628cc4c3e4a842bab5e4584d18c2bc5fa4d0edf
8611Author: Damien Miller <djm@mindrot.org>
8612Date: Sun Apr 20 13:33:58 2014 +1000
8613
8614 - djm@cvs.openbsd.org 2014/04/20 02:49:32
8615 [compat.c]
8616 add a canonical 6.6 + curve25519 bignum fix fake version that I can
8617 recommend people use ahead of the openssh-6.7 release
8618
8619commit 888566913933a802f3a329ace123ebcb7154cf78
8620Author: Damien Miller <djm@mindrot.org>
8621Date: Sun Apr 20 13:33:19 2014 +1000
8622
8623 - djm@cvs.openbsd.org 2014/04/20 02:30:25
8624 [misc.c misc.h umac.c]
8625 use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
8626 strict-alignment architectures; reported by and ok stsp@
8627
8628commit 16f85cbc7e5139950e6a38317e7c8b368beafa5d
8629Author: Damien Miller <djm@mindrot.org>
8630Date: Sun Apr 20 13:29:28 2014 +1000
8631
8632 - tedu@cvs.openbsd.org 2014/04/19 18:42:19
8633 [ssh.1]
8634 delete .xr to hosts.equiv. there's still an unfortunate amount of
8635 documentation referring to rhosts equivalency in here.
8636
8637commit 69cb24b7356ec3f0fc5ff04a68f98f2c55c766f4
8638Author: Damien Miller <djm@mindrot.org>
8639Date: Sun Apr 20 13:29:06 2014 +1000
8640
8641 - tedu@cvs.openbsd.org 2014/04/19 18:15:16
8642 [sshd.8]
8643 remove some really old rsh references
8644
8645commit 84c1e7bca8c4ceaccf4d5557e39a833585a3c77e
8646Author: Damien Miller <djm@mindrot.org>
8647Date: Sun Apr 20 13:27:53 2014 +1000
8648
8649 - tedu@cvs.openbsd.org 2014/04/19 14:53:48
8650 [ssh-keysign.c sshd.c]
8651 Delete futile calls to RAND_seed. ok djm
8652 NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
8653
8654commit 0e6b67423b8662f9ca4c92750309e144fd637ef1
8655Author: Damien Miller <djm@mindrot.org>
8656Date: Sun Apr 20 13:27:01 2014 +1000
8657
8658 - djm@cvs.openbsd.org 2014/04/19 05:54:59
8659 [compat.c]
8660 missing wildcard; pointed out by naddy@
8661
8662commit 9395b28223334826837c15e8c1bb4dfb3b0d2ca5
8663Author: Damien Miller <djm@mindrot.org>
8664Date: Sun Apr 20 13:25:30 2014 +1000
8665
8666 - djm@cvs.openbsd.org 2014/04/18 23:52:25
8667 [compat.c compat.h sshconnect2.c sshd.c version.h]
8668 OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
8669 using the curve25519-sha256@libssh.org KEX exchange method to fail
8670 when connecting with something that implements the spec properly.
8671
8672 Disable this KEX method when speaking to one of the affected
8673 versions.
8674
8675 reported by Aris Adamantiadis; ok markus@
8676
8677commit 8c492da58f8ceb85cf5f7066f23e26fb813a963d
8678Author: Damien Miller <djm@mindrot.org>
8679Date: Sun Apr 20 13:25:09 2014 +1000
8680
8681 - djm@cvs.openbsd.org 2014/04/16 23:28:12
8682 [ssh-agent.1]
8683 remove the identity files from this manpage - ssh-agent doesn't deal
8684 with them at all and the same information is duplicated in ssh-add.1
8685 (which does deal with them); prodded by deraadt@
8686
8687commit adbfdbbdccc70c9bd70d81ae096db115445c6e26
8688Author: Damien Miller <djm@mindrot.org>
8689Date: Sun Apr 20 13:24:49 2014 +1000
8690
8691 - djm@cvs.openbsd.org 2014/04/16 23:22:45
8692 [bufaux.c]
8693 skip leading zero bytes in buffer_put_bignum2_from_string();
8694 reported by jan AT mojzis.com; ok markus@
8695
8696commit 75c62728dc87af6805696eeb520b9748faa136c8
8697Author: Damien Miller <djm@mindrot.org>
8698Date: Sun Apr 20 13:24:31 2014 +1000
8699
8700 - djm@cvs.openbsd.org 2014/04/12 04:55:53
8701 [sshd.c]
8702 avoid crash at exit: check that pmonitor!=NULL before dereferencing;
8703 bz#2225, patch from kavi AT juniper.net
8704
8705commit 2a328437fb1b0976f2f4522d8645803d5a5d0967
8706Author: Damien Miller <djm@mindrot.org>
8707Date: Sun Apr 20 13:24:01 2014 +1000
8708
8709 - djm@cvs.openbsd.org 2014/04/01 05:32:57
8710 [packet.c]
8711 demote a debug3 to PACKET_DEBUG; ok markus@
8712
8713commit 7d6a9fb660c808882d064e152d6070ffc3844c3f
8714Author: Damien Miller <djm@mindrot.org>
8715Date: Sun Apr 20 13:23:43 2014 +1000
8716
8717 - djm@cvs.openbsd.org 2014/04/01 03:34:10
8718 [sshconnect.c]
8719 When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any
8720 certificate keys to plain keys and attempt SSHFP resolution.
