| 20140717 |
| - (djm) [digest-openssl.c] Preserve array order when disabling digests. |
| Reported by Petr Lautrbach. |
| - OpenBSD CVS Sync |
| - deraadt@cvs.openbsd.org 2014/07/11 08:09:54 |
| [sandbox-systrace.c] |
| Permit use of SYS_sendsyslog from inside the sandbox. Clock is ticking, |
| update your kernels and sshd soon.. libc will start using sendsyslog() |
| in about 4 days. |
| - tedu@cvs.openbsd.org 2014/07/11 13:54:34 |
| [myproposal.h] |
| by popular demand, add back hamc-sha1 to server proposal for better compat |
| with many clients still in use. ok deraadt |
| |
| 20140715 |
| - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto |
| has been located; fixes builds agains libressl-portable |
| |
| 20140711 |
| - OpenBSD CVS Sync |
| - benno@cvs.openbsd.org 2014/07/09 14:15:56 |
| [ssh-add.c] |
| fix ssh-add crash while loading more than one key |
| ok markus@ |
| |
| 20140709 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/07/07 08:19:12 |
| [ssh_config.5] |
| mention that ProxyCommand is executed using shell "exec" to avoid |
| a lingering process; bz#1977 |
| - djm@cvs.openbsd.org 2014/07/09 01:45:10 |
| [sftp.c] |
| more useful error message when GLOB_NOSPACE occurs; |
| bz#2254, patch from Orion Poplawski |
| - djm@cvs.openbsd.org 2014/07/09 03:02:15 |
| [key.c] |
| downgrade more error() to debug() to better match what old authfile.c |
| did; suppresses spurious errors with hostbased authentication enabled |
| - djm@cvs.openbsd.org 2014/07/06 07:42:03 |
| [multiplex.sh test-exec.sh] |
| add a hook to the cleanup() function to kill $SSH_PID if it is set |
| |
| use it to kill the mux master started in multiplex.sh (it was being left |
| around on fatal failures) |
| - djm@cvs.openbsd.org 2014/07/07 08:15:26 |
| [multiplex.sh] |
| remove forced-fatal that I stuck in there to test the new cleanup |
| logic and forgot to remove... |
| |
| 20140706 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/07/03 23:18:35 |
| [authfile.h] |
| remove leakmalloc droppings |
| - djm@cvs.openbsd.org 2014/07/05 23:11:48 |
| [channels.c] |
| fix remote-forward cancel regression; ok markus@ |
| |
| 20140704 |
| - OpenBSD CVS Sync |
| - jsing@cvs.openbsd.org 2014/07/03 12:42:16 |
| [cipher-chachapoly.c] |
| Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this |
| makes it easier to verify that chacha_encrypt_bytes() is only called once |
| per chacha_ivsetup() call. |
| ok djm@ |
| - djm@cvs.openbsd.org 2014/07/03 22:23:46 |
| [sshconnect.c] |
| when rekeying, skip file/DNS lookup if it is the same as the key sent |
| during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@ |
| - djm@cvs.openbsd.org 2014/07/03 22:33:41 |
| [channels.c] |
| allow explicit ::1 and 127.0.0.1 forwarding bind addresses when |
| GatewayPorts=no; allows client to choose address family; |
| bz#2222 ok markus@ |
| - djm@cvs.openbsd.org 2014/07/03 22:40:43 |
| [servconf.c servconf.h session.c sshd.8 sshd_config.5] |
| Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is |
| executed, mirroring the no-user-rc authorized_keys option; |
| bz#2160; ok markus@ |
| |
| 20140703 |
| - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto |
| doesn't support it. |
| - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist; |
| bz#2237 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/07/03 01:45:38 |
| [sshkey.c] |
| make Ed25519 keys' title fit properly in the randomart border; bz#2247 |
| based on patch from Christian Hesse |
| - djm@cvs.openbsd.org 2014/07/03 03:11:03 |
| [ssh-agent.c] |
| Only cleanup agent socket in the main agent process and not in any |
| subprocesses it may have started (e.g. forked askpass). Fixes |
| agent sockets being zapped when askpass processes fatal(); |
| bz#2236 patch from Dmitry V. Levin |
| - djm@cvs.openbsd.org 2014/07/03 03:15:01 |
| [ssh-add.c] |
| make stdout line-buffered; saves partial output getting lost when |
| ssh-add fatal()s part-way through (e.g. when listing keys from an |
| agent that supports key types that ssh-add doesn't); |
| bz#2234, reported by Phil Pennock |
| - djm@cvs.openbsd.org 2014/07/03 03:26:43 |
| [digest-openssl.c] |
| use EVP_Digest() for one-shot hash instead of creating, updating, |
| finalising and destroying a context. |
| bz#2231, based on patch from Timo Teras |
| - djm@cvs.openbsd.org 2014/07/03 03:34:09 |
| [gss-serv.c session.c ssh-keygen.c] |
| standardise on NI_MAXHOST for gethostname() string lengths; about |
| 1/2 the cases were using it already. Fixes bz#2239 en passant |
| - djm@cvs.openbsd.org 2014/07/03 03:47:27 |
| [ssh-keygen.c] |
| When hashing or removing hosts using ssh-keygen, don't choke on |
| @revoked markers and don't remove @cert-authority markers; |
| bz#2241, reported by mlindgren AT runelind.net |
| - djm@cvs.openbsd.org 2014/07/03 04:36:45 |
| [digest.h] |
| forward-declare struct sshbuf so consumers don't need to include sshbuf.h |
| - djm@cvs.openbsd.org 2014/07/03 05:32:36 |
| [ssh_config.5] |
| mention '%%' escape sequence in HostName directives and how it may |
| be used to specify IPv6 link-local addresses |
| - djm@cvs.openbsd.org 2014/07/03 05:38:17 |
| [ssh.1] |
| document that -g will only work in the multiplexed case if applied to |
| the mux master |
| - djm@cvs.openbsd.org 2014/07/03 06:39:19 |
| [ssh.c ssh_config.5] |
| Add a %C escape sequence for LocalCommand and ControlPath that expands |
| to a unique identifer based on a has of the tuple of (local host, |
| remote user, hostname, port). |
| |
| Helps avoid exceeding sockaddr_un's miserly pathname limits for mux |
| control paths. |
| |
| bz#2220, based on patch from mancha1 AT zoho.com; ok markus@ |
| - jmc@cvs.openbsd.org 2014/07/03 07:45:27 |
| [ssh_config.5] |
| escape %C since groff thinks it part of an Rs/Re block; |
| - djm@cvs.openbsd.org 2014/07/03 11:16:55 |
| [auth.c auth.h auth1.c auth2.c] |
| make the "Too many authentication failures" message include the |
| user, source address, port and protocol in a format similar to the |
| authentication success / failure messages; bz#2199, ok dtucker |
| |
| 20140702 |
| - OpenBSD CVS Sync |
| - deraadt@cvs.openbsd.org 2014/06/13 08:26:29 |
| [sandbox-systrace.c] |
| permit SYS_getentropy |
| from matthew |
| - matthew@cvs.openbsd.org 2014/06/18 02:59:13 |
| [sandbox-systrace.c] |
| Now that we have a dedicated getentropy(2) system call for |
| arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace |
| sandbox. |
| |
| ok djm |
| - naddy@cvs.openbsd.org 2014/06/18 15:42:09 |
| [sshbuf-getput-crypto.c] |
| The ssh_get_bignum functions must accept the same range of bignums |
| the corresponding ssh_put_bignum functions create. This fixes the |
| use of 16384-bit RSA keys (bug reported by Eivind Evensen). |
| ok djm@ |
| - djm@cvs.openbsd.org 2014/06/24 00:52:02 |
| [krl.c] |
| fix bug in KRL generation: multiple consecutive revoked certificate |
| serial number ranges could be serialised to an invalid format. |
| |
| Readers of a broken KRL caused by this bug will fail closed, so no |
| should-have-been-revoked key will be accepted. |
| - djm@cvs.openbsd.org 2014/06/24 01:13:21 |
| [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c |
| [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c |
| [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h |
| [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h |
| [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h |
| [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c |
| [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c |
| [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c |
| [sshconnect2.c sshd.c sshkey.c sshkey.h |
| [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] |
| New key API: refactor key-related functions to be more library-like, |
| existing API is offered as a set of wrappers. |
| |
| with and ok markus@ |
| |
| Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew |
| Dempsky and Ron Bowes for a detailed review a few months ago. |
| NB. This commit also removes portable OpenSSH support for OpenSSL |
| <0.9.8e. |
| - djm@cvs.openbsd.org 2014/06/24 02:19:48 |
| [ssh.c] |
| don't fatal() when hostname canonicalisation fails with a |
| ProxyCommand in use; continue and allow the ProxyCommand to |
| connect anyway (e.g. to a host with a name outside the DNS |
| behind a bastion) |
| - djm@cvs.openbsd.org 2014/06/24 02:21:01 |
| [scp.c] |
| when copying local->remote fails during read, don't send uninitialised |
| heap to the remote end. Reported by Jann Horn |
| - deraadt@cvs.openbsd.org 2014/06/25 14:16:09 |
| [sshbuf.c] |
| unblock SIGSEGV before raising it |
| ok djm |
| - markus@cvs.openbsd.org 2014/06/27 16:41:56 |
| [channels.c channels.h clientloop.c ssh.c] |
| fix remote fwding with same listen port but different listen address |
| with gerhard@, ok djm@ |
| - markus@cvs.openbsd.org 2014/06/27 18:50:39 |
| [ssh-add.c] |
| fix loading of private keys |
| - djm@cvs.openbsd.org 2014/06/30 12:54:39 |
| [key.c] |
| suppress spurious error message when loading key with a passphrase; |
| reported by kettenis@ ok markus@ |
| - djm@cvs.openbsd.org 2014/07/02 04:59:06 |
| [cipher-3des1.c] |
| fix ssh protocol 1 on the server that regressed with the sshkey change |
| (sometimes fatal() after auth completed), make file return useful status |
| codes. |
| NB. Id sync only for these two. They were bundled into the sshkey merge |
| above, since it was easier to sync the entire file and then apply |
| portable-specific changed atop it. |
| - djm@cvs.openbsd.org 2014/04/30 05:32:00 |
| [regress/Makefile] |
| unit tests for new buffer API; including basic fuzz testing |
| NB. Id sync only. |
| - djm@cvs.openbsd.org 2014/05/21 07:04:21 |
| [regress/integrity.sh] |
| when failing because of unexpected output, show the offending output |
| - djm@cvs.openbsd.org 2014/06/24 01:04:43 |
| [regress/krl.sh] |
| regress test for broken consecutive revoked serial number ranges |
| - djm@cvs.openbsd.org 2014/06/24 01:14:17 |
| [Makefile.in regress/Makefile regress/unittests/Makefile] |
| [regress/unittests/sshkey/Makefile] |
| [regress/unittests/sshkey/common.c] |
| [regress/unittests/sshkey/common.h] |
| [regress/unittests/sshkey/mktestdata.sh] |
| [regress/unittests/sshkey/test_file.c] |
| [regress/unittests/sshkey/test_fuzz.c] |
| [regress/unittests/sshkey/test_sshkey.c] |
| [regress/unittests/sshkey/tests.c] |
| [regress/unittests/sshkey/testdata/dsa_1] |
| [regress/unittests/sshkey/testdata/dsa_1-cert.fp] |
| [regress/unittests/sshkey/testdata/dsa_1-cert.pub] |
| [regress/unittests/sshkey/testdata/dsa_1.fp] |
| [regress/unittests/sshkey/testdata/dsa_1.fp.bb] |
| [regress/unittests/sshkey/testdata/dsa_1.param.g] |
| [regress/unittests/sshkey/testdata/dsa_1.param.priv] |
| [regress/unittests/sshkey/testdata/dsa_1.param.pub] |
| [regress/unittests/sshkey/testdata/dsa_1.pub] |
| [regress/unittests/sshkey/testdata/dsa_1_pw] |
| [regress/unittests/sshkey/testdata/dsa_2] |
| [regress/unittests/sshkey/testdata/dsa_2.fp] |
| [regress/unittests/sshkey/testdata/dsa_2.fp.bb] |
| [regress/unittests/sshkey/testdata/dsa_2.pub] |
| [regress/unittests/sshkey/testdata/dsa_n] |
| [regress/unittests/sshkey/testdata/dsa_n_pw] |
| [regress/unittests/sshkey/testdata/ecdsa_1] |
| [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp] |
| [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub] |
| [regress/unittests/sshkey/testdata/ecdsa_1.fp] |
| [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb] |
| [regress/unittests/sshkey/testdata/ecdsa_1.param.curve] |
| [regress/unittests/sshkey/testdata/ecdsa_1.param.priv] |
| [regress/unittests/sshkey/testdata/ecdsa_1.param.pub] |
| [regress/unittests/sshkey/testdata/ecdsa_1.pub] |
| [regress/unittests/sshkey/testdata/ecdsa_1_pw] |
| [regress/unittests/sshkey/testdata/ecdsa_2] |
| [regress/unittests/sshkey/testdata/ecdsa_2.fp] |
| [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb] |
| [regress/unittests/sshkey/testdata/ecdsa_2.param.curve] |
| [regress/unittests/sshkey/testdata/ecdsa_2.param.priv] |
| [regress/unittests/sshkey/testdata/ecdsa_2.param.pub] |
| [regress/unittests/sshkey/testdata/ecdsa_2.pub] |
| [regress/unittests/sshkey/testdata/ecdsa_n] |
| [regress/unittests/sshkey/testdata/ecdsa_n_pw] |
| [regress/unittests/sshkey/testdata/ed25519_1] |
| [regress/unittests/sshkey/testdata/ed25519_1-cert.fp] |
| [regress/unittests/sshkey/testdata/ed25519_1-cert.pub] |
| [regress/unittests/sshkey/testdata/ed25519_1.fp] |
| [regress/unittests/sshkey/testdata/ed25519_1.fp.bb] |
| [regress/unittests/sshkey/testdata/ed25519_1.pub] |
| [regress/unittests/sshkey/testdata/ed25519_1_pw] |
| [regress/unittests/sshkey/testdata/ed25519_2] |
| [regress/unittests/sshkey/testdata/ed25519_2.fp] |
| [regress/unittests/sshkey/testdata/ed25519_2.fp.bb] |
| [regress/unittests/sshkey/testdata/ed25519_2.pub] |
| [regress/unittests/sshkey/testdata/pw] |
| [regress/unittests/sshkey/testdata/rsa1_1] |
| [regress/unittests/sshkey/testdata/rsa1_1.fp] |
| [regress/unittests/sshkey/testdata/rsa1_1.fp.bb] |
| [regress/unittests/sshkey/testdata/rsa1_1.param.n] |
| [regress/unittests/sshkey/testdata/rsa1_1.pub] |
| [regress/unittests/sshkey/testdata/rsa1_1_pw] |
| [regress/unittests/sshkey/testdata/rsa1_2] |
| [regress/unittests/sshkey/testdata/rsa1_2.fp] |
| [regress/unittests/sshkey/testdata/rsa1_2.fp.bb] |
| [regress/unittests/sshkey/testdata/rsa1_2.param.n] |
| [regress/unittests/sshkey/testdata/rsa1_2.pub] |
| [regress/unittests/sshkey/testdata/rsa_1] |
| [regress/unittests/sshkey/testdata/rsa_1-cert.fp] |
| [regress/unittests/sshkey/testdata/rsa_1-cert.pub] |
| [regress/unittests/sshkey/testdata/rsa_1.fp] |
| [regress/unittests/sshkey/testdata/rsa_1.fp.bb] |
| [regress/unittests/sshkey/testdata/rsa_1.param.n] |
| [regress/unittests/sshkey/testdata/rsa_1.param.p] |
| [regress/unittests/sshkey/testdata/rsa_1.param.q] |
| [regress/unittests/sshkey/testdata/rsa_1.pub] |
| [regress/unittests/sshkey/testdata/rsa_1_pw] |
| [regress/unittests/sshkey/testdata/rsa_2] |
| [regress/unittests/sshkey/testdata/rsa_2.fp] |
| [regress/unittests/sshkey/testdata/rsa_2.fp.bb] |
| [regress/unittests/sshkey/testdata/rsa_2.param.n] |
| [regress/unittests/sshkey/testdata/rsa_2.param.p] |
| [regress/unittests/sshkey/testdata/rsa_2.param.q] |
| [regress/unittests/sshkey/testdata/rsa_2.pub] |
| [regress/unittests/sshkey/testdata/rsa_n] |
| [regress/unittests/sshkey/testdata/rsa_n_pw] |
| unit and fuzz tests for new key API |
| - (djm) [sshkey.c] Conditionalise inclusion of util.h |
| - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test |
| |
| 20140618 |
| - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare |
| |
| 20140617 |
| - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h} |
| openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}] |
| Move the OpenSSL header/library version test into its own function and add |
| tests for it. Fix it to allow fix version upgrades (but not downgrades). |
| Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150). |
| ok djm@ chl@ |
| |
| 20140616 |
| - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via |
| OpenSMTPD and chl@ |
| |
| 20140612 |
| - (dtucker) [configure.ac] Remove tcpwrappers support, support has already |
| been removed from sshd.c. |
| |
| 20140611 |
| - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from |
| openbsd-compat/bsd-asprintf.c. |
| - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*] |
| Wrap stdlib.h include an ifdef for platforms that don't have it. |
| - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for |
| u_intXX_t types. |
| |
| 20140610 |
| - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c |
| regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256 |
| curve tests if OpenSSL has them. |
| - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in |
| the proposal if the version of OpenSSL we're using doesn't support ECC. |
| - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef |
| ECC variable too. |
| - (dtucker) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/06/05 22:17:50 |
| [sshconnect2.c] |
| fix inverted test that caused PKCS#11 keys that were explicitly listed |
| not to be preferred. Reported by Dirk-Willem van Gulik |
| - dtucker@cvs.openbsd.org 2014/06/10 21:46:11 |
| [sshbuf.h] |
| Group ECC functions together to make things a little easier in -portable. |
| "doesn't bother me" deraadt@ |
| - (dtucker) [sshbuf.h] Only declare ECC functions if building without |
| OpenSSL or if OpenSSL has ECC. |
| - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an |
| assigment that might get optimized out. ok djm@ |
| - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for |
| compat stuff, specifically whether or not OpenSSL has ECC. |
| |
| 20140527 |
| - (djm) [cipher.c] Fix merge botch. |
| - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config |
| from Corinna Vinschen, fixing a number of bugs and preparing for |
| Cygwin 1.7.30. |
| - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c] |
| [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege |
| separation user at runtime, since it may need to be a domain account. |
| Patch from Corinna Vinschen. |
| |
| 20140522 |
| - (djm) [Makefile.in] typo in path |
| |
| 20140521 |
| - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use |
| vhangup on Linux. It doens't work for non-root users, and for them |
| it just messes up the tty settings. |
| - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC |
| when it is available. It takes into account time spent suspended, |
| thereby ensuring timeouts (e.g. for expiring agent keys) fire |
| correctly. bz#2228 reported by John Haxby |
| |
| 20140519 |
| - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine |
| OpenBSD |
| - OpenBSD CVS Sync |
| - logan@cvs.openbsd.org 2014/04/20 09:24:26 |
| [dns.c dns.h ssh-keygen.c] |
| Add support for SSHFP DNS records for ED25519 key types. |
| OK from djm@ |
| - logan@cvs.openbsd.org 2014/04/21 14:36:16 |
| [sftp-client.c sftp-client.h sftp.c] |
| Implement sftp upload resume support. |
| OK from djm@, with input from guenther@, mlarkin@ and |
| okan@ |
| - logan@cvs.openbsd.org 2014/04/22 10:07:12 |
| [sftp.c] |
| Sort the sftp command list. |
| OK from djm@ |
| - logan@cvs.openbsd.org 2014/04/22 12:42:04 |
| [sftp.1] |
| Document sftp upload resume. |
| OK from djm@, with feedback from okan@. |
| - jmc@cvs.openbsd.org 2014/04/22 14:16:30 |
| [sftp.1] |
| zap eol whitespace; |
| - djm@cvs.openbsd.org 2014/04/23 12:42:34 |
| [readconf.c] |
| don't record duplicate IdentityFiles |
| - djm@cvs.openbsd.org 2014/04/28 03:09:18 |
| [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h] |
| [ssh-keygen.c] |
| buffer_get_string_ptr's return should be const to remind |
| callers that futzing with it will futz with the actual buffer |
| contents |
| - djm@cvs.openbsd.org 2014/04/29 13:10:30 |
| [clientloop.c serverloop.c] |
| bz#1818 - don't send channel success/failre replies on channels that |
| have sent a close already; analysis and patch from Simon Tatham; |
| ok markus@ |
| - markus@cvs.openbsd.org 2014/04/29 18:01:49 |
| [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] |
| [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] |
| [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] |
| [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] |
| make compiling against OpenSSL optional (make OPENSSL=no); |
| reduces algorithms to curve25519, aes-ctr, chacha, ed25519; |
