svn commit: r262566 - in stable/10: crypto/openssh crypto/openssh/contrib/caldera crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-comp...
Dag-Erling Smørgrav
des at FreeBSD.org
Thu Feb 27 17:29:02 UTC 2014
Author: des
Date: Thu Feb 27 17:29:02 2014
New Revision: 262566
URL: http://svnweb.freebsd.org/changeset/base/262566
Log:
MFH (r261320): upgrade openssh to 6.5p1
MFH (r261340): enable sandboxing by default
Added:
stable/10/crypto/openssh/PROTOCOL.chacha20poly1305
- copied unchanged from r261320, head/crypto/openssh/PROTOCOL.chacha20poly1305
stable/10/crypto/openssh/PROTOCOL.key
- copied unchanged from r261320, head/crypto/openssh/PROTOCOL.key
stable/10/crypto/openssh/blocks.c
- copied unchanged from r261320, head/crypto/openssh/blocks.c
stable/10/crypto/openssh/chacha.c
- copied unchanged from r261320, head/crypto/openssh/chacha.c
stable/10/crypto/openssh/chacha.h
- copied unchanged from r261320, head/crypto/openssh/chacha.h
stable/10/crypto/openssh/cipher-chachapoly.c
- copied unchanged from r261320, head/crypto/openssh/cipher-chachapoly.c
stable/10/crypto/openssh/cipher-chachapoly.h
- copied unchanged from r261320, head/crypto/openssh/cipher-chachapoly.h
stable/10/crypto/openssh/crypto_api.h
- copied unchanged from r261320, head/crypto/openssh/crypto_api.h
stable/10/crypto/openssh/digest.c
- copied unchanged from r261320, head/crypto/openssh/digest.c
stable/10/crypto/openssh/digest.h
- copied unchanged from r261320, head/crypto/openssh/digest.h
stable/10/crypto/openssh/ed25519.c
- copied unchanged from r261320, head/crypto/openssh/ed25519.c
stable/10/crypto/openssh/fe25519.c
- copied unchanged from r261320, head/crypto/openssh/fe25519.c
stable/10/crypto/openssh/fe25519.h
- copied unchanged from r261320, head/crypto/openssh/fe25519.h
stable/10/crypto/openssh/ge25519.c
- copied unchanged from r261320, head/crypto/openssh/ge25519.c
stable/10/crypto/openssh/ge25519.h
- copied unchanged from r261320, head/crypto/openssh/ge25519.h
stable/10/crypto/openssh/ge25519_base.data
- copied unchanged from r261320, head/crypto/openssh/ge25519_base.data
stable/10/crypto/openssh/hash.c
- copied unchanged from r261320, head/crypto/openssh/hash.c
stable/10/crypto/openssh/kexc25519.c
- copied unchanged from r261320, head/crypto/openssh/kexc25519.c
stable/10/crypto/openssh/kexc25519c.c
- copied unchanged from r261320, head/crypto/openssh/kexc25519c.c
stable/10/crypto/openssh/kexc25519s.c
- copied unchanged from r261320, head/crypto/openssh/kexc25519s.c
stable/10/crypto/openssh/openbsd-compat/arc4random.c
- copied unchanged from r261320, head/crypto/openssh/openbsd-compat/arc4random.c
stable/10/crypto/openssh/openbsd-compat/bcrypt_pbkdf.c
- copied unchanged from r261320, head/crypto/openssh/openbsd-compat/bcrypt_pbkdf.c
stable/10/crypto/openssh/openbsd-compat/blf.h
- copied unchanged from r261320, head/crypto/openssh/openbsd-compat/blf.h
stable/10/crypto/openssh/openbsd-compat/blowfish.c
- copied unchanged from r261320, head/crypto/openssh/openbsd-compat/blowfish.c
stable/10/crypto/openssh/openbsd-compat/chacha_private.h
- copied unchanged from r261320, head/crypto/openssh/openbsd-compat/chacha_private.h
stable/10/crypto/openssh/poly1305.c
- copied unchanged from r261320, head/crypto/openssh/poly1305.c
stable/10/crypto/openssh/poly1305.h
- copied unchanged from r261320, head/crypto/openssh/poly1305.h
stable/10/crypto/openssh/regress/setuid-allowed.c
- copied unchanged from r261320, head/crypto/openssh/regress/setuid-allowed.c
stable/10/crypto/openssh/regress/sftp-perm.sh
- copied unchanged from r261320, head/crypto/openssh/regress/sftp-perm.sh
stable/10/crypto/openssh/sandbox-capsicum.c
- copied unchanged from r261320, head/crypto/openssh/sandbox-capsicum.c
stable/10/crypto/openssh/sc25519.c
- copied unchanged from r261320, head/crypto/openssh/sc25519.c
stable/10/crypto/openssh/sc25519.h
- copied unchanged from r261320, head/crypto/openssh/sc25519.h
stable/10/crypto/openssh/smult_curve25519_ref.c
- copied unchanged from r261320, head/crypto/openssh/smult_curve25519_ref.c
stable/10/crypto/openssh/ssh-ed25519.c
- copied unchanged from r261320, head/crypto/openssh/ssh-ed25519.c
stable/10/crypto/openssh/verify.c
- copied unchanged from r261320, head/crypto/openssh/verify.c
Deleted:
stable/10/crypto/openssh/openbsd-compat/bsd-arc4random.c
Modified:
stable/10/crypto/openssh/ChangeLog
stable/10/crypto/openssh/Makefile.in
stable/10/crypto/openssh/PROTOCOL
stable/10/crypto/openssh/README
stable/10/crypto/openssh/aclocal.m4
stable/10/crypto/openssh/addrmatch.c
stable/10/crypto/openssh/atomicio.c
stable/10/crypto/openssh/auth-krb5.c
stable/10/crypto/openssh/auth-options.c
stable/10/crypto/openssh/auth-pam.c
stable/10/crypto/openssh/auth2-hostbased.c
stable/10/crypto/openssh/auth2-pubkey.c
stable/10/crypto/openssh/authfd.c
stable/10/crypto/openssh/authfile.c
stable/10/crypto/openssh/authfile.h
stable/10/crypto/openssh/bufaux.c
stable/10/crypto/openssh/bufbn.c
stable/10/crypto/openssh/buffer.c
stable/10/crypto/openssh/buffer.h
stable/10/crypto/openssh/canohost.c
stable/10/crypto/openssh/channels.c
stable/10/crypto/openssh/cipher.c
stable/10/crypto/openssh/cipher.h
stable/10/crypto/openssh/clientloop.c
stable/10/crypto/openssh/compat.c
stable/10/crypto/openssh/compat.h
stable/10/crypto/openssh/config.h
stable/10/crypto/openssh/config.h.in
stable/10/crypto/openssh/configure
stable/10/crypto/openssh/configure.ac
stable/10/crypto/openssh/contrib/caldera/openssh.spec
stable/10/crypto/openssh/contrib/cygwin/ssh-host-config
stable/10/crypto/openssh/contrib/redhat/openssh.spec
stable/10/crypto/openssh/contrib/suse/openssh.spec
stable/10/crypto/openssh/defines.h
stable/10/crypto/openssh/dh.c
stable/10/crypto/openssh/dh.h
stable/10/crypto/openssh/gss-serv-krb5.c
stable/10/crypto/openssh/hostfile.c
stable/10/crypto/openssh/kex.c
stable/10/crypto/openssh/kex.h
stable/10/crypto/openssh/kexdh.c
stable/10/crypto/openssh/kexdhc.c
stable/10/crypto/openssh/kexdhs.c
stable/10/crypto/openssh/kexecdh.c
stable/10/crypto/openssh/kexecdhc.c
stable/10/crypto/openssh/kexecdhs.c
stable/10/crypto/openssh/kexgex.c
stable/10/crypto/openssh/kexgexc.c
