summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog3818
1 files changed, 0 insertions, 3818 deletions
diff --git a/ChangeLog b/ChangeLog
deleted file mode 100644
index 94e8dd47b..000000000
--- a/ChangeLog
+++ /dev/null
@@ -1,3818 +0,0 @@
120131006
2 - (djm) Release OpenSSH-6.7
3
420141003
5 - (djm) [sshd_config.5] typo; from Iain Morgan
6
720141001
8 - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]
9 [openbsd-compat/openbsd-compat.h] Kludge around bad glibc
10 _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets;
11 ok dtucker@
12
1320140910
14 - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;
15 patch from Felix von Leitner; ok dtucker
16
1720140908
18 - (dtucker) [INSTALL] Update info about egd. ok djm@
19
2020140904
21 - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG
22
2320140903
24 - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and
25 conditionalise to avoid duplicate definition.
26 - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to
27 permissions/ACLs; from Corinna Vinschen
28
2920140830
30 - (djm) [openbsd-compat/openssl-compat.h] add
31 OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
32 - (djm) [misc.c] Missing newline between functions
33 - (djm) [openbsd-compat/openssl-compat.h] add include guard
34 - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@
35
3620140827
37 - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
38 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
39 [regress/unittests/sshkey/common.c]
40 [regress/unittests/sshkey/test_file.c]
41 [regress/unittests/sshkey/test_fuzz.c]
42 [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
43 on !ECC OpenSSL systems
44 - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth
45 monitor, not preauth; bz#2263
46 - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
47 using memset_s() where possible; improve fallback to indirect bzero
48 via a volatile pointer to give it more of a chance to avoid being
49 optimised away.
50
5120140825
52 - (djm) [bufec.c] Skip this file on !ECC OpenSSL
53 - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,
54 update OpenSSL version requirement.
55
5620140824
57 - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not
58 PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
59
6020140823
61 - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on
62 lastlog writing on platforms with high UIDs; bz#2263
63 - (djm) [configure.ac] We now require a working vsnprintf everywhere (not
64 just for systems that lack asprintf); check for it always and extend
65 test to catch more brokenness. Fixes builds on Solaris <= 9
66
6720140822
68 - (djm) [configure.ac] include leading zero characters in OpenSSL version
69 number; fixes test for unsupported versions
70 - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC
71 - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/
72 definition mismatch) and warning for broken/missing snprintf case.
73 - (djm) [configure.ac] double braces to appease autoconf
74
7520140821
76 - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.
77 - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL
78 - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
79 don't set __progname. Diagnosed by Tom Christensen.
80
8120140820
82 - (djm) [configure.ac] Check OpenSSL version is supported at configure time;
83 suggested by Kevin Brott
84 - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than
85 -L/-l; fixes linking problems on some platforms
86 - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC
87 - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna
88
8920140819
90 - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen
91 - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.
92 - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG
93 - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]
94 [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions
95 of TCP wrappers.
96
9720140811
98 - (djm) [myproposal.h] Make curve25519 KEX dependent on
99 HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
100
10120140810
102 - (djm) [README contrib/caldera/openssh.spec]
103 [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
104
10520140801
106 - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
107 a better solution, but this will have to do for now.
108 - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin
109 is closed; avoid regress failures when stdin is /dev/null
110 - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate
111 nc from stdin, it's more portable
112
11320140730
114 - OpenBSD CVS Sync
115 - millert@cvs.openbsd.org 2014/07/24 22:57:10
116 [ssh.1]
117 Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@
118 - dtucker@cvs.openbsd.org 2014/07/25 21:22:03
119 [ssh-agent.c]
120 Clear buffer used for handling messages. This prevents keys being
121 left in memory after they have been expired or deleted in some cases
122 (but note that ssh-agent is setgid so you would still need root to
123 access them). Pointed out by Kevin Burns, ok deraadt
124 - schwarze@cvs.openbsd.org 2014/07/28 15:40:08
125 [sftp-server.8 sshd_config.5]
126 some systems no longer need /dev/log;
127 issue noticed by jirib;
128 ok deraadt
129
13020140725
131 - (djm) [regress/multiplex.sh] restore incorrectly deleted line;
132 pointed out by Christian Hesse
133
13420140722
135 - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;
136 put it back
137 - (djm) [regress/multiplex.sh] change the test for still-open Unix
138 domain sockets to be robust against nc implementations that produce
139 error messages.
140 - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
141 specific tests inside OPENSSL_HAS_ECC.
142 - (dtucker) OpenBSD CVS Sync
143 - dtucker@cvs.openbsd.org 2014/07/22 01:18:50
144 [key.c]
145 Prevent spam from key_load_private_pem during hostbased auth. ok djm@
146 - guenther@cvs.openbsd.org 2014/07/22 07:13:42
147 [umac.c]
148 Convert from <sys/endian.h> to the shiney new <endian.h>
149 ok dtucker@, who also confirmed that -portable handles this already
150 (ID sync only, includes.h pulls in endian.h if available.)
151 - djm@cvs.openbsd.org 2014/07/22 01:32:12
152 [regress/multiplex.sh]
153 change the test for still-open Unix domain sockets to be robust against
154 nc implementations that produce error messages. from -portable
155 (Id sync only)
156 - dtucker@cvs.openbsd.org 2014/07/22 23:23:22
157 [regress/unittests/sshkey/mktestdata.sh]
158 Sign test certs with ed25519 instead of ecdsa so that they'll work in
159 -portable on platforms that don't have ECDSA in their OpenSSL. ok djm
160 - dtucker@cvs.openbsd.org 2014/07/22 23:57:40
161 [regress/unittests/sshkey/mktestdata.sh]
162 Add $OpenBSD tag to make syncs easier
163 - dtucker@cvs.openbsd.org 2014/07/22 23:35:38
164 [regress/unittests/sshkey/testdata/*]
165 Regenerate test keys with certs signed with ed25519 instead of ecdsa.
166 These can be used in -portable on platforms that don't support ECDSA.
167
16820140721
169 - OpenBSD CVS Sync
170 - millert@cvs.openbsd.org 2014/07/15 15:54:15
171 [forwarding.sh multiplex.sh]
172 Add support for Unix domain socket forwarding. A remote TCP port
173 may be forwarded to a local Unix domain socket and vice versa or
174 both ends may be a Unix domain socket. This is a reimplementation
175 of the streamlocal patches by William Ahern from:
176 http://www.25thandclement.com/~william/projects/streamlocal.html
177 OK djm@ markus@
178 - (djm) [regress/multiplex.sh] Not all netcat accept the -N option.
179 - (dtucker) [sshkey.c] ifdef out unused variable when compiling without
180 OPENSSL_HAS_ECC.
181
18220140721
183 - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
184 needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
185 - (dtucker) [regress/unittests/sshkey/
186 {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in
187 ifdefs.
188
18920140719
190 - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
191 in servconf.h.
192
19320140718
194 - OpenBSD CVS Sync
195 - millert@cvs.openbsd.org 2014/07/15 15:54:14
196 [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
197 [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
198 [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
199 [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
200 [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
201 [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
202 [sshd_config.5 sshlogin.c]
203 Add support for Unix domain socket forwarding. A remote TCP port
204 may be forwarded to a local Unix domain socket and vice versa or
205 both ends may be a Unix domain socket. This is a reimplementation
206 of the streamlocal patches by William Ahern from:
207 http://www.25thandclement.com/~william/projects/streamlocal.html
208 OK djm@ markus@
209 - jmc@cvs.openbsd.org 2014/07/16 14:48:57
210 [ssh.1]
211 add the streamlocal* options to ssh's -o list; millert says they're
212 irrelevant for scp/sftp;
213 ok markus millert
214 - djm@cvs.openbsd.org 2014/07/17 00:10:56
215 [sandbox-systrace.c]
216 ifdef SYS_sendsyslog so this will compile without patching on -stable
217 - djm@cvs.openbsd.org 2014/07/17 00:10:18
218 [mux.c]
219 preserve errno across syscall
220 - djm@cvs.openbsd.org 2014/07/17 00:12:03
221 [key.c]
222 silence "incorrect passphrase" error spam; reported and ok dtucker@
223 - djm@cvs.openbsd.org 2014/07/17 07:22:19
224 [mux.c ssh.c]
225 reflect stdio-forward ("ssh -W host:port ...") failures in exit status.
226 previously we were always returning 0. bz#2255 reported by Brendan
227 Germain; ok dtucker
228 - djm@cvs.openbsd.org 2014/07/18 02:46:01
229 [ssh-agent.c]
230 restore umask around listener socket creation (dropped in streamlocal patch
231 merge)
232 - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used
233 in servconf.h.
234 - (dtucker) [Makefile.in] Add a t-exec target to run just the executable
235 tests.
236 - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC.
237
23820140717
239 - (djm) [digest-openssl.c] Preserve array order when disabling digests.
240 Reported by Petr Lautrbach.
241 - OpenBSD CVS Sync
242 - deraadt@cvs.openbsd.org 2014/07/11 08:09:54
243 [sandbox-systrace.c]
244 Permit use of SYS_sendsyslog from inside the sandbox. Clock is ticking,
245 update your kernels and sshd soon.. libc will start using sendsyslog()
246 in about 4 days.
247 - tedu@cvs.openbsd.org 2014/07/11 13:54:34
248 [myproposal.h]
249 by popular demand, add back hamc-sha1 to server proposal for better compat
250 with many clients still in use. ok deraadt
251
25220140715
253 - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto
254 has been located; fixes builds agains libressl-portable
255
25620140711
257 - OpenBSD CVS Sync
258 - benno@cvs.openbsd.org 2014/07/09 14:15:56
259 [ssh-add.c]
260 fix ssh-add crash while loading more than one key
261 ok markus@
262
26320140709
264 - OpenBSD CVS Sync
265 - djm@cvs.openbsd.org 2014/07/07 08:19:12
266 [ssh_config.5]
267 mention that ProxyCommand is executed using shell "exec" to avoid
268 a lingering process; bz#1977
269 - djm@cvs.openbsd.org 2014/07/09 01:45:10
270 [sftp.c]
271 more useful error message when GLOB_NOSPACE occurs;
272 bz#2254, patch from Orion Poplawski
273 - djm@cvs.openbsd.org 2014/07/09 03:02:15
274 [key.c]
275 downgrade more error() to debug() to better match what old authfile.c
276 did; suppresses spurious errors with hostbased authentication enabled
277 - djm@cvs.openbsd.org 2014/07/06 07:42:03
278 [multiplex.sh test-exec.sh]
279 add a hook to the cleanup() function to kill $SSH_PID if it is set
280
281 use it to kill the mux master started in multiplex.sh (it was being left
282 around on fatal failures)
283 - djm@cvs.openbsd.org 2014/07/07 08:15:26
284 [multiplex.sh]
285 remove forced-fatal that I stuck in there to test the new cleanup
286 logic and forgot to remove...
287
28820140706
289 - OpenBSD CVS Sync
290 - djm@cvs.openbsd.org 2014/07/03 23:18:35
291 [authfile.h]
292 remove leakmalloc droppings
293 - djm@cvs.openbsd.org 2014/07/05 23:11:48
294 [channels.c]
295 fix remote-forward cancel regression; ok markus@
296
29720140704
298 - OpenBSD CVS Sync
299 - jsing@cvs.openbsd.org 2014/07/03 12:42:16
300 [cipher-chachapoly.c]
301 Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this
302 makes it easier to verify that chacha_encrypt_bytes() is only called once
303 per chacha_ivsetup() call.
304 ok djm@
305 - djm@cvs.openbsd.org 2014/07/03 22:23:46
306 [sshconnect.c]
307 when rekeying, skip file/DNS lookup if it is the same as the key sent
308 during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@
309 - djm@cvs.openbsd.org 2014/07/03 22:33:41
310 [channels.c]
311 allow explicit ::1 and 127.0.0.1 forwarding bind addresses when
312 GatewayPorts=no; allows client to choose address family;
313 bz#2222 ok markus@
314 - djm@cvs.openbsd.org 2014/07/03 22:40:43
315 [servconf.c servconf.h session.c sshd.8 sshd_config.5]
316 Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
317 executed, mirroring the no-user-rc authorized_keys option;
318 bz#2160; ok markus@
319
32020140703
321 - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto
322 doesn't support it.
323 - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist;
324 bz#2237
325 - OpenBSD CVS Sync
326 - djm@cvs.openbsd.org 2014/07/03 01:45:38
327 [sshkey.c]
328 make Ed25519 keys' title fit properly in the randomart border; bz#2247
329 based on patch from Christian Hesse
330 - djm@cvs.openbsd.org 2014/07/03 03:11:03
331 [ssh-agent.c]
332 Only cleanup agent socket in the main agent process and not in any
333 subprocesses it may have started (e.g. forked askpass). Fixes
334 agent sockets being zapped when askpass processes fatal();
335 bz#2236 patch from Dmitry V. Levin
336 - djm@cvs.openbsd.org 2014/07/03 03:15:01
337 [ssh-add.c]
338 make stdout line-buffered; saves partial output getting lost when
339 ssh-add fatal()s part-way through (e.g. when listing keys from an
340 agent that supports key types that ssh-add doesn't);
341 bz#2234, reported by Phil Pennock
342 - djm@cvs.openbsd.org 2014/07/03 03:26:43
343 [digest-openssl.c]
344 use EVP_Digest() for one-shot hash instead of creating, updating,
345 finalising and destroying a context.
346 bz#2231, based on patch from Timo Teras
347 - djm@cvs.openbsd.org 2014/07/03 03:34:09
348 [gss-serv.c session.c ssh-keygen.c]
349 standardise on NI_MAXHOST for gethostname() string lengths; about
350 1/2 the cases were using it already. Fixes bz#2239 en passant
351 - djm@cvs.openbsd.org 2014/07/03 03:47:27
352 [ssh-keygen.c]
353 When hashing or removing hosts using ssh-keygen, don't choke on
354 @revoked markers and don't remove @cert-authority markers;
355 bz#2241, reported by mlindgren AT runelind.net
356 - djm@cvs.openbsd.org 2014/07/03 04:36:45
357 [digest.h]
358 forward-declare struct sshbuf so consumers don't need to include sshbuf.h
359 - djm@cvs.openbsd.org 2014/07/03 05:32:36
360 [ssh_config.5]
361 mention '%%' escape sequence in HostName directives and how it may
362 be used to specify IPv6 link-local addresses
363 - djm@cvs.openbsd.org 2014/07/03 05:38:17
364 [ssh.1]
365 document that -g will only work in the multiplexed case if applied to
366 the mux master
367 - djm@cvs.openbsd.org 2014/07/03 06:39:19
368 [ssh.c ssh_config.5]
369 Add a %C escape sequence for LocalCommand and ControlPath that expands
370 to a unique identifer based on a has of the tuple of (local host,
371 remote user, hostname, port).
372
373 Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
374 control paths.
375
376 bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
377 - jmc@cvs.openbsd.org 2014/07/03 07:45:27
378 [ssh_config.5]
379 escape %C since groff thinks it part of an Rs/Re block;
380 - djm@cvs.openbsd.org 2014/07/03 11:16:55
381 [auth.c auth.h auth1.c auth2.c]
382 make the "Too many authentication failures" message include the
383 user, source address, port and protocol in a format similar to the
384 authentication success / failure messages; bz#2199, ok dtucker
385
38620140702
387 - OpenBSD CVS Sync
388 - deraadt@cvs.openbsd.org 2014/06/13 08:26:29
389 [sandbox-systrace.c]
390 permit SYS_getentropy
391 from matthew
392 - matthew@cvs.openbsd.org 2014/06/18 02:59:13
393 [sandbox-systrace.c]
394 Now that we have a dedicated getentropy(2) system call for
395 arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace
396 sandbox.
397
398 ok djm
399 - naddy@cvs.openbsd.org 2014/06/18 15:42:09
400 [sshbuf-getput-crypto.c]
401 The ssh_get_bignum functions must accept the same range of bignums
402 the corresponding ssh_put_bignum functions create. This fixes the
403 use of 16384-bit RSA keys (bug reported by Eivind Evensen).
404 ok djm@
405 - djm@cvs.openbsd.org 2014/06/24 00:52:02
406 [krl.c]
407 fix bug in KRL generation: multiple consecutive revoked certificate
408 serial number ranges could be serialised to an invalid format.
409
410 Readers of a broken KRL caused by this bug will fail closed, so no
411 should-have-been-revoked key will be accepted.
412 - djm@cvs.openbsd.org 2014/06/24 01:13:21
413 [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
414 [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
415 [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
416 [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
417 [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
418 [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
419 [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
420 [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
421 [sshconnect2.c sshd.c sshkey.c sshkey.h
422 [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
423 New key API: refactor key-related functions to be more library-like,
424 existing API is offered as a set of wrappers.
425
426 with and ok markus@
427
428 Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
429 Dempsky and Ron Bowes for a detailed review a few months ago.
430 NB. This commit also removes portable OpenSSH support for OpenSSL
431 <0.9.8e.
432 - djm@cvs.openbsd.org 2014/06/24 02:19:48
433 [ssh.c]
434 don't fatal() when hostname canonicalisation fails with a
435 ProxyCommand in use; continue and allow the ProxyCommand to
436 connect anyway (e.g. to a host with a name outside the DNS
437 behind a bastion)
438 - djm@cvs.openbsd.org 2014/06/24 02:21:01
439 [scp.c]
440 when copying local->remote fails during read, don't send uninitialised
441 heap to the remote end. Reported by Jann Horn
442 - deraadt@cvs.openbsd.org 2014/06/25 14:16:09
443 [sshbuf.c]
444 unblock SIGSEGV before raising it
445 ok djm
446 - markus@cvs.openbsd.org 2014/06/27 16:41:56
447 [channels.c channels.h clientloop.c ssh.c]
448 fix remote fwding with same listen port but different listen address
449 with gerhard@, ok djm@
450 - markus@cvs.openbsd.org 2014/06/27 18:50:39
451 [ssh-add.c]
452 fix loading of private keys
453 - djm@cvs.openbsd.org 2014/06/30 12:54:39
454 [key.c]
455 suppress spurious error message when loading key with a passphrase;
456 reported by kettenis@ ok markus@
457 - djm@cvs.openbsd.org 2014/07/02 04:59:06
458 [cipher-3des1.c]
459 fix ssh protocol 1 on the server that regressed with the sshkey change
460 (sometimes fatal() after auth completed), make file return useful status
461 codes.
462 NB. Id sync only for these two. They were bundled into the sshkey merge
463 above, since it was easier to sync the entire file and then apply
464 portable-specific changed atop it.