| allows us to explore further options; with and ok djm |
| - dtucker@cvs.openbsd.org 2014/04/29 19:58:50 |
| [sftp.c] |
| Move nulling of variable next to where it's freed. ok markus@ |
| - dtucker@cvs.openbsd.org 2014/04/29 20:36:51 |
| [sftp.c] |
| Don't attempt to append a nul quote char to the filename. Should prevent |
| fatal'ing with "el_insertstr failed" when there's a single quote char |
| somewhere in the string. bz#2238, ok markus@ |
| - djm@cvs.openbsd.org 2014/04/30 05:29:56 |
| [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c] |
| [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c] |
| [ssherr.h] |
| New buffer API; the first installment of the conversion/replacement |
| of OpenSSH's internals to make them usable as a standalone library. |
| |
| This includes a set of wrappers to make it compatible with the |
| existing buffer API so replacement can occur incrementally. |
| |
| With and ok markus@ |
| |
| Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew |
| Dempsky and Ron Bowes for a detailed review. |
| - naddy@cvs.openbsd.org 2014/04/30 19:07:48 |
| [mac.c myproposal.h umac.c] |
| UMAC can use our local fallback implementation of AES when OpenSSL isn't |
| available. Glue code straight from Ted Krovetz's original umac.c. |
| ok markus@ |
| - djm@cvs.openbsd.org 2014/05/02 03:27:54 |
| [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c] |
| [misc.h poly1305.h ssh-pkcs11.c defines.h] |
| revert __bounded change; it causes way more problems for portable than |
| it solves; pointed out by dtucker@ |
| - markus@cvs.openbsd.org 2014/05/03 17:20:34 |
| [monitor.c packet.c packet.h] |
| unbreak compression, by re-init-ing the compression code in the |
| post-auth child. the new buffer code is more strict, and requires |
| buffer_init() while the old code was happy after a bzero(); |
| originally from djm@ |
| - logan@cvs.openbsd.org 2014/05/05 07:02:30 |
| [sftp.c] |
| Zap extra whitespace. |
| |
| OK from djm@ and dtucker@ |
| - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write |
| portability glue to support building without libcrypto |
| - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c] |
| [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/03/13 20:44:49 |
| [login-timeout.sh] |
| this test is a sorry mess of race conditions; add another sleep |
| to avoid a failure on slow machines (at least until I find a |
| better way) |
| - djm@cvs.openbsd.org 2014/04/21 22:15:37 |
| [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh] |
| repair regress tests broken by server-side default cipher/kex/mac changes |
| by ensuring that the option under test is included in the server's |
| algorithm list |
| - dtucker@cvs.openbsd.org 2014/05/03 18:46:14 |
| [proxy-connect.sh] |
| Add tests for with and without compression, with and without privsep. |
| - logan@cvs.openbsd.org 2014/05/04 10:40:59 |
| [connect-privsep.sh] |
| Remove the Z flag from the list of malloc options as it |
| was removed from malloc.c 10 days ago. |
| |
| OK from miod@ |
| - (djm) [regress/unittests/Makefile] |
| [regress/unittests/Makefile.inc] |
| [regress/unittests/sshbuf/Makefile] |
| [regress/unittests/sshbuf/test_sshbuf.c] |
| [regress/unittests/sshbuf/test_sshbuf_fixed.c] |
| [regress/unittests/sshbuf/test_sshbuf_fuzz.c] |
| [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] |
| [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] |
| [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] |
| [regress/unittests/sshbuf/test_sshbuf_misc.c] |
| [regress/unittests/sshbuf/tests.c] |
| [regress/unittests/test_helper/Makefile] |
| [regress/unittests/test_helper/fuzz.c] |
| [regress/unittests/test_helper/test_helper.c] |
| [regress/unittests/test_helper/test_helper.h] |
| Import new unit tests from OpenBSD; not yet hooked up to build. |
| - (djm) [regress/Makefile Makefile.in] |
| [regress/unittests/sshbuf/test_sshbuf.c |
| [regress/unittests/sshbuf/test_sshbuf_fixed.c] |
| [regress/unittests/sshbuf/test_sshbuf_fuzz.c] |
| [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] |
| [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] |
| [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] |
| [regress/unittests/sshbuf/test_sshbuf_misc.c] |
| [regress/unittests/sshbuf/tests.c] |
| [regress/unittests/test_helper/fuzz.c] |
| [regress/unittests/test_helper/test_helper.c] |
| Hook new unit tests into the build and "make tests" |
| - (djm) [sshbuf.c] need __predict_false |
| |
| 20140430 |
| - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already |
| have it. Only attempt to use __attribute__(__bounded__) for gcc. |
| |
| 20140420 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/03/03 22:22:30 |
| [session.c] |
| ignore enviornment variables with embedded '=' or '\0' characters; |
| spotted by Jann Horn; ok deraadt@ |
| Id sync only - portable already has this. |
| - djm@cvs.openbsd.org 2014/03/12 04:44:58 |
| [ssh-keyscan.c] |
| scan for Ed25519 keys by default too |
| - djm@cvs.openbsd.org 2014/03/12 04:50:32 |
| [auth-bsdauth.c ssh-keygen.c] |
| don't count on things that accept arguments by reference to clear |
| things for us on error; most things do, but it's unsafe form. |
| - djm@cvs.openbsd.org 2014/03/12 04:51:12 |
| [authfile.c] |
| correct test that kdf name is not "none" or "bcrypt" |
| - naddy@cvs.openbsd.org 2014/03/12 13:06:59 |
| [ssh-keyscan.1] |
| scan for Ed25519 keys by default too |
| - deraadt@cvs.openbsd.org 2014/03/15 17:28:26 |
| [ssh-agent.c ssh-keygen.1 ssh-keygen.c] |
| Improve usage() and documentation towards the standard form. |
| In particular, this line saves a lot of man page reading time. |
| usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] |
| [-N new_passphrase] [-C comment] [-f output_keyfile] |
| ok schwarze jmc |
| - tedu@cvs.openbsd.org 2014/03/17 19:44:10 |
| [ssh.1] |
| old descriptions of des and blowfish are old. maybe ok deraadt |
| - tedu@cvs.openbsd.org 2014/03/19 14:42:44 |
| [scp.1] |
| there is no need for rcp anymore |
| ok deraadt millert |
| - markus@cvs.openbsd.org 2014/03/25 09:40:03 |
| [myproposal.h] |
| trimm default proposals. |
| |
| This commit removes the weaker pre-SHA2 hashes, the broken ciphers |
| (arcfour), and the broken modes (CBC) from the default configuration |
| (the patch only changes the default, all the modes are still available |
| for the config files). |
| |
| ok djm@, reminded by tedu@ & naddy@ and discussed with many |
| - deraadt@cvs.openbsd.org 2014/03/26 17:16:26 |
| [myproposal.h] |
| The current sharing of myproposal[] between both client and server code |
| makes the previous diff highly unpallatable. We want to go in that |
| direction for the server, but not for the client. Sigh. |
| Brought up by naddy. |
| - markus@cvs.openbsd.org 2014/03/27 23:01:27 |
| [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] |
| disable weak proposals in sshd, but keep them in ssh; ok djm@ |
| - djm@cvs.openbsd.org 2014/03/26 04:55:35 |
| [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c |
| [misc.h poly1305.h ssh-pkcs11.c] |
| use __bounded(...) attribute recently added to sys/cdefs.h instead of |
| longform __attribute__(__bounded(...)); |
| |
| for brevity and a warning free compilation with llvm/clang |
| - tedu@cvs.openbsd.org 2014/03/26 19:58:37 |
| [sshd.8 sshd.c] |
| remove libwrap support. ok deraadt djm mfriedl |
| - naddy@cvs.openbsd.org 2014/03/28 05:17:11 |
| [ssh_config.5 sshd_config.5] |
| sync available and default algorithms, improve algorithm list formatting |
| help from jmc@ and schwarze@, ok deraadt@ |
| - jmc@cvs.openbsd.org 2014/03/31 13:39:34 |
| [ssh-keygen.1] |
| the text for the -K option was inserted in the wrong place in -r1.108; |
| fix From: Matthew Clarke |
| - djm@cvs.openbsd.org 2014/04/01 02:05:27 |
| [ssh-keysign.c] |
| include fingerprint of key not found |
| use arc4random_buf() instead of loop+arc4random() |
| - djm@cvs.openbsd.org 2014/04/01 03:34:10 |
| [sshconnect.c] |
| When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any |
| certificate keys to plain keys and attempt SSHFP resolution. |
| |
| Prevents a server from skipping SSHFP lookup and forcing a new-hostkey |
| dialog by offering only certificate keys. |
| |
| Reported by mcv21 AT cam.ac.uk |
| - djm@cvs.openbsd.org 2014/04/01 05:32:57 |
| [packet.c] |
| demote a debug3 to PACKET_DEBUG; ok markus@ |
| - djm@cvs.openbsd.org 2014/04/12 04:55:53 |
| [sshd.c] |
| avoid crash at exit: check that pmonitor!=NULL before dereferencing; |
| bz#2225, patch from kavi AT juniper.net |
| - djm@cvs.openbsd.org 2014/04/16 23:22:45 |
| [bufaux.c] |
| skip leading zero bytes in buffer_put_bignum2_from_string(); |
| reported by jan AT mojzis.com; ok markus@ |
| - djm@cvs.openbsd.org 2014/04/16 23:28:12 |
| [ssh-agent.1] |
| remove the identity files from this manpage - ssh-agent doesn't deal |
| with them at all and the same information is duplicated in ssh-add.1 |
| (which does deal with them); prodded by deraadt@ |
| - djm@cvs.openbsd.org 2014/04/18 23:52:25 |
| [compat.c compat.h sshconnect2.c sshd.c version.h] |
| OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections |
| using the curve25519-sha256@libssh.org KEX exchange method to fail |
| when connecting with something that implements the spec properly. |
| |
| Disable this KEX method when speaking to one of the affected |
| versions. |
| |
| reported by Aris Adamantiadis; ok markus@ |
| - djm@cvs.openbsd.org 2014/04/19 05:54:59 |
| [compat.c] |
| missing wildcard; pointed out by naddy@ |
| - tedu@cvs.openbsd.org 2014/04/19 14:53:48 |
| [ssh-keysign.c sshd.c] |
| Delete futile calls to RAND_seed. ok djm |
| NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon |
| - tedu@cvs.openbsd.org 2014/04/19 18:15:16 |
| [sshd.8] |
| remove some really old rsh references |
| - tedu@cvs.openbsd.org 2014/04/19 18:42:19 |
| [ssh.1] |
| delete .xr to hosts.equiv. there's still an unfortunate amount of |
| documentation referring to rhosts equivalency in here. |
| - djm@cvs.openbsd.org 2014/04/20 02:30:25 |
| [misc.c misc.h umac.c] |
| use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on |
| strict-alignment architectures; reported by and ok stsp@ |
| - djm@cvs.openbsd.org 2014/04/20 02:49:32 |
| [compat.c] |
| add a canonical 6.6 + curve25519 bignum fix fake version that I can |
| recommend people use ahead of the openssh-6.7 release |
| |
| 20140401 |
| - (djm) On platforms that support it, use prctl() to prevent sftp-server |
| from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net |
| - (djm) Use full release (e.g. 6.5p1) in debug output rather than just |
| version. From des@des.no |
| |
| 20140317 |
| - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to |
| remind myself to add sandbox violation logging via the log socket. |
| |
| 20140314 |
| - (tim) [opensshd.init.in] Add support for ed25519 |
| |
| 20140313 |
| - (djm) Release OpenSSH 6.6 |
| |
| 20140304 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/03/03 22:22:30 |
| [session.c] |
| ignore enviornment variables with embedded '=' or '\0' characters; |
| spotted by Jann Horn; ok deraadt@ |
| |
| 20140301 |
| - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when |
| no moduli file exists at the expected location. |
| |
| 20140228 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/02/27 00:41:49 |
| [bufbn.c] |
| fix unsigned overflow that could lead to reading a short ssh protocol |
| 1 bignum value; found by Ben Hawkes; ok deraadt@ |
| - djm@cvs.openbsd.org 2014/02/27 08:25:09 |
| [bufbn.c] |
| off by one in range check |
| - djm@cvs.openbsd.org 2014/02/27 22:47:07 |
| [sshd_config.5] |
| bz#2184 clarify behaviour of a keyword that appears in multiple |
| matching Match blocks; ok dtucker@ |
| - djm@cvs.openbsd.org 2014/02/27 22:57:40 |
| [version.h] |
| openssh-6.6 |
| - dtucker@cvs.openbsd.org 2014/01/19 23:43:02 |
| [regress/sftp-chroot.sh] |
| Don't use -q on sftp as it suppresses logging, instead redirect the |
| output to the regress logfile. |
| - dtucker@cvs.openbsd.org 2014/01/20 00:00:30 |
| [sregress/ftp-chroot.sh] |
| append to rather than truncating the log file |
| - dtucker@cvs.openbsd.org 2014/01/25 04:35:32 |
| [regress/Makefile regress/dhgex.sh] |
| Add a test for DH GEX sizes |
| - djm@cvs.openbsd.org 2014/01/26 10:22:10 |
| [regress/cert-hostkey.sh] |
| automatically generate revoked keys from listed keys rather than |
| manually specifying each type; from portable |
| (Id sync only) |
| - djm@cvs.openbsd.org 2014/01/26 10:49:17 |
| [scp-ssh-wrapper.sh scp.sh] |
| make sure $SCP is tested on the remote end rather than whichever one |
| happens to be in $PATH; from portable |
| (Id sync only) |
| - djm@cvs.openbsd.org 2014/02/27 20:04:16 |
| [login-timeout.sh] |
| remove any existing LoginGraceTime from sshd_config before adding |
| a specific one for the test back in |
| - djm@cvs.openbsd.org 2014/02/27 21:21:25 |
| [agent-ptrace.sh agent.sh] |
| keep return values that are printed in error messages; |
| from portable |
| (Id sync only) |
| - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| [contrib/suse/openssh.spec] Crank version numbers |
| - (djm) [regress/host-expand.sh] Add RCS Id |
| |
| 20140227 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/02/26 20:18:37 |
| [ssh.c] |
| bz#2205: avoid early hostname lookups unless canonicalisation is enabled; |
| ok dtucker@ markus@ |
| - djm@cvs.openbsd.org 2014/02/26 20:28:44 |
| [auth2-gss.c gss-serv.c ssh-gss.h sshd.c] |
| bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep |
| sandboxing, as running this code in the sandbox can cause violations; |
| ok markus@ |
| - djm@cvs.openbsd.org 2014/02/26 20:29:29 |
| [channels.c] |
| don't assume that the socks4 username is \0 terminated; |
| spotted by Ben Hawkes; ok markus@ |
| - markus@cvs.openbsd.org 2014/02/26 21:53:37 |
| [sshd.c] |
| ssh_gssapi_prepare_supported_oids needs GSSAPI |
| |
| 20140224 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/02/07 06:55:54 |
| [cipher.c mac.c] |
| remove some logging that makes ssh debugging output very verbose; |
| ok markus |
| - djm@cvs.openbsd.org 2014/02/15 23:05:36 |
| [channels.c] |
| avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; |
| bz#2200, debian#738692 via Colin Watson; ok dtucker@ |
| - djm@cvs.openbsd.org 2014/02/22 01:32:19 |
| [readconf.c] |
| when processing Match blocks, skip 'exec' clauses if previous predicates |
| failed to match; ok markus@ |
| - djm@cvs.openbsd.org 2014/02/23 20:03:42 |
| [ssh-ed25519.c] |
| check for unsigned overflow; not reachable in OpenSSH but others might |
| copy our code... |
| - djm@cvs.openbsd.org 2014/02/23 20:11:36 |
| [readconf.c readconf.h ssh.c ssh_config.5] |
| reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes |
| the hostname. This allows users to write configurations that always |
| refer to canonical hostnames, e.g. |
| |
| CanonicalizeHostname yes |
| CanonicalDomains int.example.org example.org |
| CanonicalizeFallbackLocal no |
| |
| Host *.int.example.org |
| Compression off |
| Host *.example.org |
| User djm |
| |
| ok markus@ |
| |
| 20140213 |
| - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat |
| code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex. |
| |
| 20140207 |
| - OpenBSD CVS Sync |
| - naddy@cvs.openbsd.org 2014/02/05 20:13:25 |
| [ssh-keygen.1 ssh-keygen.c] |
| tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@ |
| while here, fix ordering in usage(); requested by jmc@ |
| - djm@cvs.openbsd.org 2014/02/06 22:21:01 |
| [sshconnect.c] |
| in ssh_create_socket(), only do the getaddrinfo for BindAddress when |
| BindAddress is actually specified. Fixes regression in 6.5 for |
| UsePrivilegedPort=yes; patch from Corinna Vinschen |
| |
| 20140206 |
| - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL |
| before freeing since free(NULL) is a no-op. ok djm. |
| - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define |
| __NR_shutdown; some go via the socketcall(2) multiplexer. |
| |
| 20140205 |
| - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by |
| headers/libc but not supported by the kernel. Patch from Loganaden |
| Velvindron @ AfriNIC |
| |
| 20140204 |
| - OpenBSD CVS Sync |
| - markus@cvs.openbsd.org 2014/01/27 18:58:14 |
| [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] |
| replace openssl HMAC with an implementation based on our ssh_digest_* |
| ok and feedback djm@ |
| - markus@cvs.openbsd.org 2014/01/27 19:18:54 |
| [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] |
| replace openssl MD5 with our ssh_digest_*; ok djm@ |
| - markus@cvs.openbsd.org 2014/01/27 20:13:46 |
| [digest.c digest-openssl.c digest-libc.c Makefile.in] |
| rename digest.c to digest-openssl.c and add libc variant; ok djm@ |
| - jmc@cvs.openbsd.org 2014/01/28 14:13:39 |
| [ssh-keyscan.1] |
| kill some bad Pa; |
| From: Jan Stary |
| - djm@cvs.openbsd.org 2014/01/29 00:19:26 |
| [sshd.c] |
| use kill(0, ...) instead of killpg(0, ...); on most operating systems |
| they are equivalent, but SUSv2 describes the latter as having undefined |
| behaviour; from portable; ok dtucker |
| (Id sync only; change is already in portable) |
| - djm@cvs.openbsd.org 2014/01/29 06:18:35 |
| [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] |
| [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] |
| [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] |
| remove experimental, never-enabled JPAKE code; ok markus@ |
| - jmc@cvs.openbsd.org 2014/01/29 14:04:51 |
| [sshd_config.5] |
| document kbdinteractiveauthentication; |
| requested From: Ross L Richardson |
| |
| dtucker/markus helped explain its workings; |
| - djm@cvs.openbsd.org 2014/01/30 22:26:14 |
| [sandbox-systrace.c] |
| allow shutdown(2) syscall in sandbox - it may be called by packet_close() |
| from portable |
| (Id sync only; change is already in portable) |
| - tedu@cvs.openbsd.org 2014/01/31 16:39:19 |
| [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] |
| [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] |
| [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] |
| [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] |
| [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] |
| replace most bzero with explicit_bzero, except a few that cna be memset |
| ok djm dtucker |
| - djm@cvs.openbsd.org 2014/02/02 03:44:32 |
| [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] |
| [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] |
| [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] |
| [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] |
| [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] |
| [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] |
| [sshd.c] |
| convert memset of potentially-private data to explicit_bzero() |
| - djm@cvs.openbsd.org 2014/02/03 23:28:00 |
| [ssh-ecdsa.c] |
| fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike |
| DSA_SIG_new. Reported by Batz Spear; ok markus@ |
| - djm@cvs.openbsd.org 2014/02/02 03:44:31 |
| [digest-libc.c digest-openssl.c] |
| convert memset of potentially-private data to explicit_bzero() |
| - djm@cvs.openbsd.org 2014/02/04 00:24:29 |
| [ssh.c] |
| delay lowercasing of hostname until right before hostname |
| canonicalisation to unbreak case-sensitive matching of ssh_config; |
| reported by Ike Devolder; ok markus@ |
| - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o |
| - (djm) [regress/setuid-allowed.c] Missing string.h for strerror() |
| |
| 20140131 |
| - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) |
| syscall from sandboxes; it may be called by packet_close. |
| - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros. Fixes |
| build with HP-UX's compiler. Patch from Kevin Brott. |
| - (tim) [Makefile.in] build regress/setuid-allow. |
| |
| 20140130 |
| - (djm) [configure.ac] Only check for width-specified integer types |
| in headers that actually exist. patch from Tom G. Christensen; |
| ok dtucker@ |
| - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering |
| different symbols for 'read' when various compiler flags are |
| in use, causing atomicio.c comparisons against it to break and |
| read/write operations to hang; ok dtucker |
| - (djm) Release openssh-6.5p1 |
| |
| 20140129 |
| - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from |
| Tom G. Christensen |
| |
| 20140128 |
| - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl; |
| ok dtucker |
| - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the |
| latter being specified to have undefined behaviour in SUSv3; |
| ok dtucker |
| - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable |
| when used as an error message inside an if statement so we display the |
| correct into. agent.sh patch from Petr Lautrbach. |
| |
| 20140127 |
| - (dtucker) [Makefile.in] Remove trailing backslash which some make |
| implementations (eg older Solaris) do not cope with. |
| |
| 20140126 |
| - OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2014/01/25 10:12:50 |
| [cipher.c cipher.h kex.c kex.h kexgexc.c] |
| Add a special case for the DH group size for 3des-cbc, which has an |
| effective strength much lower than the key size. This causes problems |
| with some cryptlib implementations, which don't support group sizes larger |
| than 4k but also don't use the largest group size it does support as |
| specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, |
| reduced by me with input from Markus. ok djm@ markus@ |
| - markus@cvs.openbsd.org 2014/01/25 20:35:37 |
| [kex.c] |
| dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len) |
| ok dtucker@, noted by mancha |
| - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable |
| RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations, |
| libc will attempt to open additional file descriptors for crypto |
| offload and crash if they cannot be opened. |
| - (djm) [configure.ac] correct AC_DEFINE for previous. |
| |
| 20140125 |
| - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD |
| - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless |
| sys/capability.h exists and cap_rights_limit is in libc. Fixes |
| build on FreeBSD9x which provides the header but not the libc |
| support. |
| - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test |
| against the correct thing. |
| |
| 20140124 |
| - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make |
| the scp regress test actually test the built scp rather than the one |
| in $PATH. ok dtucker@ |
| |
| 20140123 |
| - (tim) [session.c] Improve error reporting on set_id(). |
| - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously |
| incompatible with OpenBSD's despite post-dating it by more than a decade. |
| Declare it as broken, and document FreeBSD's as the same. ok djm@ |
| |
| 20140122 |
| - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a |
| platform that is expected to use the reuse-argv style setproctitle |
| hack surprises us by providing a setproctitle in libc; ok dtucker |
| - (djm) [configure.ac] Unless specifically requested, only attempt |
| to build Position Independent Executables on gcc >= 4.x; ok dtucker |
| - (djm) [configure.ac aclocal.m4] More tests to detect fallout from |
| platform hardening options: include some long long int arithmatic |
| to detect missing support functions for -ftrapv in libgcc and |
| equivalents, actually test linking when -ftrapv is supplied and |
| set either both -pie/-fPIE or neither. feedback and ok dtucker@ |
| |
| 20140121 |
| - (dtucker) [configure.ac] Make PIE a configure-time option which defaults |
| to on platforms where it's known to be reliably detected and off elsewhere. |
| Works around platforms such as FreeBSD 9.1 where it does not interop with |
| -ftrapv (it seems to work but fails when trying to link ssh). ok djm@ |
| - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time |
| tests in the configure output. ok djm. |
| - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced |
| with sftp chroot support. Move set_id call after chroot. |
| - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE |
| and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of |
| detecting toolchain-related problems; ok dtucker |
| |
| 20140120 |
| - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos |
| implementation does not have krb5_cc_new_unique, similar to what we do |
| in auth-krb5.c. |
| - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that |
| skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@ |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/01/20 00:08:48 |
| [digest.c] |
| memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@ |
| |
| 20140119 |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2014/01/17 06:23:24 |
| [sftp-server.c] |
| fix log message statvfs. ok djm |
| - dtucker@cvs.openbsd.org 2014/01/18 09:36:26 |
| [session.c] |
| explicitly define USE_PIPES to 1 to prevent redefinition warnings in |
| portable on platforms that use pipes for everything. From vinschen at |
| redhat. |
| - dtucker@cvs.openbsd.org 2014/01/19 04:17:29 |
| [canohost.c addrmatch.c] |
| Cast socklen_t when comparing to size_t and use socklen_t to iterate over |
| the ip options, both to prevent signed/unsigned comparison warnings. |
| Patch from vinschen at redhat via portable openssh, begrudging ok deraadt. |
| - djm@cvs.openbsd.org 2014/01/19 04:48:08 |
| [ssh_config.5] |
| fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal |
| - dtucker@cvs.openbsd.org 2014/01/19 11:21:51 |
| [addrmatch.c] |
| Cast the sizeof to socklen_t so it'll work even if the supplied len is |
| negative. Suggested by and ok djm, ok deraadt. |
| |
| 20140118 |
| - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin. Patch |
| from vinschen at redhat.com |
| - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function |
| declarations that stopped being included when we stopped including |
| <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at |
| redhat.com. |
| - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs, |
| optind) are defined in getopt.h already. Unfortunately they are defined as |
| "declspec(dllimport)" for historical reasons, because the GNU linker didn't |
| allow auto-import on PE/COFF targets way back when. The problem is the |
| dllexport attributes collide with the definitions in the various source |
| files in OpenSSH, which obviousy define the variables without |
| declspec(dllimport). The least intrusive way to get rid of these warnings |
| is to disable warnings for GCC compiler attributes when building on Cygwin. |
| Patch from vinschen at redhat.com. |
| - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the |
| return value check for cap_enter() consistent with the other uses in |
| FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140. |
| |
| 20140117 |
| - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain |
| hardening flags including -fstack-protector-strong. These default to on |
| if the toolchain supports them, but there is a configure-time knob |
| (--without-hardening) to disable them if necessary. ok djm@ |
| - (djm) [sftp-client.c] signed/unsigned comparison fix |
| - (dtucker) [loginrec.c] Cast to the types specfied in the format |
| specification to prevent warnings. |
| - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. |
| - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. |
| - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include |
| includes.h to pull in all of the compatibility stuff. |
| - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside |
| #ifdef HAVE_STDINT_H. |
| - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that |
| don't have them. |
| - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into |
| separate lines and alphabetize for easier diffing of changes. |
| - (dtucker) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/01/17 00:21:06 |
| [sftp-client.c] |
| signed/unsigned comparison warning fix; from portable (Id sync only) |
| - dtucker@cvs.openbsd.org 2014/01/17 05:26:41 |
| [digest.c] |
| remove unused includes. ok djm@ |
| - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] |
| [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] |
| [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing |
| using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling |
| Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@ |
| - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c |
| openbsd-compat/openssl-compat.h] Add compatibility layer for older |
| openssl versions. ok djm@ |
| - (dtucker) Fix typo in #ifndef. |
| - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c |
| openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs |
| to be useful (and for the regression tests to pass) on platforms that |
| have statfs and fstatfs. ok djm@ |
| - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we |
| need them to cut down on the name collisions. |
| - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types. |
| - (dtucker) [configure.ac] Have --without-hardening not turn off |
| stack-protector since that has a separate flag that's been around a while. |
| - (dtucker) [readconf.c] Wrap paths.h inside an ifdef. Allows building on |
| Solaris. |
| - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after |
| they're defined if we have to define them ourselves. Fixes builds on old |
| AIX. |
| |
| 20140118 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/01/16 07:31:09 |
| [sftp-client.c] |
| needless and incorrect cast to size_t can break resumption of |
| large download; patch from tobias@ |
| - djm@cvs.openbsd.org 2014/01/16 07:32:00 |
| [version.h] |
| openssh-6.5 |
| - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| [contrib/suse/openssh.spec] Crank RPM spec version numbers. |
| - (djm) [README] update release notes URL. |
| |
| 20140112 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2014/01/10 05:59:19 |
| [sshd_config] |
| the /etc/ssh/ssh_host_ed25519_key is loaded by default too |
| - djm@cvs.openbsd.org 2014/01/12 08:13:13 |
| [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c] |
| [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c] |
| avoid use of OpenSSL BIGNUM type and functions for KEX with |
| Curve25519 by adding a buffer_put_bignum2_from_string() that stores |
| a string using the bignum encoding rules. Will make it easier to |
| build a reduced-feature OpenSSH without OpenSSL in the future; |
| ok markus@ |
| |
| 20140110 |
| - (djm) OpenBSD CVS Sync |
| - tedu@cvs.openbsd.org 2014/01/04 17:50:55 |
| [mac.c monitor_mm.c monitor_mm.h xmalloc.c] |
| use standard types and formats for size_t like variables. ok dtucker |
| - guenther@cvs.openbsd.org 2014/01/09 03:26:00 |
| [sftp-common.c] |
| When formating the time for "ls -l"-style output, show dates in the future |
| with the year, and rearrange a comparison to avoid a potentional signed |
| arithmetic overflow that would give the wrong result. |
| ok djm@ |
| - djm@cvs.openbsd.org 2014/01/09 23:20:00 |
| [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c] |
| [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c] |
| [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c] |
| [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c] |
| Introduce digest API and use it to perform all hashing operations |
| rather than calling OpenSSL EVP_Digest* directly. Will make it easier |
| to build a reduced-feature OpenSSH without OpenSSL in future; |
| feedback, ok markus@ |
| - djm@cvs.openbsd.org 2014/01/09 23:26:48 |
| [sshconnect.c sshd.c] |
| ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient, |
| deranged and might make some attacks on KEX easier; ok markus@ |
| |
| 20140108 |
| - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@ |
| |
| 20131231 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/12/30 23:52:28 |
| [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] |
| [sshconnect.c sshconnect2.c sshd.c] |
| refuse RSA keys from old proprietary clients/servers that use the |
| obsolete RSA+MD5 signature scheme. it will still be possible to connect |
| with these clients/servers but only DSA keys will be accepted, and we'll |
| deprecate them entirely in a future release. ok markus@ |
| |
| 20131229 |
| - (djm) [loginrec.c] Check for username truncation when looking up lastlog |
| entries |
| - (djm) [regress/Makefile] Add some generated files for cleaning |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/12/19 00:10:30 |
| [ssh-add.c] |
| skip requesting smartcard PIN when removing keys from agent; bz#2187 |
| patch from jay AT slushpupie.com; ok dtucker |
| - dtucker@cvs.openbsd.org 2013/12/19 00:19:12 |
| [serverloop.c] |
| Cast client_alive_interval to u_int64_t before assinging to |
| max_time_milliseconds to avoid potential integer overflow in the timeout. |
| bz#2170, patch from Loganaden Velvindron, ok djm@ |
| - djm@cvs.openbsd.org 2013/12/19 00:27:57 |
| [auth-options.c] |
| simplify freeing of source-address certificate restriction |
| - djm@cvs.openbsd.org 2013/12/19 01:04:36 |
| [channels.c] |
| bz#2147: fix multiple remote forwardings with dynamically assigned |
| listen ports. In the s->c message to open the channel we were sending |
| zero (the magic number to request a dynamic port) instead of the actual |
| listen port. The client therefore had no way of discriminating between |
| them. |
| |
| Diagnosis and fix by ronf AT timeheart.net |
| - djm@cvs.openbsd.org 2013/12/19 01:19:41 |
| [ssh-agent.c] |
| bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent |
| that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; |
| ok dtucker |
| - djm@cvs.openbsd.org 2013/12/19 22:57:13 |
| [poly1305.c poly1305.h] |
| use full name for author, with his permission |
| - tedu@cvs.openbsd.org 2013/12/21 07:10:47 |
| [ssh-keygen.1] |
| small typo |
| - djm@cvs.openbsd.org 2013/12/27 22:30:17 |
| [ssh-dss.c ssh-ecdsa.c ssh-rsa.c] |
| make the original RSA and DSA signing/verification code look more like |
| the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type |
| rather than tediously listing all variants, use __func__ for debug/ |
| error messages |
| - djm@cvs.openbsd.org 2013/12/27 22:37:18 |
| [ssh-rsa.c] |
| correct comment |
| - djm@cvs.openbsd.org 2013/12/29 02:28:10 |
| [key.c] |
| allow ed25519 keys to appear as certificate authorities |
| - djm@cvs.openbsd.org 2013/12/29 02:37:04 |
| [key.c] |
| correct comment for key_to_certified() |
| - djm@cvs.openbsd.org 2013/12/29 02:49:52 |
| [key.c] |
| correct comment for key_drop_cert() |
| - djm@cvs.openbsd.org 2013/12/29 04:20:04 |
| [key.c] |
| to make sure we don't omit any key types as valid CA keys again, |
| factor the valid key type check into a key_type_is_valid_ca() |
| function |
| - djm@cvs.openbsd.org 2013/12/29 04:29:25 |
| [authfd.c] |
| allow deletion of ed25519 keys from the agent |
| - djm@cvs.openbsd.org 2013/12/29 04:35:50 |
| [authfile.c] |
| don't refuse to load Ed25519 certificates |
| - djm@cvs.openbsd.org 2013/12/29 05:42:16 |
| [ssh.c] |
| don't forget to load Ed25519 certs too |
| - djm@cvs.openbsd.org 2013/12/29 05:57:02 |
| [sshconnect.c] |
| when showing other hostkeys, don't forget Ed25519 keys |
| |
| 20131221 |
| - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. |
| |
| 20131219 |
| - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions |
| greater than 11 either rather than just 11. Patch from Tomas Kuthan. |
| - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item(). |
| Patch from Loganaden Velvindron. |
| |
| 20131218 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/12/07 08:08:26 |
| [ssh-keygen.1] |
| document -a and -o wrt new key format |
| - naddy@cvs.openbsd.org 2013/12/07 11:58:46 |
| [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1] |
| [ssh_config.5 sshd.8 sshd_config.5] |
| add missing mentions of ed25519; ok djm@ |
| - dtucker@cvs.openbsd.org 2013/12/08 09:53:27 |
| [sshd_config.5] |
| Use a literal for the default value of KEXAlgorithms. ok deraadt jmc |
| - markus@cvs.openbsd.org 2013/12/09 11:03:45 |
| [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] |
| [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] |
| Add Authors for the public domain ed25519/nacl code. |
| see also http://nacl.cr.yp.to/features.html |
| All of the NaCl software is in the public domain. |
| and http://ed25519.cr.yp.to/software.html |
| The Ed25519 software is in the public domain. |
| - markus@cvs.openbsd.org 2013/12/09 11:08:17 |
| [crypto_api.h] |
| remove unused defines |
| - pascal@cvs.openbsd.org 2013/12/15 18:17:26 |
| [ssh-add.c] |
| Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page. |
| ok markus@ |
| - djm@cvs.openbsd.org 2013/12/15 21:42:35 |
| [cipher-chachapoly.c] |
| add some comments and constify a constant |
| - markus@cvs.openbsd.org 2013/12/17 10:36:38 |
| [crypto_api.h] |
| I've assempled the header file by cut&pasting from generated headers |
| and the source files. |
| |
| 20131208 |
| - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna |
| Vinschen |
| - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh] |
| [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid |
| filesystem before running agent-ptrace.sh; ok dtucker |
| |
| 20131207 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/12/05 22:59:45 |
| [sftp-client.c] |
| fix memory leak in error path in do_readdir(); pointed out by |
| Loganaden Velvindron @ AfriNIC in bz#2163 |
| - djm@cvs.openbsd.org 2013/12/06 03:40:51 |
| [ssh-keygen.c] |
| remove duplicated character ('g') in getopt() string; |
| document the (few) remaining option characters so we don't have to |
| rummage next time. |
| - markus@cvs.openbsd.org 2013/12/06 13:30:08 |
| [authfd.c key.c key.h ssh-agent.c] |
| move private key (de)serialization to key.c; ok djm |
| - markus@cvs.openbsd.org 2013/12/06 13:34:54 |
| [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c] |
| [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by |
| default; details in PROTOCOL.key; feedback and lots help from djm; |
| ok djm@ |
| - markus@cvs.openbsd.org 2013/12/06 13:39:49 |
| [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] |
| [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] |
| [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] |
| [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] |
| [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] |
| support ed25519 keys (hostkeys and user identities) using the public |
| domain ed25519 reference code from SUPERCOP, see |
| http://ed25519.cr.yp.to/software.html |
| feedback, help & ok djm@ |
| - jmc@cvs.openbsd.org 2013/12/06 15:29:07 |
| [sshd.8] |
| missing comma; |
| - djm@cvs.openbsd.org 2013/12/07 00:19:15 |
| [key.c] |
| set k->cert = NULL after freeing it |
| - markus@cvs.openbsd.org 2013/12/06 13:52:46 |
| [regress/Makefile regress/agent.sh regress/cert-hostkey.sh] |
| [regress/cert-userkey.sh regress/keytype.sh] |
| test ed25519 support; from djm@ |