stable/10/crypto/openssh/kexgexs.c
stable/10/crypto/openssh/key.c
stable/10/crypto/openssh/key.h
stable/10/crypto/openssh/loginrec.c
stable/10/crypto/openssh/mac.c
stable/10/crypto/openssh/mac.h
stable/10/crypto/openssh/match.c
stable/10/crypto/openssh/misc.c
stable/10/crypto/openssh/misc.h
stable/10/crypto/openssh/moduli.c
stable/10/crypto/openssh/monitor.c
stable/10/crypto/openssh/monitor_mm.c
stable/10/crypto/openssh/monitor_mm.h
stable/10/crypto/openssh/myproposal.h
stable/10/crypto/openssh/openbsd-compat/Makefile.in
stable/10/crypto/openssh/openbsd-compat/bsd-cygwin_util.h
stable/10/crypto/openssh/openbsd-compat/bsd-misc.c
stable/10/crypto/openssh/openbsd-compat/bsd-poll.c
stable/10/crypto/openssh/openbsd-compat/bsd-setres_id.c
stable/10/crypto/openssh/openbsd-compat/bsd-snprintf.c
stable/10/crypto/openssh/openbsd-compat/bsd-statvfs.c
stable/10/crypto/openssh/openbsd-compat/bsd-statvfs.h
stable/10/crypto/openssh/openbsd-compat/openbsd-compat.h
stable/10/crypto/openssh/openbsd-compat/openssl-compat.c
stable/10/crypto/openssh/openbsd-compat/openssl-compat.h
stable/10/crypto/openssh/openbsd-compat/setproctitle.c
stable/10/crypto/openssh/packet.c
stable/10/crypto/openssh/pathnames.h
stable/10/crypto/openssh/pkcs11.h
stable/10/crypto/openssh/platform.c
stable/10/crypto/openssh/platform.h
stable/10/crypto/openssh/progressmeter.c
stable/10/crypto/openssh/readconf.c
stable/10/crypto/openssh/readconf.h
stable/10/crypto/openssh/regress/Makefile
stable/10/crypto/openssh/regress/agent-ptrace.sh
stable/10/crypto/openssh/regress/agent.sh
stable/10/crypto/openssh/regress/cert-hostkey.sh
stable/10/crypto/openssh/regress/cert-userkey.sh
stable/10/crypto/openssh/regress/cipher-speed.sh
stable/10/crypto/openssh/regress/forward-control.sh
stable/10/crypto/openssh/regress/integrity.sh
stable/10/crypto/openssh/regress/kextype.sh
stable/10/crypto/openssh/regress/keytype.sh
stable/10/crypto/openssh/regress/krl.sh
stable/10/crypto/openssh/regress/modpipe.c
stable/10/crypto/openssh/regress/rekey.sh
stable/10/crypto/openssh/regress/scp-ssh-wrapper.sh
stable/10/crypto/openssh/regress/scp.sh
stable/10/crypto/openssh/regress/test-exec.sh
stable/10/crypto/openssh/regress/try-ciphers.sh
stable/10/crypto/openssh/roaming_client.c
stable/10/crypto/openssh/roaming_common.c
stable/10/crypto/openssh/sandbox-darwin.c
stable/10/crypto/openssh/sandbox-null.c
stable/10/crypto/openssh/sandbox-rlimit.c
stable/10/crypto/openssh/sandbox-seccomp-filter.c
stable/10/crypto/openssh/sandbox-systrace.c
stable/10/crypto/openssh/schnorr.c
stable/10/crypto/openssh/schnorr.h
stable/10/crypto/openssh/scp.0
stable/10/crypto/openssh/scp.1
stable/10/crypto/openssh/scp.c
stable/10/crypto/openssh/servconf.c
stable/10/crypto/openssh/servconf.h
stable/10/crypto/openssh/serverloop.c
stable/10/crypto/openssh/session.c
stable/10/crypto/openssh/session.h
stable/10/crypto/openssh/sftp-client.c
stable/10/crypto/openssh/sftp-client.h
stable/10/crypto/openssh/sftp-common.c
stable/10/crypto/openssh/sftp-glob.c
stable/10/crypto/openssh/sftp-server.0
stable/10/crypto/openssh/sftp-server.8
stable/10/crypto/openssh/sftp-server.c
stable/10/crypto/openssh/sftp.0
stable/10/crypto/openssh/sftp.1
stable/10/crypto/openssh/sftp.c
stable/10/crypto/openssh/ssh-add.0
stable/10/crypto/openssh/ssh-add.1
stable/10/crypto/openssh/ssh-add.c
stable/10/crypto/openssh/ssh-agent.0
stable/10/crypto/openssh/ssh-agent.1
stable/10/crypto/openssh/ssh-agent.c
stable/10/crypto/openssh/ssh-dss.c
stable/10/crypto/openssh/ssh-ecdsa.c
stable/10/crypto/openssh/ssh-keygen.0
stable/10/crypto/openssh/ssh-keygen.1
stable/10/crypto/openssh/ssh-keygen.c
stable/10/crypto/openssh/ssh-keyscan.0
stable/10/crypto/openssh/ssh-keyscan.1
stable/10/crypto/openssh/ssh-keyscan.c
stable/10/crypto/openssh/ssh-keysign.0
stable/10/crypto/openssh/ssh-keysign.8
stable/10/crypto/openssh/ssh-keysign.c
stable/10/crypto/openssh/ssh-pkcs11-helper.c
stable/10/crypto/openssh/ssh-pkcs11.c
stable/10/crypto/openssh/ssh-rsa.c
stable/10/crypto/openssh/ssh-sandbox.h
stable/10/crypto/openssh/ssh.0
stable/10/crypto/openssh/ssh.1
stable/10/crypto/openssh/ssh.c
stable/10/crypto/openssh/ssh_config
stable/10/crypto/openssh/ssh_config.0
stable/10/crypto/openssh/ssh_config.5
stable/10/crypto/openssh/ssh_namespace.h
stable/10/crypto/openssh/sshconnect.c
stable/10/crypto/openssh/sshconnect.h
stable/10/crypto/openssh/sshconnect1.c
stable/10/crypto/openssh/sshconnect2.c
stable/10/crypto/openssh/sshd.0
stable/10/crypto/openssh/sshd.8
stable/10/crypto/openssh/sshd.c
stable/10/crypto/openssh/sshd_config
stable/10/crypto/openssh/sshd_config.0
stable/10/crypto/openssh/sshd_config.5
stable/10/crypto/openssh/uidswap.c
stable/10/crypto/openssh/version.h
stable/10/crypto/openssh/xmalloc.c
stable/10/etc/rc.d/sshd
stable/10/secure/lib/libssh/Makefile
stable/10/secure/usr.sbin/sshd/Makefile
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/crypto/openssh/ChangeLog
==============================================================================
--- stable/10/crypto/openssh/ChangeLog Thu Feb 27 16:54:43 2014 (r262565)
+++ stable/10/crypto/openssh/ChangeLog Thu Feb 27 17:29:02 2014 (r262566)
@@ -1,25 +1,1042 @@
-20131108
+20140130
+ - (djm) [configure.ac] Only check for width-specified integer types
+ in headers that actually exist. patch from Tom G. Christensen;
+ ok dtucker@
+ - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering
+ different symbols for 'read' when various compiler flags are
+ in use, causing atomicio.c comparisons against it to break and
+ read/write operations to hang; ok dtucker
+ - (djm) Release openssh-6.5p1
+
+20140129
+ - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from
+ Tom G. Christensen
+
+20140128
+ - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl;
+ ok dtucker
+ - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the
+ latter being specified to have undefined behaviour in SUSv3;
+ ok dtucker
+ - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable
+ when used as an error message inside an if statement so we display the
+ correct into. agent.sh patch from Petr Lautrbach.