465 - djm@cvs.openbsd.org 2014/04/30 05:32:00
466 [regress/Makefile]
467 unit tests for new buffer API; including basic fuzz testing
468 NB. Id sync only.
469 - djm@cvs.openbsd.org 2014/05/21 07:04:21
470 [regress/integrity.sh]
471 when failing because of unexpected output, show the offending output
472 - djm@cvs.openbsd.org 2014/06/24 01:04:43
473 [regress/krl.sh]
474 regress test for broken consecutive revoked serial number ranges
475 - djm@cvs.openbsd.org 2014/06/24 01:14:17
476 [Makefile.in regress/Makefile regress/unittests/Makefile]
477 [regress/unittests/sshkey/Makefile]
478 [regress/unittests/sshkey/common.c]
479 [regress/unittests/sshkey/common.h]
480 [regress/unittests/sshkey/mktestdata.sh]
481 [regress/unittests/sshkey/test_file.c]
482 [regress/unittests/sshkey/test_fuzz.c]
483 [regress/unittests/sshkey/test_sshkey.c]
484 [regress/unittests/sshkey/tests.c]
485 [regress/unittests/sshkey/testdata/dsa_1]
486 [regress/unittests/sshkey/testdata/dsa_1-cert.fp]
487 [regress/unittests/sshkey/testdata/dsa_1-cert.pub]
488 [regress/unittests/sshkey/testdata/dsa_1.fp]
489 [regress/unittests/sshkey/testdata/dsa_1.fp.bb]
490 [regress/unittests/sshkey/testdata/dsa_1.param.g]
491 [regress/unittests/sshkey/testdata/dsa_1.param.priv]
492 [regress/unittests/sshkey/testdata/dsa_1.param.pub]
493 [regress/unittests/sshkey/testdata/dsa_1.pub]
494 [regress/unittests/sshkey/testdata/dsa_1_pw]
495 [regress/unittests/sshkey/testdata/dsa_2]
496 [regress/unittests/sshkey/testdata/dsa_2.fp]
497 [regress/unittests/sshkey/testdata/dsa_2.fp.bb]
498 [regress/unittests/sshkey/testdata/dsa_2.pub]
499 [regress/unittests/sshkey/testdata/dsa_n]
500 [regress/unittests/sshkey/testdata/dsa_n_pw]
501 [regress/unittests/sshkey/testdata/ecdsa_1]
502 [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp]
503 [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub]
504 [regress/unittests/sshkey/testdata/ecdsa_1.fp]
505 [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb]
506 [regress/unittests/sshkey/testdata/ecdsa_1.param.curve]
507 [regress/unittests/sshkey/testdata/ecdsa_1.param.priv]
508 [regress/unittests/sshkey/testdata/ecdsa_1.param.pub]
509 [regress/unittests/sshkey/testdata/ecdsa_1.pub]
510 [regress/unittests/sshkey/testdata/ecdsa_1_pw]
511 [regress/unittests/sshkey/testdata/ecdsa_2]
512 [regress/unittests/sshkey/testdata/ecdsa_2.fp]
513 [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb]
514 [regress/unittests/sshkey/testdata/ecdsa_2.param.curve]
515 [regress/unittests/sshkey/testdata/ecdsa_2.param.priv]
516 [regress/unittests/sshkey/testdata/ecdsa_2.param.pub]
517 [regress/unittests/sshkey/testdata/ecdsa_2.pub]
518 [regress/unittests/sshkey/testdata/ecdsa_n]
519 [regress/unittests/sshkey/testdata/ecdsa_n_pw]
520 [regress/unittests/sshkey/testdata/ed25519_1]
521 [regress/unittests/sshkey/testdata/ed25519_1-cert.fp]
522 [regress/unittests/sshkey/testdata/ed25519_1-cert.pub]
523 [regress/unittests/sshkey/testdata/ed25519_1.fp]
524 [regress/unittests/sshkey/testdata/ed25519_1.fp.bb]
525 [regress/unittests/sshkey/testdata/ed25519_1.pub]
526 [regress/unittests/sshkey/testdata/ed25519_1_pw]
527 [regress/unittests/sshkey/testdata/ed25519_2]
528 [regress/unittests/sshkey/testdata/ed25519_2.fp]
529 [regress/unittests/sshkey/testdata/ed25519_2.fp.bb]
530 [regress/unittests/sshkey/testdata/ed25519_2.pub]
531 [regress/unittests/sshkey/testdata/pw]
532 [regress/unittests/sshkey/testdata/rsa1_1]
533 [regress/unittests/sshkey/testdata/rsa1_1.fp]
534 [regress/unittests/sshkey/testdata/rsa1_1.fp.bb]
535 [regress/unittests/sshkey/testdata/rsa1_1.param.n]
536 [regress/unittests/sshkey/testdata/rsa1_1.pub]
537 [regress/unittests/sshkey/testdata/rsa1_1_pw]
538 [regress/unittests/sshkey/testdata/rsa1_2]
539 [regress/unittests/sshkey/testdata/rsa1_2.fp]
540 [regress/unittests/sshkey/testdata/rsa1_2.fp.bb]
541 [regress/unittests/sshkey/testdata/rsa1_2.param.n]
542 [regress/unittests/sshkey/testdata/rsa1_2.pub]
543 [regress/unittests/sshkey/testdata/rsa_1]
544 [regress/unittests/sshkey/testdata/rsa_1-cert.fp]
545 [regress/unittests/sshkey/testdata/rsa_1-cert.pub]
546 [regress/unittests/sshkey/testdata/rsa_1.fp]
547 [regress/unittests/sshkey/testdata/rsa_1.fp.bb]
548 [regress/unittests/sshkey/testdata/rsa_1.param.n]
549 [regress/unittests/sshkey/testdata/rsa_1.param.p]
550 [regress/unittests/sshkey/testdata/rsa_1.param.q]
551 [regress/unittests/sshkey/testdata/rsa_1.pub]
552 [regress/unittests/sshkey/testdata/rsa_1_pw]
553 [regress/unittests/sshkey/testdata/rsa_2]
554 [regress/unittests/sshkey/testdata/rsa_2.fp]
555 [regress/unittests/sshkey/testdata/rsa_2.fp.bb]
556 [regress/unittests/sshkey/testdata/rsa_2.param.n]
557 [regress/unittests/sshkey/testdata/rsa_2.param.p]
558 [regress/unittests/sshkey/testdata/rsa_2.param.q]
559 [regress/unittests/sshkey/testdata/rsa_2.pub]
560 [regress/unittests/sshkey/testdata/rsa_n]
561 [regress/unittests/sshkey/testdata/rsa_n_pw]
562 unit and fuzz tests for new key API
563 - (djm) [sshkey.c] Conditionalise inclusion of util.h
564 - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test
565
56620140618
567 - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare
568
56920140617
570 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
571 openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
572 Move the OpenSSL header/library version test into its own function and add
573 tests for it. Fix it to allow fix version upgrades (but not downgrades).
574 Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
575 ok djm@ chl@
576
57720140616
578 - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via
579 OpenSMTPD and chl@
580
58120140612
582 - (dtucker) [configure.ac] Remove tcpwrappers support, support has already
583 been removed from sshd.c.
584
58520140611
586 - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from
587 openbsd-compat/bsd-asprintf.c.
588 - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*]
589 Wrap stdlib.h include an ifdef for platforms that don't have it.
590 - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for
591 u_intXX_t types.
592
59320140610
594 - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
595 regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256
596 curve tests if OpenSSL has them.
597 - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in
598 the proposal if the version of OpenSSL we're using doesn't support ECC.
599 - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef
600 ECC variable too.
601 - (dtucker) OpenBSD CVS Sync
602 - djm@cvs.openbsd.org 2014/06/05 22:17:50
603 [sshconnect2.c]
604 fix inverted test that caused PKCS#11 keys that were explicitly listed
605 not to be preferred. Reported by Dirk-Willem van Gulik
606 - dtucker@cvs.openbsd.org 2014/06/10 21:46:11
607 [sshbuf.h]
608 Group ECC functions together to make things a little easier in -portable.
609 "doesn't bother me" deraadt@
610 - (dtucker) [sshbuf.h] Only declare ECC functions if building without
611 OpenSSL or if OpenSSL has ECC.
612 - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an
613 assigment that might get optimized out. ok djm@
614 - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for
615 compat stuff, specifically whether or not OpenSSL has ECC.
616
61720140527
618 - (djm) [cipher.c] Fix merge botch.
619 - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config
620 from Corinna Vinschen, fixing a number of bugs and preparing for
621 Cygwin 1.7.30.
622 - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]
623 [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege
624 separation user at runtime, since it may need to be a domain account.
625 Patch from Corinna Vinschen.
626
62720140522
628 - (djm) [Makefile.in] typo in path
629
63020140521
631 - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use
632 vhangup on Linux. It doens't work for non-root users, and for them
633 it just messes up the tty settings.
634 - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC
635 when it is available. It takes into account time spent suspended,
636 thereby ensuring timeouts (e.g. for expiring agent keys) fire
637 correctly. bz#2228 reported by John Haxby
638
63920140519
640 - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine
641 OpenBSD
642 - OpenBSD CVS Sync
643 - logan@cvs.openbsd.org 2014/04/20 09:24:26
644 [dns.c dns.h ssh-keygen.c]
645 Add support for SSHFP DNS records for ED25519 key types.
646 OK from djm@
647 - logan@cvs.openbsd.org 2014/04/21 14:36:16
648 [sftp-client.c sftp-client.h sftp.c]
649 Implement sftp upload resume support.
650 OK from djm@, with input from guenther@, mlarkin@ and
651 okan@
652 - logan@cvs.openbsd.org 2014/04/22 10:07:12
653 [sftp.c]
654 Sort the sftp command list.
655 OK from djm@
656 - logan@cvs.openbsd.org 2014/04/22 12:42:04
657 [sftp.1]
658 Document sftp upload resume.
659 OK from djm@, with feedback from okan@.
660 - jmc@cvs.openbsd.org 2014/04/22 14:16:30
661 [sftp.1]
662 zap eol whitespace;
663 - djm@cvs.openbsd.org 2014/04/23 12:42:34
664 [readconf.c]
665 don't record duplicate IdentityFiles
666 - djm@cvs.openbsd.org 2014/04/28 03:09:18
667 [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
668 [ssh-keygen.c]
669 buffer_get_string_ptr's return should be const to remind
670 callers that futzing with it will futz with the actual buffer
671 contents
672 - djm@cvs.openbsd.org 2014/04/29 13:10:30
673 [clientloop.c serverloop.c]
674 bz#1818 - don't send channel success/failre replies on channels that
675 have sent a close already; analysis and patch from Simon Tatham;
676 ok markus@
677 - markus@cvs.openbsd.org 2014/04/29 18:01:49
678 [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
679 [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
680 [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
681 [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
682 make compiling against OpenSSL optional (make OPENSSL=no);
683 reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
684 allows us to explore further options; with and ok djm
685 - dtucker@cvs.openbsd.org 2014/04/29 19:58:50
686 [sftp.c]
687 Move nulling of variable next to where it's freed. ok markus@
688 - dtucker@cvs.openbsd.org 2014/04/29 20:36:51
689 [sftp.c]
690 Don't attempt to append a nul quote char to the filename. Should prevent
691 fatal'ing with "el_insertstr failed" when there's a single quote char
692 somewhere in the string. bz#2238, ok markus@
693 - djm@cvs.openbsd.org 2014/04/30 05:29:56
694 [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
695 [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
696 [ssherr.h]
697 New buffer API; the first installment of the conversion/replacement
698 of OpenSSH's internals to make them usable as a standalone library.
699
700 This includes a set of wrappers to make it compatible with the
701 existing buffer API so replacement can occur incrementally.
702
703 With and ok markus@
704
705 Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
706 Dempsky and Ron Bowes for a detailed review.
707 - naddy@cvs.openbsd.org 2014/04/30 19:07:48
708 [mac.c myproposal.h umac.c]
709 UMAC can use our local fallback implementation of AES when OpenSSL isn't
710 available. Glue code straight from Ted Krovetz's original umac.c.
711 ok markus@
712 - djm@cvs.openbsd.org 2014/05/02 03:27:54
713 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c]
714 [misc.h poly1305.h ssh-pkcs11.c defines.h]
715 revert __bounded change; it causes way more problems for portable than
716 it solves; pointed out by dtucker@
717 - markus@cvs.openbsd.org 2014/05/03 17:20:34
718 [monitor.c packet.c packet.h]
719 unbreak compression, by re-init-ing the compression code in the
720 post-auth child. the new buffer code is more strict, and requires
721 buffer_init() while the old code was happy after a bzero();
722 originally from djm@
723 - logan@cvs.openbsd.org 2014/05/05 07:02:30
724 [sftp.c]
725 Zap extra whitespace.
726
727 OK from djm@ and dtucker@
728 - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write
729 portability glue to support building without libcrypto
730 - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c]
731 [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes
732 - OpenBSD CVS Sync
733 - djm@cvs.openbsd.org 2014/03/13 20:44:49
734 [login-timeout.sh]
735 this test is a sorry mess of race conditions; add another sleep
736 to avoid a failure on slow machines (at least until I find a
737 better way)
738 - djm@cvs.openbsd.org 2014/04/21 22:15:37
739 [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh]
740 repair regress tests broken by server-side default cipher/kex/mac changes
741 by ensuring that the option under test is included in the server's
742 algorithm list
743 - dtucker@cvs.openbsd.org 2014/05/03 18:46:14
744 [proxy-connect.sh]
745 Add tests for with and without compression, with and without privsep.
746 - logan@cvs.openbsd.org 2014/05/04 10:40:59
747 [connect-privsep.sh]
748 Remove the Z flag from the list of malloc options as it
749 was removed from malloc.c 10 days ago.
750
751 OK from miod@
752 - (djm) [regress/unittests/Makefile]
753 [regress/unittests/Makefile.inc]
754 [regress/unittests/sshbuf/Makefile]
755 [regress/unittests/sshbuf/test_sshbuf.c]
756 [regress/unittests/sshbuf/test_sshbuf_fixed.c]
757 [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
758 [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
759 [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
760 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
761 [regress/unittests/sshbuf/test_sshbuf_misc.c]
762 [regress/unittests/sshbuf/tests.c]
763 [regress/unittests/test_helper/Makefile]
764 [regress/unittests/test_helper/fuzz.c]
765 [regress/unittests/test_helper/test_helper.c]
766 [regress/unittests/test_helper/test_helper.h]
767 Import new unit tests from OpenBSD; not yet hooked up to build.
768 - (djm) [regress/Makefile Makefile.in]
769 [regress/unittests/sshbuf/test_sshbuf.c
770 [regress/unittests/sshbuf/test_sshbuf_fixed.c]
771 [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
772 [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
773 [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
774 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
775 [regress/unittests/sshbuf/test_sshbuf_misc.c]
776 [regress/unittests/sshbuf/tests.c]
777 [regress/unittests/test_helper/fuzz.c]
778 [regress/unittests/test_helper/test_helper.c]
779 Hook new unit tests into the build and "make tests"
780 - (djm) [sshbuf.c] need __predict_false
781
78220140430
783 - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already
784 have it. Only attempt to use __attribute__(__bounded__) for gcc.
785
78620140420
787 - OpenBSD CVS Sync
788 - djm@cvs.openbsd.org 2014/03/03 22:22:30
789 [session.c]
790 ignore enviornment variables with embedded '=' or '\0' characters;
791 spotted by Jann Horn; ok deraadt@
792 Id sync only - portable already has this.
793 - djm@cvs.openbsd.org 2014/03/12 04:44:58
794 [ssh-keyscan.c]
795 scan for Ed25519 keys by default too
796 - djm@cvs.openbsd.org 2014/03/12 04:50:32
797 [auth-bsdauth.c ssh-keygen.c]
798 don't count on things that accept arguments by reference to clear
799 things for us on error; most things do, but it's unsafe form.
800 - djm@cvs.openbsd.org 2014/03/12 04:51:12
801 [authfile.c]
802 correct test that kdf name is not "none" or "bcrypt"
803 - naddy@cvs.openbsd.org 2014/03/12 13:06:59
804 [ssh-keyscan.1]
805 scan for Ed25519 keys by default too
806 - deraadt@cvs.openbsd.org 2014/03/15 17:28:26
807 [ssh-agent.c ssh-keygen.1 ssh-keygen.c]
808 Improve usage() and documentation towards the standard form.
809 In particular, this line saves a lot of man page reading time.
810 usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
811 [-N new_passphrase] [-C comment] [-f output_keyfile]
812 ok schwarze jmc
813 - tedu@cvs.openbsd.org 2014/03/17 19:44:10
814 [ssh.1]
815 old descriptions of des and blowfish are old. maybe ok deraadt
816 - tedu@cvs.openbsd.org 2014/03/19 14:42:44
817 [scp.1]
818 there is no need for rcp anymore
819 ok deraadt millert
820 - markus@cvs.openbsd.org 2014/03/25 09:40:03
821 [myproposal.h]
822 trimm default proposals.
823
824 This commit removes the weaker pre-SHA2 hashes, the broken ciphers
825 (arcfour), and the broken modes (CBC) from the default configuration
826 (the patch only changes the default, all the modes are still available
827 for the config files).
828
829 ok djm@, reminded by tedu@ & naddy@ and discussed with many
830 - deraadt@cvs.openbsd.org 2014/03/26 17:16:26
831 [myproposal.h]
832 The current sharing of myproposal[] between both client and server code
833 makes the previous diff highly unpallatable. We want to go in that
834 direction for the server, but not for the client. Sigh.
835 Brought up by naddy.
836 - markus@cvs.openbsd.org 2014/03/27 23:01:27
837 [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
838 disable weak proposals in sshd, but keep them in ssh; ok djm@
839 - djm@cvs.openbsd.org 2014/03/26 04:55:35
840 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
841 [misc.h poly1305.h ssh-pkcs11.c]
842 use __bounded(...) attribute recently added to sys/cdefs.h instead of
843 longform __attribute__(__bounded(...));
844
845 for brevity and a warning free compilation with llvm/clang
846 - tedu@cvs.openbsd.org 2014/03/26 19:58:37
847 [sshd.8 sshd.c]
848 remove libwrap support. ok deraadt djm mfriedl
849 - naddy@cvs.openbsd.org 2014/03/28 05:17:11
850 [ssh_config.5 sshd_config.5]
851 sync available and default algorithms, improve algorithm list formatting
852 help from jmc@ and schwarze@, ok deraadt@
853 - jmc@cvs.openbsd.org 2014/03/31 13:39:34
854 [ssh-keygen.1]
855 the text for the -K option was inserted in the wrong place in -r1.108;
856 fix From: Matthew Clarke
857 - djm@cvs.openbsd.org 2014/04/01 02:05:27
858 [ssh-keysign.c]
859 include fingerprint of key not found
860 use arc4random_buf() instead of loop+arc4random()
861 - djm@cvs.openbsd.org 2014/04/01 03:34:10
862 [sshconnect.c]
863 When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any
864 certificate keys to plain keys and attempt SSHFP resolution.
865
866 Prevents a server from skipping SSHFP lookup and forcing a new-hostkey
867 dialog by offering only certificate keys.
868
869 Reported by mcv21 AT cam.ac.uk
870 - djm@cvs.openbsd.org 2014/04/01 05:32:57
871 [packet.c]
872 demote a debug3 to PACKET_DEBUG; ok markus@
873 - djm@cvs.openbsd.org 2014/04/12 04:55:53
874 [sshd.c]
875 avoid crash at exit: check that pmonitor!=NULL before dereferencing;
876 bz#2225, patch from kavi AT juniper.net
877 - djm@cvs.openbsd.org 2014/04/16 23:22:45
878 [bufaux.c]
879 skip leading zero bytes in buffer_put_bignum2_from_string();
880 reported by jan AT mojzis.com; ok markus@
881 - djm@cvs.openbsd.org 2014/04/16 23:28:12
882 [ssh-agent.1]
883 remove the identity files from this manpage - ssh-agent doesn't deal
884 with them at all and the same information is duplicated in ssh-add.1
885 (which does deal with them); prodded by deraadt@
886 - djm@cvs.openbsd.org 2014/04/18 23:52:25
887 [compat.c compat.h sshconnect2.c sshd.c version.h]
888 OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
889 using the curve25519-sha256@libssh.org KEX exchange method to fail
890 when connecting with something that implements the spec properly.
891
892 Disable this KEX method when speaking to one of the affected
893 versions.
894
895 reported by Aris Adamantiadis; ok markus@
896 - djm@cvs.openbsd.org 2014/04/19 05:54:59
897 [compat.c]
898 missing wildcard; pointed out by naddy@
899 - tedu@cvs.openbsd.org 2014/04/19 14:53:48
900 [ssh-keysign.c sshd.c]
901 Delete futile calls to RAND_seed. ok djm
902 NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
903 - tedu@cvs.openbsd.org 2014/04/19 18:15:16
904 [sshd.8]
905 remove some really old rsh references
906 - tedu@cvs.openbsd.org 2014/04/19 18:42:19
907 [ssh.1]
908 delete .xr to hosts.equiv. there's still an unfortunate amount of
909 documentation referring to rhosts equivalency in here.
910 - djm@cvs.openbsd.org 2014/04/20 02:30:25
911 [misc.c misc.h umac.c]
912 use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
913 strict-alignment architectures; reported by and ok stsp@
914 - djm@cvs.openbsd.org 2014/04/20 02:49:32
915 [compat.c]
916 add a canonical 6.6 + curve25519 bignum fix fake version that I can
917 recommend people use ahead of the openssh-6.7 release
918
91920140401
920 - (djm) On platforms that support it, use prctl() to prevent sftp-server
921 from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
922 - (djm) Use full release (e.g. 6.5p1) in debug output rather than just
923 version. From des@des.no
924
92520140317
926 - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to
927 remind myself to add sandbox violation logging via the log socket.
928
92920140314
930 - (tim) [opensshd.init.in] Add support for ed25519
931
93220140313
933 - (djm) Release OpenSSH 6.6
934
93520140304
936 - OpenBSD CVS Sync
937 - djm@cvs.openbsd.org 2014/03/03 22:22:30
938 [session.c]
939 ignore enviornment variables with embedded '=' or '\0' characters;
940 spotted by Jann Horn; ok deraadt@
941
94220140301
943 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when
944 no moduli file exists at the expected location.
945
94620140228
947 - OpenBSD CVS Sync
948 - djm@cvs.openbsd.org 2014/02/27 00:41:49
949 [bufbn.c]
950 fix unsigned overflow that could lead to reading a short ssh protocol
951 1 bignum value; found by Ben Hawkes; ok deraadt@
952 - djm@cvs.openbsd.org 2014/02/27 08:25:09
953 [bufbn.c]
954 off by one in range check
955 - djm@cvs.openbsd.org 2014/02/27 22:47:07
956 [sshd_config.5]
957 bz#2184 clarify behaviour of a keyword that appears in multiple
958 matching Match blocks; ok dtucker@
959 - djm@cvs.openbsd.org 2014/02/27 22:57:40
960 [version.h]
961 openssh-6.6
962 - dtucker@cvs.openbsd.org 2014/01/19 23:43:02
963 [regress/sftp-chroot.sh]
964 Don't use -q on sftp as it suppresses logging, instead redirect the
965 output to the regress logfile.
