summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-10-07Force use of DNSSEC even if "options edns0" isn't in resolv.confColin Watson
This allows SSHFP DNS records to be verified if glibc 2.11 is installed. Origin: vendor, https://cvs.fedoraproject.org/viewvc/F-12/openssh/openssh-5.2p1-edns.patch?revision=1.1&view=markup Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Last-Update: 2010-04-06 Patch-Name: dnssec-sshfp.patch
2014-10-07Look for $SHELL on the path for ProxyCommand/LocalCommandColin Watson
There's some debate on the upstream bug about whether POSIX requires this. I (Colin Watson) agree with Vincent and think it does. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494 Bug-Debian: http://bugs.debian.org/492728 Last-Update: 2013-09-14 Patch-Name: shell-path.patch
2014-10-07Adjust scp quoting in verbose modeNicolas Valcárcel
Tweak scp's reporting of filenames in verbose mode to be a bit less confusing with spaces. This should be revised to mimic real shell quoting. Bug-Ubuntu: https://bugs.launchpad.net/bugs/89945 Last-Update: 2010-02-27 Patch-Name: scp-quoting.patch
2014-10-07Allow harmless group-writabilityColin Watson
Allow secure files (~/.ssh/config, ~/.ssh/authorized_keys, etc.) to be group-writable, provided that the group in question contains only the file's owner. Rejected upstream for IMO incorrect reasons (e.g. a misunderstanding about the contents of gr->gr_mem). Given that per-user groups and umask 002 are the default setup in Debian (for good reasons - this makes operating in setgid directories with other groups much easier), we need to permit this by default. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 Last-Update: 2013-09-14 Patch-Name: user-group-modes.patch
2014-10-07Add support for registering ConsoleKit sessions on loginColin Watson
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1450 Last-Updated: 2014-10-07 Patch-Name: consolekit.patch
2014-10-07Mention ~& when waiting for forwarded connections to terminateMatthew Vernon
Bug-Debian: http://bugs.debian.org/50308 Last-Update: 2010-02-27 Patch-Name: helpful-wait-terminate.patch
2014-10-07Reduce severity of "Killed by signal %d"Peter Samuelson
This produces irritating messages when using ProxyCommand or other programs that use ssh under the covers (e.g. Subversion). These messages are more normally printed by the calling program, such as the shell. According to the upstream bug, the right way to avoid this is to use the -q option, so we may drop this patch after further investigation into whether any software in Debian is still relying on it. Author: Colin Watson <cjwatson@debian.org> Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1118 Bug-Debian: http://bugs.debian.org/313371 Last-Update: 2013-09-14 Patch-Name: quieter-signals.patch
2014-10-07"LogLevel SILENT" compatibilityJonathan David Amery
"LogLevel SILENT" (-qq) was introduced in Debian openssh 1:3.0.1p1-1 to match the behaviour of non-free SSH, in which -q does not suppress fatal errors. However, this was unintentionally broken in 1:4.6p1-2 and nobody complained, so we've dropped most of it. The parts that remain are basic configuration file compatibility, and an adjustment to "Pseudo-terminal will not be allocated ..." which should be split out into a separate patch. Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2013-09-14 Patch-Name: syslog-level-silent.patch
2014-10-07Various keepalive extensionsRichard Kettlewell
Add compatibility aliases for ProtocolKeepAlives and SetupTimeOut, supported in previous versions of Debian's OpenSSH package but since superseded by ServerAliveInterval. (We're probably stuck with this bit for compatibility.) In batch mode, default ServerAliveInterval to five minutes. Adjust documentation to match and to give some more advice on use of keepalives. Author: Ian Jackson <ian@chiark.greenend.org.uk> Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2014-10-07 Patch-Name: keepalive-extensions.patch
2014-10-07Partial server keep-alive implementation for SSH1Colin Watson
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1712 Last-Update: 2013-09-14 Patch-Name: ssh1-keepalive.patch
2014-10-07Accept obsolete ssh-vulnkey configuration optionsColin Watson
These options were used as part of Debian's response to CVE-2008-0166. Nearly six years later, we no longer need to continue carrying the bulk of that patch, but we do need to avoid failing when the associated configuration options are still present. Last-Update: 2014-02-09 Patch-Name: ssh-vulnkey-compat.patch
2014-10-07Handle SELinux authorisation rolesManoj Srivastava
Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2013-09-14 Patch-Name: selinux-role.patch
2014-10-07Restore TCP wrappers supportColin Watson