+
+20140127
+ - (dtucker) [Makefile.in] Remove trailing backslash which some make
+ implementations (eg older Solaris) do not cope with.
+
+20140126
+ - OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2014/01/25 10:12:50
+ [cipher.c cipher.h kex.c kex.h kexgexc.c]
+ Add a special case for the DH group size for 3des-cbc, which has an
+ effective strength much lower than the key size. This causes problems
+ with some cryptlib implementations, which don't support group sizes larger
+ than 4k but also don't use the largest group size it does support as
+ specified in the RFC. Based on a patch from Petr Lautrbach at Redhat,
+ reduced by me with input from Markus. ok djm@ markus@
+ - markus at cvs.openbsd.org 2014/01/25 20:35:37
+ [kex.c]
+ dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len)
+ ok dtucker@, noted by mancha
+ - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable
+ RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
+ libc will attempt to open additional file descriptors for crypto
+ offload and crash if they cannot be opened.
+ - (djm) [configure.ac] correct AC_DEFINE for previous.
+
+20140125
+ - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD
+ - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless
+ sys/capability.h exists and cap_rights_limit is in libc. Fixes
+ build on FreeBSD9x which provides the header but not the libc
+ support.
+ - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test
+ against the correct thing.
+
+20140124
+ - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make
+ the scp regress test actually test the built scp rather than the one
+ in $PATH. ok dtucker@
+
+20140123
+ - (tim) [session.c] Improve error reporting on set_id().
+ - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously
+ incompatible with OpenBSD's despite post-dating it by more than a decade.
+ Declare it as broken, and document FreeBSD's as the same. ok djm@
+
+20140122
+ - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a
+ platform that is expected to use the reuse-argv style setproctitle
+ hack surprises us by providing a setproctitle in libc; ok dtucker
+ - (djm) [configure.ac] Unless specifically requested, only attempt
+ to build Position Independent Executables on gcc >= 4.x; ok dtucker
+ - (djm) [configure.ac aclocal.m4] More tests to detect fallout from
+ platform hardening options: include some long long int arithmatic
+ to detect missing support functions for -ftrapv in libgcc and
+ equivalents, actually test linking when -ftrapv is supplied and
+ set either both -pie/-fPIE or neither. feedback and ok dtucker@
+
+20140121
+ - (dtucker) [configure.ac] Make PIE a configure-time option which defaults
+ to on platforms where it's known to be reliably detected and off elsewhere.
+ Works around platforms such as FreeBSD 9.1 where it does not interop with
+ -ftrapv (it seems to work but fails when trying to link ssh). ok djm@
+ - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time
+ tests in the configure output. ok djm.
+ - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced
+ with sftp chroot support. Move set_id call after chroot.
+ - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE
+ and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of
+ detecting toolchain-related problems; ok dtucker
+
+20140120
+ - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos
+ implementation does not have krb5_cc_new_unique, similar to what we do
+ in auth-krb5.c.
+ - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that
+ skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2014/01/20 00:08:48
+ [digest.c]
+ memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@
+
+20140119
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2014/01/17 06:23:24
+ [sftp-server.c]
+ fix log message statvfs. ok djm
+ - dtucker at cvs.openbsd.org 2014/01/18 09:36:26
+ [session.c]
+ explicitly define USE_PIPES to 1 to prevent redefinition warnings in
+ portable on platforms that use pipes for everything. From vinschen at
+ redhat.
+ - dtucker at cvs.openbsd.org 2014/01/19 04:17:29
+ [canohost.c addrmatch.c]
+ Cast socklen_t when comparing to size_t and use socklen_t to iterate over
+ the ip options, both to prevent signed/unsigned comparison warnings.
+ Patch from vinschen at redhat via portable openssh, begrudging ok deraadt.
+ - djm at cvs.openbsd.org 2014/01/19 04:48:08
+ [ssh_config.5]
+ fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal
+ - dtucker at cvs.openbsd.org 2014/01/19 11:21:51
+ [addrmatch.c]
+ Cast the sizeof to socklen_t so it'll work even if the supplied len is
+ negative. Suggested by and ok djm, ok deraadt.
+
+20140118
+ - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin. Patch
+ from vinschen at redhat.com
+ - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function
+ declarations that stopped being included when we stopped including
+ <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at
+ redhat.com.
+ - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs,
+ optind) are defined in getopt.h already. Unfortunately they are defined as
+ "declspec(dllimport)" for historical reasons, because the GNU linker didn't
+ allow auto-import on PE/COFF targets way back when. The problem is the
+ dllexport attributes collide with the definitions in the various source
+ files in OpenSSH, which obviousy define the variables without
+ declspec(dllimport). The least intrusive way to get rid of these warnings
+ is to disable warnings for GCC compiler attributes when building on Cygwin.
+ Patch from vinschen at redhat.com.
+ - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the
+ return value check for cap_enter() consistent with the other uses in
+ FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140.
+
+20140117
+ - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain
+ hardening flags including -fstack-protector-strong. These default to on
+ if the toolchain supports them, but there is a configure-time knob
+ (--without-hardening) to disable them if necessary. ok djm@
+ - (djm) [sftp-client.c] signed/unsigned comparison fix
+ - (dtucker) [loginrec.c] Cast to the types specfied in the format
+ specification to prevent warnings.
+ - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
+ - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
+ - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include
+ includes.h to pull in all of the compatibility stuff.
+ - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside
+ #ifdef HAVE_STDINT_H.
+ - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that
+ don't have them.
+ - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into
+ separate lines and alphabetize for easier diffing of changes.
+ - (dtucker) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2014/01/17 00:21:06
+ [sftp-client.c]
+ signed/unsigned comparison warning fix; from portable (Id sync only)
+ - dtucker at cvs.openbsd.org 2014/01/17 05:26:41
+ [digest.c]
+ remove unused includes. ok djm@
+ - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]
+ [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c]
+ [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing
+ using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling
+ Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
+ - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c
+ openbsd-compat/openssl-compat.h] Add compatibility layer for older
+ openssl versions. ok djm@
+ - (dtucker) Fix typo in #ifndef.
+ - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c
+ openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs
+ to be useful (and for the regression tests to pass) on platforms that
+ have statfs and fstatfs. ok djm@
+ - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we
+ need them to cut down on the name collisions.
+ - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types.
+ - (dtucker) [configure.ac] Have --without-hardening not turn off
+ stack-protector since that has a separate flag that's been around a while.
+ - (dtucker) [readconf.c] Wrap paths.h inside an ifdef. Allows building on
+ Solaris.
+ - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after
+ they're defined if we have to define them ourselves. Fixes builds on old
+ AIX.
+
+20140118
- (djm) OpenBSD CVS Sync
- - markus at cvs.openbsd.org 2013/11/06 16:52:11
- [monitor_wrap.c]
- fix rekeying for AES-GCM modes; ok deraadt
+ - djm at cvs.openbsd.org 2014/01/16 07:31:09
+ [sftp-client.c]
+ needless and incorrect cast to size_t can break resumption of
+ large download; patch from tobias@
+ - djm at cvs.openbsd.org 2014/01/16 07:32:00
+ [version.h]
+ openssh-6.5
+ - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
+ [contrib/suse/openssh.spec] Crank RPM spec version numbers.
+ - (djm) [README] update release notes URL.
+
+20140112
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2014/01/10 05:59:19
+ [sshd_config]
+ the /etc/ssh/ssh_host_ed25519_key is loaded by default too
+ - djm at cvs.openbsd.org 2014/01/12 08:13:13
+ [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c]
+ [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c]
+ avoid use of OpenSSL BIGNUM type and functions for KEX with
+ Curve25519 by adding a buffer_put_bignum2_from_string() that stores
+ a string using the bignum encoding rules. Will make it easier to
+ build a reduced-feature OpenSSH without OpenSSL in the future;
+ ok markus@
+
+20140110
+ - (djm) OpenBSD CVS Sync
+ - tedu at cvs.openbsd.org 2014/01/04 17:50:55
+ [mac.c monitor_mm.c monitor_mm.h xmalloc.c]
+ use standard types and formats for size_t like variables. ok dtucker
+ - guenther at cvs.openbsd.org 2014/01/09 03:26:00
+ [sftp-common.c]
+ When formating the time for "ls -l"-style output, show dates in the future
+ with the year, and rearrange a comparison to avoid a potentional signed
+ arithmetic overflow that would give the wrong result.
+ ok djm@
+ - djm at cvs.openbsd.org 2014/01/09 23:20:00
+ [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c]
+ [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c]
+ [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c]
+ [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c]
+ Introduce digest API and use it to perform all hashing operations
+ rather than calling OpenSSL EVP_Digest* directly. Will make it easier
+ to build a reduced-feature OpenSSH without OpenSSL in future;
+ feedback, ok markus@
+ - djm at cvs.openbsd.org 2014/01/09 23:26:48
+ [sshconnect.c sshd.c]
+ ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,
+ deranged and might make some attacks on KEX easier; ok markus@
+
+20140108
+ - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@
+
+20131231
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/12/30 23:52:28
+ [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c]
+ [sshconnect.c sshconnect2.c sshd.c]
+ refuse RSA keys from old proprietary clients/servers that use the
+ obsolete RSA+MD5 signature scheme. it will still be possible to connect
+ with these clients/servers but only DSA keys will be accepted, and we'll
+ deprecate them entirely in a future release. ok markus@
+
+20131229
+ - (djm) [loginrec.c] Check for username truncation when looking up lastlog
+ entries
+ - (djm) [regress/Makefile] Add some generated files for cleaning
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/12/19 00:10:30
+ [ssh-add.c]
+ skip requesting smartcard PIN when removing keys from agent; bz#2187
+ patch from jay AT slushpupie.com; ok dtucker
+ - dtucker at cvs.openbsd.org 2013/12/19 00:19:12
+ [serverloop.c]
+ Cast client_alive_interval to u_int64_t before assinging to
+ max_time_milliseconds to avoid potential integer overflow in the timeout.
+ bz#2170, patch from Loganaden Velvindron, ok djm@
+ - djm at cvs.openbsd.org 2013/12/19 00:27:57
+ [auth-options.c]
+ simplify freeing of source-address certificate restriction
+ - djm at cvs.openbsd.org 2013/12/19 01:04:36
+ [channels.c]
+ bz#2147: fix multiple remote forwardings with dynamically assigned
+ listen ports. In the s->c message to open the channel we were sending
+ zero (the magic number to request a dynamic port) instead of the actual
+ listen port. The client therefore had no way of discriminating between
+ them.
+
+ Diagnosis and fix by ronf AT timeheart.net
+ - djm at cvs.openbsd.org 2013/12/19 01:19:41
+ [ssh-agent.c]
+ bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent
+ that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com;
+ ok dtucker
+ - djm at cvs.openbsd.org 2013/12/19 22:57:13
+ [poly1305.c poly1305.h]
+ use full name for author, with his permission
+ - tedu at cvs.openbsd.org 2013/12/21 07:10:47
+ [ssh-keygen.1]
+ small typo
+ - djm at cvs.openbsd.org 2013/12/27 22:30:17
+ [ssh-dss.c ssh-ecdsa.c ssh-rsa.c]
+ make the original RSA and DSA signing/verification code look more like
+ the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type
+ rather than tediously listing all variants, use __func__ for debug/
+ error messages
+ - djm at cvs.openbsd.org 2013/12/27 22:37:18
+ [ssh-rsa.c]
+ correct comment
+ - djm at cvs.openbsd.org 2013/12/29 02:28:10
+ [key.c]
+ allow ed25519 keys to appear as certificate authorities
+ - djm at cvs.openbsd.org 2013/12/29 02:37:04
+ [key.c]
+ correct comment for key_to_certified()
+ - djm at cvs.openbsd.org 2013/12/29 02:49:52
+ [key.c]
+ correct comment for key_drop_cert()
+ - djm at cvs.openbsd.org 2013/12/29 04:20:04
+ [key.c]
+ to make sure we don't omit any key types as valid CA keys again,
+ factor the valid key type check into a key_type_is_valid_ca()
+ function
+ - djm at cvs.openbsd.org 2013/12/29 04:29:25
+ [authfd.c]
+ allow deletion of ed25519 keys from the agent
+ - djm at cvs.openbsd.org 2013/12/29 04:35:50
+ [authfile.c]
+ don't refuse to load Ed25519 certificates
+ - djm at cvs.openbsd.org 2013/12/29 05:42:16
+ [ssh.c]
+ don't forget to load Ed25519 certs too
+ - djm at cvs.openbsd.org 2013/12/29 05:57:02
+ [sshconnect.c]
+ when showing other hostkeys, don't forget Ed25519 keys
+
+20131221
+ - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
+
+20131219
+ - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions
+ greater than 11 either rather than just 11. Patch from Tomas Kuthan.
+ - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item().
+ Patch from Loganaden Velvindron.
+
+20131218
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/12/07 08:08:26
+ [ssh-keygen.1]
+ document -a and -o wrt new key format
+ - naddy at cvs.openbsd.org 2013/12/07 11:58:46
+ [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
+ [ssh_config.5 sshd.8 sshd_config.5]
+ add missing mentions of ed25519; ok djm@
+ - dtucker at cvs.openbsd.org 2013/12/08 09:53:27
+ [sshd_config.5]
+ Use a literal for the default value of KEXAlgorithms. ok deraadt jmc
+ - markus at cvs.openbsd.org 2013/12/09 11:03:45
+ [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
+ [ge25519_base.data hash.c sc25519.c sc25519.h verify.c]
+ Add Authors for the public domain ed25519/nacl code.
+ see also http://nacl.cr.yp.to/features.html
+ All of the NaCl software is in the public domain.
+ and http://ed25519.cr.yp.to/software.html
+ The Ed25519 software is in the public domain.
+ - markus at cvs.openbsd.org 2013/12/09 11:08:17
+ [crypto_api.h]
+ remove unused defines
+ - pascal at cvs.openbsd.org 2013/12/15 18:17:26
+ [ssh-add.c]
+ Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page.
+ ok markus@
+ - djm at cvs.openbsd.org 2013/12/15 21:42:35
+ [cipher-chachapoly.c]
+ add some comments and constify a constant
+ - markus at cvs.openbsd.org 2013/12/17 10:36:38
+ [crypto_api.h]
+ I've assempled the header file by cut&pasting from generated headers
+ and the source files.
+
+20131208
+ - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna
+ Vinschen
+ - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh]
+ [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid
+ filesystem before running agent-ptrace.sh; ok dtucker
+
+20131207
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/12/05 22:59:45
+ [sftp-client.c]
+ fix memory leak in error path in do_readdir(); pointed out by
+ Loganaden Velvindron @ AfriNIC in bz#2163
+ - djm at cvs.openbsd.org 2013/12/06 03:40:51
+ [ssh-keygen.c]
+ remove duplicated character ('g') in getopt() string;
+ document the (few) remaining option characters so we don't have to
+ rummage next time.
+ - markus at cvs.openbsd.org 2013/12/06 13:30:08
+ [authfd.c key.c key.h ssh-agent.c]
+ move private key (de)serialization to key.c; ok djm
+ - markus at cvs.openbsd.org 2013/12/06 13:34:54
+ [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c]
+ [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by
+ default; details in PROTOCOL.key; feedback and lots help from djm;
+ ok djm@
+ - markus at cvs.openbsd.org 2013/12/06 13:39:49
+ [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
+ [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
+ [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
+ [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
+ [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
+ support ed25519 keys (hostkeys and user identities) using the public
+ domain ed25519 reference code from SUPERCOP, see
+ http://ed25519.cr.yp.to/software.html
+ feedback, help & ok djm@
+ - jmc at cvs.openbsd.org 2013/12/06 15:29:07
+ [sshd.8]
+ missing comma;
+ - djm at cvs.openbsd.org 2013/12/07 00:19:15
+ [key.c]
+ set k->cert = NULL after freeing it
+ - markus at cvs.openbsd.org 2013/12/06 13:52:46
+ [regress/Makefile regress/agent.sh regress/cert-hostkey.sh]
+ [regress/cert-userkey.sh regress/keytype.sh]
+ test ed25519 support; from djm@
+ - (djm) [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
+ [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents
+ - (djm) [Makefile.in] Add ed25519 sources
+ - (djm) [authfile.c] Conditionalise inclusion of util.h
+ - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c]
+ [openbsd-compat/blf.h openbsd-compat/blowfish.c]
+ [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in
+ portable.
+ - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in]
+ [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on
+ Linux
+ - (djm) [regress/cert-hostkey.sh] Fix merge botch
+ - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from
+ Loganaden Velvindron @ AfriNIC in bz#2179
+
+20131205
+ - (djm) OpenBSD CVS Sync
+ - jmc at cvs.openbsd.org 2013/11/21 08:05:09
+ [ssh_config.5 sshd_config.5]
+ no need for .Pp before displays;
+ - deraadt at cvs.openbsd.org 2013/11/25 18:04:21
+ [ssh.1 ssh.c]
+ improve -Q usage and such. One usage change is that the option is now
+ case-sensitive
+ ok dtucker markus djm
+ - jmc at cvs.openbsd.org 2013/11/26 12:14:54
+ [ssh.1 ssh.c]
+ - put -Q in the right place
+ - Ar was a poor choice for the arguments to -Q. i've chosen an
+ admittedly equally poor Cm, at least consistent with the rest
+ of the docs. also no need for multiple instances
+ - zap a now redundant Nm
+ - usage() sync
+ - deraadt at cvs.openbsd.org 2013/11/26 19:15:09
+ [pkcs11.h]
+ cleanup 1 << 31 idioms. Resurrection of this issue pointed out by
+ Eitan Adler ok markus for ssh, implies same change in kerberosV
+ - djm at cvs.openbsd.org 2013/12/01 23:19:05
+ [PROTOCOL]
+ mention curve25519-sha256 at libssh.org key exchange algorithm
+ - djm at cvs.openbsd.org 2013/12/02 02:50:27
+ [PROTOCOL.chacha20poly1305]
+ typo; from Jon Cave
+ - djm at cvs.openbsd.org 2013/12/02 02:56:17
+ [ssh-pkcs11-helper.c]
+ use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC
+ - djm at cvs.openbsd.org 2013/12/02 03:09:22
+ [key.c]
+ make key_to_blob() return a NULL blob on failure; part of
+ bz#2175 from Loganaden Velvindron @ AfriNIC
+ - djm at cvs.openbsd.org 2013/12/02 03:13:14
+ [cipher.c]
+ correct bzero of chacha20+poly1305 key context. bz#2177 from
+ Loganaden Velvindron @ AfriNIC
+
+ Also make it a memset for consistency with the rest of cipher.c
+ - djm at cvs.openbsd.org 2013/12/04 04:20:01
+ [sftp-client.c]
+ bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
+ AfriNIC
+ - djm at cvs.openbsd.org 2013/12/05 01:16:41
+ [servconf.c servconf.h]
+ bz#2161 - fix AuthorizedKeysCommand inside a Match block and
+ rearrange things so the same error is harder to make next time;
+ with and ok dtucker@
+ - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct
+ -L location for libedit. Patch from Serge van den Boom.