| - (djm) [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] |
| [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents |
| - (djm) [Makefile.in] Add ed25519 sources |
| - (djm) [authfile.c] Conditionalise inclusion of util.h |
| - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c] |
| [openbsd-compat/blf.h openbsd-compat/blowfish.c] |
| [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in |
| portable. |
| - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in] |
| [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on |
| Linux |
| - (djm) [regress/cert-hostkey.sh] Fix merge botch |
| - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from |
| Loganaden Velvindron @ AfriNIC in bz#2179 |
| |
| 20131205 |
| - (djm) OpenBSD CVS Sync |
| - jmc@cvs.openbsd.org 2013/11/21 08:05:09 |
| [ssh_config.5 sshd_config.5] |
| no need for .Pp before displays; |
| - deraadt@cvs.openbsd.org 2013/11/25 18:04:21 |
| [ssh.1 ssh.c] |
| improve -Q usage and such. One usage change is that the option is now |
| case-sensitive |
| ok dtucker markus djm |
| - jmc@cvs.openbsd.org 2013/11/26 12:14:54 |
| [ssh.1 ssh.c] |
| - put -Q in the right place |
| - Ar was a poor choice for the arguments to -Q. i've chosen an |
| admittedly equally poor Cm, at least consistent with the rest |
| of the docs. also no need for multiple instances |
| - zap a now redundant Nm |
| - usage() sync |
| - deraadt@cvs.openbsd.org 2013/11/26 19:15:09 |
| [pkcs11.h] |
| cleanup 1 << 31 idioms. Resurrection of this issue pointed out by |
| Eitan Adler ok markus for ssh, implies same change in kerberosV |
| - djm@cvs.openbsd.org 2013/12/01 23:19:05 |
| [PROTOCOL] |
| mention curve25519-sha256@libssh.org key exchange algorithm |
| - djm@cvs.openbsd.org 2013/12/02 02:50:27 |
| [PROTOCOL.chacha20poly1305] |
| typo; from Jon Cave |
| - djm@cvs.openbsd.org 2013/12/02 02:56:17 |
| [ssh-pkcs11-helper.c] |
| use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC |
| - djm@cvs.openbsd.org 2013/12/02 03:09:22 |
| [key.c] |
| make key_to_blob() return a NULL blob on failure; part of |
| bz#2175 from Loganaden Velvindron @ AfriNIC |
| - djm@cvs.openbsd.org 2013/12/02 03:13:14 |
| [cipher.c] |
| correct bzero of chacha20+poly1305 key context. bz#2177 from |
| Loganaden Velvindron @ AfriNIC |
| |
| Also make it a memset for consistency with the rest of cipher.c |
| - djm@cvs.openbsd.org 2013/12/04 04:20:01 |
| [sftp-client.c] |
| bz#2171: don't leak local_fd on error; from Loganaden Velvindron @ |
| AfriNIC |
| - djm@cvs.openbsd.org 2013/12/05 01:16:41 |
| [servconf.c servconf.h] |
| bz#2161 - fix AuthorizedKeysCommand inside a Match block and |
| rearrange things so the same error is harder to make next time; |
| with and ok dtucker@ |
| - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct |
| -L location for libedit. Patch from Serge van den Boom. |
| |
| 20131121 |
| - (djm) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/11/08 11:15:19 |
| [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c] |
| [uidswap.c] Include stdlib.h for free() as per the man page. |
| - markus@cvs.openbsd.org 2013/11/13 13:48:20 |
| [ssh-pkcs11.c] |
| add missing braces found by pedro |
| - djm@cvs.openbsd.org 2013/11/20 02:19:01 |
| [sshd.c] |
| delay closure of in/out fds until after "Bad protocol version |
| identification..." message, as get_remote_ipaddr/get_remote_port |
| require them open. |
| - deraadt@cvs.openbsd.org 2013/11/20 20:53:10 |
| [scp.c] |
| unsigned casts for ctype macros where neccessary |
| ok guenther millert markus |
| - deraadt@cvs.openbsd.org 2013/11/20 20:54:10 |
| [canohost.c clientloop.c match.c readconf.c sftp.c] |
| unsigned casts for ctype macros where neccessary |
| ok guenther millert markus |
| - djm@cvs.openbsd.org 2013/11/21 00:45:44 |
| [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] |
| [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] |
| [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] |
| [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport |
| cipher "chacha20-poly1305@openssh.com" that combines Daniel |
| Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an |
| authenticated encryption mode. |
| |
| Inspired by and similar to Adam Langley's proposal for TLS: |
| http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 |
| but differs in layout used for the MAC calculation and the use of a |
| second ChaCha20 instance to separately encrypt packet lengths. |
| Details are in the PROTOCOL.chacha20poly1305 file. |
| |
| Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC |
| ok markus@ naddy@ |
| - naddy@cvs.openbsd.org 2013/11/18 05:09:32 |
| [regress/forward-control.sh] |
| bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164) |
| to successfully run this; ok djm@ |
| - djm@cvs.openbsd.org 2013/11/21 03:15:46 |
| [regress/krl.sh] |
| add some reminders for additional tests that I'd like to implement |
| - djm@cvs.openbsd.org 2013/11/21 03:16:47 |
| [regress/modpipe.c] |
| use unsigned long long instead of u_int64_t here to avoid warnings |
| on some systems portable OpenSSH is built on. |
| - djm@cvs.openbsd.org 2013/11/21 03:18:51 |
| [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh] |
| [regress/try-ciphers.sh] |
| use new "ssh -Q cipher-auth" query to obtain lists of authenticated |
| encryption ciphers instead of specifying them manually; ensures that |
| the new chacha20poly1305@openssh.com mode is tested; |
| |
| ok markus@ and naddy@ as part of the diff to add |
| chacha20poly1305@openssh.com |
| |
| 20131110 |
| - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by |
| querying the ones that are compiled in. |
| |
| 20131109 |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 |
| [regress/test-exec.sh regress/rekey.sh] |
| Use smaller test data files to speed up tests. Grow test datafiles |
| where necessary for a specific test. |
| - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of |
| NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the |
| latter actually works before using it. Fedora (at least) has NID_secp521r1 |
| that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897). |
| - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test. |
| - (dtucker) [configure.ac] Add missing "test". |
| - (dtucker) [key.c] Check for the correct defines for NID_secp521r1. |
| |
| 20131108 |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 |
| [regress/rekey.sh] |
| Rekey less frequently during tests to speed them up |
| - (djm) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/11/07 11:58:27 |
| [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] |
| Output the effective values of Ciphers, MACs and KexAlgorithms when |
| the default has not been overridden. ok markus@ |
| - djm@cvs.openbsd.org 2013/11/08 00:39:15 |
| [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] |
| [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] |
| [sftp-client.c sftp-glob.c] |
| use calloc for all structure allocations; from markus@ |
| - djm@cvs.openbsd.org 2013/11/08 01:38:11 |
| [version.h] |
| openssh-6.4 |
| - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| [contrib/suse/openssh.spec] Update version numbers following release. |
| - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of |
| arc4random_stir for platforms that have arc4random but don't have |
| arc4random_stir (right now this is only OpenBSD -current). |
| - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have |
| EVP_sha256. |
| - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256. |
| - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile |
| warnings. |
| - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform |
| and pass in TEST_ENV. use stderr to get polluted |
| and the stderr-data test to fail. |
| - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation: |
| rather than testing and generating each key, call ssh-keygen -A. |
| Patch from vinschen at redhat.com. |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 |
| [regress/test-exec.sh regress/rekey.sh] |
| Use smaller test data files to speed up tests. Grow test datafiles |
| where necessary for a specific test. |
| |
| 20131107 |
| - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) |
| that got lost in recent merge. |
| - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff |
| - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these |
| - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms |
| that lack it but have arc4random_uniform() |
| - (djm) OpenBSD CVS Sync |
| - markus@cvs.openbsd.org 2013/11/04 11:51:16 |
| [monitor.c] |
| fix rekeying for KEX_C25519_SHA256; noted by dtucker@ |
| RCSID sync only; I thought this was a merge botch and fixed it already |
| - markus@cvs.openbsd.org 2013/11/06 16:52:11 |
| [monitor_wrap.c] |
| fix rekeying for AES-GCM modes; ok deraadt |
| - djm@cvs.openbsd.org 2013/11/06 23:05:59 |
| [ssh-pkcs11.c] |
| from portable: s/true/true_val/ to avoid name collisions on dump platforms |
| RCSID sync only |
| - (dtucker) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/10/09 23:44:14 |
| [regress/Makefile] (ID sync only) |
| regression test for sftp request white/blacklisting and readonly mode. |
| - markus@cvs.openbsd.org 2013/11/02 22:39:53 |
| [regress/kextype.sh] |
| add curve25519-sha256@libssh.org |
| - dtucker@cvs.openbsd.org 2013/11/04 12:27:42 |
| [regress/rekey.sh] |
| Test rekeying with all KexAlgorithms. |
| - dtucker@cvs.openbsd.org 2013/11/07 00:12:05 |
| [regress/rekey.sh] |
| Test rekeying for every Cipher, MAC and KEX, plus test every KEX with |
| the GCM ciphers. |
| - dtucker@cvs.openbsd.org 2013/11/07 01:12:51 |
| [regress/rekey.sh] |
| Factor out the data transfer rekey tests |
| - dtucker@cvs.openbsd.org 2013/11/07 02:48:38 |
| [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] |
| Use ssh -Q instead of hardcoding lists of ciphers or MACs. |
| - dtucker@cvs.openbsd.org 2013/11/07 03:55:41 |
| [regress/kextype.sh] |
| Use ssh -Q to get kex types instead of a static list. |
| - dtucker@cvs.openbsd.org 2013/11/07 04:26:56 |
| [regress/kextype.sh] |
| trailing space |
| - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment |
| variable. It's no longer used now that we get the supported MACs from |
| ssh -Q. |
| |
| 20131104 |
| - (djm) OpenBSD CVS Sync |
| - markus@cvs.openbsd.org 2013/11/02 20:03:54 |
| [ssh-pkcs11.c] |
| support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys; |
| fixes bz#1908; based on patch from Laurent Barbe; ok djm |
| - markus@cvs.openbsd.org 2013/11/02 21:59:15 |
| [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] |
| use curve25519 for default key exchange (curve25519-sha256@libssh.org); |
| initial patch from Aris Adamantiadis; ok djm@ |
| - markus@cvs.openbsd.org 2013/11/02 22:10:15 |
| [kexdhs.c kexecdhs.c] |
| no need to include monitor_wrap.h |
| - markus@cvs.openbsd.org 2013/11/02 22:24:24 |
| [kexdhs.c kexecdhs.c] |
| no need to include ssh-gss.h |
| - markus@cvs.openbsd.org 2013/11/02 22:34:01 |
| [auth-options.c] |
| no need to include monitor_wrap.h and ssh-gss.h |
| - markus@cvs.openbsd.org 2013/11/02 22:39:19 |
| [ssh_config.5 sshd_config.5] |
| the default kex is now curve25519-sha256@libssh.org |
| - djm@cvs.openbsd.org 2013/11/03 10:37:19 |
| [roaming_common.c] |
| fix a couple of function definitions foo() -> foo(void) |
| (-Wold-style-definition) |
| - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from |
| KEX/curve25519 change |
| |
| 20131103 |
| - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep. |
| From OpenSMTPD where it prevents "implicit declaration" warnings (it's |
| a no-op in OpenSSH). From chl at openbsd. |
| - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd |
| vsnprintf. From eric at openbsd via chl@. |
| - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t |
| for platforms that don't have them. |
| |
| 20131030 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/10/29 09:42:11 |
| [key.c key.h] |
| fix potential stack exhaustion caused by nested certificates; |
| report by Mateusz Kocielski; ok dtucker@ markus@ |
| - djm@cvs.openbsd.org 2013/10/29 09:48:02 |
| [servconf.c servconf.h session.c sshd_config sshd_config.5] |
| shd_config PermitTTY to disallow TTY allocation, mirroring the |
| longstanding no-pty authorized_keys option; |
| bz#2070, patch from Teran McKinney; ok markus@ |
| - jmc@cvs.openbsd.org 2013/10/29 18:49:32 |
| [sshd_config.5] |
| pty(4), not pty(7); |
| |
| 20131026 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/10/25 23:04:51 |
| [ssh.c] |
| fix crash when using ProxyCommand caused by previous commit - was calling |
| freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@ |
| |
| 20131025 |
| - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove |
| unnecessary arc4random_stir() calls. The only ones left are to ensure |
| that the PRNG gets a different state after fork() for platforms that |
| have broken the API. |
| |
| 20131024 |
| - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check |
| rather than full client name which may be of form user@REALM; |
| patch from Miguel Sanders; ok dtucker@ |
| - (djm) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/10/23 05:40:58 |
| [servconf.c] |
| fix comment |
| - djm@cvs.openbsd.org 2013/10/23 23:35:32 |
| [sshd.c] |
| include local address and port in "Connection from ..." message (only |
| shown at loglevel>=verbose) |
| - dtucker@cvs.openbsd.org 2013/10/24 00:49:49 |
| [moduli.c] |
| Periodically print progress and, if possible, expected time to completion |
| when screening moduli for DH groups. ok deraadt djm |
| - dtucker@cvs.openbsd.org 2013/10/24 00:51:48 |
| [readconf.c servconf.c ssh_config.5 sshd_config.5] |
| Disallow empty Match statements and add "Match all" which matches |
| everything. ok djm, man page help jmc@ |
| - djm@cvs.openbsd.org 2013/10/24 08:19:36 |
| [ssh.c] |
| fix bug introduced in hostname canonicalisation commit: don't try to |
| resolve hostnames when a ProxyCommand is set unless the user has forced |
| canonicalisation; spotted by Iain Morgan |
| - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd" |
| |
| 20131023 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/10/20 04:39:28 |
| [ssh_config.5] |
| document % expansions performed by "Match command ..." |
| - djm@cvs.openbsd.org 2013/10/20 06:19:28 |
| [readconf.c ssh_config.5] |
| rename "command" subclause of the recently-added "Match" keyword to |
| "exec"; it's shorter, clearer in intent and we might want to add the |
| ability to match against the command being executed at the remote end in |
| the future. |
| - djm@cvs.openbsd.org 2013/10/20 09:51:26 |
| [scp.1 sftp.1] |
| add canonicalisation options to -o lists |
| - jmc@cvs.openbsd.org 2013/10/20 18:00:13 |
| [ssh_config.5] |
| tweak the "exec" description, as worded by djm; |
| - djm@cvs.openbsd.org 2013/10/23 03:03:07 |
| [readconf.c] |
| Hostname may have %h sequences that should be expanded prior to Match |
| evaluation; spotted by Iain Morgan |
| - djm@cvs.openbsd.org 2013/10/23 03:05:19 |
| [readconf.c ssh.c] |
| comment |
| - djm@cvs.openbsd.org 2013/10/23 04:16:22 |
| [ssh-keygen.c] |
| Make code match documentation: relative-specified certificate expiry time |
| should be relative to current time and not the validity start time. |
| Reported by Petr Lautrbach; ok deraadt@ |
| |
| 20131018 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/10/09 23:44:14 |
| [regress/Makefile regress/sftp-perm.sh] |
| regression test for sftp request white/blacklisting and readonly mode. |
| - jmc@cvs.openbsd.org 2013/10/17 07:35:48 |
| [sftp.1 sftp.c] |
| tweak previous; |
| - djm@cvs.openbsd.org 2013/10/17 22:08:04 |
| [sshd.c] |
| include remote port in bad banner message; bz#2162 |
| |
| 20131017 |
| - (djm) OpenBSD CVS Sync |
| - jmc@cvs.openbsd.org 2013/10/15 14:10:25 |
| [ssh.1 ssh_config.5] |
| tweak previous; |
| - djm@cvs.openbsd.org 2013/10/16 02:31:47 |
| [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5] |
| [sshconnect.c sshconnect.h] |
| Implement client-side hostname canonicalisation to allow an explicit |
| search path of domain suffixes to use to convert unqualified host names |
| to fully-qualified ones for host key matching. |
| This is particularly useful for host certificates, which would otherwise |
| need to list unqualified names alongside fully-qualified ones (and this |
| causes a number of problems). |
| "looks fine" markus@ |
| - jmc@cvs.openbsd.org 2013/10/16 06:42:25 |
| [ssh_config.5] |
| tweak previous; |
| - djm@cvs.openbsd.org 2013/10/16 22:49:39 |
| [readconf.c readconf.h ssh.1 ssh.c ssh_config.5] |
| s/canonicalise/canonicalize/ for consistency with existing spelling, |
| e.g. authorized_keys; pointed out by naddy@ |
| - djm@cvs.openbsd.org 2013/10/16 22:58:01 |
| [ssh.c ssh_config.5] |
| one I missed in previous: s/isation/ization/ |
| - djm@cvs.openbsd.org 2013/10/17 00:30:13 |
| [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c] |
| fsync@openssh.com protocol extension for sftp-server |
| client support to allow calling fsync() faster successful transfer |
| patch mostly by imorgan AT nas.nasa.gov; bz#1798 |
| "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@ |
| - djm@cvs.openbsd.org 2013/10/17 00:46:49 |
| [ssh.c] |
| rearrange check to reduce diff against -portable |
| (Id sync only) |
| |
| 20131015 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/10/09 23:42:17 |
| [sftp-server.8 sftp-server.c] |
| Add ability to whitelist and/or blacklist sftp protocol requests by name. |
| Refactor dispatch loop and consolidate read-only mode checks. |
| Make global variables static, since sftp-server is linked into sshd(8). |
| ok dtucker@ |
| - djm@cvs.openbsd.org 2013/10/10 00:53:25 |
| [sftp-server.c] |
| add -Q, -P and -p to usage() before jmc@ catches me |
| - djm@cvs.openbsd.org 2013/10/10 01:43:03 |
| [sshd.c] |
| bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly |
| updated; ok dtucker@ |
| - djm@cvs.openbsd.org 2013/10/11 02:45:36 |
| [sftp-client.c] |
| rename flag arguments to be more clear and consistent. |
| reorder some internal function arguments to make adding additional flags |
| easier. |
| no functional change |
| - djm@cvs.openbsd.org 2013/10/11 02:52:23 |
| [sftp-client.c] |
| missed one arg reorder |
| - djm@cvs.openbsd.org 2013/10/11 02:53:45 |
| [sftp-client.h] |
| obsolete comment |
| - jmc@cvs.openbsd.org 2013/10/14 14:18:56 |
| [sftp-server.8 sftp-server.c] |
| tweak previous; |
| ok djm |
| - djm@cvs.openbsd.org 2013/10/14 21:20:52 |
| [session.c session.h] |
| Add logging of session starts in a useful format; ok markus@ feedback and |
| ok dtucker@ |
| - djm@cvs.openbsd.org 2013/10/14 22:22:05 |
| [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5] |
| add a "Match" keyword to ssh_config that allows matching on hostname, |
| user and result of arbitrary commands. "nice work" markus@ |
| - djm@cvs.openbsd.org 2013/10/14 23:28:23 |
| [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c] |
| refactor client config code a little: |
| add multistate option partsing to readconf.c, similar to servconf.c's |
| existing code. |
| move checking of options that accept "none" as an argument to readconf.c |
| add a lowercase() function and use it instead of explicit tolower() in |
| loops |
| part of a larger diff that was ok markus@ |
| - djm@cvs.openbsd.org 2013/10/14 23:31:01 |
| [ssh.c] |
| whitespace at EOL; pointed out by markus@ |
| - [ssh.c] g/c unused variable. |
| |
| 20131010 |
