* New upstream release (http://www.openssh.org/txt/release-5.9).

- Introduce sandboxing of the pre-auth privsep child using an optional sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform. - Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt. - The pre-authentication sshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot (closes: #75043, #429243, #599240). - ssh(1) now warns when a server refuses X11 forwarding (closes: #504757). - sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by whitespace (closes: #76312). The authorized_keys2 fallback is deprecated but documented (closes: #560156). - ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4 ToS/DSCP (closes: #498297). - ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add - < /path/to/key" (closes: #229124). - Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691). - Say "required" rather than "recommended" in unprotected-private-key warning (LP: #663455).
author: Colin Watson <cjwatson@debian.org> 2011-09-06 14:56:29 +0100
committer: Colin Watson <cjwatson@debian.org> 2011-09-06 14:56:29 +0100
commit: 978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch)
tree: 89400a44e42d84937deba7864e4964d6c7734da5 /openbsd-compat
parent: 87c685b8c6a49814fd782288097b3093f975aa72 (diff)
parent: 3a7e89697ca363de0f64e0d5704c57219294e41c (diff)
7 files changed, 33 insertions, 34 deletions
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index e9fa3a0e2..9eedc88d2 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com>
+ * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -34,9 +34,6 @@
 #if defined(open) && open == binary_open
 # undef open
 #endif
-#if defined(pipe) && open == binary_pipe
-# undef pipe
-#endif
 #include <sys/types.h>
@@ -59,18 +56,6 @@ binary_open(const char *filename, int flags, ...)
        return (open(filename, flags | O_BINARY, mode));
 }
-int 
-binary_pipe(int fd[2])
-{
-        int ret = pipe(fd);
-        if (!ret) {
-                setmode(fd[0], O_BINARY);
-                setmode(fd[1], O_BINARY);
-        }
-        return (ret);
-}
 int
 check_ntsec(const char *filename)
 {
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 39b8eb788..48f64b740 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -1,7 +1,7 @@
-/* $Id: bsd-cygwin_util.h,v 1.12 2009/03/08 00:40:28 dtucker Exp $ */
+/* $Id: bsd-cygwin_util.h,v 1.13 2011/08/17 01:31:09 djm Exp $ */
 /*
- * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com>
+ * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -41,13 +41,11 @@
 #include <io.h>
 int binary_open(const char *, int , ...);
-int binary_pipe(int fd[2]);
 int check_ntsec(const char *);
 char **fetch_windows_environment(void);
 void free_windows_environment(char **);
 #define open binary_open
-#define pipe binary_pipe
 #endif /* HAVE_CYGWIN */
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index b617fdf19..5189cab61 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.c,v 1.13 2011/01/21 22:37:06 dtucker Exp $ */
+/* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */
 /*
 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -134,9 +134,9 @@ RSA_get_default_method(void)
 #ifdef  USE_OPENSSL_ENGINE
 void
-ssh_SSLeay_add_all_algorithms(void)
+ssh_OpenSSL_add_all_algorithms(void)
 {
-        SSLeay_add_all_algorithms();
+        OpenSSL_add_all_algorithms();
        /* Enable use of crypto hardware */
        ENGINE_load_builtin_engines();
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 6d4f3f215..c5fc24eb4 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.18 2011/01/21 22:37:06 dtucker Exp $ */
+/* $Id: openssl-compat.h,v 1.19 2011/05/10 01:13:38 dtucker Exp $ */
 /*
 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -106,10 +106,10 @@ RSA_METHOD *RSA_get_default_method(void);
 #  endif
 # ifdef USE_OPENSSL_ENGINE
-#  ifdef SSLeay_add_all_algorithms
+#  ifdef OpenSSL_add_all_algorithms
-#   undef SSLeay_add_all_algorithms
+#   undef OpenSSL_add_all_algorithms