966 - dtucker@cvs.openbsd.org 2014/01/20 00:00:30
967 [sregress/ftp-chroot.sh]
968 append to rather than truncating the log file
969 - dtucker@cvs.openbsd.org 2014/01/25 04:35:32
970 [regress/Makefile regress/dhgex.sh]
971 Add a test for DH GEX sizes
972 - djm@cvs.openbsd.org 2014/01/26 10:22:10
973 [regress/cert-hostkey.sh]
974 automatically generate revoked keys from listed keys rather than
975 manually specifying each type; from portable
976 (Id sync only)
977 - djm@cvs.openbsd.org 2014/01/26 10:49:17
978 [scp-ssh-wrapper.sh scp.sh]
979 make sure $SCP is tested on the remote end rather than whichever one
980 happens to be in $PATH; from portable
981 (Id sync only)
982 - djm@cvs.openbsd.org 2014/02/27 20:04:16
983 [login-timeout.sh]
984 remove any existing LoginGraceTime from sshd_config before adding
985 a specific one for the test back in
986 - djm@cvs.openbsd.org 2014/02/27 21:21:25
987 [agent-ptrace.sh agent.sh]
988 keep return values that are printed in error messages;
989 from portable
990 (Id sync only)
991 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
992 [contrib/suse/openssh.spec] Crank version numbers
993 - (djm) [regress/host-expand.sh] Add RCS Id
994
99520140227
996 - OpenBSD CVS Sync
997 - djm@cvs.openbsd.org 2014/02/26 20:18:37
998 [ssh.c]
999 bz#2205: avoid early hostname lookups unless canonicalisation is enabled;
1000 ok dtucker@ markus@
1001 - djm@cvs.openbsd.org 2014/02/26 20:28:44
1002 [auth2-gss.c gss-serv.c ssh-gss.h sshd.c]
1003 bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep
1004 sandboxing, as running this code in the sandbox can cause violations;
1005 ok markus@
1006 - djm@cvs.openbsd.org 2014/02/26 20:29:29
1007 [channels.c]
1008 don't assume that the socks4 username is \0 terminated;
1009 spotted by Ben Hawkes; ok markus@
1010 - markus@cvs.openbsd.org 2014/02/26 21:53:37
1011 [sshd.c]
1012 ssh_gssapi_prepare_supported_oids needs GSSAPI
1013
101420140224
1015 - OpenBSD CVS Sync
1016 - djm@cvs.openbsd.org 2014/02/07 06:55:54
1017 [cipher.c mac.c]
1018 remove some logging that makes ssh debugging output very verbose;
1019 ok markus
1020 - djm@cvs.openbsd.org 2014/02/15 23:05:36
1021 [channels.c]
1022 avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W;
1023 bz#2200, debian#738692 via Colin Watson; ok dtucker@
1024 - djm@cvs.openbsd.org 2014/02/22 01:32:19
1025 [readconf.c]
1026 when processing Match blocks, skip 'exec' clauses if previous predicates
1027 failed to match; ok markus@
1028 - djm@cvs.openbsd.org 2014/02/23 20:03:42
1029 [ssh-ed25519.c]
1030 check for unsigned overflow; not reachable in OpenSSH but others might
1031 copy our code...
1032 - djm@cvs.openbsd.org 2014/02/23 20:11:36
1033 [readconf.c readconf.h ssh.c ssh_config.5]
1034 reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes
1035 the hostname. This allows users to write configurations that always
1036 refer to canonical hostnames, e.g.
1037
1038 CanonicalizeHostname yes
1039 CanonicalDomains int.example.org example.org
1040 CanonicalizeFallbackLocal no
1041
1042 Host *.int.example.org
1043 Compression off
1044 Host *.example.org
1045 User djm
1046
1047 ok markus@
1048
104920140213
1050 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat
1051 code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex.
1052
105320140207
1054 - OpenBSD CVS Sync
1055 - naddy@cvs.openbsd.org 2014/02/05 20:13:25
1056 [ssh-keygen.1 ssh-keygen.c]
1057 tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@
1058 while here, fix ordering in usage(); requested by jmc@
1059 - djm@cvs.openbsd.org 2014/02/06 22:21:01
1060 [sshconnect.c]
1061 in ssh_create_socket(), only do the getaddrinfo for BindAddress when
1062 BindAddress is actually specified. Fixes regression in 6.5 for
1063 UsePrivilegedPort=yes; patch from Corinna Vinschen
1064
106520140206
1066 - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL
1067 before freeing since free(NULL) is a no-op. ok djm.
1068 - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define
1069 __NR_shutdown; some go via the socketcall(2) multiplexer.
1070
107120140205
1072 - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by
1073 headers/libc but not supported by the kernel. Patch from Loganaden
1074 Velvindron @ AfriNIC
1075
107620140204
1077 - OpenBSD CVS Sync
1078 - markus@cvs.openbsd.org 2014/01/27 18:58:14
1079 [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h]
1080 replace openssl HMAC with an implementation based on our ssh_digest_*
1081 ok and feedback djm@
1082 - markus@cvs.openbsd.org 2014/01/27 19:18:54
1083 [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c]
1084 replace openssl MD5 with our ssh_digest_*; ok djm@
1085 - markus@cvs.openbsd.org 2014/01/27 20:13:46
1086 [digest.c digest-openssl.c digest-libc.c Makefile.in]
1087 rename digest.c to digest-openssl.c and add libc variant; ok djm@
1088 - jmc@cvs.openbsd.org 2014/01/28 14:13:39
1089 [ssh-keyscan.1]
1090 kill some bad Pa;
1091 From: Jan Stary
1092 - djm@cvs.openbsd.org 2014/01/29 00:19:26
1093 [sshd.c]
1094 use kill(0, ...) instead of killpg(0, ...); on most operating systems
1095 they are equivalent, but SUSv2 describes the latter as having undefined
1096 behaviour; from portable; ok dtucker
1097 (Id sync only; change is already in portable)
1098 - djm@cvs.openbsd.org 2014/01/29 06:18:35
1099 [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c]
1100 [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h]
1101 [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c]
1102 remove experimental, never-enabled JPAKE code; ok markus@
1103 - jmc@cvs.openbsd.org 2014/01/29 14:04:51
1104 [sshd_config.5]
1105 document kbdinteractiveauthentication;
1106 requested From: Ross L Richardson
1107
1108 dtucker/markus helped explain its workings;
1109 - djm@cvs.openbsd.org 2014/01/30 22:26:14
1110 [sandbox-systrace.c]
1111 allow shutdown(2) syscall in sandbox - it may be called by packet_close()
1112 from portable
1113 (Id sync only; change is already in portable)
1114 - tedu@cvs.openbsd.org 2014/01/31 16:39:19
1115 [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
1116 [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
1117 [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
1118 [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
1119 [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
1120 replace most bzero with explicit_bzero, except a few that cna be memset
1121 ok djm dtucker
1122 - djm@cvs.openbsd.org 2014/02/02 03:44:32
1123 [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
1124 [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
1125 [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
1126 [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
1127 [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
1128 [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
1129 [sshd.c]
1130 convert memset of potentially-private data to explicit_bzero()
1131 - djm@cvs.openbsd.org 2014/02/03 23:28:00
1132 [ssh-ecdsa.c]
1133 fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike
1134 DSA_SIG_new. Reported by Batz Spear; ok markus@
1135 - djm@cvs.openbsd.org 2014/02/02 03:44:31
1136 [digest-libc.c digest-openssl.c]
1137 convert memset of potentially-private data to explicit_bzero()
1138 - djm@cvs.openbsd.org 2014/02/04 00:24:29
1139 [ssh.c]
1140 delay lowercasing of hostname until right before hostname
1141 canonicalisation to unbreak case-sensitive matching of ssh_config;
1142 reported by Ike Devolder; ok markus@
1143 - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o
1144 - (djm) [regress/setuid-allowed.c] Missing string.h for strerror()
1145
114620140131
1147 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)
1148 syscall from sandboxes; it may be called by packet_close.
1149 - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros. Fixes
1150 build with HP-UX's compiler. Patch from Kevin Brott.
1151 - (tim) [Makefile.in] build regress/setuid-allow.
1152
115320140130
1154 - (djm) [configure.ac] Only check for width-specified integer types
1155 in headers that actually exist. patch from Tom G. Christensen;
1156 ok dtucker@
1157 - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering
1158 different symbols for 'read' when various compiler flags are
1159 in use, causing atomicio.c comparisons against it to break and
1160 read/write operations to hang; ok dtucker
1161 - (djm) Release openssh-6.5p1
1162
116320140129
1164 - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from
1165 Tom G. Christensen
1166
116720140128
1168 - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl;
1169 ok dtucker
1170 - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the
1171 latter being specified to have undefined behaviour in SUSv3;
1172 ok dtucker
1173 - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable
1174 when used as an error message inside an if statement so we display the
1175 correct into. agent.sh patch from Petr Lautrbach.
1176
117720140127
1178 - (dtucker) [Makefile.in] Remove trailing backslash which some make
1179 implementations (eg older Solaris) do not cope with.
1180
118120140126
1182 - OpenBSD CVS Sync
1183 - dtucker@cvs.openbsd.org 2014/01/25 10:12:50
1184 [cipher.c cipher.h kex.c kex.h kexgexc.c]
1185 Add a special case for the DH group size for 3des-cbc, which has an
1186 effective strength much lower than the key size. This causes problems
1187 with some cryptlib implementations, which don't support group sizes larger
1188 than 4k but also don't use the largest group size it does support as
1189 specified in the RFC. Based on a patch from Petr Lautrbach at Redhat,
1190 reduced by me with input from Markus. ok djm@ markus@
1191 - markus@cvs.openbsd.org 2014/01/25 20:35:37
1192 [kex.c]
1193 dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len)
1194 ok dtucker@, noted by mancha
1195 - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable
1196 RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
1197 libc will attempt to open additional file descriptors for crypto
1198 offload and crash if they cannot be opened.
1199 - (djm) [configure.ac] correct AC_DEFINE for previous.
1200
120120140125
1202 - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD
1203 - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless
1204 sys/capability.h exists and cap_rights_limit is in libc. Fixes
1205 build on FreeBSD9x which provides the header but not the libc
1206 support.
1207 - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test
1208 against the correct thing.
1209
121020140124
1211 - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make
1212 the scp regress test actually test the built scp rather than the one
1213 in $PATH. ok dtucker@
1214
121520140123
1216 - (tim) [session.c] Improve error reporting on set_id().
1217 - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously
1218 incompatible with OpenBSD's despite post-dating it by more than a decade.
1219 Declare it as broken, and document FreeBSD's as the same. ok djm@
1220
122120140122
1222 - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a
1223 platform that is expected to use the reuse-argv style setproctitle
1224 hack surprises us by providing a setproctitle in libc; ok dtucker
1225 - (djm) [configure.ac] Unless specifically requested, only attempt
1226 to build Position Independent Executables on gcc >= 4.x; ok dtucker
1227 - (djm) [configure.ac aclocal.m4] More tests to detect fallout from
1228 platform hardening options: include some long long int arithmatic
1229 to detect missing support functions for -ftrapv in libgcc and
1230 equivalents, actually test linking when -ftrapv is supplied and
1231 set either both -pie/-fPIE or neither. feedback and ok dtucker@
1232
123320140121
1234 - (dtucker) [configure.ac] Make PIE a configure-time option which defaults
1235 to on platforms where it's known to be reliably detected and off elsewhere.
1236 Works around platforms such as FreeBSD 9.1 where it does not interop with
1237 -ftrapv (it seems to work but fails when trying to link ssh). ok djm@
1238 - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time
1239 tests in the configure output. ok djm.
1240 - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced
1241 with sftp chroot support. Move set_id call after chroot.
1242 - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE
1243 and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of
1244 detecting toolchain-related problems; ok dtucker
1245
124620140120
1247 - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos
1248 implementation does not have krb5_cc_new_unique, similar to what we do
1249 in auth-krb5.c.
1250 - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that
1251 skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@
1252 - (djm) OpenBSD CVS Sync
1253 - djm@cvs.openbsd.org 2014/01/20 00:08:48
1254 [digest.c]
1255 memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@
1256
125720140119
1258 - (dtucker) OpenBSD CVS Sync
1259 - dtucker@cvs.openbsd.org 2014/01/17 06:23:24
1260 [sftp-server.c]
1261 fix log message statvfs. ok djm
1262 - dtucker@cvs.openbsd.org 2014/01/18 09:36:26
1263 [session.c]
1264 explicitly define USE_PIPES to 1 to prevent redefinition warnings in
1265 portable on platforms that use pipes for everything. From vinschen at
1266 redhat.
1267 - dtucker@cvs.openbsd.org 2014/01/19 04:17:29
1268 [canohost.c addrmatch.c]
1269 Cast socklen_t when comparing to size_t and use socklen_t to iterate over
1270 the ip options, both to prevent signed/unsigned comparison warnings.
1271 Patch from vinschen at redhat via portable openssh, begrudging ok deraadt.
1272 - djm@cvs.openbsd.org 2014/01/19 04:48:08
1273 [ssh_config.5]
1274 fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal
1275 - dtucker@cvs.openbsd.org 2014/01/19 11:21:51
1276 [addrmatch.c]
1277 Cast the sizeof to socklen_t so it'll work even if the supplied len is
1278 negative. Suggested by and ok djm, ok deraadt.
1279
128020140118
1281 - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin. Patch
1282 from vinschen at redhat.com
1283 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function
1284 declarations that stopped being included when we stopped including
1285 <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at
1286 redhat.com.
1287 - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs,
1288 optind) are defined in getopt.h already. Unfortunately they are defined as
1289 "declspec(dllimport)" for historical reasons, because the GNU linker didn't
1290 allow auto-import on PE/COFF targets way back when. The problem is the
1291 dllexport attributes collide with the definitions in the various source
1292 files in OpenSSH, which obviousy define the variables without
1293 declspec(dllimport). The least intrusive way to get rid of these warnings
1294 is to disable warnings for GCC compiler attributes when building on Cygwin.
1295 Patch from vinschen at redhat.com.
1296 - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the
1297 return value check for cap_enter() consistent with the other uses in
1298 FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140.
1299
130020140117
1301 - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain
1302 hardening flags including -fstack-protector-strong. These default to on
1303 if the toolchain supports them, but there is a configure-time knob
1304 (--without-hardening) to disable them if necessary. ok djm@
1305 - (djm) [sftp-client.c] signed/unsigned comparison fix
1306 - (dtucker) [loginrec.c] Cast to the types specfied in the format
1307 specification to prevent warnings.
1308 - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
1309 - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
1310 - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include
1311 includes.h to pull in all of the compatibility stuff.
1312 - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside
1313 #ifdef HAVE_STDINT_H.
1314 - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that
1315 don't have them.
1316 - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into
1317 separate lines and alphabetize for easier diffing of changes.
1318 - (dtucker) OpenBSD CVS Sync
1319 - djm@cvs.openbsd.org 2014/01/17 00:21:06
1320 [sftp-client.c]
1321 signed/unsigned comparison warning fix; from portable (Id sync only)
1322 - dtucker@cvs.openbsd.org 2014/01/17 05:26:41
1323 [digest.c]
1324 remove unused includes. ok djm@
1325 - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]
1326 [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c]
1327 [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing
1328 using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling
1329 Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
1330 - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c
1331 openbsd-compat/openssl-compat.h] Add compatibility layer for older
1332 openssl versions. ok djm@
1333 - (dtucker) Fix typo in #ifndef.
1334 - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c
1335 openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs
1336 to be useful (and for the regression tests to pass) on platforms that
1337 have statfs and fstatfs. ok djm@
1338 - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we
1339 need them to cut down on the name collisions.
1340 - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types.
1341 - (dtucker) [configure.ac] Have --without-hardening not turn off
1342 stack-protector since that has a separate flag that's been around a while.
1343 - (dtucker) [readconf.c] Wrap paths.h inside an ifdef. Allows building on
1344 Solaris.
1345 - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after
1346 they're defined if we have to define them ourselves. Fixes builds on old
1347 AIX.
1348
134920140118
1350 - (djm) OpenBSD CVS Sync
1351 - djm@cvs.openbsd.org 2014/01/16 07:31:09
1352 [sftp-client.c]
1353 needless and incorrect cast to size_t can break resumption of
1354 large download; patch from tobias@
1355 - djm@cvs.openbsd.org 2014/01/16 07:32:00
1356 [version.h]
1357 openssh-6.5
1358 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
1359 [contrib/suse/openssh.spec] Crank RPM spec version numbers.
1360 - (djm) [README] update release notes URL.
1361
136220140112
1363 - (djm) OpenBSD CVS Sync
1364 - djm@cvs.openbsd.org 2014/01/10 05:59:19
1365 [sshd_config]
1366 the /etc/ssh/ssh_host_ed25519_key is loaded by default too
1367 - djm@cvs.openbsd.org 2014/01/12 08:13:13
1368 [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c]
1369 [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c]
1370 avoid use of OpenSSL BIGNUM type and functions for KEX with
1371 Curve25519 by adding a buffer_put_bignum2_from_string() that stores
1372 a string using the bignum encoding rules. Will make it easier to
1373 build a reduced-feature OpenSSH without OpenSSL in the future;
1374 ok markus@
1375
137620140110
1377 - (djm) OpenBSD CVS Sync
1378 - tedu@cvs.openbsd.org 2014/01/04 17:50:55
1379 [mac.c monitor_mm.c monitor_mm.h xmalloc.c]
1380 use standard types and formats for size_t like variables. ok dtucker
1381 - guenther@cvs.openbsd.org 2014/01/09 03:26:00
1382 [sftp-common.c]
1383 When formating the time for "ls -l"-style output, show dates in the future
1384 with the year, and rearrange a comparison to avoid a potentional signed
1385 arithmetic overflow that would give the wrong result.
1386 ok djm@
1387 - djm@cvs.openbsd.org 2014/01/09 23:20:00
1388 [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c]
1389 [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c]
1390 [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c]
1391 [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c]
1392 Introduce digest API and use it to perform all hashing operations
1393 rather than calling OpenSSL EVP_Digest* directly. Will make it easier
1394 to build a reduced-feature OpenSSH without OpenSSL in future;
1395 feedback, ok markus@
1396 - djm@cvs.openbsd.org 2014/01/09 23:26:48
1397 [sshconnect.c sshd.c]
1398 ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,
1399 deranged and might make some attacks on KEX easier; ok markus@
1400
140120140108
1402 - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@
1403
140420131231
1405 - (djm) OpenBSD CVS Sync
1406 - djm@cvs.openbsd.org 2013/12/30 23:52:28
1407 [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c]
1408 [sshconnect.c sshconnect2.c sshd.c]
1409 refuse RSA keys from old proprietary clients/servers that use the
1410 obsolete RSA+MD5 signature scheme. it will still be possible to connect
1411 with these clients/servers but only DSA keys will be accepted, and we'll
1412 deprecate them entirely in a future release. ok markus@
1413
141420131229
1415 - (djm) [loginrec.c] Check for username truncation when looking up lastlog
1416 entries
1417 - (djm) [regress/Makefile] Add some generated files for cleaning
1418 - (djm) OpenBSD CVS Sync
1419 - djm@cvs.openbsd.org 2013/12/19 00:10:30
1420 [ssh-add.c]
1421 skip requesting smartcard PIN when removing keys from agent; bz#2187
1422 patch from jay AT slushpupie.com; ok dtucker
1423 - dtucker@cvs.openbsd.org 2013/12/19 00:19:12
1424 [serverloop.c]
1425 Cast client_alive_interval to u_int64_t before assinging to
1426 max_time_milliseconds to avoid potential integer overflow in the timeout.
1427 bz#2170, patch from Loganaden Velvindron, ok djm@
1428 - djm@cvs.openbsd.org 2013/12/19 00:27:57
1429 [auth-options.c]
1430 simplify freeing of source-address certificate restriction
1431 - djm@cvs.openbsd.org 2013/12/19 01:04:36
1432 [channels.c]
1433 bz#2147: fix multiple remote forwardings with dynamically assigned
1434 listen ports. In the s->c message to open the channel we were sending
1435 zero (the magic number to request a dynamic port) instead of the actual
1436 listen port. The client therefore had no way of discriminating between
1437 them.
1438
1439 Diagnosis and fix by ronf AT timeheart.net
1440 - djm@cvs.openbsd.org 2013/12/19 01:19:41
1441 [ssh-agent.c]
1442 bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent
1443 that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com;
1444 ok dtucker
1445 - djm@cvs.openbsd.org 2013/12/19 22:57:13
1446 [poly1305.c poly1305.h]
1447 use full name for author, with his permission
1448 - tedu@cvs.openbsd.org 2013/12/21 07:10:47
1449 [ssh-keygen.1]
1450 small typo
1451 - djm@cvs.openbsd.org 2013/12/27 22:30:17
1452 [ssh-dss.c ssh-ecdsa.c ssh-rsa.c]
1453 make the original RSA and DSA signing/verification code look more like
1454 the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type
1455 rather than tediously listing all variants, use __func__ for debug/
1456 error messages
1457 - djm@cvs.openbsd.org 2013/12/27 22:37:18
1458 [ssh-rsa.c]
1459 correct comment
1460 - djm@cvs.openbsd.org 2013/12/29 02:28:10
1461 [key.c]
1462 allow ed25519 keys to appear as certificate authorities
1463 - djm@cvs.openbsd.org 2013/12/29 02:37:04
1464 [key.c]
1465 correct comment for key_to_certified()
1466 - djm@cvs.openbsd.org 2013/12/29 02:49:52
1467 [key.c]
1468 correct comment for key_drop_cert()
1469 - djm@cvs.openbsd.org 2013/12/29 04:20:04
1470 [key.c]
1471 to make sure we don't omit any key types as valid CA keys again,
1472 factor the valid key type check into a key_type_is_valid_ca()
1473 function
1474 - djm@cvs.openbsd.org 2013/12/29 04:29:25
1475 [authfd.c]
1476 allow deletion of ed25519 keys from the agent
1477 - djm@cvs.openbsd.org 2013/12/29 04:35:50
1478 [authfile.c]
1479 don't refuse to load Ed25519 certificates
1480 - djm@cvs.openbsd.org 2013/12/29 05:42:16
1481 [ssh.c]
1482 don't forget to load Ed25519 certs too
1483 - djm@cvs.openbsd.org 2013/12/29 05:57:02
1484 [sshconnect.c]
1485 when showing other hostkeys, don't forget Ed25519 keys
1486
148720131221
1488 - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
1489
149020131219
1491 - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions
1492 greater than 11 either rather than just 11. Patch from Tomas Kuthan.