+
+20131121
+ - (djm) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2013/11/08 11:15:19
+ [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c]
+ [uidswap.c] Include stdlib.h for free() as per the man page.
+ - markus at cvs.openbsd.org 2013/11/13 13:48:20
+ [ssh-pkcs11.c]
+ add missing braces found by pedro
+ - djm at cvs.openbsd.org 2013/11/20 02:19:01
+ [sshd.c]
+ delay closure of in/out fds until after "Bad protocol version
+ identification..." message, as get_remote_ipaddr/get_remote_port
+ require them open.
+ - deraadt at cvs.openbsd.org 2013/11/20 20:53:10
+ [scp.c]
+ unsigned casts for ctype macros where neccessary
+ ok guenther millert markus
+ - deraadt at cvs.openbsd.org 2013/11/20 20:54:10
+ [canohost.c clientloop.c match.c readconf.c sftp.c]
+ unsigned casts for ctype macros where neccessary
+ ok guenther millert markus
+ - djm at cvs.openbsd.org 2013/11/21 00:45:44
+ [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
+ [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
+ [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
+ [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
+ cipher "chacha20-poly1305 at openssh.com" that combines Daniel
+ Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
+ authenticated encryption mode.
+
+ Inspired by and similar to Adam Langley's proposal for TLS:
+ http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
+ but differs in layout used for the MAC calculation and the use of a
+ second ChaCha20 instance to separately encrypt packet lengths.
+ Details are in the PROTOCOL.chacha20poly1305 file.
+
+ Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
+ ok markus@ naddy@
+ - naddy at cvs.openbsd.org 2013/11/18 05:09:32
+ [regress/forward-control.sh]
+ bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164)
+ to successfully run this; ok djm@
+ - djm at cvs.openbsd.org 2013/11/21 03:15:46
+ [regress/krl.sh]
+ add some reminders for additional tests that I'd like to implement
+ - djm at cvs.openbsd.org 2013/11/21 03:16:47
+ [regress/modpipe.c]
+ use unsigned long long instead of u_int64_t here to avoid warnings
+ on some systems portable OpenSSH is built on.
+ - djm at cvs.openbsd.org 2013/11/21 03:18:51
+ [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh]
+ [regress/try-ciphers.sh]
+ use new "ssh -Q cipher-auth" query to obtain lists of authenticated
+ encryption ciphers instead of specifying them manually; ensures that
+ the new chacha20poly1305 at openssh.com mode is tested;
+
+ ok markus@ and naddy@ as part of the diff to add
+ chacha20poly1305 at openssh.com
+
+20131110
+ - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by
+ querying the ones that are compiled in.
+
+20131109
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2013/11/09 05:41:34
+ [regress/test-exec.sh regress/rekey.sh]
+ Use smaller test data files to speed up tests. Grow test datafiles
+ where necessary for a specific test.
+ - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
+ NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
+ latter actually works before using it. Fedora (at least) has NID_secp521r1
+ that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
+ - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test.
+ - (dtucker) [configure.ac] Add missing "test".
+ - (dtucker) [key.c] Check for the correct defines for NID_secp521r1.
+
+20131108
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2013/11/08 01:06:14
+ [regress/rekey.sh]
+ Rekey less frequently during tests to speed them up
+ - (djm) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2013/11/07 11:58:27
+ [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
+ Output the effective values of Ciphers, MACs and KexAlgorithms when
+ the default has not been overridden. ok markus@
- djm at cvs.openbsd.org 2013/11/08 00:39:15
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
[clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
[sftp-client.c sftp-glob.c]
use calloc for all structure allocations; from markus@
- - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
- [contrib/suse/openssh.spec] update version numbers
- djm at cvs.openbsd.org 2013/11/08 01:38:11
[version.h]
openssh-6.4
- - (djm) Release 6.4p1
+ - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
+ [contrib/suse/openssh.spec] Update version numbers following release.
+ - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of
+ arc4random_stir for platforms that have arc4random but don't have
+ arc4random_stir (right now this is only OpenBSD -current).
+ - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have
+ EVP_sha256.
+ - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256.
+ - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile
+ warnings.
+ - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform
+ and pass in TEST_ENV. use stderr to get polluted
+ and the stderr-data test to fail.
+ - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation:
+ rather than testing and generating each key, call ssh-keygen -A.
+ Patch from vinschen at redhat.com.
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2013/11/09 05:41:34
+ [regress/test-exec.sh regress/rekey.sh]
+ Use smaller test data files to speed up tests. Grow test datafiles
+ where necessary for a specific test.
+
+20131107
+ - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)
+ that got lost in recent merge.
+ - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff
+ - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these
+ - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms
+ that lack it but have arc4random_uniform()
+ - (djm) OpenBSD CVS Sync
+ - markus at cvs.openbsd.org 2013/11/04 11:51:16
+ [monitor.c]
+ fix rekeying for KEX_C25519_SHA256; noted by dtucker@
+ RCSID sync only; I thought this was a merge botch and fixed it already
+ - markus at cvs.openbsd.org 2013/11/06 16:52:11
+ [monitor_wrap.c]
+ fix rekeying for AES-GCM modes; ok deraadt
+ - djm at cvs.openbsd.org 2013/11/06 23:05:59
+ [ssh-pkcs11.c]
+ from portable: s/true/true_val/ to avoid name collisions on dump platforms
+ RCSID sync only
+ - (dtucker) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/10/09 23:44:14
+ [regress/Makefile] (ID sync only)
+ regression test for sftp request white/blacklisting and readonly mode.
+ - markus at cvs.openbsd.org 2013/11/02 22:39:53
+ [regress/kextype.sh]
+ add curve25519-sha256 at libssh.org
+ - dtucker at cvs.openbsd.org 2013/11/04 12:27:42
+ [regress/rekey.sh]
+ Test rekeying with all KexAlgorithms.
+ - dtucker at cvs.openbsd.org 2013/11/07 00:12:05
+ [regress/rekey.sh]
+ Test rekeying for every Cipher, MAC and KEX, plus test every KEX with
+ the GCM ciphers.
+ - dtucker at cvs.openbsd.org 2013/11/07 01:12:51
+ [regress/rekey.sh]
+ Factor out the data transfer rekey tests
+ - dtucker at cvs.openbsd.org 2013/11/07 02:48:38
+ [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh]
+ Use ssh -Q instead of hardcoding lists of ciphers or MACs.
+ - dtucker at cvs.openbsd.org 2013/11/07 03:55:41
+ [regress/kextype.sh]
+ Use ssh -Q to get kex types instead of a static list.
+ - dtucker at cvs.openbsd.org 2013/11/07 04:26:56
+ [regress/kextype.sh]
+ trailing space
+ - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment
+ variable. It's no longer used now that we get the supported MACs from
+ ssh -Q.
