From nobody Fri Aug 19 14:39:49 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M8PY163YWz4ZHHy; Fri, 19 Aug 2022 14:39:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M8PY15Ysqz4Fx1; Fri, 19 Aug 2022 14:39:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660919989; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xlooUOGLC/9ki8cftUctS/yERikAvanFIyauZWrguf0=; b=K8orI9t21kG2vMzTbRwEJwF0zJh3VTFs9ViMJmBZNy0sdjJah5dqiuqvZaYaewgyYSg1zh KGXWzR4xDBAtC57HPzBHt4gZG5VL8MAzMYXAfJNJp5z/sGOinnnX1Yrlwaj1ZHDeFV561g tNVNGl0FbrxBJC6q23pKvmHYSGVt5RFnKmh+YCErexjq3ax6dywR7EpsvmR7gX2bbRlxSM dPniVBHb4OifI//tWYRZXKWx1b7IN2MfKzqNNV6sQZ3TjI36Pbip5VlVJu+PM9vwaOsVH9 aHc/UC1IeDZonhhDSm2+lI3oUSE1OhP22iojeTXfGvT9H34kYjFwDBmFOlaAMg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4M8PY14MYbzwcd; Fri, 19 Aug 2022 14:39:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 27JEdnI8007052; Fri, 19 Aug 2022 14:39:49 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 27JEdnBD007051; Fri, 19 Aug 2022 14:39:49 GMT (envelope-from git) Date: Fri, 19 Aug 2022 14:39:49 GMT Message-Id: <202208191439.27JEdnBD007051@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: bffe60ead024 - main - ssh: retire client VersionAddendum List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: bffe60ead024a1fdf4312eaec5892435a7f6b4c5 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660919989; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xlooUOGLC/9ki8cftUctS/yERikAvanFIyauZWrguf0=; b=jOziA7gcQ0cCr+GYSbtGHGTBIFLgs8NteCJCPuepDo6WTmN5u3uWtkVrAksAtRDJrKADGH IlOBomF3SzaE1cKNvXr04FVTvUPQwo9eVd2LCUMaNacRVGG4u5a047P8wrDOq028T02st/ DBZjTva6I1ZKLMYOd3d4O5knBllo8kGms/Vkfbk6Se6I7wW5QikX0ttUwVevb8sIfhquoN bVZw1lrYuh/MQKNkrXwbS7q+c9s1Xcf5kJg3Ro4nW1qBKWPdUWHtChSfUPs6SqWrVADwg8 bb+t2vM4zc+F0soR4d7k7nOAZ6VmXISkhzxohMH1/dZO6EZCk04fq850xbT9KQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660919989; a=rsa-sha256; cv=none; b=gUYqPwelMDeZ9bnpERhZzyy2/yvtF+Qw5h9QaIOjkHFOM6ukkDkEz8UqpN4X0nG+SIKS8I YzXHO7BLvRcEl1L1TS9/RxSVFCQDxMNiMAZUmQSGDepK3r+3upeV7stUoAEatTQmbbPZlT HMkYVBeRrTnm6aRFUQMDxUHYNv2PS/7IXr5DaXYDLl8ao+RoAddgfzhah2da/sWt/xCZfw LYiiPBL5fZynnBptoJrlivMAwilR0VUsFY9TrDju5BSIWJHb+oLPbHEWO6oyDzci7DN67n EO9kZKZGyw+T0RC/gZWWeKDIwMpLNTma03HaEOjenpQVFXR04hCMqil2N4cN6A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=bffe60ead024a1fdf4312eaec5892435a7f6b4c5 commit bffe60ead024a1fdf4312eaec5892435a7f6b4c5 Author: Ed Maste AuthorDate: 2022-04-23 19:40:48 +0000 Commit: Ed Maste CommitDate: 2022-08-19 14:38:42 +0000 ssh: retire client VersionAddendum FreeBSD introduced VersionAddendum for the server as a local change in 2001 in commit 933ca70f8f88 and later extended it to the client in commit 9e2cbe04ff4f. In 2012 upstream added support for server VersionAddendum, in commit 23528816dc10. They do not support it for the client. The argument for supporting this in the client is not nearly as strong as for the server, so retire this option to reduce the scope of our local patch set. This also avoids some cases of conflicts in ssh_config during update, as a user's configuration would typically follow the commented-out default VersionAddendum value. Reviewed by: gordon, glebius Relnotes: yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D32930 --- crypto/openssh/readconf.c | 23 +---------------------- crypto/openssh/readconf.h | 2 -- crypto/openssh/ssh.1 | 1 - crypto/openssh/ssh.c | 11 ++--------- crypto/openssh/ssh_config | 1 - crypto/openssh/ssh_config.5 | 10 +--------- crypto/openssh/sshconnect.c | 3 +-- 7 files changed, 5 insertions(+), 46 deletions(-) diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index 0a59470a74ae..a5317990de1b 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -67,7 +67,6 @@ #include "uidswap.h" #include "myproposal.h" #include "digest.h" -#include "version.h" /* Format of the configuration file: @@ -142,7 +141,6 @@ static int process_config_line_depth(Options *options, struct passwd *pw, typedef enum { oBadOption, - oVersionAddendum, oHost, oMatch, oInclude, oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout, oGatewayPorts, oExitOnForwardFailure, @@ -329,7 +327,7 @@ static struct { { "tcprcvbuf", oDeprecated }, { "noneenabled", oUnsupported }, { "noneswitch", oUnsupported }, - { "versionaddendum", oVersionAddendum }, + { "versionaddendum", oDeprecated }, { NULL, oBadOption } }; @@ -1983,22 +1981,6 @@ parse_pubkey_algos: intptr = &options->fork_after_authentication; goto parse_flag; - case oVersionAddendum: - if (str == NULL) - fatal("%.200s line %d: Missing argument.", filename, - linenum); - len = strspn(str, WHITESPACE); - if (*activep && options->version_addendum == NULL) { - if (strcasecmp(str + len, "none") == 0) - options->version_addendum = xstrdup(""); - else if (strchr(str + len, '\r') != NULL) - fatal("%.200s line %d: Invalid argument", - filename, linenum); - else - options->version_addendum = xstrdup(str + len); - } - return 0; - case oIgnoreUnknown: charptr = &options->ignored_unknown; goto parse_string; @@ -2353,7 +2335,6 @@ void initialize_options(Options * options) { memset(options, 'X', sizeof(*options)); - options->version_addendum = NULL; options->forward_agent = -1; options->forward_agent_sock_path = NULL; options->forward_x11 = -1; @@ -2731,8 +2712,6 @@ fill_default_options(Options * options) /* options->hostname will be set in the main program if appropriate */ /* options->host_key_alias should not be set by default */ /* options->preferred_authentications will be set in ssh */ - if (options->version_addendum == NULL) - options->version_addendum = xstrdup(SSH_VERSION_FREEBSD); /* success */ ret = 0; diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index 31f4acb47084..ded13c943d3f 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -169,8 +169,6 @@ typedef struct { char *hostbased_accepted_algos; char *pubkey_accepted_algos; - char *version_addendum; /* Appended to SSH banner */ - char *jump_user; char *jump_host; int jump_port; diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index be43e87134b2..4a4f1683a82a 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -584,7 +584,6 @@ For full details of the options listed below, and their possible values, see .It User .It UserKnownHostsFile .It VerifyHostKeyDNS -.It VersionAddendum .It VisualHostKey .It XAuthLocation .El diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index 860ad31954a0..359127df04b6 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -872,14 +872,8 @@ main(int ac, char **av) } break; case 'V': - if (options.version_addendum != NULL && - *options.version_addendum != '\0') - fprintf(stderr, "%s %s, %s\n", SSH_RELEASE, - options.version_addendum, - SSH_OPENSSL_VERSION); - else - fprintf(stderr, "%s, %s\n", SSH_RELEASE, - SSH_OPENSSL_VERSION); + fprintf(stderr, "%s, %s\n", + SSH_RELEASE, SSH_OPENSSL_VERSION); if (opt == 'V') exit(0); break; @@ -1146,7 +1140,6 @@ main(int ac, char **av) !use_syslog); if (debug_flag) - /* version_addendum is always NULL at this point */ logit("%s, %s", SSH_RELEASE, SSH_OPENSSL_VERSION); /* Parse the configuration files */ diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index 7c7ad542e4ef..306e8f950efd 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -45,4 +45,3 @@ # RekeyLimit 1G 1h # UserKnownHostsFile ~/.ssh/known_hosts.d/%k # VerifyHostKeyDNS yes -# VersionAddendum FreeBSD-20220415 diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 04d66e24d743..f87bdd015311 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -34,7 +34,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" $OpenBSD: ssh_config.5,v 1.371 2022/03/31 17:58:44 naddy Exp $ -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: August 19 2022 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1974,14 +1974,6 @@ See also .Sx VERIFYING HOST KEYS in .Xr ssh 1 . -.It Cm VersionAddendum -Specifies a string to append to the regular version string to identify -OS- or site-specific modifications. -The default is -.Dq FreeBSD-20220415 . -The value -.Cm none -may be used to disable this. .It Cm VisualHostKey If this flag is set to .Cm yes , diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index 8030583c50aa..ebecc83747bb 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -1553,8 +1553,7 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, lowercase(host); /* Exchange protocol version identification strings with the server. */ - if ((r = kex_exchange_identification(ssh, timeout_ms, - options.version_addendum)) != 0) + if ((r = kex_exchange_identification(ssh, timeout_ms, NULL)) != 0) sshpkt_fatal(ssh, r, "banner exchange"); /* Put the connection into non-blocking mode. */