8721
8722 Prevents a server from skipping SSHFP lookup and forcing a new-hostkey
8723 dialog by offering only certificate keys.
8724
8725 Reported by mcv21 AT cam.ac.uk
8726
8727commit fcd62c0b66b8415405ed0af29c236329eb88cc0f
8728Author: Damien Miller <djm@mindrot.org>
8729Date: Sun Apr 20 13:23:21 2014 +1000
8730
8731 - djm@cvs.openbsd.org 2014/04/01 02:05:27
8732 [ssh-keysign.c]
8733 include fingerprint of key not found
8734 use arc4random_buf() instead of loop+arc4random()
8735
8736commit 43b156cf72f900f88065b0a1c1ebd09ab733ca46
8737Author: Damien Miller <djm@mindrot.org>
8738Date: Sun Apr 20 13:23:03 2014 +1000
8739
8740 - jmc@cvs.openbsd.org 2014/03/31 13:39:34
8741 [ssh-keygen.1]
8742 the text for the -K option was inserted in the wrong place in -r1.108;
8743 fix From: Matthew Clarke
8744
8745commit c1621c84f2dc1279065ab9fde2aa9327af418900
8746Author: Damien Miller <djm@mindrot.org>
8747Date: Sun Apr 20 13:22:46 2014 +1000
8748
8749 - naddy@cvs.openbsd.org 2014/03/28 05:17:11
8750 [ssh_config.5 sshd_config.5]
8751 sync available and default algorithms, improve algorithm list formatting
8752 help from jmc@ and schwarze@, ok deraadt@
8753
8754commit f2719b7c2b8a3b14d778d8a6d8dc729b5174b054
8755Author: Damien Miller <djm@mindrot.org>
8756Date: Sun Apr 20 13:22:18 2014 +1000
8757
8758 - tedu@cvs.openbsd.org 2014/03/26 19:58:37
8759 [sshd.8 sshd.c]
8760 remove libwrap support. ok deraadt djm mfriedl
8761
8762commit 4f40209aa4060b9c066a2f0d9332ace7b8dfb391
8763Author: Damien Miller <djm@mindrot.org>
8764Date: Sun Apr 20 13:21:22 2014 +1000
8765
8766 - djm@cvs.openbsd.org 2014/03/26 04:55:35
8767 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
8768 [misc.h poly1305.h ssh-pkcs11.c]
8769 use __bounded(...) attribute recently added to sys/cdefs.h instead of
8770 longform __attribute__(__bounded(...));
8771
8772 for brevity and a warning free compilation with llvm/clang
8773
8774commit 9235a030ad1b16903fb495d81544e0f7c7449523
8775Author: Damien Miller <djm@mindrot.org>
8776Date: Sun Apr 20 13:17:20 2014 +1000
8777
8778 Three commits in one (since they touch the same heavily-diverged file
8779 repeatedly):
8780
8781 - markus@cvs.openbsd.org 2014/03/25 09:40:03
8782 [myproposal.h]
8783 trimm default proposals.
8784
8785 This commit removes the weaker pre-SHA2 hashes, the broken ciphers
8786 (arcfour), and the broken modes (CBC) from the default configuration
8787 (the patch only changes the default, all the modes are still available
8788 for the config files).
8789
8790 ok djm@, reminded by tedu@ & naddy@ and discussed with many
8791 - deraadt@cvs.openbsd.org 2014/03/26 17:16:26
8792 [myproposal.h]
8793 The current sharing of myproposal[] between both client and server code
8794 makes the previous diff highly unpallatable. We want to go in that
8795 direction for the server, but not for the client. Sigh.