 #  endif
-#  define SSLeay_add_all_algorithms()  ssh_SSLeay_add_all_algorithms()
+#  define OpenSSL_add_all_algorithms()  ssh_OpenSSL_add_all_algorithms()
 # endif
 # ifndef HAVE_BN_IS_PRIME_EX
@@ -129,6 +129,6 @@ int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
    unsigned char *, int);
 int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
 int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
-void ssh_SSLeay_add_all_algorithms(void);
+void ssh_OpenSSL_add_all_algorithms(void);
 #endif  /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index dc8b1fa55..ef91e4446 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
-/* $Id: port-linux.c,v 1.11.4.2 2011/02/04 00:43:08 djm Exp $ */
+/* $Id: port-linux.c,v 1.16 2011/08/29 06:09:57 djm Exp $ */
 /*
 * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -44,6 +44,10 @@
 #include <selinux/flask.h>
 #include <selinux/get_context_list.h>
+#ifndef SSH_SELINUX_UNCONFINED_TYPE
+# define SSH_SELINUX_UNCONFINED_TYPE ":unconfined_t:"
+#endif
 /* Wrapper around is_selinux_enabled() to log its return value once only */
 int
 ssh_selinux_enabled(void)
@@ -190,12 +194,13 @@ ssh_selinux_change_context(const char *newname)
 {
        int len, newlen;
        char *oldctx, *newctx, *cx;
+        void (*switchlog) (const char *fmt,...) = logit;
        if (!ssh_selinux_enabled())
                return;
        if (getcon((security_context_t *)&oldctx) < 0) {
-                logit("%s: getcon failed with %s", __func__, strerror (errno));
+                logit("%s: getcon failed with %s", __func__, strerror(errno));
                return;
        }
        if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) ==
@@ -204,6 +209,14 @@ ssh_selinux_change_context(const char *newname)
                return;
        }
+        /*
+         * Check whether we are attempting to switch away from an unconfined
+         * security context.
+         */
+        if (strncmp(cx, SSH_SELINUX_UNCONFINED_TYPE,
+            sizeof(SSH_SELINUX_UNCONFINED_TYPE) - 1) == 0)
+                switchlog = debug3;
        newlen = strlen(oldctx) + strlen(newname) + 1;
        newctx = xmalloc(newlen);
        len = cx - oldctx + 1;
@@ -211,10 +224,11 @@ ssh_selinux_change_context(const char *newname)
        strlcpy(newctx + len, newname, newlen - len);
        if ((cx = index(cx + 1, ':')))
                strlcat(newctx, cx, newlen);
-        debug3("%s: setting context from '%s' to '%s'", __func__, oldctx,
+        debug3("%s: setting context from '%s' to '%s'", __func__,
-            newctx);
+            oldctx, newctx);
        if (setcon(newctx) < 0)
-                logit("%s: setcon failed with %s", __func__, strerror (errno));
+                switchlog("%s: setcon %s from %s failed with %s", __func__,
+                    newctx, oldctx, strerror(errno));
        xfree(oldctx);
        xfree(newctx);
 }
diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h
index 3804fa2d1..80ce13ad9 100644
--- a/openbsd-compat/port-linux.h
+++ b/openbsd-compat/port-linux.h
@@ -1,4 +1,4 @@
-/* $Id: port-linux.h,v 1.4.10.1 2011/02/04 00:42:21 djm Exp $ */
+/* $Id: port-linux.h,v 1.5 2011/01/25 01:16:18 djm Exp $ */
 /*
 * Copyright (c) 2006 Damien Miller <djm@openbsd.org>
diff --git a/openbsd-compat/regress/closefromtest.c b/openbsd-compat/regress/closefromtest.c
index 145b09d7b..82ffeb9a7 100644
--- a/openbsd-compat/regress/closefromtest.c
+++ b/openbsd-compat/regress/closefromtest.c
@@ -24,6 +24,8 @@
 #define NUM_OPENS 10
+int closefrom(int);
 void
 fail(char *msg)
 {
author	Colin Watson <cjwatson@debian.org>	2011-09-06 14:56:29 +0100
committer	Colin Watson <cjwatson@debian.org>	2011-09-06 14:56:29 +0100
commit	978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch)
tree	89400a44e42d84937deba7864e4964d6c7734da5 /openbsd-compat
parent	87c685b8c6a49814fd782288097b3093f975aa72 (diff)
parent	3a7e89697ca363de0f64e0d5704c57219294e41c (diff)