1493 - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item().
1494 Patch from Loganaden Velvindron.
1495
149620131218
1497 - (djm) OpenBSD CVS Sync
1498 - djm@cvs.openbsd.org 2013/12/07 08:08:26
1499 [ssh-keygen.1]
1500 document -a and -o wrt new key format
1501 - naddy@cvs.openbsd.org 2013/12/07 11:58:46
1502 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
1503 [ssh_config.5 sshd.8 sshd_config.5]
1504 add missing mentions of ed25519; ok djm@
1505 - dtucker@cvs.openbsd.org 2013/12/08 09:53:27
1506 [sshd_config.5]
1507 Use a literal for the default value of KEXAlgorithms. ok deraadt jmc
1508 - markus@cvs.openbsd.org 2013/12/09 11:03:45
1509 [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
1510 [ge25519_base.data hash.c sc25519.c sc25519.h verify.c]
1511 Add Authors for the public domain ed25519/nacl code.
1512 see also http://nacl.cr.yp.to/features.html
1513 All of the NaCl software is in the public domain.
1514 and http://ed25519.cr.yp.to/software.html
1515 The Ed25519 software is in the public domain.
1516 - markus@cvs.openbsd.org 2013/12/09 11:08:17
1517 [crypto_api.h]
1518 remove unused defines
1519 - pascal@cvs.openbsd.org 2013/12/15 18:17:26
1520 [ssh-add.c]
1521 Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page.
1522 ok markus@
1523 - djm@cvs.openbsd.org 2013/12/15 21:42:35
1524 [cipher-chachapoly.c]
1525 add some comments and constify a constant
1526 - markus@cvs.openbsd.org 2013/12/17 10:36:38
1527 [crypto_api.h]
1528 I've assempled the header file by cut&pasting from generated headers
1529 and the source files.
1530
153120131208
1532 - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna
1533 Vinschen
1534 - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh]
1535 [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid
1536 filesystem before running agent-ptrace.sh; ok dtucker
1537
153820131207
1539 - (djm) OpenBSD CVS Sync
1540 - djm@cvs.openbsd.org 2013/12/05 22:59:45
1541 [sftp-client.c]
1542 fix memory leak in error path in do_readdir(); pointed out by
1543 Loganaden Velvindron @ AfriNIC in bz#2163
1544 - djm@cvs.openbsd.org 2013/12/06 03:40:51
1545 [ssh-keygen.c]
1546 remove duplicated character ('g') in getopt() string;
1547 document the (few) remaining option characters so we don't have to
1548 rummage next time.
1549 - markus@cvs.openbsd.org 2013/12/06 13:30:08
1550 [authfd.c key.c key.h ssh-agent.c]
1551 move private key (de)serialization to key.c; ok djm
1552 - markus@cvs.openbsd.org 2013/12/06 13:34:54
1553 [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c]
1554 [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by
1555 default; details in PROTOCOL.key; feedback and lots help from djm;
1556 ok djm@
1557 - markus@cvs.openbsd.org 2013/12/06 13:39:49
1558 [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
1559 [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
1560 [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
1561 [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
1562 [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
1563 support ed25519 keys (hostkeys and user identities) using the public
1564 domain ed25519 reference code from SUPERCOP, see
1565 http://ed25519.cr.yp.to/software.html
1566 feedback, help & ok djm@
1567 - jmc@cvs.openbsd.org 2013/12/06 15:29:07
1568 [sshd.8]
1569 missing comma;
1570 - djm@cvs.openbsd.org 2013/12/07 00:19:15
1571 [key.c]
1572 set k->cert = NULL after freeing it
1573 - markus@cvs.openbsd.org 2013/12/06 13:52:46
1574 [regress/Makefile regress/agent.sh regress/cert-hostkey.sh]
1575 [regress/cert-userkey.sh regress/keytype.sh]
1576 test ed25519 support; from djm@
1577 - (djm) [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
1578 [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents
1579 - (djm) [Makefile.in] Add ed25519 sources
1580 - (djm) [authfile.c] Conditionalise inclusion of util.h
1581 - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c]
1582 [openbsd-compat/blf.h openbsd-compat/blowfish.c]
1583 [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in
1584 portable.
1585 - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in]
1586 [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on
1587 Linux
1588 - (djm) [regress/cert-hostkey.sh] Fix merge botch
1589 - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from
1590 Loganaden Velvindron @ AfriNIC in bz#2179
1591
159220131205
1593 - (djm) OpenBSD CVS Sync
1594 - jmc@cvs.openbsd.org 2013/11/21 08:05:09
1595 [ssh_config.5 sshd_config.5]
1596 no need for .Pp before displays;
1597 - deraadt@cvs.openbsd.org 2013/11/25 18:04:21
1598 [ssh.1 ssh.c]
1599 improve -Q usage and such. One usage change is that the option is now
1600 case-sensitive
1601 ok dtucker markus djm
1602 - jmc@cvs.openbsd.org 2013/11/26 12:14:54
1603 [ssh.1 ssh.c]
1604 - put -Q in the right place
1605 - Ar was a poor choice for the arguments to -Q. i've chosen an
1606 admittedly equally poor Cm, at least consistent with the rest
1607 of the docs. also no need for multiple instances
1608 - zap a now redundant Nm
1609 - usage() sync
1610 - deraadt@cvs.openbsd.org 2013/11/26 19:15:09
1611 [pkcs11.h]
1612 cleanup 1 << 31 idioms. Resurrection of this issue pointed out by
1613 Eitan Adler ok markus for ssh, implies same change in kerberosV
1614 - djm@cvs.openbsd.org 2013/12/01 23:19:05
1615 [PROTOCOL]
1616 mention curve25519-sha256@libssh.org key exchange algorithm
1617 - djm@cvs.openbsd.org 2013/12/02 02:50:27
1618 [PROTOCOL.chacha20poly1305]
1619 typo; from Jon Cave
1620 - djm@cvs.openbsd.org 2013/12/02 02:56:17
1621 [ssh-pkcs11-helper.c]
1622 use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC
1623 - djm@cvs.openbsd.org 2013/12/02 03:09:22
1624 [key.c]
1625 make key_to_blob() return a NULL blob on failure; part of
1626 bz#2175 from Loganaden Velvindron @ AfriNIC
1627 - djm@cvs.openbsd.org 2013/12/02 03:13:14
1628 [cipher.c]
1629 correct bzero of chacha20+poly1305 key context. bz#2177 from
1630 Loganaden Velvindron @ AfriNIC
1631
1632 Also make it a memset for consistency with the rest of cipher.c
1633 - djm@cvs.openbsd.org 2013/12/04 04:20:01
1634 [sftp-client.c]
1635 bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
1636 AfriNIC
1637 - djm@cvs.openbsd.org 2013/12/05 01:16:41
1638 [servconf.c servconf.h]
1639 bz#2161 - fix AuthorizedKeysCommand inside a Match block and
1640 rearrange things so the same error is harder to make next time;
1641 with and ok dtucker@
1642 - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct
1643 -L location for libedit. Patch from Serge van den Boom.
1644
164520131121
1646 - (djm) OpenBSD CVS Sync
1647 - dtucker@cvs.openbsd.org 2013/11/08 11:15:19
1648 [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c]
1649 [uidswap.c] Include stdlib.h for free() as per the man page.
1650 - markus@cvs.openbsd.org 2013/11/13 13:48:20
1651 [ssh-pkcs11.c]
1652 add missing braces found by pedro
1653 - djm@cvs.openbsd.org 2013/11/20 02:19:01
1654 [sshd.c]
1655 delay closure of in/out fds until after "Bad protocol version
1656 identification..." message, as get_remote_ipaddr/get_remote_port
1657 require them open.
1658 - deraadt@cvs.openbsd.org 2013/11/20 20:53:10
1659 [scp.c]
1660 unsigned casts for ctype macros where neccessary
1661 ok guenther millert markus
1662 - deraadt@cvs.openbsd.org 2013/11/20 20:54:10
1663 [canohost.c clientloop.c match.c readconf.c sftp.c]
1664 unsigned casts for ctype macros where neccessary
1665 ok guenther millert markus
1666 - djm@cvs.openbsd.org 2013/11/21 00:45:44
1667 [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
1668 [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
1669 [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
1670 [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
1671 cipher "chacha20-poly1305@openssh.com" that combines Daniel
1672 Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
1673 authenticated encryption mode.
1674
1675 Inspired by and similar to Adam Langley's proposal for TLS:
1676 http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
1677 but differs in layout used for the MAC calculation and the use of a
1678 second ChaCha20 instance to separately encrypt packet lengths.
1679 Details are in the PROTOCOL.chacha20poly1305 file.
1680
1681 Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
1682 ok markus@ naddy@
1683 - naddy@cvs.openbsd.org 2013/11/18 05:09:32
1684 [regress/forward-control.sh]
1685 bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164)
1686 to successfully run this; ok djm@
1687 - djm@cvs.openbsd.org 2013/11/21 03:15:46
1688 [regress/krl.sh]
1689 add some reminders for additional tests that I'd like to implement
1690 - djm@cvs.openbsd.org 2013/11/21 03:16:47
1691 [regress/modpipe.c]
1692 use unsigned long long instead of u_int64_t here to avoid warnings
1693 on some systems portable OpenSSH is built on.
1694 - djm@cvs.openbsd.org 2013/11/21 03:18:51
1695 [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh]
1696 [regress/try-ciphers.sh]
1697 use new "ssh -Q cipher-auth" query to obtain lists of authenticated
1698 encryption ciphers instead of specifying them manually; ensures that
1699 the new chacha20poly1305@openssh.com mode is tested;
1700
1701 ok markus@ and naddy@ as part of the diff to add
1702 chacha20poly1305@openssh.com
1703
170420131110
1705 - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by
1706 querying the ones that are compiled in.
1707
170820131109
1709 - (dtucker) OpenBSD CVS Sync
1710 - dtucker@cvs.openbsd.org 2013/11/09 05:41:34
1711 [regress/test-exec.sh regress/rekey.sh]
1712 Use smaller test data files to speed up tests. Grow test datafiles
1713 where necessary for a specific test.
1714 - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
1715 NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
1716 latter actually works before using it. Fedora (at least) has NID_secp521r1
1717 that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
1718 - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test.
1719 - (dtucker) [configure.ac] Add missing "test".
1720 - (dtucker) [key.c] Check for the correct defines for NID_secp521r1.
1721
172220131108
1723 - (dtucker) OpenBSD CVS Sync
1724 - dtucker@cvs.openbsd.org 2013/11/08 01:06:14
1725 [regress/rekey.sh]
1726 Rekey less frequently during tests to speed them up
1727 - (djm) OpenBSD CVS Sync
1728 - dtucker@cvs.openbsd.org 2013/11/07 11:58:27
1729 [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
1730 Output the effective values of Ciphers, MACs and KexAlgorithms when
1731 the default has not been overridden. ok markus@
1732 - djm@cvs.openbsd.org 2013/11/08 00:39:15
1733 [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
1734 [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
1735 [sftp-client.c sftp-glob.c]
1736 use calloc for all structure allocations; from markus@
1737 - djm@cvs.openbsd.org 2013/11/08 01:38:11
1738 [version.h]
1739 openssh-6.4
1740 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
1741 [contrib/suse/openssh.spec] Update version numbers following release.
1742 - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of
1743 arc4random_stir for platforms that have arc4random but don't have
1744 arc4random_stir (right now this is only OpenBSD -current).
1745 - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have
1746 EVP_sha256.
1747 - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256.
1748 - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile
1749 warnings.
1750 - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform
1751 and pass in TEST_ENV. use stderr to get polluted
1752 and the stderr-data test to fail.
1753 - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation:
1754 rather than testing and generating each key, call ssh-keygen -A.
1755 Patch from vinschen at redhat.com.
1756 - (dtucker) OpenBSD CVS Sync
1757 - dtucker@cvs.openbsd.org 2013/11/09 05:41:34
1758 [regress/test-exec.sh regress/rekey.sh]
1759 Use smaller test data files to speed up tests. Grow test datafiles
1760 where necessary for a specific test.
1761
176220131107
1763 - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)
1764 that got lost in recent merge.
1765 - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff
1766 - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these
1767 - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms
1768 that lack it but have arc4random_uniform()
1769 - (djm) OpenBSD CVS Sync
1770 - markus@cvs.openbsd.org 2013/11/04 11:51:16
1771 [monitor.c]
1772 fix rekeying for KEX_C25519_SHA256; noted by dtucker@
1773 RCSID sync only; I thought this was a merge botch and fixed it already
1774 - markus@cvs.openbsd.org 2013/11/06 16:52:11
1775 [monitor_wrap.c]
1776 fix rekeying for AES-GCM modes; ok deraadt
1777 - djm@cvs.openbsd.org 2013/11/06 23:05:59
1778 [ssh-pkcs11.c]
1779 from portable: s/true/true_val/ to avoid name collisions on dump platforms
1780 RCSID sync only
1781 - (dtucker) OpenBSD CVS Sync
1782 - djm@cvs.openbsd.org 2013/10/09 23:44:14
1783 [regress/Makefile] (ID sync only)
1784 regression test for sftp request white/blacklisting and readonly mode.
1785 - markus@cvs.openbsd.org 2013/11/02 22:39:53
1786 [regress/kextype.sh]
1787 add curve25519-sha256@libssh.org
1788 - dtucker@cvs.openbsd.org 2013/11/04 12:27:42
1789 [regress/rekey.sh]
1790 Test rekeying with all KexAlgorithms.
1791 - dtucker@cvs.openbsd.org 2013/11/07 00:12:05
1792 [regress/rekey.sh]
1793 Test rekeying for every Cipher, MAC and KEX, plus test every KEX with
1794 the GCM ciphers.
1795 - dtucker@cvs.openbsd.org 2013/11/07 01:12:51
1796 [regress/rekey.sh]
1797 Factor out the data transfer rekey tests
1798 - dtucker@cvs.openbsd.org 2013/11/07 02:48:38
1799 [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh]
1800 Use ssh -Q instead of hardcoding lists of ciphers or MACs.
1801 - dtucker@cvs.openbsd.org 2013/11/07 03:55:41
1802 [regress/kextype.sh]
1803 Use ssh -Q to get kex types instead of a static list.
1804 - dtucker@cvs.openbsd.org 2013/11/07 04:26:56
1805 [regress/kextype.sh]
1806 trailing space
1807 - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment
1808 variable. It's no longer used now that we get the supported MACs from
1809 ssh -Q.
1810
181120131104
1812 - (djm) OpenBSD CVS Sync
1813 - markus@cvs.openbsd.org 2013/11/02 20:03:54
1814 [ssh-pkcs11.c]
1815 support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys;
1816 fixes bz#1908; based on patch from Laurent Barbe; ok djm
1817 - markus@cvs.openbsd.org 2013/11/02 21:59:15
1818 [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
1819 use curve25519 for default key exchange (curve25519-sha256@libssh.org);
1820 initial patch from Aris Adamantiadis; ok djm@
1821 - markus@cvs.openbsd.org 2013/11/02 22:10:15
1822 [kexdhs.c kexecdhs.c]
1823 no need to include monitor_wrap.h
1824 - markus@cvs.openbsd.org 2013/11/02 22:24:24
1825 [kexdhs.c kexecdhs.c]
1826 no need to include ssh-gss.h
1827 - markus@cvs.openbsd.org 2013/11/02 22:34:01
1828 [auth-options.c]
1829 no need to include monitor_wrap.h and ssh-gss.h
1830 - markus@cvs.openbsd.org 2013/11/02 22:39:19
1831 [ssh_config.5 sshd_config.5]
1832 the default kex is now curve25519-sha256@libssh.org
1833 - djm@cvs.openbsd.org 2013/11/03 10:37:19
1834 [roaming_common.c]
1835 fix a couple of function definitions foo() -> foo(void)
1836 (-Wold-style-definition)
1837 - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from
1838 KEX/curve25519 change
1839
184020131103
1841 - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep.
1842 From OpenSMTPD where it prevents "implicit declaration" warnings (it's
1843 a no-op in OpenSSH). From chl at openbsd.
1844 - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd
1845 vsnprintf. From eric at openbsd via chl@.
1846 - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t
1847 for platforms that don't have them.
1848
184920131030
1850 - (djm) OpenBSD CVS Sync
1851 - djm@cvs.openbsd.org 2013/10/29 09:42:11
1852 [key.c key.h]
1853 fix potential stack exhaustion caused by nested certificates;
1854 report by Mateusz Kocielski; ok dtucker@ markus@
1855 - djm@cvs.openbsd.org 2013/10/29 09:48:02
1856 [servconf.c servconf.h session.c sshd_config sshd_config.5]
1857 shd_config PermitTTY to disallow TTY allocation, mirroring the
1858 longstanding no-pty authorized_keys option;
1859 bz#2070, patch from Teran McKinney; ok markus@
1860 - jmc@cvs.openbsd.org 2013/10/29 18:49:32
1861 [sshd_config.5]
1862 pty(4), not pty(7);
1863
186420131026
1865 - (djm) OpenBSD CVS Sync
1866 - djm@cvs.openbsd.org 2013/10/25 23:04:51
1867 [ssh.c]
1868 fix crash when using ProxyCommand caused by previous commit - was calling
1869 freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@
1870
187120131025
1872 - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove
1873 unnecessary arc4random_stir() calls. The only ones left are to ensure
1874 that the PRNG gets a different state after fork() for platforms that
1875 have broken the API.
1876
187720131024
1878 - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check
1879 rather than full client name which may be of form user@REALM;
1880 patch from Miguel Sanders; ok dtucker@
1881 - (djm) OpenBSD CVS Sync
1882 - dtucker@cvs.openbsd.org 2013/10/23 05:40:58
1883 [servconf.c]
1884 fix comment
1885 - djm@cvs.openbsd.org 2013/10/23 23:35:32
1886 [sshd.c]
1887 include local address and port in "Connection from ..." message (only
1888 shown at loglevel>=verbose)
1889 - dtucker@cvs.openbsd.org 2013/10/24 00:49:49
1890 [moduli.c]
1891 Periodically print progress and, if possible, expected time to completion
1892 when screening moduli for DH groups. ok deraadt djm
1893 - dtucker@cvs.openbsd.org 2013/10/24 00:51:48
1894 [readconf.c servconf.c ssh_config.5 sshd_config.5]
1895 Disallow empty Match statements and add "Match all" which matches
1896 everything. ok djm, man page help jmc@
1897 - djm@cvs.openbsd.org 2013/10/24 08:19:36
1898 [ssh.c]
1899 fix bug introduced in hostname canonicalisation commit: don't try to
1900 resolve hostnames when a ProxyCommand is set unless the user has forced
1901 canonicalisation; spotted by Iain Morgan
1902 - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd"
1903
190420131023
1905 - (djm) OpenBSD CVS Sync
1906 - djm@cvs.openbsd.org 2013/10/20 04:39:28
1907 [ssh_config.5]
1908 document % expansions performed by "Match command ..."
1909 - djm@cvs.openbsd.org 2013/10/20 06:19:28
1910 [readconf.c ssh_config.5]
1911 rename "command" subclause of the recently-added "Match" keyword to
1912 "exec"; it's shorter, clearer in intent and we might want to add the
1913 ability to match against the command being executed at the remote end in
1914 the future.
1915 - djm@cvs.openbsd.org 2013/10/20 09:51:26
1916 [scp.1 sftp.1]
1917 add canonicalisation options to -o lists
1918 - jmc@cvs.openbsd.org 2013/10/20 18:00:13
1919 [ssh_config.5]
1920 tweak the "exec" description, as worded by djm;
1921 - djm@cvs.openbsd.org 2013/10/23 03:03:07
1922 [readconf.c]
1923 Hostname may have %h sequences that should be expanded prior to Match
1924 evaluation; spotted by Iain Morgan
1925 - djm@cvs.openbsd.org 2013/10/23 03:05:19
1926 [readconf.c ssh.c]
1927 comment
1928 - djm@cvs.openbsd.org 2013/10/23 04:16:22
1929 [ssh-keygen.c]
1930 Make code match documentation: relative-specified certificate expiry time
1931 should be relative to current time and not the validity start time.
1932 Reported by Petr Lautrbach; ok deraadt@
1933
193420131018
1935 - (djm) OpenBSD CVS Sync
1936 - djm@cvs.openbsd.org 2013/10/09 23:44:14
1937 [regress/Makefile regress/sftp-perm.sh]
1938 regression test for sftp request white/blacklisting and readonly mode.
