git: db903103f467 - vendor/openssh - Vendor import of OpenSSH 8.3p1
Ed Maste
emaste at FreeBSD.org
Sun Feb 14 21:08:27 UTC 2021
The branch vendor/openssh has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=db903103f46785ea0bba0f228691e1f8fb3a643d
commit db903103f46785ea0bba0f228691e1f8fb3a643d
Author: Ed Maste <emaste at FreeBSD.org>
AuthorDate: 2021-02-14 21:07:21 +0000
Commit: Ed Maste <emaste at FreeBSD.org>
CommitDate: 2021-02-14 21:07:21 +0000
Vendor import of OpenSSH 8.3p1
---
.depend | 11 +-
.skipped-commit-ids | 3 +
ChangeLog | 16806 +++++++++++----------
INSTALL | 8 +-
Makefile.in | 73 +-
PROTOCOL | 6 +-
PROTOCOL.chacha20poly1305 | 4 +-
PROTOCOL.mux | 4 +-
PROTOCOL.u2f | 6 +-
README | 10 +-
auth-options.c | 13 +-
auth-rhosts.c | 6 +-
auth2-chall.c | 5 +-
auth2-passwd.c | 5 +-
auth2.c | 4 +-
authfd.c | 10 +-
authfile.c | 101 +-
channels.c | 17 +-
cipher-chachapoly-libcrypto.c | 166 +
cipher-chachapoly.c | 32 +-
cipher-chachapoly.h | 13 +-
cipher.c | 26 +-
clientloop.c | 28 +-
clientloop.h | 5 +-
config.guess | 882 +-
config.h.in | 13 +
config.sub | 2528 ++--
configure | 137 +-
configure.ac | 72 +-
contrib/cygwin/README | 2 +-
contrib/redhat/openssh.spec | 50 +-
contrib/suse/openssh.spec | 2 +-
defines.h | 7 +
digest-libc.c | 5 +-
gss-serv.c | 4 +-
hmac.c | 5 +-
hostfile.c | 7 +-
kex.c | 17 +-
krl.c | 97 +-
krl.h | 3 +-
misc.c | 6 +-
moduli | 819 +-
moduli.0 | 2 +-
monitor.c | 7 +-
mux.c | 3 +-
openbsd-compat/bsd-misc.c | 2 +
openbsd-compat/bsd-snprintf.c | 2 +-
openbsd-compat/fnmatch.c | 4 +-
openbsd-compat/glob.c | 10 +-
openbsd-compat/openbsd-compat.h | 2 +-
openbsd-compat/openssl-compat.h | 6 +
openbsd-compat/port-aix.c | 10 +-
openbsd-compat/port-aix.h | 2 +-
openbsd-compat/port-linux.c | 2 +-
packet.c | 10 +-
packet.h | 5 +-
readconf.c | 28 +-
readconf.h | 4 +-
regress/Makefile | 7 +-
regress/addrmatch.sh | 4 +-
regress/key-options.sh | 10 +-
regress/keygen-comment.sh | 52 +
regress/misc/kexfuzz/Makefile | 4 +-
regress/misc/sk-dummy/sk-dummy.c | 14 +-
regress/netcat.c | 3 +
regress/percent.sh | 88 +
regress/reexec.sh | 5 +-
regress/sftp-badcmds.sh | 4 +-
regress/sshsig.sh | 4 +-
regress/test-exec.sh | 22 +-
regress/unittests/hostkeys/Makefile | 3 +-
regress/unittests/kex/Makefile | 3 +-
regress/unittests/sshkey/Makefile | 3 +-
regress/unittests/sshkey/mktestdata.sh | 34 +-
regress/unittests/sshkey/testdata/dsa_n | 33 +-
regress/unittests/sshkey/testdata/ecdsa_n | 13 +-
regress/unittests/sshkey/testdata/rsa1_1 | Bin 533 -> 0 bytes
regress/unittests/sshkey/testdata/rsa1_1.fp | 1 -
regress/unittests/sshkey/testdata/rsa1_1.fp.bb | 1 -
regress/unittests/sshkey/testdata/rsa1_1.param.n | 1 -
regress/unittests/sshkey/testdata/rsa1_1.pub | 1 -
regress/unittests/sshkey/testdata/rsa1_1_pw | Bin 533 -> 0 bytes
regress/unittests/sshkey/testdata/rsa1_2 | Bin 981 -> 0 bytes
regress/unittests/sshkey/testdata/rsa1_2.fp | 1 -
regress/unittests/sshkey/testdata/rsa1_2.fp.bb | 1 -
regress/unittests/sshkey/testdata/rsa1_2.param.n | 1 -
regress/unittests/sshkey/testdata/rsa1_2.pub | 1 -
regress/unittests/sshkey/testdata/rsa_n | 31 +-
sandbox-seccomp-filter.c | 1 +
scp.0 | 5 +-
scp.1 | 9 +-
scp.c | 101 +-
servconf.c | 30 +-
servconf.h | 7 +-
session.c | 6 +-
sftp-server.0 | 2 +-
sftp.0 | 7 +-
sftp.1 | 14 +-
sftp.c | 23 +-
sk-api.h | 4 +-
sk-usbhid.c | 37 +-
ssh-add.0 | 2 +-
ssh-add.c | 22 +-
ssh-agent.0 | 2 +-
ssh-agent.c | 7 +-
ssh-dss.c | 8 +-
ssh-ed25519-sk.c | 8 +-
ssh-ed25519.c | 20 +-
ssh-keygen.0 | 9 +-
ssh-keygen.1 | 10 +-
ssh-keygen.c | 157 +-
ssh-keyscan.0 | 2 +-
ssh-keysign.0 | 2 +-
ssh-pkcs11-helper.0 | 2 +-
ssh-pkcs11-helper.c | 10 +-
ssh-pkcs11.c | 25 +-
ssh-sk.c | 20 +-
ssh-xmss.c | 20 +-
ssh.0 | 27 +-
ssh.1 | 9 +-
ssh.c | 274 +-
ssh_config.0 | 59 +-
ssh_config.5 | 53 +-
sshbuf-misc.c | 11 +-
sshbuf.c | 5 +-
sshbuf.h | 6 +-
sshconnect.c | 7 +-
sshconnect2.c | 4 +-
sshd.0 | 2 +-
sshd.c | 17 +-
sshd_config.0 | 23 +-
sshd_config.5 | 36 +-
sshkey.c | 487 +-
sshkey.h | 4 +-
sshlogin.c | 5 +-
sshsig.c | 26 +-
umac.c | 7 +-
utf8.c | 27 +-
utf8.h | 5 +-
version.h | 4 +-
140 files changed, 12610 insertions(+), 11522 deletions(-)
diff --git a/.depend b/.depend
index 707890f63906..1ccc1dcc75c2 100644
--- a/.depend
+++ b/.depend
@@ -1,5 +1,7 @@
-# DO NOT DELETE
+# Automatically generated by makedepend.