-20130913
- - (djm) [channels.c] Fix unaligned access on sparc machines in SOCKS5 code;
- ok dtucker@
- - (djm) [channels.c] sigh, typo s/buffet_/buffer_/
- - (djm) Release 6.3p1
+20131104
+ - (djm) OpenBSD CVS Sync
+ - markus at cvs.openbsd.org 2013/11/02 20:03:54
+ [ssh-pkcs11.c]
+ support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys;
+ fixes bz#1908; based on patch from Laurent Barbe; ok djm
+ - markus at cvs.openbsd.org 2013/11/02 21:59:15
+ [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
+ use curve25519 for default key exchange (curve25519-sha256 at libssh.org);
+ initial patch from Aris Adamantiadis; ok djm@
+ - markus at cvs.openbsd.org 2013/11/02 22:10:15
+ [kexdhs.c kexecdhs.c]
+ no need to include monitor_wrap.h
+ - markus at cvs.openbsd.org 2013/11/02 22:24:24
+ [kexdhs.c kexecdhs.c]
+ no need to include ssh-gss.h
+ - markus at cvs.openbsd.org 2013/11/02 22:34:01
+ [auth-options.c]
+ no need to include monitor_wrap.h and ssh-gss.h
+ - markus at cvs.openbsd.org 2013/11/02 22:39:19
+ [ssh_config.5 sshd_config.5]
+ the default kex is now curve25519-sha256 at libssh.org
+ - djm at cvs.openbsd.org 2013/11/03 10:37:19
+ [roaming_common.c]
+ fix a couple of function definitions foo() -> foo(void)
+ (-Wold-style-definition)
+ - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from
+ KEX/curve25519 change
+
+20131103
+ - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep.
+ From OpenSMTPD where it prevents "implicit declaration" warnings (it's
+ a no-op in OpenSSH). From chl at openbsd.
+ - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd
+ vsnprintf. From eric at openbsd via chl at .
+ - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t
+ for platforms that don't have them.
+
+20131030
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/10/29 09:42:11
+ [key.c key.h]
+ fix potential stack exhaustion caused by nested certificates;
+ report by Mateusz Kocielski; ok dtucker@ markus@
+ - djm at cvs.openbsd.org 2013/10/29 09:48:02
+ [servconf.c servconf.h session.c sshd_config sshd_config.5]
+ shd_config PermitTTY to disallow TTY allocation, mirroring the
+ longstanding no-pty authorized_keys option;
+ bz#2070, patch from Teran McKinney; ok markus@
+ - jmc at cvs.openbsd.org 2013/10/29 18:49:32
+ [sshd_config.5]
+ pty(4), not pty(7);
+
+20131026
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/10/25 23:04:51
+ [ssh.c]
+ fix crash when using ProxyCommand caused by previous commit - was calling
+ freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@
+
+20131025
+ - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove
+ unnecessary arc4random_stir() calls. The only ones left are to ensure
+ that the PRNG gets a different state after fork() for platforms that
+ have broken the API.
+
+20131024
+ - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check
+ rather than full client name which may be of form user at REALM;
+ patch from Miguel Sanders; ok dtucker@
+ - (djm) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2013/10/23 05:40:58
+ [servconf.c]
+ fix comment
+ - djm at cvs.openbsd.org 2013/10/23 23:35:32
+ [sshd.c]
+ include local address and port in "Connection from ..." message (only
+ shown at loglevel>=verbose)
+ - dtucker at cvs.openbsd.org 2013/10/24 00:49:49
+ [moduli.c]
+ Periodically print progress and, if possible, expected time to completion
+ when screening moduli for DH groups. ok deraadt djm
+ - dtucker at cvs.openbsd.org 2013/10/24 00:51:48
+ [readconf.c servconf.c ssh_config.5 sshd_config.5]
+ Disallow empty Match statements and add "Match all" which matches
+ everything. ok djm, man page help jmc@
+ - djm at cvs.openbsd.org 2013/10/24 08:19:36
+ [ssh.c]
+ fix bug introduced in hostname canonicalisation commit: don't try to
+ resolve hostnames when a ProxyCommand is set unless the user has forced
+ canonicalisation; spotted by Iain Morgan
+ - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd"
+
+20131023
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/10/20 04:39:28
+ [ssh_config.5]
+ document % expansions performed by "Match command ..."
+ - djm at cvs.openbsd.org 2013/10/20 06:19:28
+ [readconf.c ssh_config.5]
+ rename "command" subclause of the recently-added "Match" keyword to
+ "exec"; it's shorter, clearer in intent and we might want to add the
+ ability to match against the command being executed at the remote end in
+ the future.
+ - djm at cvs.openbsd.org 2013/10/20 09:51:26
+ [scp.1 sftp.1]
+ add canonicalisation options to -o lists
+ - jmc at cvs.openbsd.org 2013/10/20 18:00:13
+ [ssh_config.5]
+ tweak the "exec" description, as worded by djm;
+ - djm at cvs.openbsd.org 2013/10/23 03:03:07
+ [readconf.c]
+ Hostname may have %h sequences that should be expanded prior to Match
+ evaluation; spotted by Iain Morgan
+ - djm at cvs.openbsd.org 2013/10/23 03:05:19
+ [readconf.c ssh.c]
+ comment
+ - djm at cvs.openbsd.org 2013/10/23 04:16:22
+ [ssh-keygen.c]
+ Make code match documentation: relative-specified certificate expiry time
+ should be relative to current time and not the validity start time.
+ Reported by Petr Lautrbach; ok deraadt@
+
+20131018
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/10/09 23:44:14
+ [regress/Makefile regress/sftp-perm.sh]
+ regression test for sftp request white/blacklisting and readonly mode.
+ - jmc at cvs.openbsd.org 2013/10/17 07:35:48
+ [sftp.1 sftp.c]
+ tweak previous;
+ - djm at cvs.openbsd.org 2013/10/17 22:08:04
+ [sshd.c]
+ include remote port in bad banner message; bz#2162
+
+20131017
+ - (djm) OpenBSD CVS Sync
+ - jmc at cvs.openbsd.org 2013/10/15 14:10:25
+ [ssh.1 ssh_config.5]
+ tweak previous;
+ - djm at cvs.openbsd.org 2013/10/16 02:31:47
+ [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5]
+ [sshconnect.c sshconnect.h]
+ Implement client-side hostname canonicalisation to allow an explicit
+ search path of domain suffixes to use to convert unqualified host names
+ to fully-qualified ones for host key matching.
+ This is particularly useful for host certificates, which would otherwise
+ need to list unqualified names alongside fully-qualified ones (and this
+ causes a number of problems).
