summaryrefslogtreecommitdiff
path: root/openbsd-compat
AgeCommit message (Collapse)Author
2007-12-24* New upstream release (closes: #453367).Colin Watson
- CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec (closes: #444738). - sshd(8) in new installations defaults to SSH Protocol 2 only. Existing installations are unchanged. - The SSH channel window size has been increased, and both ssh(1) sshd(8) now send window updates more aggressively. These improves performance on high-BDP (Bandwidth Delay Product) networks. - ssh(1) and sshd(8) now preserve MAC contexts between packets, which saves 2 hash calls per packet and results in 12-16% speedup for arcfour256/hmac-md5. - A new MAC algorithm has been added, UMAC-64 (RFC4418) as "umac-64@openssh.com". UMAC-64 has been measured to be approximately 20% faster than HMAC-MD5. - Failure to establish a ssh(1) TunnelForward is now treated as a fatal error when the ExitOnForwardFailure option is set. - ssh(1) returns a sensible exit status if the control master goes away without passing the full exit status. - When using a ProxyCommand in ssh(1), set the outgoing hostname with gethostname(2), allowing hostbased authentication to work. - Make scp(1) skip FIFOs rather than hanging (closes: #246774). - Encode non-printing characters in scp(1) filenames. These could cause copies to be aborted with a "protocol error". - Handle SIGINT in sshd(8) privilege separation child process to ensure that wtmp and lastlog records are correctly updated. - Report GSSAPI mechanism in errors, for libraries that support multiple mechanisms. - Improve documentation for ssh-add(1)'s -d option. - Rearrange and tidy GSSAPI code, removing server-only code being linked into the client. - Delay execution of ssh(1)'s LocalCommand until after all forwardings have been established. - In scp(1), do not truncate non-regular files. - Improve exit message from ControlMaster clients. - Prevent sftp-server(8) from reading until it runs out of buffer space, whereupon it would exit with a fatal error (closes: #365541). - pam_end() was not being called if authentication failed (closes: #405041). - Manual page datestamps updated (closes: #433181).
2007-12-23Import OpenSSH 4.7p1.Colin Watson
2007-08-15 - (dtucker) [openbsd-compat/bsd-cray.c] Remove debug from signal handler.Darren Tucker
ok djm@
2007-08-09 - (dtucker) [openbsd-compat/port-aix.c] Comment typo.Darren Tucker
2007-07-24 - (tim) [openbsd-compat/regress/closefromtest.c] Bug 1345: fix open() call.Tim Rice
Report/patch by David.Leonard AT quest.com
2007-06-28 - (djm) bz#1325: Fix SELinux in permissive mode where it wouldDamien Miller
incorrectly fatal() on errors. patch from cjwatson AT debian.org; ok dtucker
2007-06-27* Fix broken switch fallthrough when SELinux is running in permissive modeColin Watson
(closes: #430838).
2007-06-25 - (dtucker) [atomicio.c configure.ac openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/bsd-poll.{c,h} openbsd-compat/openbsd-compat.h] Add an implementation of poll() built on top of select(2). Code from OpenNTPD with changes suggested by djm. ok djm@
2007-06-14 - (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definitionDarren Tucker
of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the subsequent <0.9.7 test.
2007-06-14 - (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAELDarren Tucker
sections. Fixes builds with early OpenSSL 0.9.6 versions.
2007-06-14 - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move theDarren Tucker
USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be shared with umac.c. Allows building with OpenSSL 0.9.5 again including umac support. With tim@ djm@, ok djm.