+# Run "make depend" to rebuild.
+# DO NOT DELETE
addrmatch.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h match.h log.h
atomicio.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h
audit-bsm.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
@@ -34,6 +36,7 @@ chacha.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat
channels.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h ssherr.h sshbuf.h packet.h dispatch.h log.h misc.h channels.h compat.h canohost.h sshkey.h authfd.h pathnames.h match.h
cipher-aes.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h
cipher-aesctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher-aesctr.h rijndael.h
+cipher-chachapoly-libcrypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
cipher-chachapoly.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h sshbuf.h ssherr.h cipher-chachapoly.h chacha.h poly1305.h
cipher-ctr.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
cipher.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h misc.h sshbuf.h ssherr.h digest.h openbsd-compat/openssl-compat.h
@@ -68,7 +71,7 @@ kexgex.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat
kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
kexsntrup4591761x25519.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sshkey.h kex.h mac.h crypto_api.h sshbuf.h digest.h ssherr.h
-krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h krl.h
+krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h utf8.h krl.h
log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h
loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h canohost.h auth.h auth-pam.h audit.h sshbuf.h ssherr.h
logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h
@@ -141,8 +144,8 @@ ssh-sk-client.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd
ssh-sk-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h sshkey.h authfd.h misc.h sshbuf.h msg.h uidswap.h ssherr.h ssh-sk.h
ssh-sk.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h
-ssh.o: channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h sshpty.h match.h msg.h version.h ssherr.h myproposal.h utf8.h
-ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h dispatch.h sshbuf.h
+ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h packet.h dispatch.h sshbuf.h channels
.h
+ssh.o: sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h crypto_api.h sshpty.h match.h msg.h version.h ssherr.h myproposal.h utf8.h
ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h crypto_api.h ssh.h ssh2.h packet.h dispatch.h compat.h log.h authfile.h misc.
h
ssh_api.o: version.h myproposal.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h
sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h
diff --git a/.skipped-commit-ids b/.skipped-commit-ids
index ac469cfe35b6..611d1093d1b8 100644
--- a/.skipped-commit-ids
+++ b/.skipped-commit-ids
@@ -16,6 +16,9 @@ db6375fc302e3bdf07d96430c63c991b2c2bd3ff moduli update
14806a59353152f843eb349e618abbf6f4dd3ada Makefile.inc
8ea4455a2d9364a0a04f9e4a2cbfa4c9fcefe77e Makefile.inc
d9b910e412d139141b072a905e66714870c38ac0 Makefile.inc
+7b7b619c1452a459310b0cf4391c5757c6bdbc0f moduli update
+5010ff08f7ad92082e87dde098b20f5c24921a8f moduli regen script update
+3bcae7a754db3fc5ad3cab63dd46774edb35b8ae moduli regen script update
Old upstream tree:
diff --git a/ChangeLog b/ChangeLog
index fbbbca0edec5..f283a8b3f455 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,12663 +1,12677 @@
-commit 8aa3455b16fddea4c0144a7c4a1edb10ec67dcc8
+commit 9ca7e9c861775dd6c6312bc8aaab687403d24676
+Author: Damien Miller <djm at mindrot.org>
+Date: Wed May 27 10:38:00 2020 +1000
+
+ depend
+
+commit b6d251ed9af90e16c08a72c4aac2cb8ace8f94b1
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Fri Feb 14 00:39:20 2020 +0000
+Date: Mon May 18 04:29:35 2020 +0000
- upstream: openssh-8.2
+ upstream: avoid possible NULL deref; from Pedro Martelletto
- OpenBSD-Commit-ID: 0a1340ff65fad0d84b997ac58dd1b393dec7c19b
+ OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
-commit 72f0ce33f0d5a37f31bad5800d1eb2fbdb732de6
+commit 3ab6fccc3935e9b778ff52f9c8d40f215d58e01d
Author: Damien Miller <djm at mindrot.org>
-Date: Wed Feb 12 09:28:35 2020 +1100
+Date: Thu May 14 12:22:09 2020 +1000
- crank version numbers
+ prefer ln to cp for temporary copy of sshd
+
+ I saw failures on the reexec fallback test on Darwin 19.4 where
+ fork()ed children of a process that had it's executable removed
+ would instantly fail. Using ln to preserve the inode avoids this.
-commit b763ed05bd1f1f15ae1727c86a4498546bc36ca8
+commit f700d316c6b15a9cfbe87230d2dca81a5d916279
Author: Darren Tucker <dtucker at dtucker.net>
-Date: Tue Feb 11 12:51:24 2020 +1100
+Date: Wed May 13 15:24:51 2020 +1000
- Minor documentation update:
-
- - remove duplication of dependency information (it's all in INSTALL).