| - (dtucker) OpenBSD CVS Sync |
| - sthen@cvs.openbsd.org 2013/09/16 11:35:43 |
| [ssh_config] |
| Remove gssapi config parts from ssh_config, as was already done for |
| sshd_config. Req by/ok ajacoutot@ |
| ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular |
| - djm@cvs.openbsd.org 2013/09/19 00:24:52 |
| [progressmeter.c] |
| store the initial file offset so the progress meter doesn't freak out |
| when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@` |
| - djm@cvs.openbsd.org 2013/09/19 00:49:12 |
| [sftp-client.c] |
| fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan |
| - djm@cvs.openbsd.org 2013/09/19 01:24:46 |
| [channels.c] |
| bz#1297 - tell the client (via packet_send_debug) when their preferred |
| listen address has been overridden by the server's GatewayPorts; |
| ok dtucker@ |
| - djm@cvs.openbsd.org 2013/09/19 01:26:29 |
| [sshconnect.c] |
| bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from |
| swp AT swp.pp.ru; ok dtucker@ |
| - dtucker@cvs.openbsd.org 2013/10/08 11:42:13 |
| [dh.c dh.h] |
| Increase the size of the Diffie-Hellman groups requested for a each |
| symmetric key size. New values from NIST Special Publication 800-57 with |
| the upper limit specified by RFC4419. Pointed out by Peter Backes, ok |
| djm@. |
| |
| 20131009 |
| - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull |
| in OpenBSD implementation of arc4random, shortly to replace the existing |
| bsd-arc4random.c |
| - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c] |
| [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random |
| implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, |
| tested tim@ |
| |
| 20130922 |
| - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj |
| setting when handling SIGHUP to maintain behaviour over retart. Patch |
| from Matthew Ife. |
| |
| 20130918 |
| - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu. |
| |
| 20130914 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/08/22 19:02:21 |
| [sshd.c] |
| Stir PRNG after post-accept fork. The child gets a different PRNG state |
| anyway via rexec and explicit privsep reseeds, but it's good to be sure. |
| ok markus@ |
| - mikeb@cvs.openbsd.org 2013/08/28 12:34:27 |
| [ssh-keygen.c] |
| improve batch processing a bit by making use of the quite flag a bit |
| more often and exit with a non zero code if asked to find a hostname |
| in a known_hosts file and it wasn't there; |
| originally from reyk@, ok djm |
| - djm@cvs.openbsd.org 2013/08/31 00:13:54 |
| [sftp.c] |
| make ^w match ksh behaviour (delete previous word instead of entire line) |
| - deraadt@cvs.openbsd.org 2013/09/02 22:00:34 |
| [ssh-keygen.c sshconnect1.c sshd.c] |
| All the instances of arc4random_stir() are bogus, since arc4random() |
| does this itself, inside itself, and has for a very long time.. Actually, |
| this was probably reducing the entropy available. |
| ok djm |
| ID SYNC ONLY for portable; we don't trust other arc4random implementations |
| to do this right. |
| - sthen@cvs.openbsd.org 2013/09/07 13:53:11 |
| [sshd_config] |
| Remove commented-out kerberos/gssapi config options from sample config, |
| kerberos support is currently not enabled in ssh in OpenBSD. Discussed with |
| various people; ok deraadt@ |
| ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular |
| - djm@cvs.openbsd.org 2013/09/12 01:41:12 |
| [clientloop.c] |
| fix connection crash when sending break (~B) on ControlPersist'd session; |
| ok dtucker@ |
| - djm@cvs.openbsd.org 2013/09/13 06:54:34 |
| [channels.c] |
| avoid unaligned access in code that reused a buffer to send a |
| struct in_addr in a reply; simpler just use use buffer_put_int(); |
| from portable; spotted by and ok dtucker@ |
| |
| 20130828 |
| - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the |
| 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we |
| start to use them in the future. |
| - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits |
| until we have configure support. |
| |
| 20130821 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/08/06 23:03:49 |
| [sftp.c] |
| fix some whitespace at EOL |
| make list of commands an enum rather than a long list of defines |
| add -a to usage() |
| - djm@cvs.openbsd.org 2013/08/06 23:05:01 |
| [sftp.1] |
| document top-level -a option (the -a option to 'get' was already |
| documented) |
| - djm@cvs.openbsd.org 2013/08/06 23:06:01 |
| [servconf.c] |
| add cast to avoid format warning; from portable |
| - jmc@cvs.openbsd.org 2013/08/07 06:24:51 |
| [sftp.1 sftp.c] |
| sort -a; |
| - djm@cvs.openbsd.org 2013/08/08 04:52:04 |
| [sftp.c] |
| fix two year old regression: symlinking a file would incorrectly |
| canonicalise the target path. bz#2129 report from delphij AT freebsd.org |
| - djm@cvs.openbsd.org 2013/08/08 05:04:03 |
| [sftp-client.c sftp-client.h sftp.c] |
| add a "-l" flag for the rename command to force it to use the silly |
| standard SSH_FXP_RENAME command instead of the POSIX-rename- like |
| posix-rename@openssh.com extension. |
| |
| intended for use in regress tests, so no documentation. |
| - djm@cvs.openbsd.org 2013/08/09 03:37:25 |
| [sftp.c] |
| do getopt parsing for all sftp commands (with an empty optstring for |
| commands without arguments) to ensure consistent behaviour |
| - djm@cvs.openbsd.org 2013/08/09 03:39:13 |
| [sftp-client.c] |
| two problems found by a to-be-committed regress test: 1) msg_id was not |
| being initialised so was starting at a random value from the heap |
| (harmless, but confusing). 2) some error conditions were not being |
| propagated back to the caller |
| - djm@cvs.openbsd.org 2013/08/09 03:56:42 |
| [sftp.c] |
| enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word; |
| matching ksh's relatively recent change. |
| - djm@cvs.openbsd.org 2013/08/13 18:32:08 |
| [ssh-keygen.c] |
| typo in error message; from Stephan Rickauer |
| - djm@cvs.openbsd.org 2013/08/13 18:33:08 |
| [ssh-keygen.c] |
| another of the same typo |
| - jmc@cvs.openbsd.org 2013/08/14 08:39:27 |
| [scp.1 ssh.1] |
| some Bx/Ox conversion; |
| From: Jan Stary |
| - djm@cvs.openbsd.org 2013/08/20 00:11:38 |
| [readconf.c readconf.h ssh_config.5 sshconnect.c] |
| Add a ssh_config ProxyUseFDPass option that supports the use of |
| ProxyCommands that establish a connection and then pass a connected |
| file descriptor back to ssh(1). This allows the ProxyCommand to exit |
| rather than have to shuffle data back and forth and enables ssh to use |
| getpeername, etc. to obtain address information just like it does with |
| regular directly-connected sockets. ok markus@ |
| - jmc@cvs.openbsd.org 2013/08/20 06:56:07 |
| [ssh.1 ssh_config.5] |
| some proxyusefdpass tweaks; |
| |
| 20130808 |
| - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt |
| since some platforms (eg really old FreeBSD) don't have it. Instead, |
| run "make clean" before a complete regress run. ok djm. |
| - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime( |
| CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the |
| CLOCK_MONOTONIC define but don't actually support it. Found and tested |
| by Kevin Brott, ok djm. |
| - (dtucker) [misc.c] Remove define added for fallback testing that was |
| mistakenly included in the previous commit. |
| - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt |
| removal. The "make clean" removes modpipe which is built by the top-level |
| directory before running the tests. Spotted by tim@ |
| - (djm) Release 6.3p1 |
| |
| 20130804 |
| - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support |
| for building with older Heimdal versions. ok djm. |
| |
| 20130801 |
| - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non- |
| blocking connecting socket will clear any stored errno that might |
| otherwise have been retrievable via getsockopt(). A hack to limit writes |
| to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap |
| it in an #ifdef. Diagnosis and patch from Ivo Raisr. |
| - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134 |
| |
| 20130725 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/07/20 22:20:42 |
| [krl.c] |
| fix verification error in (as-yet usused) KRL signature checking path |
| - djm@cvs.openbsd.org 2013/07/22 05:00:17 |
| [umac.c] |
| make MAC key, data to be hashed and nonce for final hash const; |
| checked with -Wcast-qual |
| - djm@cvs.openbsd.org 2013/07/22 12:20:02 |
| [umac.h] |
| oops, forgot to commit corresponding header change; |
| spotted by jsg and jasper |
| - djm@cvs.openbsd.org 2013/07/25 00:29:10 |
| [ssh.c] |
| daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure |
| it is fully detached from its controlling terminal. based on debugging |
| - djm@cvs.openbsd.org 2013/07/25 00:56:52 |
| [sftp-client.c sftp-client.h sftp.1 sftp.c] |
| sftp support for resuming partial downloads; patch mostly by Loganaden |
| Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@ |
| "Just be careful" deraadt@ |
| - djm@cvs.openbsd.org 2013/07/25 00:57:37 |
| [version.h] |
| openssh-6.3 for release |
| - dtucker@cvs.openbsd.org 2013/05/30 20:12:32 |
| [regress/test-exec.sh] |
| use ssh and sshd as testdata since it needs to be >256k for the rekey test |
| - dtucker@cvs.openbsd.org 2013/06/10 21:56:43 |
| [regress/forwarding.sh] |
| Add test for forward config parsing |
| - djm@cvs.openbsd.org 2013/06/21 02:26:26 |
| [regress/sftp-cmds.sh regress/test-exec.sh] |
| unbreak sftp-cmds for renamed test data (s/ls/data/) |
| - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on |
| Solaris and UnixWare. Feedback and OK djm@ |
| - (tim) [regress/forwarding.sh] Fix for building outside source tree. |
| |
| 20130720 |
| - (djm) OpenBSD CVS Sync |
| - markus@cvs.openbsd.org 2013/07/19 07:37:48 |
| [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] |
| [servconf.h session.c sshd.c sshd_config.5] |
| add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, |
| or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 |
| ok djm@ |
| - djm@cvs.openbsd.org 2013/07/20 01:43:46 |
| [umac.c] |
| use a union to ensure correct alignment; ok deraadt |
| - djm@cvs.openbsd.org 2013/07/20 01:44:37 |
| [ssh-keygen.c ssh.c] |
| More useful error message on missing current user in /etc/passwd |
| - djm@cvs.openbsd.org 2013/07/20 01:50:20 |
| [ssh-agent.c] |
| call cleanup_handler on SIGINT when in debug mode to ensure sockets |
| are cleaned up on manual exit; bz#2120 |
| - djm@cvs.openbsd.org 2013/07/20 01:55:13 |
| [auth-krb5.c gss-serv-krb5.c gss-serv.c] |
| fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@ |
| |
| 20130718 |
| - (djm) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/06/10 19:19:44 |
| [readconf.c] |
| revert 1.203 while we investigate crashes reported by okan@ |
| - guenther@cvs.openbsd.org 2013/06/17 04:48:42 |
| [scp.c] |
| Handle time_t values as long long's when formatting them and when |
| parsing them from remote servers. |
| Improve error checking in parsing of 'T' lines. |
| ok dtucker@ deraadt@ |
| - markus@cvs.openbsd.org 2013/06/20 19:15:06 |
| [krl.c] |
| don't leak the rdata blob on errors; ok djm@ |
| - djm@cvs.openbsd.org 2013/06/21 00:34:49 |
| [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c] |
| for hostbased authentication, print the client host and user on |
| the auth success/failure line; bz#2064, ok dtucker@ |
| - djm@cvs.openbsd.org 2013/06/21 00:37:49 |
| [ssh_config.5] |
| explicitly mention that IdentitiesOnly can be used with IdentityFile |
| to control which keys are offered from an agent. |
| - djm@cvs.openbsd.org 2013/06/21 05:42:32 |
| [dh.c] |
| sprinkle in some error() to explain moduli(5) parse failures |
| - djm@cvs.openbsd.org 2013/06/21 05:43:10 |
| [scp.c] |
| make this -Wsign-compare clean after time_t conversion |
| - djm@cvs.openbsd.org 2013/06/22 06:31:57 |
| [scp.c] |
| improved time_t overflow check suggested by guenther@ |
| - jmc@cvs.openbsd.org 2013/06/27 14:05:37 |
| [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] |
| do not use Sx for sections outwith the man page - ingo informs me that |
| stuff like html will render with broken links; |
| issue reported by Eric S. Raymond, via djm |
| - markus@cvs.openbsd.org 2013/07/02 12:31:43 |
| [dh.c] |
| remove extra whitespace |
| - djm@cvs.openbsd.org 2013/07/12 00:19:59 |
| [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] |
| [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] |
| fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ |
| - djm@cvs.openbsd.org 2013/07/12 00:20:00 |
| [sftp.c ssh-keygen.c ssh-pkcs11.c] |
| fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ |
| - djm@cvs.openbsd.org 2013/07/12 00:43:50 |
| [misc.c] |
| in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when |
| errno == 0. Avoids confusing error message in some broken resolver |
| cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker |
| - djm@cvs.openbsd.org 2013/07/12 05:42:03 |
| [ssh-keygen.c] |
| do_print_resource_record() can never be called with a NULL filename, so |
| don't attempt (and bungle) asking for one if it has not been specified |
| bz#2127 ok dtucker@ |
| - djm@cvs.openbsd.org 2013/07/12 05:48:55 |
| [ssh.c] |
| set TCP nodelay for connections started with -N; bz#2124 ok dtucker@ |
| - schwarze@cvs.openbsd.org 2013/07/16 00:07:52 |
| [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8] |
| use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@ |
| - djm@cvs.openbsd.org 2013/07/18 01:12:26 |
| [ssh.1] |
| be more exact wrt perms for ~/.ssh/config; bz#2078 |
| |
| 20130702 |
| - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config |
| contrib/cygwin/ssh-user-config] Modernizes and improve readability of |
| the Cygwin README file (which hasn't been updated for ages), drop |
| unsupported OSes from the ssh-host-config help text, and drop an |
| unneeded option from ssh-user-config. Patch from vinschen at redhat com. |
| |
| 20130610 |
| - (djm) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/06/07 15:37:52 |
| [channels.c channels.h clientloop.c] |
| Add an "ABANDONED" channel state and use for mux sessions that are |
| disconnected via the ~. escape sequence. Channels in this state will |
| be able to close if the server responds, but do not count as active channels. |
| This means that if you ~. all of the mux clients when using ControlPersist |
| on a broken network, the backgrounded mux master will exit when the |
| Control Persist time expires rather than hanging around indefinitely. |
| bz#1917, also reported and tested by tedu@. ok djm@ markus@. |
| - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported |
| algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages. |
| - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have |
| the required OpenSSL support. Patch from naddy at freebsd. |
| - (dtucker) [myproposal.h] Make the conditional algorithm support consistent |
| and add some comments so it's clear what goes where. |
| |
| 20130605 |
| - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of |
| the necessary functions, not from the openssl version. |
| - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test. |
| Patch from cjwatson at debian. |
| - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the |
| forwarding test is extremely slow copying data on some machines so switch |
| back to copying the much smaller ls binary until we can figure out why |
| this is. |
| - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building |
| modpipe in case there's anything in there we need. |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/06/02 21:01:51 |
| [channels.h] |
| typo in comment |
| - dtucker@cvs.openbsd.org 2013/06/02 23:36:29 |
| [clientloop.h clientloop.c mux.c] |
| No need for the mux cleanup callback to be visible so restore it to static |
| and call it through the detach_user function pointer. ok djm@ |
| - dtucker@cvs.openbsd.org 2013/06/03 00:03:18 |
| [mac.c] |
| force the MAC output to be 64-bit aligned so umac won't see unaligned |
| accesses on strict-alignment architectures. bz#2101, patch from |
| tomas.kuthan at oracle.com, ok djm@ |
| - dtucker@cvs.openbsd.org 2013/06/04 19:12:23 |
| [scp.c] |
| use MAXPATHLEN for buffer size instead of fixed value. ok markus |
| - dtucker@cvs.openbsd.org 2013/06/04 20:42:36 |
| [sftp.c] |
| Make sftp's libedit interface marginally multibyte aware by building up |
| the quoted string by character instead of by byte. Prevents failures |
| when linked against a libedit built with wide character support (bz#1990). |
| "looks ok" djm |
| - dtucker@cvs.openbsd.org 2013/06/05 02:07:29 |
| [mux.c] |
| fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, |
| ok djm |
| - dtucker@cvs.openbsd.org 2013/06/05 02:27:50 |
| [sshd.c] |
| When running sshd -D, close stderr unless we have explicitly requesting |
| logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch |
| so, err, ok dtucker. |
| - dtucker@cvs.openbsd.org 2013/06/05 12:52:38 |
| [sshconnect2.c] |
| Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djm |
| - dtucker@cvs.openbsd.org 2013/06/05 22:00:28 |
| [readconf.c] |
| plug another memleak. bz#1967, from Zhenbo Xu, detected by Melton, ok djm |
| - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for |
| platforms that don't have multibyte character support (specifically, |
| mblen). |
| |
| 20130602 |
| - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy |
| linking regress/modpipe. |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/06/02 13:33:05 |
| [progressmeter.c] |
| Add misc.h for monotime prototype. (ID sync only). |
| - dtucker@cvs.openbsd.org 2013/06/02 13:35:58 |
| [ssh-agent.c] |
| Make parent_alive_interval time_t to avoid signed/unsigned comparison |
| - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platforms |
| to prevent noise from configure. Patch from Nathan Osman. (bz#2114). |
| - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android. |
| Patch from Nathan Osman. |
| - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we |
| need a shell that can handle "[ file1 -nt file2 ]". Rather than keep |
| dealing with shell portability issues in regression tests, we let |
| configure find us a capable shell on those platforms with an old /bin/sh. |
| - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr. |
| feedback and ok dtucker |
| - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker |
| - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h. |
| - (dtucker) [configure.ac] Some other platforms need sys/types.h before |
| sys/socket.h. |
| |
| 20130601 |
| - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to |
| using openssl's DES_crypt function on platorms that don't have a native |
| one, eg Android. Based on a patch from Nathan Osman. |
| - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS |
| rather than trying to enumerate the plaforms that don't have them. |
| Based on a patch from Nathan Osman, with help from tim@. |
| - (dtucker) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/05/17 00:13:13 |
| [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c |
| ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c |
| gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c |
| auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c |
| servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c |
| auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c |
| sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c |
| kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c |
| kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c |
| monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c |
| ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c |
| sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c |
| ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c |
| dns.c packet.c readpass.c authfd.c moduli.c] |
| bye, bye xfree(); ok markus@ |
| - djm@cvs.openbsd.org 2013/05/19 02:38:28 |
| [auth2-pubkey.c] |
| fix failure to recognise cert-authority keys if a key of a different type |
| appeared in authorized_keys before it; ok markus@ |
| - djm@cvs.openbsd.org 2013/05/19 02:42:42 |
| [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] |
| Standardise logging of supplemental information during userauth. Keys |
| and ruser is now logged in the auth success/failure message alongside |
| the local username, remote host/port and protocol in use. Certificates |
| contents and CA are logged too. |
| Pushing all logging onto a single line simplifies log analysis as it is |
| no longer necessary to relate information scattered across multiple log |
| entries. "I like it" markus@ |
| - dtucker@cvs.openbsd.org 2013/05/31 12:28:10 |
| [ssh-agent.c] |
| Use time_t where appropriate. ok djm |
| - dtucker@cvs.openbsd.org 2013/06/01 13:15:52 |
| [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c |
| channels.c sandbox-systrace.c] |
| Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like |
| keepalives and rekeying will work properly over clock steps. Suggested by |
| markus@, "looks good" djm@. |
| - dtucker@cvs.openbsd.org 2013/06/01 20:59:25 |
| [scp.c sftp-client.c] |
| Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch |
| from Nathan Osman via bz#2085. ok deraadt. |
| - dtucker@cvs.openbsd.org 2013/06/01 22:34:50 |
| [sftp-client.c] |
| Update progressmeter when data is acked, not when it's sent. bz#2108, from |
| Debian via Colin Watson, ok djm@ |
| - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c |
| groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c |
| sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c |
| openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c |
| openbsd-compat/port-linux.c] Replace portable-specific instances of xfree |
| with the equivalent calls to free. |
| - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall |
| back to time(NULL) if we can't find it anywhere. |
| - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday. |
| |
| 20130529 |
| - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null |
| implementation of endgrent for platforms that don't have it (eg Android). |
| Loosely based on a patch from Nathan Osman, ok djm |
| |
| 20130517 |
| - (dtucker) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/03/07 00:20:34 |
| [regress/proxy-connect.sh] |
| repeat test with a style appended to the username |
| - dtucker@cvs.openbsd.org 2013/03/23 11:09:43 |
| [regress/test-exec.sh] |
| Only regenerate host keys if they don't exist or if ssh-keygen has changed |
| since they were. Reduces test runtime by 5-30% depending on machine |
| speed. |
| - dtucker@cvs.openbsd.org 2013/04/06 06:00:22 |
| [regress/rekey.sh regress/test-exec.sh regress/integrity.sh |
| regress/multiplex.sh Makefile regress/cfgmatch.sh] |
| Split the regress log into 3 parts: the debug output from ssh, the debug |
| log from sshd and the output from the client command (ssh, scp or sftp). |
| Somewhat functional now, will become more useful when ssh/sshd -E is added. |
| - dtucker@cvs.openbsd.org 2013/04/07 02:16:03 |
| [regress/Makefile regress/rekey.sh regress/integrity.sh |
| regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh] |
| use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and |
| save the output from any failing tests. If a test fails the debug output |
| from ssh and sshd for the failing tests (and only the failing tests) should |
| be available in failed-ssh{,d}.log. |
| - djm@cvs.openbsd.org 2013/04/18 02:46:12 |
| [regress/Makefile regress/sftp-chroot.sh] |
| test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@ |
| - dtucker@cvs.openbsd.org 2013/04/22 07:23:08 |
| [regress/multiplex.sh] |
| Write mux master logs to regress.log instead of ssh.log to keep separate |
| - djm@cvs.openbsd.org 2013/05/10 03:46:14 |
| [regress/modpipe.c] |
| sync some portability changes from portable OpenSSH (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/16 02:10:35 |
| [regress/rekey.sh] |
| Add test for time-based rekeying |
| - dtucker@cvs.openbsd.org 2013/05/16 03:33:30 |
| [regress/rekey.sh] |
| test rekeying when there's no data being transferred |
| - dtucker@cvs.openbsd.org 2013/05/16 04:26:10 |
| [regress/rekey.sh] |
| add server-side rekey test |
| - dtucker@cvs.openbsd.org 2013/05/16 05:48:31 |
| [regress/rekey.sh] |
| add tests for RekeyLimit parsing |
| - dtucker@cvs.openbsd.org 2013/05/17 00:37:40 |
| [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh |
| regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh |
| regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh |
| regress/ssh-com.sh] |
| replace 'echo -n' with 'printf' since it's more portable |
| also remove "echon" hack. |
| - dtucker@cvs.openbsd.org 2013/05/17 01:16:09 |
| [regress/agent-timeout.sh] |
| Pull back some portability changes from -portable: |
| - TIMEOUT is a read-only variable in some shells |
| - not all greps have -q so redirect to /dev/null instead. |
| (ID sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 01:32:11 |
| [regress/integrity.sh] |
| don't print output from ssh before getting it (it's available in ssh.log) |
| - dtucker@cvs.openbsd.org 2013/05/17 04:29:14 |
| [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh |
| regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh |
| regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh |
| regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh |
| regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh |
| regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh |
| regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh |
| regress/multiplex.sh] |
| Move the setting of DATA and COPY into test-exec.sh |
| - dtucker@cvs.openbsd.org 2013/05/17 10:16:26 |
| [regress/try-ciphers.sh] |
| use expr for math to keep diffs vs portable down |
| (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 10:23:52 |
| [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh] |
| Use SUDO when cat'ing pid files and running the sshd log wrapper so that |
| it works with a restrictive umask and the pid files are not world readable. |
| Changes from -portable. (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 10:24:48 |
| [regress/localcommand.sh] |
| use backticks for portability. (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 10:26:26 |
| [regress/sftp-badcmds.sh] |
| remove unused BATCH variable. (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 10:28:11 |
| [regress/sftp.sh] |
| only compare copied data if sftp succeeds. from portable (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 10:30:07 |
| [regress/test-exec.sh] |
| wait a bit longer for startup and use case for absolute path. |
| from portable (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 10:33:09 |
| [regress/agent-getpeereid.sh] |
| don't redirect stdout from sudo. from portable (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 10:34:30 |
| [regress/portnum.sh] |
| use a more portable negated if structure. from portable (id sync only) |
| - dtucker@cvs.openbsd.org 2013/05/17 10:35:43 |
| [regress/scp.sh] |
| use a file extention that's not special on some platforms. from portable |
| (id sync only) |
| - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it |
| in portable and it's long gone in openbsd. |
| - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange |
| methods. When the openssl version doesn't support ECDH then next one on |
| the list is DH group exchange, but that causes a bit more traffic which can |
| mean that the tests flip bits in the initial exchange rather than the MACed |
| traffic and we get different errors to what the tests look for. |
| - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits. |
| - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd. |
| - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd. |
| - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh] |
| Move the jot helper function to portable-specific part of test-exec.sh. |
| - (dtucker) [regress/test-exec.sh] Move the portable-specific functions |
| together and add a couple of missing lines from openbsd. |
| - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5 |
| helper function to the portable part of test-exec.sh. |
| - (dtucker) [regress/runtests.sh] Remove obsolete test driver script. |
| - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by |
| rev 1.6 which calls wait. |
| |
| 20130516 |
| - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be |
| executed if mktemp failed; bz#2105 ok dtucker@ |
| - (dtucker) OpenBSD CVS Sync |
| - tedu@cvs.openbsd.org 2013/04/23 17:49:45 |
| [misc.c] |
| use xasprintf instead of a series of strlcats and strdup. ok djm |
| - tedu@cvs.openbsd.org 2013/04/24 16:01:46 |
| [misc.c] |
| remove extra parens noticed by nicm |
| - dtucker@cvs.openbsd.org 2013/05/06 07:35:12 |
| [sftp-server.8] |
| Reference the version of the sftp draft we actually implement. ok djm@ |
| - djm@cvs.openbsd.org 2013/05/10 03:40:07 |
| [sshconnect2.c] |
| fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from |
| Colin Watson |
| - djm@cvs.openbsd.org 2013/05/10 04:08:01 |
| [key.c] |
| memleak in cert_free(), wasn't actually freeing the struct; |
| bz#2096 from shm AT digitalsun.pl |
| - dtucker@cvs.openbsd.org 2013/05/10 10:13:50 |
| [ssh-pkcs11-helper.c] |
| remove unused extern optarg. ok markus@ |
| - dtucker@cvs.openbsd.org 2013/05/16 02:00:34 |
| [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c |
| ssh_config.5 packet.h] |
| Add an optional second argument to RekeyLimit in the client to allow |
| rekeying based on elapsed time in addition to amount of traffic. |
| with djm@ jmc@, ok djm |
| - dtucker@cvs.openbsd.org 2013/05/16 04:09:14 |
| [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config |
| sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing |
| rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man |
| page. |
| - djm@cvs.openbsd.org 2013/05/16 04:27:50 |
| [ssh_config.5 readconf.h readconf.c] |
| add the ability to ignore specific unrecognised ssh_config options; |
| bz#866; ok markus@ |
| - jmc@cvs.openbsd.org 2013/05/16 06:28:45 |
| [ssh_config.5] |
| put IgnoreUnknown in the right place; |
| - jmc@cvs.openbsd.org 2013/05/16 06:30:06 |
| [sshd_config.5] |
| oops! avoid Xr to self; |
| - dtucker@cvs.openbsd.org 2013/05/16 09:08:41 |
| [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] |
| Fix some "unused result" warnings found via clang and -portable. |
| ok markus@ |
| - dtucker@cvs.openbsd.org 2013/05/16 09:12:31 |
| [readconf.c servconf.c] |
| switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@ |
| - dtucker@cvs.openbsd.org 2013/05/16 10:43:34 |
| [servconf.c readconf.c] |
| remove now-unused variables |
| - dtucker@cvs.openbsd.org 2013/05/16 10:44:06 |
| [servconf.c] |
| remove another now-unused variable |
| - (dtucker) [configure.ac readconf.c servconf.c |
| openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled. |
| |
| 20130510 |
| - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler |
| supports it. Mentioned by Colin Watson in bz#2100, ok djm. |
| - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to |
| getopt.c. Preprocessed source is identical other than line numbers. |
| - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No |
| portability changes yet. |
| - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c |
| openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add |
| portability code to getopt_long.c and switch over Makefile and the ugly |
| hack in modpipe.c. Fixes bz#1448. |
| - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c |
| openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb |
| in to use it when we're using our own getopt. |
| - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the |
| underlying libraries support them. |
| - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so |
| we don't get a warning on compilers that *don't* support it. Add |
| -Wno-unknown-warning-option. Move both to the start of the list for |
| maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9. |
| |
| 20130423 |
| - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support |
| platforms, such as Android, that lack struct passwd.pw_gecos. Report |
| and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@ |
| - (djm) OpenBSD CVS Sync |
| - markus@cvs.openbsd.org 2013/03/05 20:16:09 |
| [sshconnect2.c] |
| reset pubkey order on partial success; ok djm@ |
| - djm@cvs.openbsd.org 2013/03/06 23:35:23 |
| [session.c] |
| fatal() when ChrootDirectory specified by running without root privileges; |
| ok markus@ |
| - djm@cvs.openbsd.org 2013/03/06 23:36:53 |
| [readconf.c] |
| g/c unused variable (-Wunused) |
| - djm@cvs.openbsd.org 2013/03/07 00:19:59 |
| [auth2-pubkey.c monitor.c] |
| reconstruct the original username that was sent by the client, which may |
| have included a style (e.g. "root:skey") when checking public key |
| signatures. Fixes public key and hostbased auth when the client specified |
| a style; ok markus@ |
| - markus@cvs.openbsd.org 2013/03/07 19:27:25 |
| [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] |
| add submethod support to AuthenticationMethods; ok and freedback djm@ |
| - djm@cvs.openbsd.org 2013/03/08 06:32:58 |
| [ssh.c] |
| allow "ssh -f none ..." ok markus@ |
| - djm@cvs.openbsd.org 2013/04/05 00:14:00 |
| [auth2-gss.c krl.c sshconnect2.c] |
| hush some {unused, printf type} warnings |
| - djm@cvs.openbsd.org 2013/04/05 00:31:49 |
| [pathnames.h] |
| use the existing _PATH_SSH_USER_RC define to construct the other |
| pathnames; bz#2077, ok dtucker@ (no binary change) |
| - djm@cvs.openbsd.org 2013/04/05 00:58:51 |
| [mux.c] |
| cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too |
| (in addition to ones already in OPEN); bz#2079, ok dtucker@ |
| - markus@cvs.openbsd.org 2013/04/06 16:07:00 |
| [channels.c sshd.c] |
| handle ECONNABORTED for accept(); ok deraadt some time ago... |
| - dtucker@cvs.openbsd.org 2013/04/07 02:10:33 |
| [log.c log.h ssh.1 ssh.c sshd.8 sshd.c] |
| Add -E option to ssh and sshd to append debugging logs to a specified file |
| instead of stderr or syslog. ok markus@, man page help jmc@ |
| - dtucker@cvs.openbsd.org 2013/04/07 09:40:27 |
| [sshd.8] |
| clarify -e text. suggested by & ok jmc@ |
| - djm@cvs.openbsd.org 2013/04/11 02:27:50 |
| [packet.c] |
| quiet disconnect notifications on the server from error() back to logit() |
| if it is a normal client closure; bz#2057 ok+feedback dtucker@ |
| - dtucker@cvs.openbsd.org 2013/04/17 09:04:09 |
| [session.c] |
| revert rev 1.262; it fails because uid is already set here. ok djm@ |
| - djm@cvs.openbsd.org 2013/04/18 02:16:07 |
| [sftp.c] |
| make "sftp -q" do what it says on the sticker: hush everything but errors; |
| ok dtucker@ |
| - djm@cvs.openbsd.org 2013/04/19 01:00:10 |
| [sshd_config.5] |
| document the requirment that the AuthorizedKeysCommand be owned by root; |
| ok dtucker@ markus@ |
| - djm@cvs.openbsd.org 2013/04/19 01:01:00 |
| [ssh-keygen.c] |
| fix some memory leaks; bz#2088 ok dtucker@ |
| - djm@cvs.openbsd.org 2013/04/19 01:03:01 |
| [session.c] |
| reintroduce 1.262 without the connection-killing bug: |
| fatal() when ChrootDirectory specified by running without root privileges; |
| ok markus@ |
| - djm@cvs.openbsd.org 2013/04/19 01:06:50 |
| [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] |
| [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] |
| add the ability to query supported ciphers, MACs, key type and KEX |
| algorithms to ssh. Includes some refactoring of KEX and key type handling |
| to be table-driven; ok markus@ |
| - djm@cvs.openbsd.org 2013/04/19 11:10:18 |
| [ssh.c] |
| add -Q to usage; reminded by jmc@ |
| - djm@cvs.openbsd.org 2013/04/19 12:07:08 |
| [kex.c] |
| remove duplicated list entry pointed out by naddy@ |
| - dtucker@cvs.openbsd.org 2013/04/22 01:17:18 |
| [mux.c] |
| typo in debug output: evitval->exitval |
| |
| 20130418 |
| - (djm) [config.guess config.sub] Update to last versions before they switch |
| to GPL3. ok dtucker@ |
| - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from |
| unused argument warnings (in particular, -fno-builtin-memset) from clang. |
| |
| 20130404 |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2013/02/17 23:16:57 |
| [readconf.c ssh.c readconf.h sshconnect2.c] |
| Keep track of which IndentityFile options were manually supplied and which |
| were default options, and don't warn if the latter are missing. |
| ok markus@ |
| - dtucker@cvs.openbsd.org 2013/02/19 02:12:47 |
| [krl.c] |
| Remove bogus include. ok djm |
| - dtucker@cvs.openbsd.org 2013/02/22 04:45:09 |
| [ssh.c readconf.c readconf.h] |
| Don't complain if IdentityFiles specified in system-wide configs are |
| missing. ok djm, deraadt. |
| - markus@cvs.openbsd.org 2013/02/22 19:13:56 |
| [sshconnect.c] |
| support ProxyCommand=- (stdin/out already point to the proxy); ok djm@ |
| - djm@cvs.openbsd.org 2013/02/22 22:09:01 |
| [ssh.c] |
| Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier |
| version) |
| |
| 20130401 |
| - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h |
| to avoid conflicting definitions of __int64, adding the required bits. |
| Patch from Corinna Vinschen. |
| |
| 20130323 |
| - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit. |
| |
| 20130322 |
| - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil |
| Hands' greatly revised version. |
| - (djm) Release 6.2p1 |
| - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype. |
| - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before |
| defining it again. Prevents warnings if someone, eg, sets it in CFLAGS. |
| |
| 20130318 |
| - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c] |
| [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's |
| so mark it as broken. Patch from des AT des.no |
| |
| 20130317 |
| - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none |
| of the bits the configure test looks for. |
| |
| 20130316 |
| - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform |
| is unable to successfully compile them. Based on patch from des AT |
| des.no |
| - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] |
| Add a usleep replacement for platforms that lack it; ok dtucker |
| - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to |
| occur after UID switch; patch from John Marshall via des AT des.no; |
| ok dtucker@ |
| |
| 20130312 |
| - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh] |
| Improve portability of cipher-speed test, based mostly on a patch from |
| Iain Morgan. |
| - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin") |
| in addition to root as an owner of system directories on AIX and HP-UX. |
| ok djm@ |
| |
| 20130307 |
| - (dtucker) [INSTALL] Bump documented autoconf version to what we're |
| currently using. |
| - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it |
| was removed in configure.ac rev 1.481 as it was redundant. |
| - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days |
| ago. |
| - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a |
| chance to complete on broken systems; ok dtucker@ |
| |
| 20130306 |
| - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding |
| connection to start so that the test works on slower machines. |
| - (dtucker) [configure.ac] test that we can set number of file descriptors |
| to zero with setrlimit before enabling the rlimit sandbox. This affects |
| (at least) HPUX 11.11. |
| |
| 20130305 |
| - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for |
| HP/UX. Spotted by Kevin Brott |
| - (dtucker) [configure.ac] use "=" for shell test and not "==". Spotted by |
| Amit Kulkarni and Kevin Brott. |
| - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure |
| build breakage on (at least) HP-UX 11.11. Found by Amit Kulkarni and Kevin |
| Brott. |
| - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov. |
| |
| 20130227 |
| - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| [contrib/suse/openssh.spec] Crank version numbers |
| - (tim) [regress/forward-control.sh] use sh in case login shell is csh. |
| - (tim) [regress/integrity.sh] shell portability fix. |
| - (tim) [regress/integrity.sh] keep old solaris awk from hanging. |
| - (tim) [regress/krl.sh] keep old solaris awk from hanging. |
| |
| 20130226 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/02/20 08:27:50 |
| [integrity.sh] |
| Add an option to modpipe that warns if the modification offset it not |
| reached in it's stream and turn it on for t-integrity. This should catch |
| cases where the session is not fuzzed for being too short (cf. my last |
| "oops" commit) |
| - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage |
| for UsePAM=yes configuration |
| |
| 20130225 |
| - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed |
| to use Solaris native GSS libs. Patch from Pierre Ossman. |
| |
| 20130223 |
| - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer |
| bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu. |
| ok tim |
| |
| 20130222 |
| - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to |
| ssh(1) since they're not needed. Patch from Pierre Ossman, ok djm. |
| - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named |
| libgss too. Patch from Pierre Ossman, ok djm. |
| - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux |
| seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com; |
| ok dtucker |
| |
| 20130221 |
| - (tim) [regress/forward-control.sh] shell portability fix. |
| |
| 20130220 |
| - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix. |
| - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded |
| err.h include from krl.c. Additional portability fixes for modpipe. OK djm |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/02/20 08:27:50 |
| [regress/integrity.sh regress/modpipe.c] |
| Add an option to modpipe that warns if the modification offset it not |
| reached in it's stream and turn it on for t-integrity. This should catch |
| cases where the session is not fuzzed for being too short (cf. my last |
| "oops" commit) |
| - djm@cvs.openbsd.org 2013/02/20 08:29:27 |
| [regress/modpipe.c] |
| s/Id/OpenBSD/ in RCS tag |
| |
| 20130219 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/02/18 22:26:47 |
| [integrity.sh] |
| crank the offset yet again; it was still fuzzing KEX one of Darren's |
| portable test hosts at 2800 |
| - djm@cvs.openbsd.org 2013/02/19 02:14:09 |
| [integrity.sh] |
| oops, forgot to increase the output of the ssh command to ensure that |
| we actually reach $offset |
| - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that |
| lack support for SHA2. |
| - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms |
| that do not have them. |
| |
| 20130217 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/02/17 23:16:55 |
| [integrity.sh] |
| make the ssh command generates some output to ensure that there are at |
| least offset+tries bytes in the stream. |
| |
| 20130216 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/02/16 06:08:45 |
| [integrity.sh] |
| make sure the fuzz offset is actually past the end of KEX for all KEX |
| types. diffie-hellman-group-exchange-sha256 requires an offset around |
| 2700. Noticed via test failures in portable OpenSSH on platforms that |
| lack ECC and this the more byte-frugal ECDH KEX algorithms. |
| |
| 20130215 |
| - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from |
| Iain Morgan |
| - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] |
| Use getpgrp() if we don't have getpgid() (old BSDs, maybe others). |
| - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c |
| openbsd-compat/openbsd-compat.h] Add strtoull to compat library for |
| platforms that don't have it. |
| - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul, |
| group strto* function prototypes together. |
| - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes |
| an argument. Pointed out by djm. |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/02/14 21:35:59 |
| [auth2-pubkey.c] |
| Correct error message that had a typo and was logging the wrong thing; |
| patch from Petr Lautrbach |
| - dtucker@cvs.openbsd.org 2013/02/15 00:21:01 |
| [sshconnect2.c] |
| Warn more loudly if an IdentityFile provided by the user cannot be read. |
| bz #1981, ok djm@ |
| |
| 20130214 |
| - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC. |
| - (djm) [regress/krl.sh] typo; found by Iain Morgan |
| - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead |
| of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by |
| Iain Morgan |
| |
| 20130212 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/01/24 21:45:37 |
| [krl.c] |
| fix handling of (unused) KRL signatures; skip string in correct buffer |
| - djm@cvs.openbsd.org 2013/01/24 22:08:56 |
| [krl.c] |
| skip serial lookup when cert's serial number is zero |
| - krw@cvs.openbsd.org 2013/01/25 05:00:27 |
| [krl.c] |
| Revert last. Breaks due to likely typo. Let djm@ fix later. |
| ok djm@ via dlg@ |
| - djm@cvs.openbsd.org 2013/01/25 10:22:19 |
| [krl.c] |
| redo last commit without the vi-vomit that snuck in: |
| skip serial lookup when cert's serial number is zero |
| (now with 100% better comment) |
| - djm@cvs.openbsd.org 2013/01/26 06:11:05 |
| [Makefile.in acss.c acss.h cipher-acss.c cipher.c] |
| [openbsd-compat/openssl-compat.h] |
| remove ACSS, now that it is gone from libcrypto too |
| - djm@cvs.openbsd.org 2013/01/27 10:06:12 |
| [krl.c] |
| actually use the xrealloc() return value; spotted by xi.wang AT gmail.com |
| - dtucker@cvs.openbsd.org 2013/02/06 00:20:42 |
| [servconf.c sshd_config sshd_config.5] |
| Change default of MaxStartups to 10:30:100 to start doing random early |
| drop at 10 connections up to 100 connections. This will make it harder |
| to DoS as CPUs have come a long way since the original value was set |
| back in 2000. Prompted by nion at debian org, ok markus@ |
| - dtucker@cvs.openbsd.org 2013/02/06 00:22:21 |
| [auth.c] |
| Fix comment, from jfree.e1 at gmail |
| - djm@cvs.openbsd.org 2013/02/08 00:41:12 |
| [sftp.c] |
| fix NULL deref when built without libedit and control characters |
| entered as command; debugging and patch from Iain Morgan an |
| Loganaden Velvindron in bz#1956 |
| - markus@cvs.openbsd.org 2013/02/10 21:19:34 |
| [version.h] |
| openssh 6.2 |
| - djm@cvs.openbsd.org 2013/02/10 23:32:10 |
| [ssh-keygen.c] |
| append to moduli file when screening candidates rather than overwriting. |
| allows resumption of interrupted screen; patch from Christophe Garault |
| in bz#1957; ok dtucker@ |
| - djm@cvs.openbsd.org 2013/02/10 23:35:24 |
| [packet.c] |
| record "Received disconnect" messages at ERROR rather than INFO priority, |
| since they are abnormal and result in a non-zero ssh exit status; patch |
| from Iain Morgan in bz#2057; ok dtucker@ |
| - dtucker@cvs.openbsd.org 2013/02/11 21:21:58 |
| [sshd.c] |
| Add openssl version to debug output similar to the client. ok markus@ |
| - djm@cvs.openbsd.org 2013/02/11 23:58:51 |
| [regress/try-ciphers.sh] |
| remove acss here too |
| - (djm) [regress/try-ciphers.sh] clean up CVS merge botch |
| |
| 20130211 |
| - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old |
| libcrypto that lacks EVP_CIPHER_CTX_ctrl |
| |
| 20130208 |
| - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer; |
| patch from Iain Morgan in bz#2059 |
| - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows |
| __attribute__ on return values and work around if necessary. ok djm@ |
| |
| 20130207 |
| - (djm) [configure.ac] Don't probe seccomp capability of running kernel |
| at configure time; the seccomp sandbox will fall back to rlimit at |
| runtime anyway. Patch from plautrba AT redhat.com in bz#2011 |
| |
| 20130120 |
| - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h] |
| Move prototypes for replacement ciphers to openssl-compat.h; fix EVP |
| prototypes for openssl-1.0.0-fips. |
| - (djm) OpenBSD CVS Sync |
| - jmc@cvs.openbsd.org 2013/01/18 07:57:47 |
| [ssh-keygen.1] |
| tweak previous; |
| - jmc@cvs.openbsd.org 2013/01/18 07:59:46 |
| [ssh-keygen.c] |
| -u before -V in usage(); |
| - jmc@cvs.openbsd.org 2013/01/18 08:00:49 |
| [sshd_config.5] |
| tweak previous; |
| - jmc@cvs.openbsd.org 2013/01/18 08:39:04 |
| [ssh-keygen.1] |
| add -Q to the options list; ok djm |
| - jmc@cvs.openbsd.org 2013/01/18 21:48:43 |
| [ssh-keygen.1] |
| command-line (adj.) -> command line (n.); |
| - jmc@cvs.openbsd.org 2013/01/19 07:13:25 |
| [ssh-keygen.1] |
| fix some formatting; ok djm |
| - markus@cvs.openbsd.org 2013/01/19 12:34:55 |
| [krl.c] |
| RB_INSERT does not remove existing elments; ok djm@ |
| - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer |
| version. |
| - (djm) [regress/krl.sh] replacement for jot; most platforms lack it |
| |
| 20130118 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/01/17 23:00:01 |
| [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5] |
| [krl.c krl.h PROTOCOL.krl] |
| add support for Key Revocation Lists (KRLs). These are a compact way to |
| represent lists of revoked keys and certificates, taking as little as |
| a single bit of incremental cost to revoke a certificate by serial number. |
| KRLs are loaded via the existing RevokedKeys sshd_config option. |
| feedback and ok markus@ |
| - djm@cvs.openbsd.org 2013/01/18 00:45:29 |
| [regress/Makefile regress/cert-userkey.sh regress/krl.sh] |
| Tests for Key Revocation Lists (KRLs) |
| - djm@cvs.openbsd.org 2013/01/18 03:00:32 |
| [krl.c] |
| fix KRL generation bug for list sections |
| |
| 20130117 |
| - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] |
| check for GCM support before testing GCM ciphers. |
| |
| 20130112 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2013/01/12 11:22:04 |
| [cipher.c] |
| improve error message for integrity failure in AES-GCM modes; ok markus@ |
| - djm@cvs.openbsd.org 2013/01/12 11:23:53 |
| [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] |
| test AES-GCM modes; feedback markus@ |
| - (djm) [regress/integrity.sh] repair botched merge |
| |
| 20130109 |
| - (djm) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2012/12/14 05:26:43 |
| [auth.c] |
| use correct string in error message; from rustybsd at gmx.fr |
| - djm@cvs.openbsd.org 2013/01/02 00:32:07 |
| [clientloop.c mux.c] |
| channel_setup_local_fwd_listener() returns 0 on failure, not -ve |
| bz#2055 reported by mathieu.lacage AT gmail.com |
| - djm@cvs.openbsd.org 2013/01/02 00:33:49 |
| [PROTOCOL.agent] |
| correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED |
| bz#2051 from david AT lechnology.com |
| - djm@cvs.openbsd.org 2013/01/03 05:49:36 |
| [servconf.h] |
| add a couple of ServerOptions members that should be copied to the privsep |
| child (for consistency, in this case they happen only to be accessed in |
| the monitor); ok dtucker@ |
| - djm@cvs.openbsd.org 2013/01/03 12:49:01 |
| [PROTOCOL] |
| fix description of MAC calculation for EtM modes; ok markus@ |
| - djm@cvs.openbsd.org 2013/01/03 12:54:49 |
| [sftp-server.8 sftp-server.c] |
| allow specification of an alternate start directory for sftp-server(8) |
| "I like this" markus@ |
| - djm@cvs.openbsd.org 2013/01/03 23:22:58 |
| [ssh-keygen.c] |
| allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ... |
| ok markus@ |
| - jmc@cvs.openbsd.org 2013/01/04 19:26:38 |
| [sftp-server.8 sftp-server.c] |
| sftp-server.8: add argument name to -d |
| sftp-server.c: add -d to usage() |
| ok djm |
| - markus@cvs.openbsd.org 2013/01/08 18:49:04 |
| [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c] |
| [myproposal.h packet.c ssh_config.5 sshd_config.5] |
| support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) |
| ok and feedback djm@ |
| - djm@cvs.openbsd.org 2013/01/09 05:40:17 |
| [ssh-keygen.c] |
| correctly initialise fingerprint type for fingerprinting PKCS#11 keys |
| - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h] |
| Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little |
| cipher compat code to openssl-compat.h |
| |
| 20121217 |
| - (dtucker) [Makefile.in] Add some scaffolding so that the new regress |
| tests will work with VPATH directories. |
| |
| 20121213 |
| - (djm) OpenBSD CVS Sync |
| - markus@cvs.openbsd.org 2012/12/12 16:45:52 |
| [packet.c] |
| reset incoming_packet buffer for each new packet in EtM-case, too; |
| this happens if packets are parsed only parially (e.g. ignore |
| messages sent when su/sudo turn off echo); noted by sthen/millert |
| - naddy@cvs.openbsd.org 2012/12/12 16:46:10 |
| [cipher.c] |
| use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled |
| counter mode code; ok djm@ |
| - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our |
| compat code for older OpenSSL |
| - (djm) [cipher.c] Fix missing prototype for compat code |
| |
| 20121212 |
| - (djm) OpenBSD CVS Sync |
| - markus@cvs.openbsd.org 2012/12/11 22:16:21 |
| [monitor.c] |
| drain the log messages after receiving the keystate from the unpriv |
| child. otherwise it might block while sending. ok djm@ |
| - markus@cvs.openbsd.org 2012/12/11 22:31:18 |
| [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h] |
| [packet.c ssh_config.5 sshd_config.5] |
| add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms |
| that change the packet format and compute the MAC over the encrypted |
| message (including the packet size) instead of the plaintext data; |
| these EtM modes are considered more secure and used by default. |
| feedback and ok djm@ |
| - sthen@cvs.openbsd.org 2012/12/11 22:51:45 |
| [mac.c] |
| fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@ |
| - markus@cvs.openbsd.org 2012/12/11 22:32:56 |
| [regress/try-ciphers.sh] |
| add etm modes |
| - markus@cvs.openbsd.org 2012/12/11 22:42:11 |
| [regress/Makefile regress/modpipe.c regress/integrity.sh] |
| test the integrity of the packets; with djm@ |
| - markus@cvs.openbsd.org 2012/12/11 23:12:13 |
| [try-ciphers.sh] |
| add hmac-ripemd160-etm@openssh.com |
| - (djm) [mac.c] fix merge botch |
| - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test |
| work on platforms without 'jot' |
| - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip |
| - (djm) [regress/Makefile] fix t-exec rule |
| |
| 20121207 |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2012/12/06 06:06:54 |
| [regress/keys-command.sh] |
| Fix some problems with the keys-command test: |
| - use string comparison rather than numeric comparison |
| - check for existing KEY_COMMAND file and don't clobber if it exists |
| - clean up KEY_COMMAND file if we do create it. |
| - check that KEY_COMMAND is executable (which it won't be if eg /var/run |
| is mounted noexec). |
| ok djm. |
| - jmc@cvs.openbsd.org 2012/12/03 08:33:03 |
| [ssh-add.1 sshd_config.5] |
| tweak previous; |
| - markus@cvs.openbsd.org 2012/12/05 15:42:52 |
| [ssh-add.c] |
| prevent double-free of comment; ok djm@ |
| - dtucker@cvs.openbsd.org 2012/12/07 01:51:35 |
| [serverloop.c] |
| Cast signal to int for logging. A no-op on openbsd (they're always ints) |
| but will prevent warnings in portable. ok djm@ |
| |
| 20121205 |
| - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@. |
| |
| 20121203 |
| - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get |
| TAILQ_FOREACH_SAFE needed for upcoming changes. |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2012/12/02 20:26:11 |
| [ssh_config.5 sshconnect2.c] |
| Make IdentitiesOnly apply to keys obtained from a PKCS11Provider. |
| This allows control of which keys are offered from tokens using |
| IdentityFile. ok markus@ |
| - djm@cvs.openbsd.org 2012/12/02 20:42:15 |
| [ssh-add.1 ssh-add.c] |
| make deleting explicit keys "ssh-add -d" symmetric with adding keys - |
| try to delete the corresponding certificate too and respect the -k option |
| to allow deleting of the key only; feedback and ok markus@ |
| - djm@cvs.openbsd.org 2012/12/02 20:46:11 |
| [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c] |
| [sshd_config.5] |
| make AllowTcpForwarding accept "local" and "remote" in addition to its |
| current "yes"/"no" to allow the server to specify whether just local or |
| remote TCP forwarding is enabled. ok markus@ |
| - dtucker@cvs.openbsd.org 2012/10/05 02:20:48 |
| [regress/cipher-speed.sh regress/try-ciphers.sh] |
| Add umac-128@openssh.com to the list of MACs to be tested |
| - djm@cvs.openbsd.org 2012/10/19 05:10:42 |
| [regress/cert-userkey.sh] |
| include a serial number when generating certs |
| - djm@cvs.openbsd.org 2012/11/22 22:49:30 |
| [regress/Makefile regress/keys-command.sh] |
| regress for AuthorizedKeysCommand; hints from markus@ |
| - djm@cvs.openbsd.org 2012/12/02 20:47:48 |
| [Makefile regress/forward-control.sh] |
| regress for AllowTcpForwarding local/remote; ok markus@ |
| - djm@cvs.openbsd.org 2012/12/03 00:14:06 |
| [auth2-chall.c ssh-keygen.c] |
| Fix compilation with -Wall -Werror (trivial type fixes) |
| - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation |
| debugging. ok dtucker@ |
| - (djm) [configure.ac] Revert previous. configure.ac already does this |
| for us. |
| |
| 20121114 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2012/11/14 02:24:27 |
| [auth2-pubkey.c] |
| fix username passed to helper program |
| prepare stdio fds before closefrom() |
| spotted by landry@ |
| - djm@cvs.openbsd.org 2012/11/14 02:32:15 |
| [ssh-keygen.c] |
| allow the full range of unsigned serial numbers; 'fine' deraadt@ |
| - djm@cvs.openbsd.org 2012/12/02 20:34:10 |
| [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c] |
| [monitor.c monitor.h] |
| Fixes logging of partial authentication when privsep is enabled |
| Previously, we recorded "Failed xxx" since we reset authenticated before |
| calling auth_log() in auth2.c. This adds an explcit "Partial" state. |
| |
| Add a "submethod" to auth_log() to report which submethod is used |
| for keyboard-interactive. |
| |
| Fix multiple authentication when one of the methods is |
| keyboard-interactive. |
| |
| ok markus@ |
| - dtucker@cvs.openbsd.org 2012/10/05 02:05:30 |
| [regress/multiplex.sh] |
| Use 'kill -0' to test for the presence of a pid since it's more portable |
| |
| 20121107 |
| - (djm) OpenBSD CVS Sync |
| - eric@cvs.openbsd.org 2011/11/28 08:46:27 |
| [moduli.5] |
| fix formula |
| ok djm@ |
| - jmc@cvs.openbsd.org 2012/09/26 17:34:38 |
| [moduli.5] |
| last stage of rfc changes, using consistent Rs/Re blocks, and moving the |
