openssh.git -

Age	Commit message (Collapse)	Author
2020-06-07	Adjust various OpenBSD-specific references in manual pages	Colin Watson
	No single bug reference for this patch, but history includes: http://bugs.debian.org/154434 (login.conf(5)) http://bugs.debian.org/513417 (/etc/rc) http://bugs.debian.org/530692 (ssl(8)) https://bugs.launchpad.net/bugs/456660 (ssl(8)) Forwarded: not-needed Last-Update: 2017-10-04 Patch-Name: openbsd-docs.patch
2020-06-07	Install authorized_keys(5) as a symlink to sshd(8)	Tomas Pospisek
	Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1720 Bug-Debian: http://bugs.debian.org/441817 Last-Update: 2013-09-14 Patch-Name: authorized-keys-man-symlink.patch
2020-06-07	Add DebianBanner server configuration option	Kees Cook
	Setting this to "no" causes sshd to omit the Debian revision from its initial protocol handshake, for those scared by package-versioning.patch. Bug-Debian: http://bugs.debian.org/562048 Forwarded: not-needed Last-Update: 2020-06-07 Patch-Name: debian-banner.patch
2020-06-07	Include the Debian version in our identification	Matthew Vernon
	This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2019-06-05 Patch-Name: package-versioning.patch
2020-06-07	Mention ssh-keygen in ssh fingerprint changed warning	Scott Moser
	Author: Chris Lamb <lamby@debian.org> Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843 Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607 Last-Update: 2017-08-22 Patch-Name: mention-ssh-keygen-on-keychange.patch
2020-06-07	Force use of DNSSEC even if "options edns0" isn't in resolv.conf	Colin Watson
	This allows SSHFP DNS records to be verified if glibc 2.11 is installed. Origin: vendor, https://cvs.fedoraproject.org/viewvc/F-12/openssh/openssh-5.2p1-edns.patch?revision=1.1&view=markup Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Last-Update: 2010-04-06 Patch-Name: dnssec-sshfp.patch
2020-06-07	Look for $SHELL on the path for ProxyCommand/LocalCommand	Colin Watson
	There's some debate on the upstream bug about whether POSIX requires this. I (Colin Watson) agree with Vincent and think it does. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494 Bug-Debian: http://bugs.debian.org/492728 Last-Update: 2020-02-21 Patch-Name: shell-path.patch
2020-06-07	Adjust scp quoting in verbose mode	Nicolas Valcárcel
	Tweak scp's reporting of filenames in verbose mode to be a bit less confusing with spaces. This should be revised to mimic real shell quoting. Bug-Ubuntu: https://bugs.launchpad.net/bugs/89945 Last-Update: 2010-02-27 Patch-Name: scp-quoting.patch
2020-06-07	Allow harmless group-writability	Colin Watson
	Allow secure files (~/.ssh/config, ~/.ssh/authorized_keys, etc.) to be group-writable, provided that the group in question contains only the file's owner. Rejected upstream for IMO incorrect reasons (e.g. a misunderstanding about the contents of gr->gr_mem). Given that per-user groups and umask 002 are the default setup in Debian (for good reasons - this makes operating in setgid directories with other groups much easier), we need to permit this by default. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 Last-Update: 2019-10-09 Patch-Name: user-group-modes.patch
2020-06-07	"LogLevel SILENT" compatibility	Natalie Amery
	"LogLevel SILENT" (-qq) was introduced in Debian openssh 1:3.0.1p1-1 to match the behaviour of non-free SSH, in which -q does not suppress fatal errors. However, this was unintentionally broken in 1:4.6p1-2 and nobody complained, so we've dropped most of it. The parts that remain are basic configuration file compatibility, and an adjustment to "Pseudo-terminal will not be allocated ..." which should be split out into a separate patch. Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2013-09-14 Patch-Name: syslog-level-silent.patch
2020-06-07	Various keepalive extensions	Richard Kettlewell
	Add compatibility aliases for ProtocolKeepAlives and SetupTimeOut, supported in previous versions of Debian's OpenSSH package but since superseded by ServerAliveInterval. (We're probably stuck with this bit for compatibility.) In batch mode, default ServerAliveInterval to five minutes. Adjust documentation to match and to give some more advice on use of keepalives. Author: Ian Jackson <ian@chiark.greenend.org.uk> Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2020-02-21 Patch-Name: keepalive-extensions.patch
2020-06-07	Accept obsolete ssh-vulnkey configuration options	Colin Watson
	These options were used as part of Debian's response to CVE-2008-0166. Nearly six years later, we no longer need to continue carrying the bulk of that patch, but we do need to avoid failing when the associated configuration options are still present. Last-Update: 2014-02-09 Patch-Name: ssh-vulnkey-compat.patch
2020-06-07	Handle SELinux authorisation roles	Manoj Srivastava
	Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2020-02-21 Patch-Name: selinux-role.patch
2020-06-07	Restore TCP wrappers support	Colin Watson
	Support for TCP wrappers was dropped in OpenSSH 6.7. See this message and thread: https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html It is true that this reduces preauth attack surface in sshd. On the other hand, this support seems to be quite widely used, and abruptly dropping it (from the perspective of users who don't read openssh-unix-dev) could easily cause more serious problems in practice. It's not entirely clear what the right long-term answer for Debian is, but it at least probably doesn't involve dropping this feature shortly before a freeze. Forwarded: not-needed Last-Update: 2019-06-05 Patch-Name: restore-tcp-wrappers.patch
2020-06-07	GSSAPI key exchange support	Simon Wilkinson
	This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Author: Simon Wilkinson <simon@sxw.org.uk> Author: Colin Watson <cjwatson@debian.org> Author: Jakub Jelen <jjelen@redhat.com> Origin: other, https://github.com/openssh-gsskex/openssh-gsskex/commits/debian/master Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2020-06-07 Patch-Name: gssapi.patch
2020-06-07	Import openssh_8.3p1.orig.tar.gz	Colin Watson