- - SSHFP is now an RFC.
+ Actually skip pty tests when needed.
-commit 14ccfdb7248e33b1dc8bbac1425ace4598e094cb
+commit 08ce6b2210f46f795e7db747809f8e587429dfd2
Author: Darren Tucker <dtucker at dtucker.net>
-Date: Sun Feb 9 11:23:35 2020 +1100
+Date: Wed May 13 13:56:45 2020 +1000
- Check if UINT32_MAX is defined before redefining.
+ Skip building sk-dummy library if no SK support.
-commit be075110c735a451fd9d79a864e01e2e0d9f19d2
+commit 102d106bc2e50347d0e545fad6ff5ce408d67247
Author: Damien Miller <djm at mindrot.org>
-Date: Fri Feb 7 15:07:27 2020 +1100
+Date: Wed May 13 12:08:34 2020 +1000
- typo; reported by Phil Pennock
+ explicitly manage .depend and .depend.bak
+
+ Bring back removal of .depend to give the file a known state before
+ running makedepend, but manually move aside the current .depend file
+ and restore it as .depend.bak afterwards so the stale .depend check
+ works as expected.
-commit 963d71851e727ffdd2a97fe0898fad61d4a70ba1
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Fri Feb 7 03:57:31 2020 +0000
+commit 83a6dc6ba1e03b3fa39d12a8522b8b0e68dd6390
+Author: Damien Miller <djm at mindrot.org>
+Date: Wed May 13 12:03:42 2020 +1000
- upstream: sync the description of the $SSH_SK_PROVIDER environment
+ make depend
+
+commit 7c0bbed967abed6301a63e0267cc64144357a99a
+Author: Damien Miller <djm at mindrot.org>
+Date: Wed May 13 12:01:10 2020 +1000
+
+ revert removal of .depend before makedepend
- variable with that of the SecurityKeyProvider ssh/sshd_config(5) directive,
- as the latter was more descriptive.
+ Commit 83657eac4 started removing .depend before running makedepend
+ to reset the contents of .depend to a known state. Unfortunately
+ this broke the depend-check step as now .depend.bak would only ever
+ be created as an empty file.
- OpenBSD-Commit-ID: 0488f09530524a7e53afca6b6e1780598022552f
+ ok dtucker
-commit d4d9e1d40514e2746f9e05335d646512ea1020c6
-Author: dtucker at openbsd.org <dtucker at openbsd.org>
-Date: Fri Feb 7 03:54:44 2020 +0000
+commit 58ad004acdcabf3b9f40bc3aaa206b25d998db8c
+Author: Damien Miller <djm at mindrot.org>
+Date: Tue May 12 12:58:46 2020 +1000
- upstream: Add ssh -Q key-sig for all key and signature types.
+ prepare for 8.3 release
+
+commit 4fa9e048c2af26beb7dc2ee9479ff3323e92a7b5
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Fri May 8 21:50:43 2020 +1000
+
+ Ensure SA_SIGNAL test only signals itself.
- Teach ssh -Q to accept ssh_config(5) and sshd_config(5) algorithm keywords as
- an alias for the corresponding query. Man page help jmc@, ok djm at .
+ When the test's child signals its parent and it exits the result of
+ getppid changes. On Ubuntu 20.04 this results in the ppid being that
+ of the GDM session, causing it to exit. Analysis and testing from pedro
+ at ambientworks.net
+
+commit dc2da29aae76e170d22f38bb36f1f5d1edd5ec2b
+Author: Damien Miller <djm at mindrot.org>
+Date: Fri May 8 13:31:53 2020 +1000
+
+ sync config.guess/config.sub with latest versions
- OpenBSD-Commit-ID: 1e110aee3db2fc4bc5bee2d893b7128fd622e0f8
+ ok dtucker@
-commit fd68dc27864b099b552a6d9d507ca4b83afd6a76
+commit a8265bd64c14881fc7f4fa592f46dfc66b911f17
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Fri Feb 7 03:27:54 2020 +0000
+Date: Wed May 6 20:58:01 2020 +0000
- upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow more
-
- than the intended number of prompts (3) and 2) it would SEGV too many
- incorrect PINs were entered; based on patch by Gabriel Kihlman
+ upstream: openssh-8.3; ok deraadt@
- OpenBSD-Commit-ID: 9c0011f28ba8bd8adf2014424b64960333da1718
+ OpenBSD-Commit-ID: c8831ec88b9c750f5816aed9051031fb535d22c1
-commit 96bd895a0a0b3a36f81c14db8c91513578fc5563
+commit 955854cafca88e0cdcd3d09ca1ad4ada465364a1
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Thu Feb 6 22:48:23 2020 +0000
+Date: Wed May 6 20:57:38 2020 +0000
- upstream: When using HostkeyAlgorithms to merely append or remove
+ upstream: another case where a utimes() failure could make scp send
- algorithms from the default set (i.e. HostkeyAlgorithms=+/-...), retain the
- default behaviour of preferring those algorithms that have existing keys in
- known_hosts; ok markus
+ a desynchronising error; reminded by Aymeric Vincent ok deraadt markus
- OpenBSD-Commit-ID: 040e7fcc38ea00146b5d224ce31ce7a1795ee6ed
+ OpenBSD-Commit-ID: 2ea611d34d8ff6d703a7a8bf858aa5dbfbfa7381
-commit c7288486731734a864b58d024b1395029b55bbc5
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Thu Feb 6 22:46:31 2020 +0000
+commit 59d531553fd90196946743da391f3a27cf472f4e
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Thu May 7 15:34:12 2020 +1000
- upstream: expand HostkeyAlgorithms prior to config dump, matching
-
- other algorithm lists; ok markus@
+ Check if -D_REENTRANT is needed for localtime_r.