+ "looks fine" markus@
+ - jmc at cvs.openbsd.org 2013/10/16 06:42:25
+ [ssh_config.5]
+ tweak previous;
+ - djm at cvs.openbsd.org 2013/10/16 22:49:39
+ [readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
+ s/canonicalise/canonicalize/ for consistency with existing spelling,
+ e.g. authorized_keys; pointed out by naddy@
+ - djm at cvs.openbsd.org 2013/10/16 22:58:01
+ [ssh.c ssh_config.5]
+ one I missed in previous: s/isation/ization/
+ - djm at cvs.openbsd.org 2013/10/17 00:30:13
+ [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
+ fsync at openssh.com protocol extension for sftp-server
+ client support to allow calling fsync() faster successful transfer
+ patch mostly by imorgan AT nas.nasa.gov; bz#1798
+ "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
+ - djm at cvs.openbsd.org 2013/10/17 00:46:49
+ [ssh.c]
+ rearrange check to reduce diff against -portable
+ (Id sync only)
+
+20131015
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/10/09 23:42:17
+ [sftp-server.8 sftp-server.c]
+ Add ability to whitelist and/or blacklist sftp protocol requests by name.
+ Refactor dispatch loop and consolidate read-only mode checks.
+ Make global variables static, since sftp-server is linked into sshd(8).
+ ok dtucker@
+ - djm at cvs.openbsd.org 2013/10/10 00:53:25
+ [sftp-server.c]
+ add -Q, -P and -p to usage() before jmc@ catches me
+ - djm at cvs.openbsd.org 2013/10/10 01:43:03
+ [sshd.c]
+ bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly
+ updated; ok dtucker@
+ - djm at cvs.openbsd.org 2013/10/11 02:45:36
+ [sftp-client.c]
+ rename flag arguments to be more clear and consistent.
+ reorder some internal function arguments to make adding additional flags
+ easier.
+ no functional change
+ - djm at cvs.openbsd.org 2013/10/11 02:52:23
+ [sftp-client.c]
+ missed one arg reorder
+ - djm at cvs.openbsd.org 2013/10/11 02:53:45
+ [sftp-client.h]
+ obsolete comment
+ - jmc at cvs.openbsd.org 2013/10/14 14:18:56
+ [sftp-server.8 sftp-server.c]
+ tweak previous;
+ ok djm
+ - djm at cvs.openbsd.org 2013/10/14 21:20:52
+ [session.c session.h]
+ Add logging of session starts in a useful format; ok markus@ feedback and
+ ok dtucker@
+ - djm at cvs.openbsd.org 2013/10/14 22:22:05
+ [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5]
+ add a "Match" keyword to ssh_config that allows matching on hostname,
+ user and result of arbitrary commands. "nice work" markus@
+ - djm at cvs.openbsd.org 2013/10/14 23:28:23
+ [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c]
+ refactor client config code a little:
+ add multistate option partsing to readconf.c, similar to servconf.c's
+ existing code.
+ move checking of options that accept "none" as an argument to readconf.c
+ add a lowercase() function and use it instead of explicit tolower() in
+ loops
+ part of a larger diff that was ok markus@
+ - djm at cvs.openbsd.org 2013/10/14 23:31:01
+ [ssh.c]
+ whitespace at EOL; pointed out by markus@
+ - [ssh.c] g/c unused variable.
+
+20131010
+ - (dtucker) OpenBSD CVS Sync
+ - sthen at cvs.openbsd.org 2013/09/16 11:35:43
+ [ssh_config]
+ Remove gssapi config parts from ssh_config, as was already done for
+ sshd_config. Req by/ok ajacoutot@
+ ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
+ - djm at cvs.openbsd.org 2013/09/19 00:24:52
+ [progressmeter.c]
+ store the initial file offset so the progress meter doesn't freak out
+ when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@`
+ - djm at cvs.openbsd.org 2013/09/19 00:49:12
+ [sftp-client.c]
+ fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
+ - djm at cvs.openbsd.org 2013/09/19 01:24:46
+ [channels.c]
+ bz#1297 - tell the client (via packet_send_debug) when their preferred
+ listen address has been overridden by the server's GatewayPorts;
+ ok dtucker@
+ - djm at cvs.openbsd.org 2013/09/19 01:26:29
+ [sshconnect.c]
+ bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from
+ swp AT swp.pp.ru; ok dtucker@
+ - dtucker at cvs.openbsd.org 2013/10/08 11:42:13
+ [dh.c dh.h]
+ Increase the size of the Diffie-Hellman groups requested for a each
+ symmetric key size. New values from NIST Special Publication 800-57 with
+ the upper limit specified by RFC4419. Pointed out by Peter Backes, ok
+ djm at .
+
+20131009
+ - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull
+ in OpenBSD implementation of arc4random, shortly to replace the existing
+ bsd-arc4random.c
+ - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c]
+ [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random
+ implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@,
+ tested tim@
+
+20130922
+ - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj
+ setting when handling SIGHUP to maintain behaviour over retart. Patch
+ from Matthew Ife.
+
+20130918
+ - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu.
+
+20130914
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/08/22 19:02:21
+ [sshd.c]
+ Stir PRNG after post-accept fork. The child gets a different PRNG state
+ anyway via rexec and explicit privsep reseeds, but it's good to be sure.
+ ok markus@
+ - mikeb at cvs.openbsd.org 2013/08/28 12:34:27
+ [ssh-keygen.c]
+ improve batch processing a bit by making use of the quite flag a bit
+ more often and exit with a non zero code if asked to find a hostname
+ in a known_hosts file and it wasn't there;
+ originally from reyk@, ok djm
+ - djm at cvs.openbsd.org 2013/08/31 00:13:54
+ [sftp.c]
+ make ^w match ksh behaviour (delete previous word instead of entire line)
+ - deraadt at cvs.openbsd.org 2013/09/02 22:00:34
+ [ssh-keygen.c sshconnect1.c sshd.c]
+ All the instances of arc4random_stir() are bogus, since arc4random()
+ does this itself, inside itself, and has for a very long time.. Actually,
+ this was probably reducing the entropy available.
+ ok djm
+ ID SYNC ONLY for portable; we don't trust other arc4random implementations
+ to do this right.
+ - sthen at cvs.openbsd.org 2013/09/07 13:53:11
+ [sshd_config]
+ Remove commented-out kerberos/gssapi config options from sample config,
+ kerberos support is currently not enabled in ssh in OpenBSD. Discussed with
+ various people; ok deraadt@
+ ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
+ - djm at cvs.openbsd.org 2013/09/12 01:41:12
+ [clientloop.c]
+ fix connection crash when sending break (~B) on ControlPersist'd session;
+ ok dtucker@
+ - djm at cvs.openbsd.org 2013/09/13 06:54:34
+ [channels.c]
+ avoid unaligned access in code that reused a buffer to send a
+ struct in_addr in a reply; simpler just use use buffer_put_int();
+ from portable; spotted by and ok dtucker@
+
+20130828
+ - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the
+ 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we
+ start to use them in the future.
+ - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits
+ until we have configure support.
+
+20130821
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2013/08/06 23:03:49
+ [sftp.c]
+ fix some whitespace at EOL
+ make list of commands an enum rather than a long list of defines
+ add -a to usage()
+ - djm at cvs.openbsd.org 2013/08/06 23:05:01
+ [sftp.1]
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-stable
mailing list