2020-05-27	depend	Damien Miller

2020-05-27	upstream: avoid possible NULL deref; from Pedro Martelletto	djm@openbsd.org
	OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
2020-05-14	prefer ln to cp for temporary copy of sshd	Damien Miller
	I saw failures on the reexec fallback test on Darwin 19.4 where fork()ed children of a process that had it's executable removed would instantly fail. Using ln to preserve the inode avoids this.
2020-05-13	Actually skip pty tests when needed.	Darren Tucker

2020-05-13	Skip building sk-dummy library if no SK support.	Darren Tucker

2020-05-13	explicitly manage .depend and .depend.bak	Damien Miller
	Bring back removal of .depend to give the file a known state before running makedepend, but manually move aside the current .depend file and restore it as .depend.bak afterwards so the stale .depend check works as expected.
2020-05-13	make depend	Damien Miller

2020-05-13	revert removal of .depend before makedepend	Damien Miller
	Commit 83657eac4 started removing .depend before running makedepend to reset the contents of .depend to a known state. Unfortunately this broke the depend-check step as now .depend.bak would only ever be created as an empty file. ok dtucker
2020-05-12	prepare for 8.3 release	Damien Miller

2020-05-08	Ensure SA_SIGNAL test only signals itself.	Darren Tucker
	When the test's child signals its parent and it exits the result of getppid changes. On Ubuntu 20.04 this results in the ppid being that of the GDM session, causing it to exit. Analysis and testing from pedro at ambientworks.net
2020-05-08	sync config.guess/config.sub with latest versions	Damien Miller
	ok dtucker@
2020-05-07	upstream: openssh-8.3; ok deraadt@	djm@openbsd.org
	OpenBSD-Commit-ID: c8831ec88b9c750f5816aed9051031fb535d22c1
2020-05-07	upstream: another case where a utimes() failure could make scp send	djm@openbsd.org
	a desynchronising error; reminded by Aymeric Vincent ok deraadt markus OpenBSD-Commit-ID: 2ea611d34d8ff6d703a7a8bf858aa5dbfbfa7381
2020-05-07	Check if -D_REENTRANT is needed for localtime_r.	Darren Tucker
	On at least HP-UX 11.11, the localtime_r declararation is behind ifdef _REENTRANT. Check for and add if needed.
2020-05-05	Skip security key tests if ENABLE_SK not set.	Darren Tucker