- OpenBSD-Commit-ID: a66f0fca8cc5ce30405a2867bc115fff600671d0
+ On at least HP-UX 11.11, the localtime_r declararation is behind
+ ifdef _REENTRANT. Check for and add if needed.
-commit a6ac5d36efc072b15690c65039754f8e44247bdf
-Author: naddy at openbsd.org <naddy at openbsd.org>
-Date: Thu Feb 6 22:34:58 2020 +0000
+commit c13403e55de8cdbb9da628ed95017b1d4c0f205f
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Tue May 5 11:32:43 2020 +1000
- upstream: Add Include to the list of permitted keywords after a
+ Skip security key tests if ENABLE_SK not set.
+
+commit 4da393f87cd52d788c84112ee3f2191c9bcaaf30
+Author: djm at openbsd.org <djm at openbsd.org>
+Date: Fri May 1 04:03:14 2020 +0000
+
+ upstream: sure enough, some of the test data that we though were in
- Match keyword. ok markus@
+ new format were actually in the old format; fix from Michael Forney
- OpenBSD-Commit-ID: 342e940538b13dd41e0fa167dc9ab192b9f6e2eb
+ OpenBSD-Regress-ID: a41a5c43a61b0f0b1691994dbf16dfb88e8af933
-commit a47f6a6c0e06628eed0c2a08dc31a8923bcc37ba
-Author: naddy at openbsd.org <naddy at openbsd.org>
-Date: Thu Feb 6 22:30:54 2020 +0000
+commit 15bfafc1db4c8792265ada9623a96f387990f732
+Author: djm at openbsd.org <djm at openbsd.org>
+Date: Fri May 1 04:00:29 2020 +0000
- upstream: Replace "security key" with "authenticator" in program
+ upstream: make mktestdata.sh generate old/new format keys that we
- messages.
+ expect. This script was written before OpenSSH switched to new-format private
+ keys by default and was never updated to the change (until now) From Michael
+ Forney
- This replaces "security key" in error/usage/verbose messages and
- distinguishes between "authenticator" and "authenticator-hosted key".
+ OpenBSD-Regress-ID: 38cf354715c96852e5b71c2393fb6e7ad28b7ca7
+
+commit 7882d2eda6ad3eb82220a85294de545d20ef82db
+Author: djm at openbsd.org <djm at openbsd.org>
+Date: Fri May 1 03:58:02 2020 +0000
+
+ upstream: portability fix for sed that always emil a newline even
- ok djm@
+ if the input does not contain one; from Michael Forney
- OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
+ OpenBSD-Regress-ID: 9190c3ddf0d2562ccc02c4a95fce0e392196bfc7
-commit 849a9b87144f8a5b1771de6c85e44bfeb86be9a9
-Author: Darren Tucker <dtucker at dtucker.net>
-Date: Thu Feb 6 11:28:14 2020 +1100
+commit 8074f9499e454df0acdacea33598858a1453a357
+Author: djm at openbsd.org <djm at openbsd.org>
+Date: Fri May 1 03:36:25 2020 +0000
- Don't look for UINT32_MAX in inttypes.h
+ upstream: remove obsolete RSA1 test keys; spotted by Michael Forney
- ... unless we are actually going to use it. Fixes build on HP-UX
- without the potential impact to other platforms of a header change
- shortly before release.
+ OpenBSD-Regress-ID: 6384ba889594e217d166908ed8253718ab0866da
-commit a2437f8ed0c3be54ddd21630a93c68ebd168286f
-Author: Damien Miller <djm at mindrot.org>
-Date: Thu Feb 6 12:02:22 2020 +1100
+commit c697e46c314aa94574af0d393d80f23e0ebc9748
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Sat May 2 18:34:47 2020 +1000
- depend
+ Update .depend.
-commit 9716e8c4956acdd7b223d1642bfa376e07e7503d
-Author: Michael Forney <mforney at mforney.org>
-Date: Wed Nov 27 19:17:26 2019 -0800
+commit 83657eac42941f270c4b02b2c46d9a21f616ef99
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Sat May 2 18:29:40 2020 +1000
- Fix sha2 MAKE_CLONE no-op definition
+ Remove use of tail for 'make depend'.
- The point of the dummy declaration is so that MAKE_CLONE(...) can have
- a trailing semicolon without introducing an empty declaration. So,
- the macro replacement text should *not* have a trailing semicolon,
- just like DEF_WEAK.
+ Not every tail supports +N and we can do with out it so just remove it.
+ Prompted by mforney at mforney.org.
-commit d596b1d30dc158915a3979fa409d21ff2465b6ee
+commit d25d630d24c5a1c64d4e646510e79dc22d6d7b88
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Tue Feb 4 09:58:04 2020 +0000
+Date: Sat May 2 07:19:43 2020 +0000
- upstream: require FIDO application strings to start with "ssh:"; ok
+ upstream: we have a sshkey_save_public() function to save public keys;
- markus@
+ use it and save a bunch of redundant code.
- OpenBSD-Commit-ID: 94e9c1c066d42b76f035a3d58250a32b14000afb
+ Patch from loic AT venez.fr; ok markus@ djm@
+
+ OpenBSD-Commit-ID: f93e030a0ebcd0fd9054ab30db501ec63454ea5f
-commit 501f3582438cb2cb1cb92be0f17be490ae96fb23
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Mon Feb 3 23:47:57 2020 +0000
+commit e9dc9863723e111ae05e353d69df857f0169544a
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Fri May 1 18:32:25 2020 +1000
- upstream: revert enabling UpdateHostKeys by default - there are still
+ Use LONG_LONG_MAX and friends if available.