1939 - jmc@cvs.openbsd.org 2013/10/17 07:35:48
1940 [sftp.1 sftp.c]
1941 tweak previous;
1942 - djm@cvs.openbsd.org 2013/10/17 22:08:04
1943 [sshd.c]
1944 include remote port in bad banner message; bz#2162
1945
194620131017
1947 - (djm) OpenBSD CVS Sync
1948 - jmc@cvs.openbsd.org 2013/10/15 14:10:25
1949 [ssh.1 ssh_config.5]
1950 tweak previous;
1951 - djm@cvs.openbsd.org 2013/10/16 02:31:47
1952 [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5]
1953 [sshconnect.c sshconnect.h]
1954 Implement client-side hostname canonicalisation to allow an explicit
1955 search path of domain suffixes to use to convert unqualified host names
1956 to fully-qualified ones for host key matching.
1957 This is particularly useful for host certificates, which would otherwise
1958 need to list unqualified names alongside fully-qualified ones (and this
1959 causes a number of problems).
1960 "looks fine" markus@
1961 - jmc@cvs.openbsd.org 2013/10/16 06:42:25
1962 [ssh_config.5]
1963 tweak previous;
1964 - djm@cvs.openbsd.org 2013/10/16 22:49:39
1965 [readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
1966 s/canonicalise/canonicalize/ for consistency with existing spelling,
1967 e.g. authorized_keys; pointed out by naddy@
1968 - djm@cvs.openbsd.org 2013/10/16 22:58:01
1969 [ssh.c ssh_config.5]
1970 one I missed in previous: s/isation/ization/
1971 - djm@cvs.openbsd.org 2013/10/17 00:30:13
1972 [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
1973 fsync@openssh.com protocol extension for sftp-server
1974 client support to allow calling fsync() faster successful transfer
1975 patch mostly by imorgan AT nas.nasa.gov; bz#1798
1976 "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
1977 - djm@cvs.openbsd.org 2013/10/17 00:46:49
1978 [ssh.c]
1979 rearrange check to reduce diff against -portable
1980 (Id sync only)
1981
198220131015
1983 - (djm) OpenBSD CVS Sync
1984 - djm@cvs.openbsd.org 2013/10/09 23:42:17
1985 [sftp-server.8 sftp-server.c]
1986 Add ability to whitelist and/or blacklist sftp protocol requests by name.
1987 Refactor dispatch loop and consolidate read-only mode checks.
1988 Make global variables static, since sftp-server is linked into sshd(8).
1989 ok dtucker@
1990 - djm@cvs.openbsd.org 2013/10/10 00:53:25
1991 [sftp-server.c]
1992 add -Q, -P and -p to usage() before jmc@ catches me
1993 - djm@cvs.openbsd.org 2013/10/10 01:43:03
1994 [sshd.c]
1995 bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly
1996 updated; ok dtucker@
1997 - djm@cvs.openbsd.org 2013/10/11 02:45:36
1998 [sftp-client.c]
1999 rename flag arguments to be more clear and consistent.
2000 reorder some internal function arguments to make adding additional flags
2001 easier.
2002 no functional change
2003 - djm@cvs.openbsd.org 2013/10/11 02:52:23
2004 [sftp-client.c]
2005 missed one arg reorder
2006 - djm@cvs.openbsd.org 2013/10/11 02:53:45
2007 [sftp-client.h]
2008 obsolete comment
2009 - jmc@cvs.openbsd.org 2013/10/14 14:18:56
2010 [sftp-server.8 sftp-server.c]
2011 tweak previous;
2012 ok djm
2013 - djm@cvs.openbsd.org 2013/10/14 21:20:52
2014 [session.c session.h]
2015 Add logging of session starts in a useful format; ok markus@ feedback and
2016 ok dtucker@
2017 - djm@cvs.openbsd.org 2013/10/14 22:22:05
2018 [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5]
2019 add a "Match" keyword to ssh_config that allows matching on hostname,
2020 user and result of arbitrary commands. "nice work" markus@
2021 - djm@cvs.openbsd.org 2013/10/14 23:28:23
2022 [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c]
2023 refactor client config code a little:
2024 add multistate option partsing to readconf.c, similar to servconf.c's
2025 existing code.
2026 move checking of options that accept "none" as an argument to readconf.c
2027 add a lowercase() function and use it instead of explicit tolower() in
2028 loops
2029 part of a larger diff that was ok markus@
2030 - djm@cvs.openbsd.org 2013/10/14 23:31:01
2031 [ssh.c]
2032 whitespace at EOL; pointed out by markus@
2033 - [ssh.c] g/c unused variable.
2034
203520131010
2036 - (dtucker) OpenBSD CVS Sync
2037 - sthen@cvs.openbsd.org 2013/09/16 11:35:43
2038 [ssh_config]
2039 Remove gssapi config parts from ssh_config, as was already done for
2040 sshd_config. Req by/ok ajacoutot@
2041 ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
2042 - djm@cvs.openbsd.org 2013/09/19 00:24:52
2043 [progressmeter.c]
2044 store the initial file offset so the progress meter doesn't freak out
2045 when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@`
2046 - djm@cvs.openbsd.org 2013/09/19 00:49:12
2047 [sftp-client.c]
2048 fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
2049 - djm@cvs.openbsd.org 2013/09/19 01:24:46
2050 [channels.c]
2051 bz#1297 - tell the client (via packet_send_debug) when their preferred
2052 listen address has been overridden by the server's GatewayPorts;
2053 ok dtucker@
2054 - djm@cvs.openbsd.org 2013/09/19 01:26:29
2055 [sshconnect.c]
2056 bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from
2057 swp AT swp.pp.ru; ok dtucker@
2058 - dtucker@cvs.openbsd.org 2013/10/08 11:42:13
2059 [dh.c dh.h]
2060 Increase the size of the Diffie-Hellman groups requested for a each
2061 symmetric key size. New values from NIST Special Publication 800-57 with
2062 the upper limit specified by RFC4419. Pointed out by Peter Backes, ok
2063 djm@.
2064
206520131009
2066 - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull
2067 in OpenBSD implementation of arc4random, shortly to replace the existing
2068 bsd-arc4random.c
2069 - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c]
2070 [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random
2071 implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@,
2072 tested tim@
2073
207420130922
2075 - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj
2076 setting when handling SIGHUP to maintain behaviour over retart. Patch
2077 from Matthew Ife.
2078
207920130918
2080 - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu.
2081
208220130914
2083 - (djm) OpenBSD CVS Sync
2084 - djm@cvs.openbsd.org 2013/08/22 19:02:21
2085 [sshd.c]
2086 Stir PRNG after post-accept fork. The child gets a different PRNG state
2087 anyway via rexec and explicit privsep reseeds, but it's good to be sure.
2088 ok markus@
2089 - mikeb@cvs.openbsd.org 2013/08/28 12:34:27
2090 [ssh-keygen.c]
2091 improve batch processing a bit by making use of the quite flag a bit
2092 more often and exit with a non zero code if asked to find a hostname
2093 in a known_hosts file and it wasn't there;
2094 originally from reyk@, ok djm
2095 - djm@cvs.openbsd.org 2013/08/31 00:13:54
2096 [sftp.c]
2097 make ^w match ksh behaviour (delete previous word instead of entire line)
2098 - deraadt@cvs.openbsd.org 2013/09/02 22:00:34
2099 [ssh-keygen.c sshconnect1.c sshd.c]
2100 All the instances of arc4random_stir() are bogus, since arc4random()
2101 does this itself, inside itself, and has for a very long time.. Actually,
2102 this was probably reducing the entropy available.
2103 ok djm
2104 ID SYNC ONLY for portable; we don't trust other arc4random implementations
2105 to do this right.
2106 - sthen@cvs.openbsd.org 2013/09/07 13:53:11
2107 [sshd_config]
2108 Remove commented-out kerberos/gssapi config options from sample config,
2109 kerberos support is currently not enabled in ssh in OpenBSD. Discussed with
2110 various people; ok deraadt@
2111 ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
2112 - djm@cvs.openbsd.org 2013/09/12 01:41:12
2113 [clientloop.c]
2114 fix connection crash when sending break (~B) on ControlPersist'd session;
2115 ok dtucker@
2116 - djm@cvs.openbsd.org 2013/09/13 06:54:34
2117 [channels.c]
2118 avoid unaligned access in code that reused a buffer to send a
2119 struct in_addr in a reply; simpler just use use buffer_put_int();
2120 from portable; spotted by and ok dtucker@
2121
212220130828
2123 - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the
2124 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we
2125 start to use them in the future.
2126 - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits
2127 until we have configure support.
2128
212920130821
2130 - (djm) OpenBSD CVS Sync
2131 - djm@cvs.openbsd.org 2013/08/06 23:03:49
2132 [sftp.c]
2133 fix some whitespace at EOL
2134 make list of commands an enum rather than a long list of defines
2135 add -a to usage()
2136 - djm@cvs.openbsd.org 2013/08/06 23:05:01
2137 [sftp.1]
2138 document top-level -a option (the -a option to 'get' was already
2139 documented)
2140 - djm@cvs.openbsd.org 2013/08/06 23:06:01
2141 [servconf.c]
2142 add cast to avoid format warning; from portable
2143 - jmc@cvs.openbsd.org 2013/08/07 06:24:51
2144 [sftp.1 sftp.c]
2145 sort -a;
2146 - djm@cvs.openbsd.org 2013/08/08 04:52:04
2147 [sftp.c]
2148 fix two year old regression: symlinking a file would incorrectly
2149 canonicalise the target path. bz#2129 report from delphij AT freebsd.org
2150 - djm@cvs.openbsd.org 2013/08/08 05:04:03
2151 [sftp-client.c sftp-client.h sftp.c]
2152 add a "-l" flag for the rename command to force it to use the silly
2153 standard SSH_FXP_RENAME command instead of the POSIX-rename- like
2154 posix-rename@openssh.com extension.
2155
2156 intended for use in regress tests, so no documentation.
2157 - djm@cvs.openbsd.org 2013/08/09 03:37:25
2158 [sftp.c]
2159 do getopt parsing for all sftp commands (with an empty optstring for
2160 commands without arguments) to ensure consistent behaviour
2161 - djm@cvs.openbsd.org 2013/08/09 03:39:13
2162 [sftp-client.c]
2163 two problems found by a to-be-committed regress test: 1) msg_id was not
2164 being initialised so was starting at a random value from the heap
2165 (harmless, but confusing). 2) some error conditions were not being
2166 propagated back to the caller
2167 - djm@cvs.openbsd.org 2013/08/09 03:56:42
2168 [sftp.c]
2169 enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word;
2170 matching ksh's relatively recent change.
2171 - djm@cvs.openbsd.org 2013/08/13 18:32:08
2172 [ssh-keygen.c]
2173 typo in error message; from Stephan Rickauer
2174 - djm@cvs.openbsd.org 2013/08/13 18:33:08
2175 [ssh-keygen.c]
2176 another of the same typo
2177 - jmc@cvs.openbsd.org 2013/08/14 08:39:27
2178 [scp.1 ssh.1]
2179 some Bx/Ox conversion;
2180 From: Jan Stary
2181 - djm@cvs.openbsd.org 2013/08/20 00:11:38
2182 [readconf.c readconf.h ssh_config.5 sshconnect.c]
2183 Add a ssh_config ProxyUseFDPass option that supports the use of
2184 ProxyCommands that establish a connection and then pass a connected
2185 file descriptor back to ssh(1). This allows the ProxyCommand to exit
2186 rather than have to shuffle data back and forth and enables ssh to use
2187 getpeername, etc. to obtain address information just like it does with
2188 regular directly-connected sockets. ok markus@
2189 - jmc@cvs.openbsd.org 2013/08/20 06:56:07
2190 [ssh.1 ssh_config.5]
2191 some proxyusefdpass tweaks;
2192
219320130808
2194 - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt
2195 since some platforms (eg really old FreeBSD) don't have it. Instead,
2196 run "make clean" before a complete regress run. ok djm.
2197 - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime(
2198 CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the
2199 CLOCK_MONOTONIC define but don't actually support it. Found and tested
2200 by Kevin Brott, ok djm.
2201 - (dtucker) [misc.c] Remove define added for fallback testing that was
2202 mistakenly included in the previous commit.
2203 - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt
2204 removal. The "make clean" removes modpipe which is built by the top-level
2205 directory before running the tests. Spotted by tim@
2206 - (djm) Release 6.3p1
2207
220820130804
2209 - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support
2210 for building with older Heimdal versions. ok djm.
2211
221220130801
2213 - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non-
2214 blocking connecting socket will clear any stored errno that might
2215 otherwise have been retrievable via getsockopt(). A hack to limit writes
2216 to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap
2217 it in an #ifdef. Diagnosis and patch from Ivo Raisr.
2218 - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134
2219
222020130725
2221 - (djm) OpenBSD CVS Sync
2222 - djm@cvs.openbsd.org 2013/07/20 22:20:42
2223 [krl.c]
2224 fix verification error in (as-yet usused) KRL signature checking path
2225 - djm@cvs.openbsd.org 2013/07/22 05:00:17
2226 [umac.c]
2227 make MAC key, data to be hashed and nonce for final hash const;
2228 checked with -Wcast-qual
2229 - djm@cvs.openbsd.org 2013/07/22 12:20:02
2230 [umac.h]
2231 oops, forgot to commit corresponding header change;
2232 spotted by jsg and jasper
2233 - djm@cvs.openbsd.org 2013/07/25 00:29:10
2234 [ssh.c]
2235 daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure
2236 it is fully detached from its controlling terminal. based on debugging
2237 - djm@cvs.openbsd.org 2013/07/25 00:56:52
2238 [sftp-client.c sftp-client.h sftp.1 sftp.c]
2239 sftp support for resuming partial downloads; patch mostly by Loganaden
2240 Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@
2241 "Just be careful" deraadt@
2242 - djm@cvs.openbsd.org 2013/07/25 00:57:37
2243 [version.h]
2244 openssh-6.3 for release
2245 - dtucker@cvs.openbsd.org 2013/05/30 20:12:32
2246 [regress/test-exec.sh]
2247 use ssh and sshd as testdata since it needs to be >256k for the rekey test
2248 - dtucker@cvs.openbsd.org 2013/06/10 21:56:43
2249 [regress/forwarding.sh]
2250 Add test for forward config parsing
2251 - djm@cvs.openbsd.org 2013/06/21 02:26:26
2252 [regress/sftp-cmds.sh regress/test-exec.sh]
2253 unbreak sftp-cmds for renamed test data (s/ls/data/)
2254 - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on
2255 Solaris and UnixWare. Feedback and OK djm@
2256 - (tim) [regress/forwarding.sh] Fix for building outside source tree.
2257
225820130720
2259 - (djm) OpenBSD CVS Sync
2260 - markus@cvs.openbsd.org 2013/07/19 07:37:48
2261 [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
2262 [servconf.h session.c sshd.c sshd_config.5]
2263 add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
2264 or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
2265 ok djm@
2266 - djm@cvs.openbsd.org 2013/07/20 01:43:46
2267 [umac.c]
2268 use a union to ensure correct alignment; ok deraadt
2269 - djm@cvs.openbsd.org 2013/07/20 01:44:37
2270 [ssh-keygen.c ssh.c]
2271 More useful error message on missing current user in /etc/passwd
2272 - djm@cvs.openbsd.org 2013/07/20 01:50:20
2273 [ssh-agent.c]
2274 call cleanup_handler on SIGINT when in debug mode to ensure sockets
2275 are cleaned up on manual exit; bz#2120
2276 - djm@cvs.openbsd.org 2013/07/20 01:55:13
2277 [auth-krb5.c gss-serv-krb5.c gss-serv.c]
2278 fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@
2279
228020130718
2281 - (djm) OpenBSD CVS Sync
2282 - dtucker@cvs.openbsd.org 2013/06/10 19:19:44
2283 [readconf.c]
2284 revert 1.203 while we investigate crashes reported by okan@
2285 - guenther@cvs.openbsd.org 2013/06/17 04:48:42
2286 [scp.c]
2287 Handle time_t values as long long's when formatting them and when
2288 parsing them from remote servers.
2289 Improve error checking in parsing of 'T' lines.
2290 ok dtucker@ deraadt@
2291 - markus@cvs.openbsd.org 2013/06/20 19:15:06
2292 [krl.c]
2293 don't leak the rdata blob on errors; ok djm@
2294 - djm@cvs.openbsd.org 2013/06/21 00:34:49
2295 [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c]
2296 for hostbased authentication, print the client host and user on
2297 the auth success/failure line; bz#2064, ok dtucker@
2298 - djm@cvs.openbsd.org 2013/06/21 00:37:49
2299 [ssh_config.5]
2300 explicitly mention that IdentitiesOnly can be used with IdentityFile
2301 to control which keys are offered from an agent.
2302 - djm@cvs.openbsd.org 2013/06/21 05:42:32
2303 [dh.c]
2304 sprinkle in some error() to explain moduli(5) parse failures
2305 - djm@cvs.openbsd.org 2013/06/21 05:43:10
2306 [scp.c]
2307 make this -Wsign-compare clean after time_t conversion
2308 - djm@cvs.openbsd.org 2013/06/22 06:31:57
2309 [scp.c]
2310 improved time_t overflow check suggested by guenther@
2311 - jmc@cvs.openbsd.org 2013/06/27 14:05:37
2312 [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
2313 do not use Sx for sections outwith the man page - ingo informs me that
2314 stuff like html will render with broken links;
2315 issue reported by Eric S. Raymond, via djm
2316 - markus@cvs.openbsd.org 2013/07/02 12:31:43
2317 [dh.c]
2318 remove extra whitespace
2319 - djm@cvs.openbsd.org 2013/07/12 00:19:59
2320 [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
2321 [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
2322 fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
2323 - djm@cvs.openbsd.org 2013/07/12 00:20:00
2324 [sftp.c ssh-keygen.c ssh-pkcs11.c]
2325 fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
2326 - djm@cvs.openbsd.org 2013/07/12 00:43:50
2327 [misc.c]
2328 in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when
2329 errno == 0. Avoids confusing error message in some broken resolver
2330 cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker
2331 - djm@cvs.openbsd.org 2013/07/12 05:42:03
2332 [ssh-keygen.c]
2333 do_print_resource_record() can never be called with a NULL filename, so
2334 don't attempt (and bungle) asking for one if it has not been specified
2335 bz#2127 ok dtucker@
2336 - djm@cvs.openbsd.org 2013/07/12 05:48:55
2337 [ssh.c]
2338 set TCP nodelay for connections started with -N; bz#2124 ok dtucker@
2339 - schwarze@cvs.openbsd.org 2013/07/16 00:07:52
2340 [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8]
2341 use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@
2342 - djm@cvs.openbsd.org 2013/07/18 01:12:26
2343 [ssh.1]
2344 be more exact wrt perms for ~/.ssh/config; bz#2078
2345
234620130702
2347 - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config
2348 contrib/cygwin/ssh-user-config] Modernizes and improve readability of
2349 the Cygwin README file (which hasn't been updated for ages), drop
2350 unsupported OSes from the ssh-host-config help text, and drop an
2351 unneeded option from ssh-user-config. Patch from vinschen at redhat com.
2352
235320130610
2354 - (djm) OpenBSD CVS Sync
2355 - dtucker@cvs.openbsd.org 2013/06/07 15:37:52
2356 [channels.c channels.h clientloop.c]
2357 Add an "ABANDONED" channel state and use for mux sessions that are
2358 disconnected via the ~. escape sequence. Channels in this state will
2359 be able to close if the server responds, but do not count as active channels.
2360 This means that if you ~. all of the mux clients when using ControlPersist
2361 on a broken network, the backgrounded mux master will exit when the
2362 Control Persist time expires rather than hanging around indefinitely.
2363 bz#1917, also reported and tested by tedu@. ok djm@ markus@.
2364 - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported
2365 algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
2366 - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have
2367 the required OpenSSL support. Patch from naddy at freebsd.
2368 - (dtucker) [myproposal.h] Make the conditional algorithm support consistent
2369 and add some comments so it's clear what goes where.
2370
237120130605
2372 - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of
2373 the necessary functions, not from the openssl version.
2374 - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test.
2375 Patch from cjwatson at debian.
2376 - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the
2377 forwarding test is extremely slow copying data on some machines so switch
2378 back to copying the much smaller ls binary until we can figure out why
2379 this is.
2380 - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building
2381 modpipe in case there's anything in there we need.
2382 - (dtucker) OpenBSD CVS Sync
2383 - dtucker@cvs.openbsd.org 2013/06/02 21:01:51
2384 [channels.h]
2385 typo in comment
2386 - dtucker@cvs.openbsd.org 2013/06/02 23:36:29
2387 [clientloop.h clientloop.c mux.c]
2388 No need for the mux cleanup callback to be visible so restore it to static
2389 and call it through the detach_user function pointer. ok djm@
2390 - dtucker@cvs.openbsd.org 2013/06/03 00:03:18
2391 [mac.c]
2392 force the MAC output to be 64-bit aligned so umac won't see unaligned
2393 accesses on strict-alignment architectures. bz#2101, patch from
2394 tomas.kuthan at oracle.com, ok djm@
2395 - dtucker@cvs.openbsd.org 2013/06/04 19:12:23
2396 [scp.c]
2397 use MAXPATHLEN for buffer size instead of fixed value. ok markus
2398 - dtucker@cvs.openbsd.org 2013/06/04 20:42:36
2399 [sftp.c]
2400 Make sftp's libedit interface marginally multibyte aware by building up
2401 the quoted string by character instead of by byte. Prevents failures
2402 when linked against a libedit built with wide character support (bz#1990).