| references into a STANDARDS section; |
| |
| 20121105 |
| - (dtucker) [uidswap.c openbsd-compat/Makefile.in |
| openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h |
| openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids |
| and gids from uidswap.c to the compat library, which allows it to work with |
| the new setresuid calls in auth2-pubkey. with tim@, ok djm@ |
| - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that |
| don't have it. Spotted by tim@. |
| |
| 20121104 |
| - (djm) OpenBSD CVS Sync |
| - jmc@cvs.openbsd.org 2012/10/31 08:04:50 |
| [sshd_config.5] |
| tweak previous; |
| - djm@cvs.openbsd.org 2012/11/04 10:38:43 |
| [auth2-pubkey.c sshd.c sshd_config.5] |
| Remove default of AuthorizedCommandUser. Administrators are now expected |
| to explicitly specify a user. feedback and ok markus@ |
| - djm@cvs.openbsd.org 2012/11/04 11:09:15 |
| [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c] |
| [sshd_config.5] |
| Support multiple required authentication via an AuthenticationMethods |
| option. This option lists one or more comma-separated lists of |
| authentication method names. Successful completion of all the methods in |
| any list is required for authentication to complete; |
| feedback and ok markus@ |
| |
| 20121030 |
| - (djm) OpenBSD CVS Sync |
| - markus@cvs.openbsd.org 2012/10/05 12:34:39 |
| [sftp.c] |
| fix signed vs unsigned warning; feedback & ok: djm@ |
| - djm@cvs.openbsd.org 2012/10/30 21:29:55 |
| [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] |
| [sshd.c sshd_config sshd_config.5] |
| new sshd_config option AuthorizedKeysCommand to support fetching |
| authorized_keys from a command in addition to (or instead of) from |
| the filesystem. The command is run as the target server user unless |
| another specified via a new AuthorizedKeysCommandUser option. |
| |
| patch originally by jchadima AT redhat.com, reworked by me; feedback |
| and ok markus@ |
| |
| 20121019 |
| - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in |
| the generated file as intended. |
| |
| 20121005 |
| - (dtucker) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2012/09/17 09:54:44 |
| [sftp.c] |
| an XXX for later |
| - markus@cvs.openbsd.org 2012/09/17 13:04:11 |
| [packet.c] |
| clear old keys on rekeing; ok djm |
| - dtucker@cvs.openbsd.org 2012/09/18 10:36:12 |
| [sftp.c] |
| Add bounds check on sftp tab-completion. Part of a patch from from |
| Jean-Marc Robert via tech@, ok djm |
| - dtucker@cvs.openbsd.org 2012/09/21 10:53:07 |
| [sftp.c] |
| Fix improper handling of absolute paths when PWD is part of the completed |
| path. Patch from Jean-Marc Robert via tech@, ok djm. |
| - dtucker@cvs.openbsd.org 2012/09/21 10:55:04 |
| [sftp.c] |
| Fix handling of filenames containing escaped globbing characters and |
| escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm. |
| - jmc@cvs.openbsd.org 2012/09/26 16:12:13 |
| [ssh.1] |
| last stage of rfc changes, using consistent Rs/Re blocks, and moving the |
| references into a STANDARDS section; |
| - naddy@cvs.openbsd.org 2012/10/01 13:59:51 |
| [monitor_wrap.c] |
| pasto; ok djm@ |
| - djm@cvs.openbsd.org 2012/10/02 07:07:45 |
| [ssh-keygen.c] |
| fix -z option, broken in revision 1.215 |
| - markus@cvs.openbsd.org 2012/10/04 13:21:50 |
| [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c] |
| add umac128 variant; ok djm@ at n2k12 |
| - dtucker@cvs.openbsd.org 2012/09/06 04:11:07 |
| [regress/try-ciphers.sh] |
| Restore missing space. (Id sync only). |
| - dtucker@cvs.openbsd.org 2012/09/09 11:51:25 |
| [regress/multiplex.sh] |
| Add test for ssh -Ostop |
| - dtucker@cvs.openbsd.org 2012/09/10 00:49:21 |
| [regress/multiplex.sh] |
| Log -O cmd output to the log file and make logging consistent with the |
| other tests. Test clean shutdown of an existing channel when testing |
| "stop". |
| - dtucker@cvs.openbsd.org 2012/09/10 01:51:19 |
| [regress/multiplex.sh] |
| use -Ocheck and waiting for completions by PID to make multiplexing test |
| less racy and (hopefully) more reliable on slow hardware. |
| - [Makefile umac.c] Add special-case target to build umac128.o. |
| - [umac.c] Enforce allowed umac output sizes. From djm@. |
| - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom". |
| |
| 20120917 |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2012/09/13 23:37:36 |
| [servconf.c] |
| Fix comment line length |
| - markus@cvs.openbsd.org 2012/09/14 16:51:34 |
| [sshconnect.c] |
| remove unused variable |
| |
| 20120907 |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2012/09/06 09:50:13 |
| [clientloop.c] |
| Make the escape command help (~?) context sensitive so that only commands |
| that will work in the current session are shown. ok markus@ |
| - jmc@cvs.openbsd.org 2012/09/06 13:57:42 |
| [ssh.1] |
| missing letter in previous; |
| - dtucker@cvs.openbsd.org 2012/09/07 00:30:19 |
| [clientloop.c] |
| Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@ |
| - dtucker@cvs.openbsd.org 2012/09/07 01:10:21 |
| [clientloop.c] |
| Merge escape help text for ~v and ~V; ok djm@ |
| - dtucker@cvs.openbsd.org 2012/09/07 06:34:21 |
| [clientloop.c] |
| when muxmaster is run with -N, make it shut down gracefully when a client |
| sends it "-O stop" rather than hanging around (bz#1985). ok djm@ |
| |
| 20120906 |
| - (dtucker) OpenBSD CVS Sync |
| - jmc@cvs.openbsd.org 2012/08/15 18:25:50 |
| [ssh-keygen.1] |
| a little more info on certificate validity; |
| requested by Ross L Richardson, and provided by djm |
| - dtucker@cvs.openbsd.org 2012/08/17 00:45:45 |
| [clientloop.c clientloop.h mux.c] |
| Force a clean shutdown of ControlMaster client sessions when the ~. escape |
| sequence is used. This means that ~. should now work in mux clients even |
| if the server is no longer responding. Found by tedu, ok djm. |
| - djm@cvs.openbsd.org 2012/08/17 01:22:56 |
| [kex.c] |
| add some comments about better handling first-KEX-follows notifications |
| from the server. Nothing uses these right now. No binary change |
| - djm@cvs.openbsd.org 2012/08/17 01:25:58 |
| [ssh-keygen.c] |
| print details of which host lines were deleted when using |
| "ssh-keygen -R host"; ok markus@ |
| - djm@cvs.openbsd.org 2012/08/17 01:30:00 |
| [compat.c sshconnect.c] |
| Send client banner immediately, rather than waiting for the server to |
| move first for SSH protocol 2 connections (the default). Patch based on |
| one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@ |
| - dtucker@cvs.openbsd.org 2012/09/06 04:37:39 |
| [clientloop.c log.c ssh.1 log.h] |
| Add ~v and ~V escape sequences to raise and lower the logging level |
| respectively. Man page help from jmc, ok deraadt jmc |
| |
| 20120830 |
| - (dtucker) [moduli] Import new moduli file. |
| |
| 20120828 |
| - (djm) Release openssh-6.1 |
| |
| 20120828 |
| - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN |
| for compatibility with future mingw-w64 headers. Patch from vinschen at |
| redhat com. |
| |
| 20120822 |
| - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| [contrib/suse/openssh.spec] Update version numbers |
| |
| 20120731 |
| - (djm) OpenBSD CVS Sync |
| - jmc@cvs.openbsd.org 2012/07/06 06:38:03 |
| [ssh-keygen.c] |
| missing full stop in usage(); |
| - djm@cvs.openbsd.org 2012/07/10 02:19:15 |
| [servconf.c servconf.h sshd.c sshd_config] |
| Turn on systrace sandboxing of pre-auth sshd by default for new installs |
| by shipping a config that overrides the current UsePrivilegeSeparation=yes |
| default. Make it easier to flip the default in the future by adding too. |
| prodded markus@ feedback dtucker@ "get it in" deraadt@ |
| - dtucker@cvs.openbsd.org 2012/07/13 01:35:21 |
| [servconf.c] |
| handle long comments in config files better. bz#2025, ok markus |
| - markus@cvs.openbsd.org 2012/07/22 18:19:21 |
| [version.h] |
| openssh 6.1 |
| |
| 20120720 |
| - (dtucker) Import regened moduli file. |
| |
| 20120706 |
| - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is |
| not available. Allows use of sshd compiled on host with a filter-capable |
| kernel on hosts that lack the support. bz#2011 ok dtucker@ |
| - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no |
| unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT |
| esperi.org.uk; ok dtucker@ |
| - (djm) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2012/07/06 00:41:59 |
| [moduli.c ssh-keygen.1 ssh-keygen.c] |
| Add options to specify starting line number and number of lines to process |
| when screening moduli candidates. This allows processing of different |
| parts of a candidate moduli file in parallel. man page help jmc@, ok djm@ |
| - djm@cvs.openbsd.org 2012/07/06 01:37:21 |
| [mux.c] |
| fix memory leak of passed-in environment variables and connection |
| context when new session message is malformed; bz#2003 from Bert.Wesarg |
| AT googlemail.com |
| - djm@cvs.openbsd.org 2012/07/06 01:47:38 |
| [ssh.c] |
| move setting of tty_flag to after config parsing so RequestTTY options |
| are correctly picked up. bz#1995 patch from przemoc AT gmail.com; |
| ok dtucker@ |
| |
| 20120704 |
| - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for |
| platforms that don't have it. "looks good" tim@ |
| |
| 20120703 |
| - (dtucker) [configure.ac] Detect platforms that can't use select(2) with |
| setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those. |
| - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not |
| setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its |
| benefit is minor, so it's not worth disabling the sandbox if it doesn't |
| work. |
| |
| 20120702 |
| - (dtucker) OpenBSD CVS Sync |
| - naddy@cvs.openbsd.org 2012/06/29 13:57:25 |
| [ssh_config.5 sshd_config.5] |
| match the documented MAC order of preference to the actual one; |
| ok dtucker@ |
| - markus@cvs.openbsd.org 2012/06/30 14:35:09 |
| [sandbox-systrace.c sshd.c] |
| fix a during the load of the sandbox policies (child can still make |
| the read-syscall and wait forever for systrace-answers) by replacing |
| the read/write synchronisation with SIGSTOP/SIGCONT; |
| report and help hshoexer@; ok djm@, dtucker@ |
| - dtucker@cvs.openbsd.org 2012/07/02 08:50:03 |
| [ssh.c] |
| set interactive ToS for forwarded X11 sessions. ok djm@ |
| - dtucker@cvs.openbsd.org 2012/07/02 12:13:26 |
| [ssh-pkcs11-helper.c sftp-client.c] |
| fix a couple of "assigned but not used" warnings. ok markus@ |
| - dtucker@cvs.openbsd.org 2012/07/02 14:37:06 |
| [regress/connect-privsep.sh] |
| remove exit from end of test since it prevents reporting failure |
| - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh] |
| Move cygwin detection to test-exec and use to skip reexec test on cygwin. |
| - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k. |
| |
| 20120629 |
| - OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2012/06/21 00:16:07 |
| [addrmatch.c] |
| fix strlcpy truncation check. from carsten at debian org, ok markus |
| - dtucker@cvs.openbsd.org 2012/06/22 12:30:26 |
| [monitor.c sshconnect2.c] |
| remove dead code following 'for (;;)' loops. |
| From Steve.McClellan at radisys com, ok markus@ |
| - dtucker@cvs.openbsd.org 2012/06/22 14:36:33 |
| [sftp.c] |
| Remove unused variable leftover from tab-completion changes. |
| From Steve.McClellan at radisys com, ok markus@ |
| - dtucker@cvs.openbsd.org 2012/06/26 11:02:30 |
| [sandbox-systrace.c] |
| Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation |
| sandbox" since malloc now uses it. From johnw.mail at gmail com. |
| - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 |
| [mac.c myproposal.h ssh_config.5 sshd_config.5] |
| Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed |
| from draft6 of the spec and will not be in the RFC when published. Patch |
| from mdb at juniper net via bz#2023, ok markus. |
| - naddy@cvs.openbsd.org 2012/06/29 13:57:25 |
| [ssh_config.5 sshd_config.5] |
| match the documented MAC order of preference to the actual one; ok dtucker@ |
| - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 |
| [regress/addrmatch.sh] |
| Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests |
| to match. Feedback and ok djm@ markus@. |
| - djm@cvs.openbsd.org 2012/06/01 00:47:35 |
| [regress/multiplex.sh regress/forwarding.sh] |
| append to rather than truncate test log; bz#2013 from openssh AT |
| roumenpetrov.info |
| - djm@cvs.openbsd.org 2012/06/01 00:52:52 |
| [regress/sftp-cmds.sh] |
| don't delete .* on cleanup due to unintended env expansion; pointed out in |
| bz#2014 by openssh AT roumenpetrov.info |
| - dtucker@cvs.openbsd.org 2012/06/26 12:06:59 |
| [regress/connect-privsep.sh] |
| test sandbox with every malloc option |
| - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 |
| [regress/try-ciphers.sh regress/cipher-speed.sh] |
| Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed |
| from draft6 of the spec and will not be in the RFC when published. Patch |
| from mdb at juniper net via bz#2023, ok markus. |
| - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error. |
| - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have |
| the required functions in libcrypto. |
| |
| 20120628 |
| - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null |
| pointer deref in the client when built with LDNS and using DNSSEC with a |
| CNAME. Patch from gregdlg+mr at hochet info. |
| |
| 20120622 |
| - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as |
| can logon as a service. Patch from vinschen at redhat com. |
| |
| 20120620 |
| - (djm) OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2011/12/02 00:41:56 |
| [mux.c] |
| fix bz#1948: ssh -f doesn't fork for multiplexed connection. |
| ok dtucker@ |
| - djm@cvs.openbsd.org 2011/12/04 23:16:12 |
| [mux.c] |
| revert: |
| > revision 1.32 |
| > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 |
| > fix bz#1948: ssh -f doesn't fork for multiplexed connection. |
| > ok dtucker@ |
| it interacts badly with ControlPersist |
| - djm@cvs.openbsd.org 2012/01/07 21:11:36 |
| [mux.c] |
| fix double-free in new session handler |
| NB. Id sync only |
| - djm@cvs.openbsd.org 2012/05/23 03:28:28 |
| [dns.c dns.h key.c key.h ssh-keygen.c] |
| add support for RFC6594 SSHFP DNS records for ECDSA key types. |
| patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@ |
| (Original authors Ondřej Surý, Ondřej Caletka and Daniel Black) |
| - djm@cvs.openbsd.org 2012/06/01 00:49:35 |
| [PROTOCOL.mux] |
| correct types of port numbers (integers, not strings); bz#2004 from |
| bert.wesarg AT googlemail.com |
| - djm@cvs.openbsd.org 2012/06/01 01:01:22 |
| [mux.c] |
| fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg |
| AT googlemail.com |
| - dtucker@cvs.openbsd.org 2012/06/18 11:43:53 |
| [jpake.c] |
| correct sizeof usage. patch from saw at online.de, ok deraadt |
| - dtucker@cvs.openbsd.org 2012/06/18 11:49:58 |
| [ssh_config.5] |
| RSA instead of DSA twice. From Steve.McClellan at radisys com |
| - dtucker@cvs.openbsd.org 2012/06/18 12:07:07 |
| [ssh.1 sshd.8] |
| Remove mention of 'three' key files since there are now four. From |
| Steve.McClellan at radisys com. |
| - dtucker@cvs.openbsd.org 2012/06/18 12:17:18 |
| [ssh.1] |
| Clarify description of -W. Noted by Steve.McClellan at radisys com, |
| ok jmc |
| - markus@cvs.openbsd.org 2012/06/19 18:25:28 |
| [servconf.c servconf.h sshd_config.5] |
| sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups} |
| this allows 'Match LocalPort 1022' combined with 'AllowUser bauer' |
| ok djm@ (back in March) |
| - jmc@cvs.openbsd.org 2012/06/19 21:35:54 |
| [sshd_config.5] |
| tweak previous; ok markus |
| - djm@cvs.openbsd.org 2012/06/20 04:42:58 |
| [clientloop.c serverloop.c] |
| initialise accept() backoff timer to avoid EINVAL from select(2) in |
| rekeying |
| |
| 20120519 |
| - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch |
| from cjwatson at debian org. |
| - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find |
| pkg-config so it does the right thing when cross-compiling. Patch from |
| cjwatson at debian org. |
| - (dtucker) OpenBSD CVS Sync |
| - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 |
| [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5] |
| Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests |
| to match. Feedback and ok djm@ markus@. |
| - dtucker@cvs.openbsd.org 2012/05/19 06:30:30 |
| [sshd_config.5] |
| Document PermitOpen none. bz#2001, patch from Loganaden Velvindron |
| |
| 20120504 |
| - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h> |
| to fix building on some plaforms. Fom bowman at math utah edu and |
| des at des no. |
| |
| 20120427 |
| - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6 |
| platform rather than exiting early, so that we still clean up and return |
| success or failure to test-exec.sh |
| |
| 20120426 |
| - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters |
| via Niels |
| - (djm) [auth-krb5.c] Save errno across calls that might modify it; |
| ok dtucker@ |
| |
| 20120423 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2012/04/23 08:18:17 |
| [channels.c] |
| fix function proto/source mismatch |
| |
| 20120422 |
| - OpenBSD CVS Sync |
| - djm@cvs.openbsd.org 2012/02/29 11:21:26 |
| [ssh-keygen.c] |
| allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ |
| - guenther@cvs.openbsd.org 2012/03/15 03:10:27 |
| [session.c] |
| root should always be excluded from the test for /etc/nologin instead |
| of having it always enforced even when marked as ignorenologin. This |
| regressed when the logic was incompletely flipped around in rev 1.251 |
| ok halex@ millert@ |
| - djm@cvs.openbsd.org 2012/03/28 07:23:22 |
| [PROTOCOL.certkeys] |
| explain certificate extensions/crit split rationale. Mention requirement |
| that each appear at most once per cert. |
| - dtucker@cvs.openbsd.org 2012/03/29 23:54:36 |
| [channels.c channels.h servconf.c] |
| Add PermitOpen none option based on patch from Loganaden Velvindron |
| (bz #1949). ok djm@ |
| - djm@cvs.openbsd.org 2012/04/11 13:16:19 |
| [channels.c channels.h clientloop.c serverloop.c] |
| don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a |
| while; ok deraadt@ markus@ |
| - djm@cvs.openbsd.org 2012/04/11 13:17:54 |
| [auth.c] |
| Support "none" as an argument for AuthorizedPrincipalsFile to indicate |
| no file should be read. |
| - djm@cvs.openbsd.org 2012/04/11 13:26:40 |
| [sshd.c] |
| don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a |
| while; ok deraadt@ markus@ |
| - djm@cvs.openbsd.org 2012/04/11 13:34:17 |
| [ssh-keyscan.1 ssh-keyscan.c] |
| now that sshd defaults to offering ECDSA keys, ssh-keyscan should also |
| look for them by default; bz#1971 |
| - djm@cvs.openbsd.org 2012/04/12 02:42:32 |
| [servconf.c servconf.h sshd.c sshd_config sshd_config.5] |
| VersionAddendum option to allow server operators to append some arbitrary |
| text to the SSH-... banner; ok deraadt@ "don't care" markus@ |
| - djm@cvs.openbsd.org 2012/04/12 02:43:55 |
| [sshd_config sshd_config.5] |
| mention AuthorizedPrincipalsFile=none default |
| - djm@cvs.openbsd.org 2012/04/20 03:24:23 |
| [sftp.c] |
| setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...) |
| - jmc@cvs.openbsd.org 2012/04/20 16:26:22 |
| [ssh.1] |
| use "brackets" instead of "braces", for consistency; |
| |
| 20120420 |
| - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| [contrib/suse/openssh.spec] Update for release 6.0 |
| - (djm) [README] Update URL to release notes. |
| - (djm) Release openssh-6.0 |