- corner cases we need to address; ok markus
+ If we don't have LLONG_{MIN,MAX} but do have LONG_LONG_{MIN,MAX}
+ then use those instead. We do calculate these values in configure,
+ but it turns out that at least one compiler (old HP ANSI C) can't
+ parse "-9223372036854775808LL" without mangling it. (It can parse
+ "-9223372036854775807LL" which is presumably why its limits.h defines
+ LONG_LONG_MIN as the latter minus 1.)
- OpenBSD-Commit-ID: ff7ad941bfdc49fb1d8baa95fd0717a61adcad57
+ Fixes rekey test when compiled with the aforementioned compiler.
-commit 072f3b832d2a4db8d9880effcb6c4d0dad676504
-Author: jmc at openbsd.org <jmc at openbsd.org>
-Date: Mon Feb 3 08:15:37 2020 +0000
+commit aad87b88fc2536b1ea023213729aaf4eaabe1894
+Author: djm at openbsd.org <djm at openbsd.org>
+Date: Fri May 1 06:31:42 2020 +0000
- upstream: use better markup for challenge and write-attestation, and
+ upstream: when receving a file in sink(), be careful to send at
- rejig the challenge text a little;
+ most a single error response after the file has been opened. Otherwise the
+ source() and sink() can become desyncronised. Reported by Daniel Goujot,
+ Georges-Axel Jaloyan, Ryan Lahfa, and David Naccache.
- ok djm
+ ok deraadt@ markus@
- OpenBSD-Commit-ID: 9f351e6da9edfdc907d5c3fdaf2e9ff3ab0a7a6f
+ OpenBSD-Commit-ID: 6c14d233c97349cb811a8f7921ded3ae7d9e0035
-commit 262eb05a22cb1fabc3bc1746c220566490b80229
-Author: Damien Miller <djm at mindrot.org>
-Date: Mon Feb 3 21:22:15 2020 +1100
+commit 31909696c4620c431dd55f6cd15db65c4e9b98da
+Author: djm at openbsd.org <djm at openbsd.org>
+Date: Fri May 1 06:28:52 2020 +0000
- mention libfido2 in dependencies section
+ upstream: expose vasnmprintf(); ok (as part of other commit) markus
+
+ deraadt
+
+ OpenBSD-Commit-ID: 2e80cea441c599631a870fd40307d2ade5a7f9b5
-commit ccd3b247d59d3bde16c3bef0ea888213fbd6da86
-Author: Damien Miller <djm at mindrot.org>
-Date: Mon Feb 3 19:40:12 2020 +1100
+commit 99ce9cefbe532ae979744c6d956b49f4b02aff82
+Author: djm at openbsd.org <djm at openbsd.org>
+Date: Fri May 1 04:23:11 2020 +0000
- add clock_gettime64(2) to sandbox allowed syscalls
+ upstream: avoid NULL dereference when attempting to convert invalid
- bz3093
+ ssh.com private keys using "ssh-keygen -i"; spotted by Michael Forney
+
+ OpenBSD-Commit-ID: 2e56e6d26973967d11d13f56ea67145f435bf298
-commit adffbe1c645ad2887ba0b6d24c194aa7a40c5735
-Author: dtucker at openbsd.org <dtucker at openbsd.org>
-Date: Sun Feb 2 09:45:34 2020 +0000
+commit 6c6072ba8b079e6f5caa38b011a6f4570c14ed38
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Fri May 1 15:09:26 2020 +1000
- upstream: Output (none) in debug in the case in the CheckHostIP=no case
+ See if SA_RESTART signals will interrupt select().
- as suggested by markus@
+ On some platforms (at least older HP-UXes such as 11.11, possibly others)
+ setting SA_RESTART on signal handers will cause it to not interrupt
+ select(), at least for calls that do not specify a timeout. Try to
+ detect this and if found, don't use SA_RESTART.
- OpenBSD-Commit-ID: 4ab9117ee5261cbbd1868717fcc3142eea6385cf
+ POSIX says "If SA_RESTART has been set for the interrupting signal, it
+ is implementation-dependent whether select() restarts or returns with
+ [EINTR]" so this behaviour is within spec.
-commit 58c819096a2167983e55ae686486ce317b69b2d1
-Author: dtucker at openbsd.org <dtucker at openbsd.org>
-Date: Sun Feb 2 09:22:22 2020 +0000
+commit 90a0b434ed41f9c505662dba8782591818599cb3
+Author: Damien Miller <djm at mindrot.org>
+Date: Fri May 1 13:55:03 2020 +1000
- upstream: Prevent possible null pointer deref of ip_str in debug.