2403 "looks ok" djm
2404 - dtucker@cvs.openbsd.org 2013/06/05 02:07:29
2405 [mux.c]
2406 fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967,
2407 ok djm
2408 - dtucker@cvs.openbsd.org 2013/06/05 02:27:50
2409 [sshd.c]
2410 When running sshd -D, close stderr unless we have explicitly requesting
2411 logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch
2412 so, err, ok dtucker.
2413 - dtucker@cvs.openbsd.org 2013/06/05 12:52:38
2414 [sshconnect2.c]
2415 Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djm
2416 - dtucker@cvs.openbsd.org 2013/06/05 22:00:28
2417 [readconf.c]
2418 plug another memleak. bz#1967, from Zhenbo Xu, detected by Melton, ok djm
2419 - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for
2420 platforms that don't have multibyte character support (specifically,
2421 mblen).
2422
242320130602
2424 - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy
2425 linking regress/modpipe.
2426 - (dtucker) OpenBSD CVS Sync
2427 - dtucker@cvs.openbsd.org 2013/06/02 13:33:05
2428 [progressmeter.c]
2429 Add misc.h for monotime prototype. (ID sync only).
2430 - dtucker@cvs.openbsd.org 2013/06/02 13:35:58
2431 [ssh-agent.c]
2432 Make parent_alive_interval time_t to avoid signed/unsigned comparison
2433 - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platforms
2434 to prevent noise from configure. Patch from Nathan Osman. (bz#2114).
2435 - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android.
2436 Patch from Nathan Osman.
2437 - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we
2438 need a shell that can handle "[ file1 -nt file2 ]". Rather than keep
2439 dealing with shell portability issues in regression tests, we let
2440 configure find us a capable shell on those platforms with an old /bin/sh.
2441 - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr.
2442 feedback and ok dtucker
2443 - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker
2444 - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h.
2445 - (dtucker) [configure.ac] Some other platforms need sys/types.h before
2446 sys/socket.h.
2447
244820130601
2449 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to
2450 using openssl's DES_crypt function on platorms that don't have a native
2451 one, eg Android. Based on a patch from Nathan Osman.
2452 - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS
2453 rather than trying to enumerate the plaforms that don't have them.
2454 Based on a patch from Nathan Osman, with help from tim@.
2455 - (dtucker) OpenBSD CVS Sync
2456 - djm@cvs.openbsd.org 2013/05/17 00:13:13
2457 [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
2458 ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
2459 gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
2460 auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
2461 servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
2462 auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
2463 sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
2464 kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
2465 kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
2466 monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
2467 ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
2468 sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
2469 ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
2470 dns.c packet.c readpass.c authfd.c moduli.c]
2471 bye, bye xfree(); ok markus@
2472 - djm@cvs.openbsd.org 2013/05/19 02:38:28
2473 [auth2-pubkey.c]
2474 fix failure to recognise cert-authority keys if a key of a different type
2475 appeared in authorized_keys before it; ok markus@
2476 - djm@cvs.openbsd.org 2013/05/19 02:42:42
2477 [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h]
2478 Standardise logging of supplemental information during userauth. Keys
2479 and ruser is now logged in the auth success/failure message alongside
2480 the local username, remote host/port and protocol in use. Certificates
2481 contents and CA are logged too.
2482 Pushing all logging onto a single line simplifies log analysis as it is
2483 no longer necessary to relate information scattered across multiple log
2484 entries. "I like it" markus@
2485 - dtucker@cvs.openbsd.org 2013/05/31 12:28:10
2486 [ssh-agent.c]
2487 Use time_t where appropriate. ok djm
2488 - dtucker@cvs.openbsd.org 2013/06/01 13:15:52
2489 [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c
2490 channels.c sandbox-systrace.c]
2491 Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like
2492 keepalives and rekeying will work properly over clock steps. Suggested by
2493 markus@, "looks good" djm@.
2494 - dtucker@cvs.openbsd.org 2013/06/01 20:59:25
2495 [scp.c sftp-client.c]
2496 Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch
2497 from Nathan Osman via bz#2085. ok deraadt.
2498 - dtucker@cvs.openbsd.org 2013/06/01 22:34:50
2499 [sftp-client.c]
2500 Update progressmeter when data is acked, not when it's sent. bz#2108, from
2501 Debian via Colin Watson, ok djm@
2502 - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c
2503 groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
2504 sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
2505 openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
2506 openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
2507 with the equivalent calls to free.
2508 - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall
2509 back to time(NULL) if we can't find it anywhere.
2510 - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday.
2511
251220130529
2513 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null
2514 implementation of endgrent for platforms that don't have it (eg Android).
2515 Loosely based on a patch from Nathan Osman, ok djm
2516
2517 20130517
2518 - (dtucker) OpenBSD CVS Sync
2519 - djm@cvs.openbsd.org 2013/03/07 00:20:34
2520 [regress/proxy-connect.sh]
2521 repeat test with a style appended to the username
2522 - dtucker@cvs.openbsd.org 2013/03/23 11:09:43
2523 [regress/test-exec.sh]
2524 Only regenerate host keys if they don't exist or if ssh-keygen has changed
2525 since they were. Reduces test runtime by 5-30% depending on machine
2526 speed.
2527 - dtucker@cvs.openbsd.org 2013/04/06 06:00:22
2528 [regress/rekey.sh regress/test-exec.sh regress/integrity.sh
2529 regress/multiplex.sh Makefile regress/cfgmatch.sh]
2530 Split the regress log into 3 parts: the debug output from ssh, the debug
2531 log from sshd and the output from the client command (ssh, scp or sftp).
2532 Somewhat functional now, will become more useful when ssh/sshd -E is added.
2533 - dtucker@cvs.openbsd.org 2013/04/07 02:16:03
2534 [regress/Makefile regress/rekey.sh regress/integrity.sh
2535 regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
2536 use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
2537 save the output from any failing tests. If a test fails the debug output
2538 from ssh and sshd for the failing tests (and only the failing tests) should
2539 be available in failed-ssh{,d}.log.
2540 - djm@cvs.openbsd.org 2013/04/18 02:46:12
2541 [regress/Makefile regress/sftp-chroot.sh]
2542 test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
2543 - dtucker@cvs.openbsd.org 2013/04/22 07:23:08
2544 [regress/multiplex.sh]
2545 Write mux master logs to regress.log instead of ssh.log to keep separate
2546 - djm@cvs.openbsd.org 2013/05/10 03:46:14
2547 [regress/modpipe.c]
2548 sync some portability changes from portable OpenSSH (id sync only)
2549 - dtucker@cvs.openbsd.org 2013/05/16 02:10:35
2550 [regress/rekey.sh]
2551 Add test for time-based rekeying
2552 - dtucker@cvs.openbsd.org 2013/05/16 03:33:30
2553 [regress/rekey.sh]
2554 test rekeying when there's no data being transferred
2555 - dtucker@cvs.openbsd.org 2013/05/16 04:26:10
2556 [regress/rekey.sh]
2557 add server-side rekey test
2558 - dtucker@cvs.openbsd.org 2013/05/16 05:48:31
2559 [regress/rekey.sh]
2560 add tests for RekeyLimit parsing
2561 - dtucker@cvs.openbsd.org 2013/05/17 00:37:40
2562 [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
2563 regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
2564 regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
2565 regress/ssh-com.sh]
2566 replace 'echo -n' with 'printf' since it's more portable
2567 also remove "echon" hack.
2568 - dtucker@cvs.openbsd.org 2013/05/17 01:16:09
2569 [regress/agent-timeout.sh]
2570 Pull back some portability changes from -portable:
2571 - TIMEOUT is a read-only variable in some shells
2572 - not all greps have -q so redirect to /dev/null instead.
2573 (ID sync only)
2574 - dtucker@cvs.openbsd.org 2013/05/17 01:32:11
2575 [regress/integrity.sh]
2576 don't print output from ssh before getting it (it's available in ssh.log)
2577 - dtucker@cvs.openbsd.org 2013/05/17 04:29:14
2578 [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh
2579 regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh
2580 regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh
2581 regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh
2582 regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh
2583 regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh
2584 regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh
2585 regress/multiplex.sh]
2586 Move the setting of DATA and COPY into test-exec.sh
2587 - dtucker@cvs.openbsd.org 2013/05/17 10:16:26
2588 [regress/try-ciphers.sh]
2589 use expr for math to keep diffs vs portable down
2590 (id sync only)
2591 - dtucker@cvs.openbsd.org 2013/05/17 10:23:52
2592 [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh]
2593 Use SUDO when cat'ing pid files and running the sshd log wrapper so that
2594 it works with a restrictive umask and the pid files are not world readable.
2595 Changes from -portable. (id sync only)
2596 - dtucker@cvs.openbsd.org 2013/05/17 10:24:48
2597 [regress/localcommand.sh]
2598 use backticks for portability. (id sync only)
2599 - dtucker@cvs.openbsd.org 2013/05/17 10:26:26
2600 [regress/sftp-badcmds.sh]
2601 remove unused BATCH variable. (id sync only)
2602 - dtucker@cvs.openbsd.org 2013/05/17 10:28:11
2603 [regress/sftp.sh]
2604 only compare copied data if sftp succeeds. from portable (id sync only)
2605 - dtucker@cvs.openbsd.org 2013/05/17 10:30:07
2606 [regress/test-exec.sh]
2607 wait a bit longer for startup and use case for absolute path.
2608 from portable (id sync only)
2609 - dtucker@cvs.openbsd.org 2013/05/17 10:33:09
2610 [regress/agent-getpeereid.sh]
2611 don't redirect stdout from sudo. from portable (id sync only)
2612 - dtucker@cvs.openbsd.org 2013/05/17 10:34:30
2613 [regress/portnum.sh]
2614 use a more portable negated if structure. from portable (id sync only)
2615 - dtucker@cvs.openbsd.org 2013/05/17 10:35:43
2616 [regress/scp.sh]
2617 use a file extention that's not special on some platforms. from portable
2618 (id sync only)
2619 - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it
2620 in portable and it's long gone in openbsd.
2621 - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange
2622 methods. When the openssl version doesn't support ECDH then next one on
2623 the list is DH group exchange, but that causes a bit more traffic which can
2624 mean that the tests flip bits in the initial exchange rather than the MACed
2625 traffic and we get different errors to what the tests look for.
2626 - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits.
2627 - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd.
2628 - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd.
2629 - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh]
2630 Move the jot helper function to portable-specific part of test-exec.sh.
2631 - (dtucker) [regress/test-exec.sh] Move the portable-specific functions
2632 together and add a couple of missing lines from openbsd.
2633 - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5
2634 helper function to the portable part of test-exec.sh.
2635 - (dtucker) [regress/runtests.sh] Remove obsolete test driver script.
2636 - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by
2637 rev 1.6 which calls wait.
2638
263920130516
2640 - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be
2641 executed if mktemp failed; bz#2105 ok dtucker@
2642 - (dtucker) OpenBSD CVS Sync
2643 - tedu@cvs.openbsd.org 2013/04/23 17:49:45
2644 [misc.c]
2645 use xasprintf instead of a series of strlcats and strdup. ok djm
2646 - tedu@cvs.openbsd.org 2013/04/24 16:01:46
2647 [misc.c]
2648 remove extra parens noticed by nicm
2649 - dtucker@cvs.openbsd.org 2013/05/06 07:35:12
2650 [sftp-server.8]
2651 Reference the version of the sftp draft we actually implement. ok djm@
2652 - djm@cvs.openbsd.org 2013/05/10 03:40:07
2653 [sshconnect2.c]
2654 fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
2655 Colin Watson
2656 - djm@cvs.openbsd.org 2013/05/10 04:08:01
2657 [key.c]
2658 memleak in cert_free(), wasn't actually freeing the struct;
2659 bz#2096 from shm AT digitalsun.pl
2660 - dtucker@cvs.openbsd.org 2013/05/10 10:13:50
2661 [ssh-pkcs11-helper.c]
2662 remove unused extern optarg. ok markus@
2663 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34
2664 [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
2665 ssh_config.5 packet.h]
2666 Add an optional second argument to RekeyLimit in the client to allow
2667 rekeying based on elapsed time in addition to amount of traffic.
2668 with djm@ jmc@, ok djm
2669 - dtucker@cvs.openbsd.org 2013/05/16 04:09:14
2670 [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
2671 sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
2672 rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
2673 page.
2674 - djm@cvs.openbsd.org 2013/05/16 04:27:50
2675 [ssh_config.5 readconf.h readconf.c]
2676 add the ability to ignore specific unrecognised ssh_config options;
2677 bz#866; ok markus@
2678 - jmc@cvs.openbsd.org 2013/05/16 06:28:45
2679 [ssh_config.5]
2680 put IgnoreUnknown in the right place;
2681 - jmc@cvs.openbsd.org 2013/05/16 06:30:06
2682 [sshd_config.5]
2683 oops! avoid Xr to self;
2684 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41
2685 [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
2686 Fix some "unused result" warnings found via clang and -portable.
2687 ok markus@
2688 - dtucker@cvs.openbsd.org 2013/05/16 09:12:31
2689 [readconf.c servconf.c]
2690 switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@
2691 - dtucker@cvs.openbsd.org 2013/05/16 10:43:34
2692 [servconf.c readconf.c]
2693 remove now-unused variables
2694 - dtucker@cvs.openbsd.org 2013/05/16 10:44:06
2695 [servconf.c]
2696 remove another now-unused variable
2697 - (dtucker) [configure.ac readconf.c servconf.c
2698 openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
2699
270020130510
2701 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler
2702 supports it. Mentioned by Colin Watson in bz#2100, ok djm.
2703 - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to
2704 getopt.c. Preprocessed source is identical other than line numbers.
2705 - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No
2706 portability changes yet.
2707 - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c
2708 openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
2709 portability code to getopt_long.c and switch over Makefile and the ugly
2710 hack in modpipe.c. Fixes bz#1448.
2711 - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c
2712 openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
2713 in to use it when we're using our own getopt.
2714 - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the
2715 underlying libraries support them.
2716 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so
2717 we don't get a warning on compilers that *don't* support it. Add
2718 -Wno-unknown-warning-option. Move both to the start of the list for
2719 maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
2720
272120130423
2722 - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support
2723 platforms, such as Android, that lack struct passwd.pw_gecos. Report
2724 and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@
2725 - (djm) OpenBSD CVS Sync
2726 - markus@cvs.openbsd.org 2013/03/05 20:16:09
2727 [sshconnect2.c]
2728 reset pubkey order on partial success; ok djm@
2729 - djm@cvs.openbsd.org 2013/03/06 23:35:23
2730 [session.c]
2731 fatal() when ChrootDirectory specified by running without root privileges;
2732 ok markus@
2733 - djm@cvs.openbsd.org 2013/03/06 23:36:53
2734 [readconf.c]
2735 g/c unused variable (-Wunused)
2736 - djm@cvs.openbsd.org 2013/03/07 00:19:59
2737 [auth2-pubkey.c monitor.c]
2738 reconstruct the original username that was sent by the client, which may
2739 have included a style (e.g. "root:skey") when checking public key
2740 signatures. Fixes public key and hostbased auth when the client specified
2741 a style; ok markus@
2742 - markus@cvs.openbsd.org 2013/03/07 19:27:25
2743 [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5]
2744 add submethod support to AuthenticationMethods; ok and freedback djm@
2745 - djm@cvs.openbsd.org 2013/03/08 06:32:58
2746 [ssh.c]
2747 allow "ssh -f none ..." ok markus@
2748 - djm@cvs.openbsd.org 2013/04/05 00:14:00
2749 [auth2-gss.c krl.c sshconnect2.c]
2750 hush some {unused, printf type} warnings
2751 - djm@cvs.openbsd.org 2013/04/05 00:31:49
2752 [pathnames.h]
2753 use the existing _PATH_SSH_USER_RC define to construct the other
2754 pathnames; bz#2077, ok dtucker@ (no binary change)
2755 - djm@cvs.openbsd.org 2013/04/05 00:58:51
2756 [mux.c]
2757 cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too
2758 (in addition to ones already in OPEN); bz#2079, ok dtucker@
2759 - markus@cvs.openbsd.org 2013/04/06 16:07:00
2760 [channels.c sshd.c]
2761 handle ECONNABORTED for accept(); ok deraadt some time ago...
2762 - dtucker@cvs.openbsd.org 2013/04/07 02:10:33
2763 [log.c log.h ssh.1 ssh.c sshd.8 sshd.c]
2764 Add -E option to ssh and sshd to append debugging logs to a specified file
2765 instead of stderr or syslog. ok markus@, man page help jmc@
2766 - dtucker@cvs.openbsd.org 2013/04/07 09:40:27
2767 [sshd.8]
2768 clarify -e text. suggested by & ok jmc@
2769 - djm@cvs.openbsd.org 2013/04/11 02:27:50
2770 [packet.c]
2771 quiet disconnect notifications on the server from error() back to logit()
2772 if it is a normal client closure; bz#2057 ok+feedback dtucker@
2773 - dtucker@cvs.openbsd.org 2013/04/17 09:04:09
2774 [session.c]
2775 revert rev 1.262; it fails because uid is already set here. ok djm@
2776 - djm@cvs.openbsd.org 2013/04/18 02:16:07
2777 [sftp.c]
2778 make "sftp -q" do what it says on the sticker: hush everything but errors;
2779 ok dtucker@
2780 - djm@cvs.openbsd.org 2013/04/19 01:00:10
2781 [sshd_config.5]
2782 document the requirment that the AuthorizedKeysCommand be owned by root;
2783 ok dtucker@ markus@
2784 - djm@cvs.openbsd.org 2013/04/19 01:01:00
2785 [ssh-keygen.c]
2786 fix some memory leaks; bz#2088 ok dtucker@
2787 - djm@cvs.openbsd.org 2013/04/19 01:03:01
2788 [session.c]
2789 reintroduce 1.262 without the connection-killing bug:
2790 fatal() when ChrootDirectory specified by running without root privileges;
2791 ok markus@
2792 - djm@cvs.openbsd.org 2013/04/19 01:06:50
2793 [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
2794 [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
2795 add the ability to query supported ciphers, MACs, key type and KEX
2796 algorithms to ssh. Includes some refactoring of KEX and key type handling
2797 to be table-driven; ok markus@
2798 - djm@cvs.openbsd.org 2013/04/19 11:10:18
2799 [ssh.c]
2800 add -Q to usage; reminded by jmc@
2801 - djm@cvs.openbsd.org 2013/04/19 12:07:08
2802 [kex.c]
2803 remove duplicated list entry pointed out by naddy@
2804 - dtucker@cvs.openbsd.org 2013/04/22 01:17:18
2805 [mux.c]
2806 typo in debug output: evitval->exitval
2807
280820130418
2809 - (djm) [config.guess config.sub] Update to last versions before they switch
2810 to GPL3. ok dtucker@
2811 - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from
2812 unused argument warnings (in particular, -fno-builtin-memset) from clang.
2813
281420130404
2815 - (dtucker) OpenBSD CVS Sync
2816 - dtucker@cvs.openbsd.org 2013/02/17 23:16:57
2817 [readconf.c ssh.c readconf.h sshconnect2.c]
2818 Keep track of which IndentityFile options were manually supplied and which
2819 were default options, and don't warn if the latter are missing.
2820 ok markus@
2821 - dtucker@cvs.openbsd.org 2013/02/19 02:12:47
2822 [krl.c]
2823 Remove bogus include. ok djm
2824 - dtucker@cvs.openbsd.org 2013/02/22 04:45:09
2825 [ssh.c readconf.c readconf.h]
2826 Don't complain if IdentityFiles specified in system-wide configs are
2827 missing. ok djm, deraadt.
2828 - markus@cvs.openbsd.org 2013/02/22 19:13:56
2829 [sshconnect.c]
2830 support ProxyCommand=- (stdin/out already point to the proxy); ok djm@
2831 - djm@cvs.openbsd.org 2013/02/22 22:09:01
2832 [ssh.c]
2833 Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier
2834 version)
2835
283620130401
2837 - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h
2838 to avoid conflicting definitions of __int64, adding the required bits.
2839 Patch from Corinna Vinschen.
2840
284120130323
2842 - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit.
2843
284420130322
2845 - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil
2846 Hands' greatly revised version.
2847 - (djm) Release 6.2p1
2848 - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype.
2849 - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before
2850 defining it again. Prevents warnings if someone, eg, sets it in CFLAGS.
2851
285220130318
2853 - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c]
2854 [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's
2855 so mark it as broken. Patch from des AT des.no
2856
285720130317
2858 - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none
2859 of the bits the configure test looks for.
2860
286120130316
2862 - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform
2863 is unable to successfully compile them. Based on patch from des AT
2864 des.no
2865 - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
2866 Add a usleep replacement for platforms that lack it; ok dtucker
2867 - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to
2868 occur after UID switch; patch from John Marshall via des AT des.no;
2869 ok dtucker@
2870
287120130312
2872 - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]
2873 Improve portability of cipher-speed test, based mostly on a patch from
2874 Iain Morgan.
2875 - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")
2876 in addition to root as an owner of system directories on AIX and HP-UX.