8796 Brought up by naddy.
8797 - markus@cvs.openbsd.org 2014/03/27 23:01:27
8798 [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
8799 disable weak proposals in sshd, but keep them in ssh; ok djm@
8800
8801commit 6e1777f592f15f4559728c78204617537b1ac076
8802Author: Damien Miller <djm@mindrot.org>
8803Date: Sun Apr 20 13:02:58 2014 +1000
8804
8805 - tedu@cvs.openbsd.org 2014/03/19 14:42:44
8806 [scp.1]
8807 there is no need for rcp anymore
8808 ok deraadt millert
8809
8810commit eb1b7c514d2a7b1802ccee8cd50e565a4d419887
8811Author: Damien Miller <djm@mindrot.org>
8812Date: Sun Apr 20 13:02:26 2014 +1000
8813
8814 - tedu@cvs.openbsd.org 2014/03/17 19:44:10
8815 [ssh.1]
8816 old descriptions of des and blowfish are old. maybe ok deraadt
8817
8818commit f0858de6e1324ec730752387074b111b8551081e
8819Author: Damien Miller <djm@mindrot.org>
8820Date: Sun Apr 20 13:01:30 2014 +1000
8821
8822 - deraadt@cvs.openbsd.org 2014/03/15 17:28:26
8823 [ssh-agent.c ssh-keygen.1 ssh-keygen.c]
8824 Improve usage() and documentation towards the standard form.
8825 In particular, this line saves a lot of man page reading time.
8826 usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
8827 [-N new_passphrase] [-C comment] [-f output_keyfile]
8828 ok schwarze jmc
8829
8830commit 94bfe0fbd6e91a56b5b0ab94ac955d2a67d101aa
8831Author: Damien Miller <djm@mindrot.org>
8832Date: Sun Apr 20 13:00:51 2014 +1000
8833
8834 - naddy@cvs.openbsd.org 2014/03/12 13:06:59
8835 [ssh-keyscan.1]
8836 scan for Ed25519 keys by default too
8837
8838commit 3819519288b2b3928c6882f5883b0f55148f4fc0
8839Author: Damien Miller <djm@mindrot.org>
8840Date: Sun Apr 20 13:00:28 2014 +1000
8841
8842 - djm@cvs.openbsd.org 2014/03/12 04:51:12
8843 [authfile.c]
8844 correct test that kdf name is not "none" or "bcrypt"
8845
8846commit 8f9cd709c7cf0655d414306a0ed28306b33802be
8847Author: Damien Miller <djm@mindrot.org>
8848Date: Sun Apr 20 13:00:11 2014 +1000
8849
8850 - djm@cvs.openbsd.org 2014/03/12 04:50:32
8851 [auth-bsdauth.c ssh-keygen.c]
8852 don't count on things that accept arguments by reference to clear
8853 things for us on error; most things do, but it's unsafe form.
8854
8855commit 1c7ef4be83f6dec84509a312518b9df00ab491d9
8856Author: Damien Miller <djm@mindrot.org>
8857Date: Sun Apr 20 12:59:46 2014 +1000
8858
8859 - djm@cvs.openbsd.org 2014/03/12 04:44:58
8860 [ssh-keyscan.c]
8861 scan for Ed25519 keys by default too
8862
8863commit c10bf4d051c97939b30a1616c0499310057d07da
8864Author: Damien Miller <djm@mindrot.org>
8865Date: Sun Apr 20 12:58:04 2014 +1000
8866
8867 - djm@cvs.openbsd.org 2014/03/03 22:22:30
8868 [session.c]
8869 ignore enviornment variables with embedded '=' or '\0' characters;
8870 spotted by Jann Horn; ok deraadt@
8871 Id sync only - portable already has this.
8872
8873commit c2e49062faccbcd7135c40d1c78c5c329c58fc2e
8874Author: Damien Miller <djm@mindrot.org>
8875Date: Tue Apr 1 14:42:46 2014 +1100
8876
8877 - (djm) Use full release (e.g. 6.5p1) in debug output rather than just
8878 version. From des@des.no
8879
8880commit 14928b7492abec82afa4c2b778fc03f78cd419b6
8881Author: Damien Miller <djm@mindrot.org>
8882Date: Tue Apr 1 14:38:07 2014 +1100
8883
8884 - (djm) On platforms that support it, use prctl() to prevent sftp-server
8885 from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
8886
8887commit 48abc47e60048461fe9117e108a7e99ea1ac2bb8
8888Author: Damien Miller <djm@mindrot.org>
8889Date: Mon Mar 17 14:45:56 2014 +1100
8890
8891 - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to
8892 remind myself to add sandbox violation logging via the log socket.
8893
8894commit 9c36698ca2f554ec221dc7ef29c7a89e97c88705
8895Author: Tim Rice <tim@multitalents.net>
8896Date: Fri Mar 14 12:45:01 2014 -0700
8897
8898 20140314
8899 - (tim) [opensshd.init.in] Add support for ed25519
8900
8901commit 19158b2447e35838d69b2b735fb640d1e86061ea
8902Author: Damien Miller <djm@mindrot.org>
8903Date: Thu Mar 13 13:14:21 2014 +1100
8904
8905 - (djm) Release OpenSSH 6.6