2007-06-12fix some missing #includes etc.Colin Watson
2007-06-12* New upstream release (closes: #395507, #397961, #420035). ImportantColin Watson
changes not previously backported to 4.3p2: - 4.4/4.4p1 (http://www.openssh.org/txt/release-4.4): + On portable OpenSSH, fix a GSSAPI authentication abort that could be used to determine the validity of usernames on some platforms. + Implemented conditional configuration in sshd_config(5) using the "Match" directive. This allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met. So far a useful subset of post-authentication options are supported and more are expected to be added in future releases. + Add support for Diffie-Hellman group exchange key agreement with a final hash of SHA256. + Added a "ForceCommand" directive to sshd_config(5). Similar to the command="..." option accepted in ~/.ssh/authorized_keys, this forces the execution of the specified command regardless of what the user requested. This is very useful in conjunction with the new "Match" option. + Add a "PermitOpen" directive to sshd_config(5). This mirrors the permitopen="..." authorized_keys option, allowing fine-grained control over the port-forwardings that a user is allowed to establish. + Add optional logging of transactions to sftp-server(8). + ssh(1) will now record port numbers for hosts stored in ~/.ssh/known_hosts when a non-standard port has been requested (closes: #50612). + Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established. + Extend sshd_config(5) "SubSystem" declarations to allow the specification of command-line arguments. + Replacement of all integer overflow susceptible invocations of malloc(3) and realloc(3) with overflow-checking equivalents. + Many manpage fixes and improvements. + Add optional support for OpenSSL hardware accelerators (engines), enabled using the --with-ssl-engine configure option. + Tokens in configuration files may be double-quoted in order to contain spaces (closes: #319639). + Move a debug() call out of a SIGCHLD handler, fixing a hang when the session exits very quickly (closes: #307890). + Fix some incorrect buffer allocation calculations (closes: #410599). + ssh-add doesn't ask for a passphrase if key file permissions are too liberal (closes: #103677). + Likewise, ssh doesn't ask either (closes: #99675). - 4.6/4.6p1 (http://www.openssh.org/txt/release-4.6): + sshd now allows the enabling and disabling of authentication methods on a per user, group, host and network basis via the Match directive in sshd_config. + Fixed an inconsistent check for a terminal when displaying scp progress meter (closes: #257524). + Fix "hang on exit" when background processes are running at the time of exit on a ttyful/login session (closes: #88337). * Update to current GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-4.6p1-gsskex-20070312.patch; install ChangeLog.gssapi.
2007-06-12Import OpenSSH 4.6p1.Colin Watson
2007-06-11 - (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder"Darren Tucker
argument to nanosleep may be NULL. Currently this never happens in OpenSSH, but check anyway in case this changes or the code gets used elsewhere.
2007-06-11spacingDamien Miller
2007-04-29 - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype.Darren Tucker
2007-04-29 - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1299: Use theDarren Tucker
platform's _res if it has one. Should fix problem of DNSSEC record lookups on NetBSD as reported by Curt Sampson.
2007-04-29 - (dtucker) [openbsd-compat/bsd-misc.c] Include unistd.h and sys/types.hDarren Tucker
for select(2) prototype.
2007-03-2620070326Tim Rice
- (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@
2007-03-21 - (dtucker) [configure.ac openbsd-compat/bsd-getpeereid.c] Bug #1287: UseDarren Tucker
getpeerucred to implement getpeereid (currently only Solaris 10 and up). Patch by Jan.Pechanec at Sun.
2007-03-05 - (dtucker) [openbsd-compat/openssl-compat.h] Bug #1291: Work around aDarren Tucker
bug in OpenSSL 0.9.8e that prevents aes256-ctr, aes192-ctr and arcfour256 ciphers from working correctly (disconnects with "Bad packet length" errors) as found by Ben Harris. ok djm@
2007-02-19 - (dtucker) [openbsd-compat/getrrsetbyname.c] Don't attempt to callocDarren Tucker
an array for signatures when there are none since "calloc(0, n) returns NULL on some platforms (eg Tru64), which is explicitly permitted by POSIX. Diagnosis and patch by svallet genoscope.cns.fr.