2877 ok djm@
2878
287920130307
2880 - (dtucker) [INSTALL] Bump documented autoconf version to what we're
2881 currently using.
2882 - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it
2883 was removed in configure.ac rev 1.481 as it was redundant.
2884 - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days
2885 ago.
2886 - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a
2887 chance to complete on broken systems; ok dtucker@
2888
288920130306
2890 - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding
2891 connection to start so that the test works on slower machines.
2892 - (dtucker) [configure.ac] test that we can set number of file descriptors
2893 to zero with setrlimit before enabling the rlimit sandbox. This affects
2894 (at least) HPUX 11.11.
2895
289620130305
2897 - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for
2898 HP/UX. Spotted by Kevin Brott
2899 - (dtucker) [configure.ac] use "=" for shell test and not "==". Spotted by
2900 Amit Kulkarni and Kevin Brott.
2901 - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure
2902 build breakage on (at least) HP-UX 11.11. Found by Amit Kulkarni and Kevin
2903 Brott.
2904 - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov.
2905
290620130227
2907 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
2908 [contrib/suse/openssh.spec] Crank version numbers
2909 - (tim) [regress/forward-control.sh] use sh in case login shell is csh.
2910 - (tim) [regress/integrity.sh] shell portability fix.
2911 - (tim) [regress/integrity.sh] keep old solaris awk from hanging.
2912 - (tim) [regress/krl.sh] keep old solaris awk from hanging.
2913
291420130226
2915 - OpenBSD CVS Sync
2916 - djm@cvs.openbsd.org 2013/02/20 08:27:50
2917 [integrity.sh]
2918 Add an option to modpipe that warns if the modification offset it not
2919 reached in it's stream and turn it on for t-integrity. This should catch
2920 cases where the session is not fuzzed for being too short (cf. my last
2921 "oops" commit)
2922 - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage
2923 for UsePAM=yes configuration
2924
292520130225
2926 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed
2927 to use Solaris native GSS libs. Patch from Pierre Ossman.
2928
292920130223
2930 - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer
2931 bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu.
2932 ok tim
2933
293420130222
2935 - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to
2936 ssh(1) since they're not needed. Patch from Pierre Ossman, ok djm.
2937 - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named
2938 libgss too. Patch from Pierre Ossman, ok djm.
2939 - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux
2940 seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com;
2941 ok dtucker
2942
294320130221
2944 - (tim) [regress/forward-control.sh] shell portability fix.
2945
294620130220
2947 - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix.
2948 - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded
2949 err.h include from krl.c. Additional portability fixes for modpipe. OK djm
2950 - OpenBSD CVS Sync
2951 - djm@cvs.openbsd.org 2013/02/20 08:27:50
2952 [regress/integrity.sh regress/modpipe.c]
2953 Add an option to modpipe that warns if the modification offset it not
2954 reached in it's stream and turn it on for t-integrity. This should catch
2955 cases where the session is not fuzzed for being too short (cf. my last
2956 "oops" commit)
2957 - djm@cvs.openbsd.org 2013/02/20 08:29:27
2958 [regress/modpipe.c]
2959 s/Id/OpenBSD/ in RCS tag
2960
296120130219
2962 - OpenBSD CVS Sync
2963 - djm@cvs.openbsd.org 2013/02/18 22:26:47
2964 [integrity.sh]
2965 crank the offset yet again; it was still fuzzing KEX one of Darren's
2966 portable test hosts at 2800
2967 - djm@cvs.openbsd.org 2013/02/19 02:14:09
2968 [integrity.sh]
2969 oops, forgot to increase the output of the ssh command to ensure that
2970 we actually reach $offset
2971 - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that
2972 lack support for SHA2.
2973 - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms
2974 that do not have them.
2975
297620130217
2977 - OpenBSD CVS Sync
2978 - djm@cvs.openbsd.org 2013/02/17 23:16:55
2979 [integrity.sh]
2980 make the ssh command generates some output to ensure that there are at
2981 least offset+tries bytes in the stream.
2982
298320130216
2984 - OpenBSD CVS Sync
2985 - djm@cvs.openbsd.org 2013/02/16 06:08:45
2986 [integrity.sh]
2987 make sure the fuzz offset is actually past the end of KEX for all KEX
2988 types. diffie-hellman-group-exchange-sha256 requires an offset around
2989 2700. Noticed via test failures in portable OpenSSH on platforms that
2990 lack ECC and this the more byte-frugal ECDH KEX algorithms.
2991
299220130215
2993 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from
2994 Iain Morgan
2995 - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
2996 Use getpgrp() if we don't have getpgid() (old BSDs, maybe others).
2997 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c
2998 openbsd-compat/openbsd-compat.h] Add strtoull to compat library for
2999 platforms that don't have it.
3000 - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul,
3001 group strto* function prototypes together.
3002 - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes
3003 an argument. Pointed out by djm.
3004 - (djm) OpenBSD CVS Sync
3005 - djm@cvs.openbsd.org 2013/02/14 21:35:59
3006 [auth2-pubkey.c]
3007 Correct error message that had a typo and was logging the wrong thing;
3008 patch from Petr Lautrbach
3009 - dtucker@cvs.openbsd.org 2013/02/15 00:21:01
3010 [sshconnect2.c]
3011 Warn more loudly if an IdentityFile provided by the user cannot be read.
3012 bz #1981, ok djm@
3013
301420130214
3015 - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC.
3016 - (djm) [regress/krl.sh] typo; found by Iain Morgan
3017 - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead
3018 of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by
3019 Iain Morgan
3020
302120130212
3022 - (djm) OpenBSD CVS Sync
3023 - djm@cvs.openbsd.org 2013/01/24 21:45:37
3024 [krl.c]
3025 fix handling of (unused) KRL signatures; skip string in correct buffer
3026 - djm@cvs.openbsd.org 2013/01/24 22:08:56
3027 [krl.c]
3028 skip serial lookup when cert's serial number is zero
3029 - krw@cvs.openbsd.org 2013/01/25 05:00:27
3030 [krl.c]
3031 Revert last. Breaks due to likely typo. Let djm@ fix later.
3032 ok djm@ via dlg@
3033 - djm@cvs.openbsd.org 2013/01/25 10:22:19
3034 [krl.c]
3035 redo last commit without the vi-vomit that snuck in:
3036 skip serial lookup when cert's serial number is zero
3037 (now with 100% better comment)
3038 - djm@cvs.openbsd.org 2013/01/26 06:11:05
3039 [Makefile.in acss.c acss.h cipher-acss.c cipher.c]
3040 [openbsd-compat/openssl-compat.h]
3041 remove ACSS, now that it is gone from libcrypto too
3042 - djm@cvs.openbsd.org 2013/01/27 10:06:12
3043 [krl.c]
3044 actually use the xrealloc() return value; spotted by xi.wang AT gmail.com
3045 - dtucker@cvs.openbsd.org 2013/02/06 00:20:42
3046 [servconf.c sshd_config sshd_config.5]
3047 Change default of MaxStartups to 10:30:100 to start doing random early
3048 drop at 10 connections up to 100 connections. This will make it harder
3049 to DoS as CPUs have come a long way since the original value was set
3050 back in 2000. Prompted by nion at debian org, ok markus@
3051 - dtucker@cvs.openbsd.org 2013/02/06 00:22:21
3052 [auth.c]
3053 Fix comment, from jfree.e1 at gmail
3054 - djm@cvs.openbsd.org 2013/02/08 00:41:12
3055 [sftp.c]
3056 fix NULL deref when built without libedit and control characters
3057 entered as command; debugging and patch from Iain Morgan an
3058 Loganaden Velvindron in bz#1956
3059 - markus@cvs.openbsd.org 2013/02/10 21:19:34
3060 [version.h]
3061 openssh 6.2
3062 - djm@cvs.openbsd.org 2013/02/10 23:32:10
3063 [ssh-keygen.c]
3064 append to moduli file when screening candidates rather than overwriting.
3065 allows resumption of interrupted screen; patch from Christophe Garault
3066 in bz#1957; ok dtucker@
3067 - djm@cvs.openbsd.org 2013/02/10 23:35:24
3068 [packet.c]
3069 record "Received disconnect" messages at ERROR rather than INFO priority,
3070 since they are abnormal and result in a non-zero ssh exit status; patch
3071 from Iain Morgan in bz#2057; ok dtucker@
3072 - dtucker@cvs.openbsd.org 2013/02/11 21:21:58
3073 [sshd.c]
3074 Add openssl version to debug output similar to the client. ok markus@
3075 - djm@cvs.openbsd.org 2013/02/11 23:58:51
3076 [regress/try-ciphers.sh]
3077 remove acss here too
3078 - (djm) [regress/try-ciphers.sh] clean up CVS merge botch
3079
308020130211
3081 - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old
3082 libcrypto that lacks EVP_CIPHER_CTX_ctrl
3083
308420130208
3085 - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer;
3086 patch from Iain Morgan in bz#2059
3087 - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows
3088 __attribute__ on return values and work around if necessary. ok djm@
3089
309020130207
3091 - (djm) [configure.ac] Don't probe seccomp capability of running kernel
3092 at configure time; the seccomp sandbox will fall back to rlimit at
3093 runtime anyway. Patch from plautrba AT redhat.com in bz#2011
3094
309520130120
3096 - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h]
3097 Move prototypes for replacement ciphers to openssl-compat.h; fix EVP
3098 prototypes for openssl-1.0.0-fips.
3099 - (djm) OpenBSD CVS Sync
3100 - jmc@cvs.openbsd.org 2013/01/18 07:57:47
3101 [ssh-keygen.1]
3102 tweak previous;
3103 - jmc@cvs.openbsd.org 2013/01/18 07:59:46
3104 [ssh-keygen.c]
3105 -u before -V in usage();
3106 - jmc@cvs.openbsd.org 2013/01/18 08:00:49
3107 [sshd_config.5]
3108 tweak previous;
3109 - jmc@cvs.openbsd.org 2013/01/18 08:39:04
3110 [ssh-keygen.1]
3111 add -Q to the options list; ok djm
3112 - jmc@cvs.openbsd.org 2013/01/18 21:48:43
3113 [ssh-keygen.1]
3114 command-line (adj.) -> command line (n.);
3115 - jmc@cvs.openbsd.org 2013/01/19 07:13:25
3116 [ssh-keygen.1]
3117 fix some formatting; ok djm
3118 - markus@cvs.openbsd.org 2013/01/19 12:34:55
3119 [krl.c]
3120 RB_INSERT does not remove existing elments; ok djm@
3121 - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer
3122 version.
3123 - (djm) [regress/krl.sh] replacement for jot; most platforms lack it
3124
312520130118
3126 - (djm) OpenBSD CVS Sync
3127 - djm@cvs.openbsd.org 2013/01/17 23:00:01
3128 [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
3129 [krl.c krl.h PROTOCOL.krl]
3130 add support for Key Revocation Lists (KRLs). These are a compact way to
3131 represent lists of revoked keys and certificates, taking as little as
3132 a single bit of incremental cost to revoke a certificate by serial number.
3133 KRLs are loaded via the existing RevokedKeys sshd_config option.
3134 feedback and ok markus@
3135 - djm@cvs.openbsd.org 2013/01/18 00:45:29
3136 [regress/Makefile regress/cert-userkey.sh regress/krl.sh]
3137 Tests for Key Revocation Lists (KRLs)
3138 - djm@cvs.openbsd.org 2013/01/18 03:00:32
3139 [krl.c]
3140 fix KRL generation bug for list sections
3141
314220130117
3143 - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
3144 check for GCM support before testing GCM ciphers.
3145
314620130112
3147 - (djm) OpenBSD CVS Sync
3148 - djm@cvs.openbsd.org 2013/01/12 11:22:04
3149 [cipher.c]
3150 improve error message for integrity failure in AES-GCM modes; ok markus@
3151 - djm@cvs.openbsd.org 2013/01/12 11:23:53
3152 [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
3153 test AES-GCM modes; feedback markus@
3154 - (djm) [regress/integrity.sh] repair botched merge
3155
315620130109
3157 - (djm) OpenBSD CVS Sync
3158 - dtucker@cvs.openbsd.org 2012/12/14 05:26:43
3159 [auth.c]
3160 use correct string in error message; from rustybsd at gmx.fr
3161 - djm@cvs.openbsd.org 2013/01/02 00:32:07
3162 [clientloop.c mux.c]
3163 channel_setup_local_fwd_listener() returns 0 on failure, not -ve
3164 bz#2055 reported by mathieu.lacage AT gmail.com
3165 - djm@cvs.openbsd.org 2013/01/02 00:33:49
3166 [PROTOCOL.agent]
3167 correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED
3168 bz#2051 from david AT lechnology.com
3169 - djm@cvs.openbsd.org 2013/01/03 05:49:36
3170 [servconf.h]
3171 add a couple of ServerOptions members that should be copied to the privsep
3172 child (for consistency, in this case they happen only to be accessed in
3173 the monitor); ok dtucker@
3174 - djm@cvs.openbsd.org 2013/01/03 12:49:01
3175 [PROTOCOL]
3176 fix description of MAC calculation for EtM modes; ok markus@
3177 - djm@cvs.openbsd.org 2013/01/03 12:54:49
3178 [sftp-server.8 sftp-server.c]
3179 allow specification of an alternate start directory for sftp-server(8)
3180 "I like this" markus@
3181 - djm@cvs.openbsd.org 2013/01/03 23:22:58
3182 [ssh-keygen.c]
3183 allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ...
3184 ok markus@
3185 - jmc@cvs.openbsd.org 2013/01/04 19:26:38
3186 [sftp-server.8 sftp-server.c]
3187 sftp-server.8: add argument name to -d
3188 sftp-server.c: add -d to usage()
3189 ok djm
3190 - markus@cvs.openbsd.org 2013/01/08 18:49:04
3191 [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c]
3192 [myproposal.h packet.c ssh_config.5 sshd_config.5]
3193 support AES-GCM as defined in RFC 5647 (but with simpler KEX handling)
3194 ok and feedback djm@
3195 - djm@cvs.openbsd.org 2013/01/09 05:40:17
3196 [ssh-keygen.c]
3197 correctly initialise fingerprint type for fingerprinting PKCS#11 keys
3198 - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h]
3199 Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little
3200 cipher compat code to openssl-compat.h
3201
320220121217
3203 - (dtucker) [Makefile.in] Add some scaffolding so that the new regress
3204 tests will work with VPATH directories.
3205
320620121213
3207 - (djm) OpenBSD CVS Sync
3208 - markus@cvs.openbsd.org 2012/12/12 16:45:52
3209 [packet.c]
3210 reset incoming_packet buffer for each new packet in EtM-case, too;
3211 this happens if packets are parsed only parially (e.g. ignore
3212 messages sent when su/sudo turn off echo); noted by sthen/millert
3213 - naddy@cvs.openbsd.org 2012/12/12 16:46:10
3214 [cipher.c]
3215 use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled
3216 counter mode code; ok djm@
3217 - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our
3218 compat code for older OpenSSL
3219 - (djm) [cipher.c] Fix missing prototype for compat code
3220
322120121212
3222 - (djm) OpenBSD CVS Sync
3223 - markus@cvs.openbsd.org 2012/12/11 22:16:21
3224 [monitor.c]
3225 drain the log messages after receiving the keystate from the unpriv
3226 child. otherwise it might block while sending. ok djm@
3227 - markus@cvs.openbsd.org 2012/12/11 22:31:18
3228 [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
3229 [packet.c ssh_config.5 sshd_config.5]
3230 add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
3231 that change the packet format and compute the MAC over the encrypted
3232 message (including the packet size) instead of the plaintext data;
3233 these EtM modes are considered more secure and used by default.
3234 feedback and ok djm@
3235 - sthen@cvs.openbsd.org 2012/12/11 22:51:45
3236 [mac.c]
3237 fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@
3238 - markus@cvs.openbsd.org 2012/12/11 22:32:56
3239 [regress/try-ciphers.sh]
3240 add etm modes
3241 - markus@cvs.openbsd.org 2012/12/11 22:42:11
3242 [regress/Makefile regress/modpipe.c regress/integrity.sh]
3243 test the integrity of the packets; with djm@
3244 - markus@cvs.openbsd.org 2012/12/11 23:12:13
3245 [try-ciphers.sh]
3246 add hmac-ripemd160-etm@openssh.com
3247 - (djm) [mac.c] fix merge botch
3248 - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test
3249 work on platforms without 'jot'
3250 - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip
3251 - (djm) [regress/Makefile] fix t-exec rule
3252
325320121207
3254 - (dtucker) OpenBSD CVS Sync
3255 - dtucker@cvs.openbsd.org 2012/12/06 06:06:54
3256 [regress/keys-command.sh]
3257 Fix some problems with the keys-command test:
3258 - use string comparison rather than numeric comparison
3259 - check for existing KEY_COMMAND file and don't clobber if it exists
3260 - clean up KEY_COMMAND file if we do create it.
3261 - check that KEY_COMMAND is executable (which it won't be if eg /var/run
3262 is mounted noexec).
3263 ok djm.
3264 - jmc@cvs.openbsd.org 2012/12/03 08:33:03
3265 [ssh-add.1 sshd_config.5]
3266 tweak previous;
3267 - markus@cvs.openbsd.org 2012/12/05 15:42:52
3268 [ssh-add.c]
3269 prevent double-free of comment; ok djm@
3270 - dtucker@cvs.openbsd.org 2012/12/07 01:51:35
3271 [serverloop.c]
3272 Cast signal to int for logging. A no-op on openbsd (they're always ints)
3273 but will prevent warnings in portable. ok djm@
3274
327520121205
3276 - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@.
3277
327820121203
3279 - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get
3280 TAILQ_FOREACH_SAFE needed for upcoming changes.
3281 - (djm) OpenBSD CVS Sync
3282 - djm@cvs.openbsd.org 2012/12/02 20:26:11
3283 [ssh_config.5 sshconnect2.c]
3284 Make IdentitiesOnly apply to keys obtained from a PKCS11Provider.
3285 This allows control of which keys are offered from tokens using
3286 IdentityFile. ok markus@
3287 - djm@cvs.openbsd.org 2012/12/02 20:42:15
3288 [ssh-add.1 ssh-add.c]
3289 make deleting explicit keys "ssh-add -d" symmetric with adding keys -
3290 try to delete the corresponding certificate too and respect the -k option
3291 to allow deleting of the key only; feedback and ok markus@
3292 - djm@cvs.openbsd.org 2012/12/02 20:46:11
3293 [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c]
3294 [sshd_config.5]
3295 make AllowTcpForwarding accept "local" and "remote" in addition to its
3296 current "yes"/"no" to allow the server to specify whether just local or
3297 remote TCP forwarding is enabled. ok markus@
3298 - dtucker@cvs.openbsd.org 2012/10/05 02:20:48
3299 [regress/cipher-speed.sh regress/try-ciphers.sh]
3300 Add umac-128@openssh.com to the list of MACs to be tested
3301 - djm@cvs.openbsd.org 2012/10/19 05:10:42
3302 [regress/cert-userkey.sh]
3303 include a serial number when generating certs
3304 - djm@cvs.openbsd.org 2012/11/22 22:49:30
3305 [regress/Makefile regress/keys-command.sh]
3306 regress for AuthorizedKeysCommand; hints from markus@
3307 - djm@cvs.openbsd.org 2012/12/02 20:47:48
3308 [Makefile regress/forward-control.sh]
3309 regress for AllowTcpForwarding local/remote; ok markus@
3310 - djm@cvs.openbsd.org 2012/12/03 00:14:06
3311 [auth2-chall.c ssh-keygen.c]
3312 Fix compilation with -Wall -Werror (trivial type fixes)
3313 - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation
3314 debugging. ok dtucker@
3315 - (djm) [configure.ac] Revert previous. configure.ac already does this
3316 for us.
3317
331820121114
3319 - (djm) OpenBSD CVS Sync
3320 - djm@cvs.openbsd.org 2012/11/14 02:24:27
3321 [auth2-pubkey.c]
3322 fix username passed to helper program
3323 prepare stdio fds before closefrom()
3324 spotted by landry@
3325 - djm@cvs.openbsd.org 2012/11/14 02:32:15
3326 [ssh-keygen.c]
3327 allow the full range of unsigned serial numbers; 'fine' deraadt@
3328 - djm@cvs.openbsd.org 2012/12/02 20:34:10
3329 [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c]
3330 [monitor.c monitor.h]
3331 Fixes logging of partial authentication when privsep is enabled
3332 Previously, we recorded "Failed xxx" since we reset authenticated before
3333 calling auth_log() in auth2.c. This adds an explcit "Partial" state.
3334
3335 Add a "submethod" to auth_log() to report which submethod is used
3336 for keyboard-interactive.
3337
3338 Fix multiple authentication when one of the methods is
3339 keyboard-interactive.