+ fix reversed test
+
+commit c0dfd18dd1c2107c73d18f70cd164f7ebd434b08
+Author: Damien Miller <djm at mindrot.org>
+Date: Fri May 1 13:29:16 2020 +1000
+
+ wrap sha2.h inclusion in #ifdef HAVE_SHA2_H
+
+commit a01817a9f63dbcbbc6293aacc4019993a4cdc7e3
+Author: djm at openbsd.org <djm at openbsd.org>
+Date: Tue Apr 28 04:59:29 2020 +0000
+
+ upstream: adapt dummy FIDO middleware to API change; ok markus@
- OpenBSD-Commit-ID: 37b252e2e6f690efed6682437ef75734dbc8addf
+ OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
-commit 0facae7bc8d3f8f9d02d0f6bed3d163ff7f39806
+commit 261571ddf02ea38fdb5e4a97c69ee53f847ca5b7
Author: jmc at openbsd.org <jmc at openbsd.org>
-Date: Sun Feb 2 07:36:50 2020 +0000
+Date: Thu Apr 30 18:28:37 2020 +0000
- upstream: shuffle the challenge keyword to keep the -O list sorted;
+ upstream: tweak previous; ok markus
- OpenBSD-Commit-ID: 08efad608b790949a9a048d65578fae9ed5845fe
+ OpenBSD-Commit-ID: 41895450ce2294ec44a5713134491cc31f0c09fd
-commit 6fb3dd0ccda1c26b06223b87bcd1cab9ec8ec3cc
-Author: jmc at openbsd.org <jmc at openbsd.org>
-Date: Sat Feb 1 06:53:12 2020 +0000
+commit 5de21c82e1d806d3e401b5338371e354b2e0a66f
+Author: markus at openbsd.org <markus at openbsd.org>
+Date: Thu Apr 30 17:12:20 2020 +0000
- upstream: tweak previous;
+ upstream: bring back debug() removed in rev 1.74; noted by pradeep
- OpenBSD-Commit-ID: 0c42851cdc88583402b4ab2b110a6348563626d3
+ kumar
+
+ OpenBSD-Commit-ID: 8d134d22ab25979078a3b48d058557d49c402e65
-commit 92725d4d3fde675acc0ca040b48f3d0c7be73b7f
-Author: Darren Tucker <dtucker at dtucker.net>
-Date: Sat Feb 1 17:25:09 2020 +1100
+commit ea14103ce9a5e13492e805f7e9277516ff5a4273
+Author: markus at openbsd.org <markus at openbsd.org>
+Date: Thu Apr 30 17:07:10 2020 +0000
- Use sys-queue.h from compat library.
+ upstream: run the 2nd ssh with BatchMode for scp -3
- Fixes build on platforms that don't have sys/queue.h (eg MUSL).
+ OpenBSD-Commit-ID: 77994fc8c7ca02d88e6d0d06d0f0fe842a935748
-commit 677d0ece67634262b3b96c3cd6410b19f3a603b7
+commit 59d2de956ed29aa5565ed5e5947a7abdb27ac013
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Fri Jan 31 23:25:08 2020 +0000
+Date: Tue Apr 28 04:02:29 2020 +0000
- upstream: regress test for sshd_config Include directive; from Jakub
+ upstream: when signing a challenge using a FIDO toke, perform the
- Jelen
+ hashing in the middleware layer rather than in ssh code. This allows
+ middlewares that call APIs that perform the hashing implicitly (including
+ Microsoft's AFAIK). ok markus@
- OpenBSD-Regress-ID: 0d9224de3297c7a5f51ba68d6e3725a2a9345fa4
+ OpenBSD-Commit-ID: c9fc8630aba26c75d5016884932f08a5a237f37d
-commit d4f4cdd681ab6408a98419f398b75a55497ed324
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Fri Jan 31 23:13:04 2020 +0000
+commit c9d10dbc0ccfb1c7568bbb784f7aeb7a0b5ded12
+Author: dtucker at openbsd.org <dtucker at openbsd.org>
+Date: Sun Apr 26 09:38:14 2020 +0000
- upstream: whitespace
+ upstream: Fix comment typo. Patch from mforney at mforney.org.
- OpenBSD-Commit-ID: 564cf7a5407ecf5da2d94ec15474e07427986772
+ OpenBSD-Commit-ID: 3565f056003707a5e678e60e03f7a3efd0464a2b
-commit 245399dfb3ecebc6abfc2ef4ee2e650fa9f6942b
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Fri Jan 31 23:11:25 2020 +0000
+commit 4d2c87b4d1bde019cdd0f00552fcf97dd8b39940
+Author: dtucker at openbsd.org <dtucker at openbsd.org>
+Date: Sat Apr 25 06:59:36 2020 +0000
- upstream: force early logging to stderr if debug_flag (-d) is set;
+ upstream: We've standardized on memset over bzero, replace a couple
- avoids missing messages from re-exec config passing
+ that had slipped in. ok deraadt markus djm.
- OpenBSD-Commit-ID: 02484b8241c1f49010e7a543a7098e6910a8c9ff
+ OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6
-commit 7365f28a66d1c443723fbe6f4a2612ea6002901e
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Fri Jan 31 23:08:08 2020 +0000
+commit 7f23f42123d64272a7b00754afa6b0841d676691
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Fri May 1 12:21:58 2020 +1000
- upstream: mistake in previous: filling the incorrect buffer
+ Include sys/byteorder.h for htons and friends.
- OpenBSD-Commit-ID: 862ee84bd4b97b529f64aec5d800c3dcde952e3a
+ These are usually in netinet/in.h but on HP-UX they are not defined if
+ _XOPEN_SOURCE_EXTENDED is set. Only needed for netcat in the regression
+ tests.
-commit c2bd7f74b0e0f3a3ee9d19ac549e6ba89013abaf
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Fri Jan 31 22:42:45 2020 +0000
+commit d27cba58c972d101a5de976777e518f34ac779cb
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Fri May 1 09:21:52 2020 +1000
- upstream: Add a sshd_config "Include" directive to allow inclusion
+ Fix conditional for openssl-based chacha20.
- of files. This has sensible semantics wrt Match blocks and accepts glob(3)
- patterns to specify the included files. Based on patch by Jakub Jelen in
- bz2468; feedback and ok markus@
+ Fixes warnings or link errors when building against older OpenSSLs.
+ ok djm
+
+commit 20819b962dc1467cd6fad5486a7020c850efdbee
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Fri Apr 24 15:07:55 2020 +1000
+
+ Error out if given RDomain if unsupported.