2007-01-24 - (dtucker) [openbsd-compat/bsd-snprintf.c] Static declarations for publicDarren Tucker
library interfaces aren't very helpful. Fix up the DOPR_OUTCH macro so it works properly and modify its callers so that they don't pre or post decrement arguments that are conditionally evaluated. While there, put SNPRINTF_CONST back as it prevents build failures in some configurations. ok djm@ (for most of it)
2007-01-14 - (djm) [openbsd-compat/bsd-snprintf.c] Fix integer overflow in returnDamien Miller
value of snprintf replacement, similar to bugs in various libc implementations. This overflow is not exploitable in OpenSSH. While I'm fiddling with it, make it a fair bit faster by inlining the append-char routine; ok dtucker@
2006-12-05 - (djm) [bsd-asprintf.c] Better test for bad vsnprintf lengths; ok dtucker@Damien Miller
2006-11-01 - (dtucker) [openbsd-compat/port-solaris.c] Bug #1255: Make only hwerrDarren Tucker
events fatal in Solaris process contract support and tell it to signal only processes in the same process group when something happens. Based on information from andrew.benham at thus.net and similar to a patch from Chad Mynhier. ok djm@
2006-09-18 - (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes.Darren Tucker
Prevents macro redefinition warnings of "RDONLY".
2006-09-09 - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.Darren Tucker
2006-09-03 - (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check forDarren Tucker
declaration of writev(2) and declare it ourselves if necessary. Makes the atomiciov() calls build on really old systems. ok djm@
2006-09-02 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.cDarren Tucker
openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h> for hton* and ntoh* macros. Required on (at least) HP-UX since we define _XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com.
2006-09-02 - (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan.Darren Tucker
2006-09-01 - (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] ExplicitlyDarren Tucker
test for GLOB_NOMATCH and use our glob functions if it's not found. Stops sftp from segfaulting when attempting to get a nonexistent file on Cygwin (previous versions of OpenSSH didn't use the native glob). Partly from and tested by Corinna Vinschen.
2006-09-01 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declarationDarren Tucker
warnings for binary_open and binary_close. Patch from Corinna Vinschen.
2006-09-01 - (djm) [includes.h monitor.c openbsd-compat/bindresvport.c]Damien Miller
[openbsd-compat/rresvport.c] Some more headers: netinet/in.h sys/socket.h and unistd.h in various places
2006-09-01 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]Damien Miller
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c] [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c] [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c] [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c] [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c] [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c] [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c rc4.diff] [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c] [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c] [openbsd-compat/port-uw.c] Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h; compile problems reported by rac AT tenzing.org
2006-08-31 - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]Damien Miller
[platform.c platform.h sshd.c openbsd-compat/Makefile.in] [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c] [openbsd-compat/port-solaris.h] Add support for Solaris process contracts, enabled with --use-solaris-contracts. Patch from Chad Mynhier, tweaked by dtucker@ and myself; ok dtucker@
2006-08-30 - (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207: always callDarren Tucker
loginsuccess on AIX immediately after authentication to clear the failed login count. Previously this would only happen when an interactive session starts (ie when a pty is allocated) but this means that accounts that have primarily non-interactive sessions (eg scp's) may gradually accumulate enough failures to lock out an account. This change may have a side effect of creating two audit records, one with a tty of "ssh" corresponding to the authentication and one with the allocated pty per interactive session.
2006-08-30 - (djm) [openbsd-compat/xcrypt.c] needs unistd.hDamien Miller
2006-08-24 - (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to preventDarren Tucker
unused variable warning when we have a broken or missing mmap(2). Now with 100% more diff!
2006-08-24 - (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc.Darren Tucker
2006-08-24 - (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2).Darren Tucker
2006-08-24 - (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2)Darren Tucker
on POSIX systems.
2006-08-24 - (dtucker) [openbsd-compat/bsd-misc.c] Add includes needed for select(2) onDarren Tucker
older systems.
2006-08-24 - (dtucker) [openbsd-compat/basename.c] Include errno.h.Darren Tucker
2006-08-19 - (dtucker) [openbsd-compat/regress/Makefile.in] Add $(EXEEXT) and add aDarren Tucker
single rule for the test progs.
2006-08-18 - (dtucker) [openbsd-compat/regress/Makefile.in] Use implicit rules for theDarren Tucker
test progs instead; they work better than what we have.
2006-08-18 - (dtucker) [openbsd-compat/regress/snprintftest.c] Newline on error.Darren Tucker
2006-08-18 - (dtucker) [openbsd-compat/bsd-closefrom.c] Comment out rcsid.Darren Tucker
2006-08-18 - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Resync withDarren Tucker
closefrom.c from sudo.