2020-05-04	upstream: sure enough, some of the test data that we though were in	djm@openbsd.org
	new format were actually in the old format; fix from Michael Forney OpenBSD-Regress-ID: a41a5c43a61b0f0b1691994dbf16dfb88e8af933
2020-05-04	upstream: make mktestdata.sh generate old/new format keys that we	djm@openbsd.org
	expect. This script was written before OpenSSH switched to new-format private keys by default and was never updated to the change (until now) From Michael Forney OpenBSD-Regress-ID: 38cf354715c96852e5b71c2393fb6e7ad28b7ca7
2020-05-04	upstream: portability fix for sed that always emil a newline even	djm@openbsd.org
	if the input does not contain one; from Michael Forney OpenBSD-Regress-ID: 9190c3ddf0d2562ccc02c4a95fce0e392196bfc7
2020-05-04	upstream: remove obsolete RSA1 test keys; spotted by Michael Forney	djm@openbsd.org
	OpenBSD-Regress-ID: 6384ba889594e217d166908ed8253718ab0866da
2020-05-02	Update .depend.	Darren Tucker

2020-05-02	Remove use of tail for 'make depend'.	Darren Tucker
	Not every tail supports +N and we can do with out it so just remove it. Prompted by mforney at mforney.org.
2020-05-02	upstream: we have a sshkey_save_public() function to save public keys;	djm@openbsd.org
	use it and save a bunch of redundant code. Patch from loic AT venez.fr; ok markus@ djm@ OpenBSD-Commit-ID: f93e030a0ebcd0fd9054ab30db501ec63454ea5f
2020-05-01	Use LONG_LONG_MAX and friends if available.	Darren Tucker
	If we don't have LLONG_{MIN,MAX} but do have LONG_LONG_{MIN,MAX} then use those instead. We do calculate these values in configure, but it turns out that at least one compiler (old HP ANSI C) can't parse "-9223372036854775808LL" without mangling it. (It can parse "-9223372036854775807LL" which is presumably why its limits.h defines LONG_LONG_MIN as the latter minus 1.) Fixes rekey test when compiled with the aforementioned compiler.
2020-05-01	upstream: when receving a file in sink(), be careful to send at	djm@openbsd.org
	most a single error response after the file has been opened. Otherwise the source() and sink() can become desyncronised. Reported by Daniel Goujot, Georges-Axel Jaloyan, Ryan Lahfa, and David Naccache. ok deraadt@ markus@ OpenBSD-Commit-ID: 6c14d233c97349cb811a8f7921ded3ae7d9e0035
2020-05-01	upstream: expose vasnmprintf(); ok (as part of other commit) markus	djm@openbsd.org
	deraadt OpenBSD-Commit-ID: 2e80cea441c599631a870fd40307d2ade5a7f9b5
2020-05-01	upstream: avoid NULL dereference when attempting to convert invalid	djm@openbsd.org
	ssh.com private keys using "ssh-keygen -i"; spotted by Michael Forney OpenBSD-Commit-ID: 2e56e6d26973967d11d13f56ea67145f435bf298
2020-05-01	See if SA_RESTART signals will interrupt select().	Darren Tucker
	On some platforms (at least older HP-UXes such as 11.11, possibly others) setting SA_RESTART on signal handers will cause it to not interrupt select(), at least for calls that do not specify a timeout. Try to detect this and if found, don't use SA_RESTART. POSIX says "If SA_RESTART has been set for the interrupting signal, it is implementation-dependent whether select() restarts or returns with [EINTR]" so this behaviour is within spec.
2020-05-01	fix reversed test	Damien Miller

2020-05-01	wrap sha2.h inclusion in #ifdef HAVE_SHA2_H	Damien Miller

2020-05-01	upstream: adapt dummy FIDO middleware to API change; ok markus@	djm@openbsd.org
	OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
2020-05-01	upstream: tweak previous; ok markus	jmc@openbsd.org
	OpenBSD-Commit-ID: 41895450ce2294ec44a5713134491cc31f0c09fd
2020-05-01	upstream: bring back debug() removed in rev 1.74; noted by pradeep	markus@openbsd.org
	kumar OpenBSD-Commit-ID: 8d134d22ab25979078a3b48d058557d49c402e65
2020-05-01	upstream: run the 2nd ssh with BatchMode for scp -3	markus@openbsd.org
	OpenBSD-Commit-ID: 77994fc8c7ca02d88e6d0d06d0f0fe842a935748
2020-05-01	upstream: when signing a challenge using a FIDO toke, perform the	djm@openbsd.org
	hashing in the middleware layer rather than in ssh code. This allows middlewares that call APIs that perform the hashing implicitly (including Microsoft's AFAIK). ok markus@ OpenBSD-Commit-ID: c9fc8630aba26c75d5016884932f08a5a237f37d