Support for TCP wrappers was dropped in OpenSSH 6.7. See this message and thread: https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html It is true that this reduces preauth attack surface in sshd. On the other hand, this support seems to be quite widely used, and abruptly dropping it (from the perspective of users who don't read openssh-unix-dev) could easily cause more serious problems in practice. It's not entirely clear what the right long-term answer for Debian is, but it at least probably doesn't involve dropping this feature shortly before a freeze. Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: restore-tcp-wrappers.patch
2014-10-07GSSAPI key exchange supportSimon Wilkinson
This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2014-10-07 Patch-Name: gssapi.patch
2014-10-07Import openssh_6.7p1.orig.tar.gzColin Watson
2014-10-07establish V_6_7 branchDamien Miller
2014-10-07 - (djm) Release OpenSSH-6.7Damien Miller
2014-10-03 - (djm) [sshd_config.5] typo; from Iain MorganDamien Miller
2014-10-01 - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]Damien Miller
[openbsd-compat/openbsd-compat.h] Kludge around bad glibc _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; ok dtucker@
2014-09-10 - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;Damien Miller
patch from Felix von Leitner; ok dtucker
2014-09-0920140908Darren Tucker
- (dtucker) [INSTALL] Update info about egd. ok djm@
2014-09-04 - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNGDamien Miller
2014-09-03 - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading toDamien Miller
permissions/ACLs; from Corinna Vinschen
2014-09-03 - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h andDamien Miller
conditionalise to avoid duplicate definition.
2014-08-30 - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@Damien Miller
2014-08-30 - (djm) [openbsd-compat/openssl-compat.h] add include guardDamien Miller
2014-08-30 - (djm) [misc.c] Missing newline between functionsDamien Miller
2014-08-30 - (djm) [openbsd-compat/openssl-compat.h] addDamien Miller
OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
2014-08-27 - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()Damien Miller
using memset_s() where possible; improve fallback to indirect bzero via a volatile pointer to give it more of a chance to avoid being optimised away.
2014-08-27 - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauthDamien Miller
monitor, not preauth; bz#2263
2014-08-27 - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]Damien Miller
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] [regress/unittests/sshkey/common.c] [regress/unittests/sshkey/test_file.c] [regress/unittests/sshkey/test_fuzz.c] [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h on !ECC OpenSSL systems
2014-08-26 - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,Damien Miller
update OpenSSL version requirement.
2014-08-26 - (djm) [bufec.c] Skip this file on !ECC OpenSSLDamien Miller
2014-08-24 - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but notDamien Miller
PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
2014-08-23 - (djm) [configure.ac] We now require a working vsnprintf everywhere (notDamien Miller
just for systems that lack asprintf); check for it always and extend test to catch more brokenness. Fixes builds on Solaris <= 9
2014-08-23 - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode onDamien Miller
lastlog writing on platforms with high UIDs; bz#2263
2014-08-22 - (djm) [configure.ac] double braces to appease autoconfDamien Miller
2014-08-22 - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/Damien Miller
definition mismatch) and warning for broken/missing snprintf case.
2014-08-22 - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECCDamien Miller
2014-08-22 - (djm) [configure.ac] include leading zero characters in OpenSSL versionDamien Miller
number; fixes test for unsupported versions
2014-08-21 - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems thatDamien Miller
don't set __progname. Diagnosed by Tom Christensen.
2014-08-21 - (djm) [key.h] Fix ifdefs for no-ECC OpenSSLDamien Miller
2014-08-21 - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.Damien Miller
2014-08-20 - (djm) [contrib/cygwin/README] Correct build instructions; from CorinnaDamien Miller
2014-08-20 - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECCDamien Miller
2014-08-20 - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather thanDamien Miller
-L/-l; fixes linking problems on some platforms
2014-08-20 - (djm) [configure.ac] Check OpenSSL version is supported at configure time;Damien Miller
suggested by Kevin Brott
2014-08-19 - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]Damien Miller
[contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions of TCP wrappers.
2014-08-19 - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIGDamien Miller
2014-08-19 - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.Damien Miller