3340
3341 ok markus@
3342 - dtucker@cvs.openbsd.org 2012/10/05 02:05:30
3343 [regress/multiplex.sh]
3344 Use 'kill -0' to test for the presence of a pid since it's more portable
3345
334620121107
3347 - (djm) OpenBSD CVS Sync
3348 - eric@cvs.openbsd.org 2011/11/28 08:46:27
3349 [moduli.5]
3350 fix formula
3351 ok djm@
3352 - jmc@cvs.openbsd.org 2012/09/26 17:34:38
3353 [moduli.5]
3354 last stage of rfc changes, using consistent Rs/Re blocks, and moving the
3355 references into a STANDARDS section;
3356
335720121105
3358 - (dtucker) [uidswap.c openbsd-compat/Makefile.in
3359 openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h
3360 openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids
3361 and gids from uidswap.c to the compat library, which allows it to work with
3362 the new setresuid calls in auth2-pubkey. with tim@, ok djm@
3363 - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that
3364 don't have it. Spotted by tim@.
3365
336620121104
3367 - (djm) OpenBSD CVS Sync
3368 - jmc@cvs.openbsd.org 2012/10/31 08:04:50
3369 [sshd_config.5]
3370 tweak previous;
3371 - djm@cvs.openbsd.org 2012/11/04 10:38:43
3372 [auth2-pubkey.c sshd.c sshd_config.5]
3373 Remove default of AuthorizedCommandUser. Administrators are now expected
3374 to explicitly specify a user. feedback and ok markus@
3375 - djm@cvs.openbsd.org 2012/11/04 11:09:15
3376 [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c]
3377 [sshd_config.5]
3378 Support multiple required authentication via an AuthenticationMethods
3379 option. This option lists one or more comma-separated lists of
3380 authentication method names. Successful completion of all the methods in
3381 any list is required for authentication to complete;
3382 feedback and ok markus@
3383
338420121030
3385 - (djm) OpenBSD CVS Sync
3386 - markus@cvs.openbsd.org 2012/10/05 12:34:39
3387 [sftp.c]
3388 fix signed vs unsigned warning; feedback & ok: djm@
3389 - djm@cvs.openbsd.org 2012/10/30 21:29:55
3390 [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
3391 [sshd.c sshd_config sshd_config.5]
3392 new sshd_config option AuthorizedKeysCommand to support fetching
3393 authorized_keys from a command in addition to (or instead of) from
3394 the filesystem. The command is run as the target server user unless
3395 another specified via a new AuthorizedKeysCommandUser option.
3396
3397 patch originally by jchadima AT redhat.com, reworked by me; feedback
3398 and ok markus@
3399
340020121019
3401 - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in
3402 the generated file as intended.
3403
340420121005
3405 - (dtucker) OpenBSD CVS Sync
3406 - djm@cvs.openbsd.org 2012/09/17 09:54:44
3407 [sftp.c]
3408 an XXX for later
3409 - markus@cvs.openbsd.org 2012/09/17 13:04:11
3410 [packet.c]
3411 clear old keys on rekeing; ok djm
3412 - dtucker@cvs.openbsd.org 2012/09/18 10:36:12
3413 [sftp.c]
3414 Add bounds check on sftp tab-completion. Part of a patch from from
3415 Jean-Marc Robert via tech@, ok djm
3416 - dtucker@cvs.openbsd.org 2012/09/21 10:53:07
3417 [sftp.c]
3418 Fix improper handling of absolute paths when PWD is part of the completed
3419 path. Patch from Jean-Marc Robert via tech@, ok djm.
3420 - dtucker@cvs.openbsd.org 2012/09/21 10:55:04
3421 [sftp.c]
3422 Fix handling of filenames containing escaped globbing characters and
3423 escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm.
3424 - jmc@cvs.openbsd.org 2012/09/26 16:12:13
3425 [ssh.1]
3426 last stage of rfc changes, using consistent Rs/Re blocks, and moving the
3427 references into a STANDARDS section;
3428 - naddy@cvs.openbsd.org 2012/10/01 13:59:51
3429 [monitor_wrap.c]
3430 pasto; ok djm@
3431 - djm@cvs.openbsd.org 2012/10/02 07:07:45
3432 [ssh-keygen.c]
3433 fix -z option, broken in revision 1.215
3434 - markus@cvs.openbsd.org 2012/10/04 13:21:50
3435 [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
3436 add umac128 variant; ok djm@ at n2k12
3437 - dtucker@cvs.openbsd.org 2012/09/06 04:11:07
3438 [regress/try-ciphers.sh]
3439 Restore missing space. (Id sync only).
3440 - dtucker@cvs.openbsd.org 2012/09/09 11:51:25
3441 [regress/multiplex.sh]
3442 Add test for ssh -Ostop
3443 - dtucker@cvs.openbsd.org 2012/09/10 00:49:21
3444 [regress/multiplex.sh]
3445 Log -O cmd output to the log file and make logging consistent with the
3446 other tests. Test clean shutdown of an existing channel when testing
3447 "stop".
3448 - dtucker@cvs.openbsd.org 2012/09/10 01:51:19
3449 [regress/multiplex.sh]
3450 use -Ocheck and waiting for completions by PID to make multiplexing test
3451 less racy and (hopefully) more reliable on slow hardware.
3452 - [Makefile umac.c] Add special-case target to build umac128.o.
3453 - [umac.c] Enforce allowed umac output sizes. From djm@.
3454 - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom".
3455
345620120917
3457 - (dtucker) OpenBSD CVS Sync
3458 - dtucker@cvs.openbsd.org 2012/09/13 23:37:36
3459 [servconf.c]
3460 Fix comment line length
3461 - markus@cvs.openbsd.org 2012/09/14 16:51:34
3462 [sshconnect.c]
3463 remove unused variable
3464
346520120907
3466 - (dtucker) OpenBSD CVS Sync
3467 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13
3468 [clientloop.c]
3469 Make the escape command help (~?) context sensitive so that only commands
3470 that will work in the current session are shown. ok markus@
3471 - jmc@cvs.openbsd.org 2012/09/06 13:57:42
3472 [ssh.1]
3473 missing letter in previous;
3474 - dtucker@cvs.openbsd.org 2012/09/07 00:30:19
3475 [clientloop.c]
3476 Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@
3477 - dtucker@cvs.openbsd.org 2012/09/07 01:10:21
3478 [clientloop.c]
3479 Merge escape help text for ~v and ~V; ok djm@
3480 - dtucker@cvs.openbsd.org 2012/09/07 06:34:21
3481 [clientloop.c]
3482 when muxmaster is run with -N, make it shut down gracefully when a client
3483 sends it "-O stop" rather than hanging around (bz#1985). ok djm@
3484
348520120906
3486 - (dtucker) OpenBSD CVS Sync
3487 - jmc@cvs.openbsd.org 2012/08/15 18:25:50
3488 [ssh-keygen.1]
3489 a little more info on certificate validity;
3490 requested by Ross L Richardson, and provided by djm
3491 - dtucker@cvs.openbsd.org 2012/08/17 00:45:45
3492 [clientloop.c clientloop.h mux.c]
3493 Force a clean shutdown of ControlMaster client sessions when the ~. escape
3494 sequence is used. This means that ~. should now work in mux clients even
3495 if the server is no longer responding. Found by tedu, ok djm.
3496 - djm@cvs.openbsd.org 2012/08/17 01:22:56
3497 [kex.c]
3498 add some comments about better handling first-KEX-follows notifications
3499 from the server. Nothing uses these right now. No binary change
3500 - djm@cvs.openbsd.org 2012/08/17 01:25:58
3501 [ssh-keygen.c]
3502 print details of which host lines were deleted when using
3503 "ssh-keygen -R host"; ok markus@
3504 - djm@cvs.openbsd.org 2012/08/17 01:30:00
3505 [compat.c sshconnect.c]
3506 Send client banner immediately, rather than waiting for the server to
3507 move first for SSH protocol 2 connections (the default). Patch based on
3508 one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@
3509 - dtucker@cvs.openbsd.org 2012/09/06 04:37:39
3510 [clientloop.c log.c ssh.1 log.h]
3511 Add ~v and ~V escape sequences to raise and lower the logging level
3512 respectively. Man page help from jmc, ok deraadt jmc
3513
351420120830
3515 - (dtucker) [moduli] Import new moduli file.
3516
351720120828
3518 - (djm) Release openssh-6.1
3519
352020120828
3521 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN
3522 for compatibility with future mingw-w64 headers. Patch from vinschen at
3523 redhat com.
3524
352520120822
3526 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
3527 [contrib/suse/openssh.spec] Update version numbers
3528
352920120731
3530 - (djm) OpenBSD CVS Sync
3531 - jmc@cvs.openbsd.org 2012/07/06 06:38:03
3532 [ssh-keygen.c]
3533 missing full stop in usage();
3534 - djm@cvs.openbsd.org 2012/07/10 02:19:15
3535 [servconf.c servconf.h sshd.c sshd_config]
3536 Turn on systrace sandboxing of pre-auth sshd by default for new installs
3537 by shipping a config that overrides the current UsePrivilegeSeparation=yes
3538 default. Make it easier to flip the default in the future by adding too.
3539 prodded markus@ feedback dtucker@ "get it in" deraadt@
3540 - dtucker@cvs.openbsd.org 2012/07/13 01:35:21
3541 [servconf.c]
3542 handle long comments in config files better. bz#2025, ok markus
3543 - markus@cvs.openbsd.org 2012/07/22 18:19:21
3544 [version.h]
3545 openssh 6.1
3546
354720120720
3548 - (dtucker) Import regened moduli file.
3549
355020120706
3551 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is
3552 not available. Allows use of sshd compiled on host with a filter-capable
3553 kernel on hosts that lack the support. bz#2011 ok dtucker@
3554 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no
3555 unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
3556 esperi.org.uk; ok dtucker@
3557- (djm) OpenBSD CVS Sync
3558 - dtucker@cvs.openbsd.org 2012/07/06 00:41:59
3559 [moduli.c ssh-keygen.1 ssh-keygen.c]
3560 Add options to specify starting line number and number of lines to process
3561 when screening moduli candidates. This allows processing of different
3562 parts of a candidate moduli file in parallel. man page help jmc@, ok djm@
3563 - djm@cvs.openbsd.org 2012/07/06 01:37:21
3564 [mux.c]
3565 fix memory leak of passed-in environment variables and connection
3566 context when new session message is malformed; bz#2003 from Bert.Wesarg
3567 AT googlemail.com
3568 - djm@cvs.openbsd.org 2012/07/06 01:47:38
3569 [ssh.c]
3570 move setting of tty_flag to after config parsing so RequestTTY options
3571 are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
3572 ok dtucker@
3573
357420120704
3575 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for
3576 platforms that don't have it. "looks good" tim@
3577
357820120703
3579 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with
3580 setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
3581 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not
3582 setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its
3583 benefit is minor, so it's not worth disabling the sandbox if it doesn't
3584 work.
3585
358620120702
3587- (dtucker) OpenBSD CVS Sync
3588 - naddy@cvs.openbsd.org 2012/06/29 13:57:25
3589 [ssh_config.5 sshd_config.5]
3590 match the documented MAC order of preference to the actual one;
3591 ok dtucker@
3592 - markus@cvs.openbsd.org 2012/06/30 14:35:09
3593 [sandbox-systrace.c sshd.c]
3594 fix a during the load of the sandbox policies (child can still make
3595 the read-syscall and wait forever for systrace-answers) by replacing
3596 the read/write synchronisation with SIGSTOP/SIGCONT;
3597 report and help hshoexer@; ok djm@, dtucker@
3598 - dtucker@cvs.openbsd.org 2012/07/02 08:50:03
3599 [ssh.c]
3600 set interactive ToS for forwarded X11 sessions. ok djm@
3601 - dtucker@cvs.openbsd.org 2012/07/02 12:13:26
3602 [ssh-pkcs11-helper.c sftp-client.c]
3603 fix a couple of "assigned but not used" warnings. ok markus@
3604 - dtucker@cvs.openbsd.org 2012/07/02 14:37:06
3605 [regress/connect-privsep.sh]
3606 remove exit from end of test since it prevents reporting failure
3607 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]
3608 Move cygwin detection to test-exec and use to skip reexec test on cygwin.
3609 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.
3610
361120120629
3612 - OpenBSD CVS Sync
3613 - dtucker@cvs.openbsd.org 2012/06/21 00:16:07
3614 [addrmatch.c]
3615 fix strlcpy truncation check. from carsten at debian org, ok markus
3616 - dtucker@cvs.openbsd.org 2012/06/22 12:30:26
3617 [monitor.c sshconnect2.c]
3618 remove dead code following 'for (;;)' loops.
3619 From Steve.McClellan at radisys com, ok markus@
3620 - dtucker@cvs.openbsd.org 2012/06/22 14:36:33
3621 [sftp.c]
3622 Remove unused variable leftover from tab-completion changes.
3623 From Steve.McClellan at radisys com, ok markus@
3624 - dtucker@cvs.openbsd.org 2012/06/26 11:02:30
3625 [sandbox-systrace.c]
3626 Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
3627 sandbox" since malloc now uses it. From johnw.mail at gmail com.
3628 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45
3629 [mac.c myproposal.h ssh_config.5 sshd_config.5]
3630 Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
3631 from draft6 of the spec and will not be in the RFC when published. Patch
3632 from mdb at juniper net via bz#2023, ok markus.
3633 - naddy@cvs.openbsd.org 2012/06/29 13:57:25
3634 [ssh_config.5 sshd_config.5]
3635 match the documented MAC order of preference to the actual one; ok dtucker@
3636 - dtucker@cvs.openbsd.org 2012/05/13 01:42:32
3637 [regress/addrmatch.sh]
3638 Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
3639 to match. Feedback and ok djm@ markus@.
3640 - djm@cvs.openbsd.org 2012/06/01 00:47:35
3641 [regress/multiplex.sh regress/forwarding.sh]
3642 append to rather than truncate test log; bz#2013 from openssh AT
3643 roumenpetrov.info
3644 - djm@cvs.openbsd.org 2012/06/01 00:52:52
3645 [regress/sftp-cmds.sh]
3646 don't delete .* on cleanup due to unintended env expansion; pointed out in
3647 bz#2014 by openssh AT roumenpetrov.info
3648 - dtucker@cvs.openbsd.org 2012/06/26 12:06:59
3649 [regress/connect-privsep.sh]
3650 test sandbox with every malloc option
3651 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45
3652 [regress/try-ciphers.sh regress/cipher-speed.sh]
3653 Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
3654 from draft6 of the spec and will not be in the RFC when published. Patch
3655 from mdb at juniper net via bz#2023, ok markus.
3656 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error.
3657 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have
3658 the required functions in libcrypto.
3659
366020120628
3661 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null
3662 pointer deref in the client when built with LDNS and using DNSSEC with a
3663 CNAME. Patch from gregdlg+mr at hochet info.
3664
366520120622
3666 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as
3667 can logon as a service. Patch from vinschen at redhat com.
3668
366920120620
3670 - (djm) OpenBSD CVS Sync
3671 - djm@cvs.openbsd.org 2011/12/02 00:41:56
3672 [mux.c]
3673 fix bz#1948: ssh -f doesn't fork for multiplexed connection.
3674 ok dtucker@
3675 - djm@cvs.openbsd.org 2011/12/04 23:16:12
3676 [mux.c]
3677 revert:
3678 > revision 1.32
3679 > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1
3680 > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
3681 > ok dtucker@
3682 it interacts badly with ControlPersist
3683 - djm@cvs.openbsd.org 2012/01/07 21:11:36
3684 [mux.c]
3685 fix double-free in new session handler
3686 NB. Id sync only
3687 - djm@cvs.openbsd.org 2012/05/23 03:28:28
3688 [dns.c dns.h key.c key.h ssh-keygen.c]
3689 add support for RFC6594 SSHFP DNS records for ECDSA key types.
3690 patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@
3691 (Original authors Ondřej Surý, Ondřej Caletka and Daniel Black)
3692 - djm@cvs.openbsd.org 2012/06/01 00:49:35
3693 [PROTOCOL.mux]
3694 correct types of port numbers (integers, not strings); bz#2004 from
3695 bert.wesarg AT googlemail.com
3696 - djm@cvs.openbsd.org 2012/06/01 01:01:22
3697 [mux.c]
3698 fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
3699 AT googlemail.com
3700 - dtucker@cvs.openbsd.org 2012/06/18 11:43:53
3701 [jpake.c]
3702 correct sizeof usage. patch from saw at online.de, ok deraadt
3703 - dtucker@cvs.openbsd.org 2012/06/18 11:49:58
3704 [ssh_config.5]
3705 RSA instead of DSA twice. From Steve.McClellan at radisys com
3706 - dtucker@cvs.openbsd.org 2012/06/18 12:07:07
3707 [ssh.1 sshd.8]
3708 Remove mention of 'three' key files since there are now four. From
3709 Steve.McClellan at radisys com.
3710 - dtucker@cvs.openbsd.org 2012/06/18 12:17:18
3711 [ssh.1]
3712 Clarify description of -W. Noted by Steve.McClellan at radisys com,
3713 ok jmc
3714 - markus@cvs.openbsd.org 2012/06/19 18:25:28
3715 [servconf.c servconf.h sshd_config.5]
3716 sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
3717 this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
3718 ok djm@ (back in March)
3719 - jmc@cvs.openbsd.org 2012/06/19 21:35:54
3720 [sshd_config.5]
3721 tweak previous; ok markus
3722 - djm@cvs.openbsd.org 2012/06/20 04:42:58
3723 [clientloop.c serverloop.c]
3724 initialise accept() backoff timer to avoid EINVAL from select(2) in
3725 rekeying
3726
372720120519
3728 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch
3729 from cjwatson at debian org.
3730 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find
3731 pkg-config so it does the right thing when cross-compiling. Patch from
3732 cjwatson at debian org.
3733- (dtucker) OpenBSD CVS Sync
3734 - dtucker@cvs.openbsd.org 2012/05/13 01:42:32
3735 [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
3736 Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
3737 to match. Feedback and ok djm@ markus@.
3738 - dtucker@cvs.openbsd.org 2012/05/19 06:30:30
3739 [sshd_config.5]
3740 Document PermitOpen none. bz#2001, patch from Loganaden Velvindron
3741
374220120504
3743 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>
3744 to fix building on some plaforms. Fom bowman at math utah edu and
3745 des at des no.
3746
374720120427
3748 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6
3749 platform rather than exiting early, so that we still clean up and return
3750 success or failure to test-exec.sh
3751
375220120426
3753 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
3754 via Niels
3755 - (djm) [auth-krb5.c] Save errno across calls that might modify it;
3756 ok dtucker@
3757
375820120423
3759 - OpenBSD CVS Sync
3760 - djm@cvs.openbsd.org 2012/04/23 08:18:17
3761 [channels.c]
3762 fix function proto/source mismatch
3763
376420120422
3765 - OpenBSD CVS Sync
3766 - djm@cvs.openbsd.org 2012/02/29 11:21:26
3767 [ssh-keygen.c]
3768 allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@
3769 - guenther@cvs.openbsd.org 2012/03/15 03:10:27
3770 [session.c]
3771 root should always be excluded from the test for /etc/nologin instead
3772 of having it always enforced even when marked as ignorenologin. This
3773 regressed when the logic was incompletely flipped around in rev 1.251
3774 ok halex@ millert@
3775 - djm@cvs.openbsd.org 2012/03/28 07:23:22
3776 [PROTOCOL.certkeys]
3777 explain certificate extensions/crit split rationale. Mention requirement
3778 that each appear at most once per cert.
3779 - dtucker@cvs.openbsd.org 2012/03/29 23:54:36
3780 [channels.c channels.h servconf.c]
3781 Add PermitOpen none option based on patch from Loganaden Velvindron
3782 (bz #1949). ok djm@
3783 - djm@cvs.openbsd.org 2012/04/11 13:16:19
3784 [channels.c channels.h clientloop.c serverloop.c]
3785 don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
3786 while; ok deraadt@ markus@
3787 - djm@cvs.openbsd.org 2012/04/11 13:17:54
3788 [auth.c]
3789 Support "none" as an argument for AuthorizedPrincipalsFile to indicate
3790 no file should be read.
3791 - djm@cvs.openbsd.org 2012/04/11 13:26:40
3792 [sshd.c]
3793 don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
3794 while; ok deraadt@ markus@
3795 - djm@cvs.openbsd.org 2012/04/11 13:34:17
3796 [ssh-keyscan.1 ssh-keyscan.c]
3797 now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
3798 look for them by default; bz#1971
3799 - djm@cvs.openbsd.org 2012/04/12 02:42:32
3800 [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
3801 VersionAddendum option to allow server operators to append some arbitrary
3802 text to the SSH-... banner; ok deraadt@ "don't care" markus@
3803 - djm@cvs.openbsd.org 2012/04/12 02:43:55
3804 [sshd_config sshd_config.5]
3805 mention AuthorizedPrincipalsFile=none default
3806 - djm@cvs.openbsd.org 2012/04/20 03:24:23
3807 [sftp.c]
3808 setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
3809 - jmc@cvs.openbsd.org 2012/04/20 16:26:22
3810 [ssh.1]
3811 use "brackets" instead of "braces", for consistency;
3812
381320120420
3814 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
3815 [contrib/suse/openssh.spec] Update for release 6.0
3816 - (djm) [README] Update URL to release notes.
3817 - (djm) Release openssh-6.0
3818