- OpenBSD-Commit-ID: 36ed0e845b872e33f03355b936a4fff02d5794ff
+ If the config contained 'RDomain %D' on a platform that did not support
+ it, the error would not be detected until runtime resulting in a broken
+ sshd. Detect this earlier and error out if found. bz#3126, based on a
+ patch from jjelen at redhat.com, tweaks and ok djm@
-commit ba261a1dd33266168ead4f8f40446dcece4d1600
-Author: jmc at openbsd.org <jmc at openbsd.org>
-Date: Fri Jan 31 22:25:59 2020 +0000
+commit 2c1690115a585c624eed2435075a93a463a894e2
+Author: dtucker at openbsd.org <dtucker at openbsd.org>
+Date: Fri Apr 24 03:33:21 2020 +0000
- upstream: spelling fix;
+ upstream: Fix incorrect error message for "too many known hosts files."
- OpenBSD-Commit-ID: 3c079523c4b161725a4b15dd06348186da912402
+ bz#3149, patch from jjelen at redhat.com.
+
+ OpenBSD-Commit-ID: e0fcb07ed5cf7fd54ce340471a747c24454235e5
-commit 771891a044f763be0711493eca14b6b0082e030f
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Thu Jan 30 22:25:34 2020 +0000
+commit 3beb7276e7a8aedd3d4a49f9c03b97f643448c92
+Author: dtucker at openbsd.org <dtucker at openbsd.org>
+Date: Fri Apr 24 02:19:40 2020 +0000
- upstream: document changed default for UpdateHostKeys
+ upstream: Remove leave_non_blocking() which is now dead code
- OpenBSD-Commit-ID: 25c390b21d142f78ac0106241d13441c4265fd2c
+ because nothing sets in_non_blocking_mode any more. Patch from
+ michaael.meeks at collabora.com, ok djm@
+
+ OpenBSD-Commit-ID: c403cefe97a5a99eca816e19cc849cdf926bd09c
-commit d53a518536c552672c00e8892e2aea28f664148c
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Thu Jan 30 22:19:32 2020 +0000
+commit 8654e3561772f0656e7663a0bd6a1a8cb6d43300
+Author: jmc at openbsd.org <jmc at openbsd.org>
+Date: Thu Apr 23 21:28:09 2020 +0000
- upstream: enable UpdateKnownHosts=yes if the configuration
+ upstream: ce examples of "Ar arg Ar arg" with "Ar arg arg" and
- specifies only the default known_hosts files, otherwise select
- UpdateKnownHosts=ask; ok markus@
+ stop the spread;
- OpenBSD-Commit-ID: ab401a5ec4a33d2e1a9449eae6202e4b6d427df7
+ OpenBSD-Commit-ID: af0e952ea0f5e2019c2ce953ed1796eca47f0705
-commit bb63ff844e818d188da4fed3c016e0a4eecbbf25
+commit 67697e4a8246dd8423e44b8785f3ee31fee72d07
Author: Darren Tucker <dtucker at dtucker.net>
-Date: Thu Jan 30 18:54:42 2020 +1100
+Date: Fri Apr 24 11:10:18 2020 +1000
- Look in inttypes.h for UINT32_MAX.
+ Update .depend.
+
+commit d6cc76176216fe3fac16cd20d148d75cb9c50876
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Wed Apr 22 14:07:00 2020 +1000
+
+ Mailing list is now closed to non-subscribers.
- Should prevent warnings on at least some AIX versions.
+ While there, add a reference to the bugzilla. ok djm@
-commit afeb6a960da23f0a5cbc4b80cca107c7504e932a
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Thu Jan 30 07:21:38 2020 +0000
+commit cecde6a41689d0ae585ec903b190755613a6de79
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Wed Apr 22 12:09:40 2020 +1000
- upstream: use sshpkt_fatal() instead of plain fatal() for
+ Put the values from env vars back.
- ssh_packet_write_poll() failures here too as the former yields better error
- messages; ok dtucker@
+ This merges the values from the recently removed environment into make's
+ command line arguments since we actually need those.
+
+commit 300c4322b92e98d3346efa0aec1c094c94d0f964
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Wed Apr 22 11:33:15 2020 +1000
+
+ Pass configure's egrep through to test-exec.sh.
- OpenBSD-Commit-ID: 1f7a6ca95bc2b716c2e948fc1370753be772d8e3
+ Use it to create a wrapper function to call it from tests. Fixes the
+ keygen-comment test on platforms with impoverished default egrep (eg
+ Solaris).
-commit 65d6fd0a8a6f31c3ddf0c1192429a176575cf701
-Author: djm at openbsd.org <djm at openbsd.org>
-Date: Thu Jan 30 07:20:57 2020 +0000
+commit c8d9796cfe046f00eb8b2096d2b7028d6a523a84
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Wed Apr 22 10:56:44 2020 +1000
- upstream: check the return value of ssh_packet_write_poll() and
+ Remove unneeded env vars from t-exec invocation.
+
+commit 01d4cdcd4514e99a4b6eb9523cd832bbf008d1d7
+Author: dtucker at openbsd.org <dtucker at openbsd.org>
+Date: Tue Apr 21 23:14:58 2020 +0000
+
+ upstream: Backslash '$' at then end of string. Prevents warning on
- call sshpkt_fatal() if it fails; avoid potential busy-loop under some
- circumstances. Based on patch by Mike Frysinger; ok dtucker@
+ some shells.
- OpenBSD-Commit-ID: c79fe5cf4f0cd8074cb6db257c1394d5139408ec
+ OpenBSD-Regress-ID: 5dc27ab624c09d34078fd326b10e38c1ce9c741f
-commit dce74eab0c0f9010dc84c62500a17771d0131ff3
+commit 8854724ccefc1fa16f10b37eda2e759c98148caa
+Author: Darren Tucker <dtucker at dtucker.net>
+Date: Tue Apr 21 18:27:23 2020 +1000
+
+ Sync rev 1.49.
+
+ Prevent infinite for loop since i went from ssize_t to size_t. Patch from
+ eagleoflqj via OpenSSH github PR#178, ok djm@, feedback & ok millert@
+
+commit d00d07b6744d3b4bb7aca46c734ecd670148da23
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Thu Jan 30 07:20:05 2020 +0000
+Date: Mon Apr 20 04:44:47 2020 +0000
- upstream: have sshpkt_fatal() save/restore errno before we
+ upstream: regression test for printing of private key fingerprints and
- potentially call strerror() (via ssh_err()); ok dtucker
+ key comments, mostly by loic AT venez.fr (slightly tweaked for portability)
+ ok dtucker@
- OpenBSD-Commit-ID: 5590df31d21405498c848245b85c24acb84ad787
+ OpenBSD-Regress-ID: 8dc6c4feaf4fe58b6d634cd89afac9a13fd19004
-commit 14ef4efe2bf4180e085ea6738fdbebc199458b0c
+commit a98d5ba31e5e7e01317352f85fa63b846a960f8c
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Wed Jan 29 08:17:49 2020 +0000
+Date: Mon Apr 20 04:43:57 2020 +0000
- upstream: markus suggests a simplification to previous
+ upstream: fix a bug I introduced in r1.406: when printing private key
- OpenBSD-Commit-ID: 10bbfb6607ebbb9a018dcd163f0964941adf58de
+ fingerprint of old-format key, key comments were not being displayed. Spotted
+ by loic AT venez.fr, ok dtucker
+
+ OpenBSD-Commit-ID: 2d98e4f9eb168eea733d17e141e1ead9fe26e533
-commit 101ebc3a8cfa78d2e615afffbef9861bbbabf1ff
+commit 32f2d0aad42c15e19bd3b07496076ca891573a58
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Wed Jan 29 07:51:30 2020 +0000
+Date: Fri Apr 17 07:16:07 2020 +0000
- upstream: give more context to UpdateHostKeys messages, mentioning
+ upstream: repair private key fingerprint printing to also print
- that the changes are validated by the existing trusted host key. Prompted by
- espie@ feedback and ok markus@
+ comment after regression caused by my recent pubkey loading refactor.
+ Reported by loic AT venez.fr, ok dtucker@
- OpenBSD-Commit-ID: b3d95f4a45f2692f4143b9e77bb241184dbb8dc5
+ OpenBSD-Commit-ID: f8db49acbee6a6ccb2a4259135693b3cceedb89e
-commit 24c0f752adf9021277a7b0a84931bb5fe48ea379
+commit 094dd513f4b42e6a3cebefd18d1837eb709b4d99
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Tue Jan 28 08:01:34 2020 +0000
+Date: Fri Apr 17 07:15:11 2020 +0000
- upstream: changes to support FIDO attestation
-
- Allow writing to disk the attestation certificate that is generated by
- the FIDO token at key enrollment time. These certificates may be used
- by an out-of-band workflow to prove that a particular key is held in
- trustworthy hardware.
+ upstream: refactor out some duplicate private key loading code;
- Allow passing in a challenge that will be sent to the card during
- key enrollment. These are needed to build an attestation workflow
- that resists replay attacks.
+ based on patch from loic AT venez.fr, ok dtucker@
- ok markus@
+ OpenBSD-Commit-ID: 5eff2476b0d8d0614924c55e350fb7bb9c84f45e
+
+commit 4e04f46f248f1708e39b900b76c9693c820eff68
+Author: jmc at openbsd.org <jmc at openbsd.org>
+Date: Fri Apr 17 06:12:41 2020 +0000
+
+ upstream: add space beteen macro arg and punctuation;
- OpenBSD-Commit-ID: 457dc3c3d689ba39eed328f0817ed9b91a5f78f6
+ OpenBSD-Commit-ID: c93a6cbb4bf9468fc4c13e64bc1fd4efee201a44
-commit 156bef36f93a48212383235bb8e3d71eaf2b2777
+commit 44ae009a0112081d0d541aeaa90088bedb6f21ce
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Tue Jan 28 07:24:15 2020 +0000
+Date: Fri Apr 17 04:27:03 2020 +0000
- upstream: disable UpdateHostKeys=ask when in quiet mode; "work for
+ upstream: auth2-pubkey r1.89 changed the order of operations to
- me" matthieu@
+ checking AuthorizedKeysFile first and falling back to AuthorizedKeysCommand
+ if no key was found in a file. Document this order here; bz3134
- OpenBSD-Commit-ID: 60d7b5eb91accf935ed9852650a826d86db2ddc7
+ OpenBSD-Commit-ID: afce0872cbfcfc1d4910ad7722e50f792a1dce12
-commit ec8a759b4045e54d6b38e690ffee4cbffc53c7b7
+commit f96f17f920f38ceea6f3c5cb0b075c46b8929fdc
Author: Damien Miller <djm at mindrot.org>
-Date: Tue Jan 28 12:57:25 2020 +1100
+Date: Fri Apr 17 14:07:15 2020 +1000
- compat for missing IPTOS_DSCP_LE in system headers
+ sys/sysctl.h is only used on OpenBSD
+
+ so change the preprocessor test used to include it to check
+ __OpenBSD__, matching the code that uses the symbols it declares.
-commit 4594c7627680c4f41c2ad5fe412e55b7cc79b10c
+commit 54688e937a69c7aebef8a3d50cbd4c6345bab2ca
Author: djm at openbsd.org <djm at openbsd.org>
-Date: Tue Jan 28 01:49:36 2020 +0000
+Date: Fri Apr 17 03:38:47 2020 +0000
- upstream: make IPTOS_DSCP_LE available via IPQoS directive; bz2986,
+ upstream: fix reversed test that caused IdentitiesOnly=yes to not
- based on patch by veegish AT cyberstorm.mu
+ apply to keys loaded from a PKCS11Provider; bz3141, ok dtucker@
*** 32592 LINES SKIPPED ***
More information about the dev-commits-src-all
mailing list