git: 20bcfc33d3f2 - releng/13.2 - ssh: Update to OpenSSH 9.3p2
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 01 Aug 2023 20:04:18 UTC
The branch releng/13.2 has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=20bcfc33d3f2549e121f34b3839e33e176a313fc
commit 20bcfc33d3f2549e121f34b3839e33e176a313fc
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2023-08-01 14:38:11 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2023-08-01 19:50:47 +0000
ssh: Update to OpenSSH 9.3p2
Approved by: so
Security: FreeBSD-SA-23:08.ssh
Security: CVE-2023-38408
---
crypto/openssh/ChangeLog | 1867 +---------------------------
crypto/openssh/README | 2 +-
crypto/openssh/contrib/redhat/openssh.spec | 2 +-
crypto/openssh/contrib/suse/openssh.spec | 2 +-
crypto/openssh/ssh-agent.1 | 22 +-
crypto/openssh/ssh-agent.c | 21 +-
crypto/openssh/ssh-pkcs11.c | 6 +-
crypto/openssh/sshd_config | 2 +-
crypto/openssh/sshd_config.5 | 2 +-
crypto/openssh/version.h | 4 +-
10 files changed, 82 insertions(+), 1848 deletions(-)
diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog
index f1d1b37d583c..40ca976a61b3 100644
--- a/crypto/openssh/ChangeLog
+++ b/crypto/openssh/ChangeLog
@@ -1,3 +1,36 @@
+commit 9795c4016ae35162072144df032c8b262433b462
+Author: Damien Miller <djm@mindrot.org>
+Date: Wed Jul 19 16:27:12 2023 +1000
+
+ OpenSSH 9.3p2
+
+commit bde3635f3c9324bad132cf9ed917813d6abb599e
+Author: Damien Miller <djm@mindrot.org>
+Date: Wed Jul 19 16:31:09 2023 +1000
+
+ update version in README
+
+commit f673f2f3e5f67099018fc281a6b5fb918142472e
+Author: Damien Miller <djm@mindrot.org>
+Date: Wed Jul 19 16:31:00 2023 +1000
+
+ update RPM spec versions
+
+commit d7790cdce72a1b6982795baa2b4d6f0bdbb0100d
+Author: Damien Miller <djm@mindrot.org>
+Date: Fri Jul 7 13:30:15 2023 +1000
+
+ disallow remote addition of FIDO/PKCS11 keys
+
+ Depends on the local client performing the session-bind@openssh.com
+ operation, so non-OpenSSH local client may circumvent this.
+
+commit b23fe83f06ee7e721033769cfa03ae840476d280
+Author: Damien Miller <djm@mindrot.org>
+Date: Thu Jul 13 12:09:34 2023 +1000
+
+ terminate pkcs11 process for bad libraries
+
commit cb30fbdbee869f1ce11f06aa97e1cb8717a0b645
Author: Damien Miller <djm@mindrot.org>
Date: Thu Mar 16 08:28:19 2023 +1100
@@ -9402,1837 +9435,3 @@ Date: Mon Jul 19 05:08:54 2021 +0000
reliability on very heavily loaded hosts.
OpenBSD-Regress-ID: 4c28a0fce3ea89ebde441d7091464176e9730533
-
-commit 7953e1bfce9e76bec41c1331a29bc6cff9d416b8
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Mon Jul 19 13:47:51 2021 +1000
-
- Add sshfp-connect.sh file missed in previous.
-
-commit b75a80fa8369864916d4c93a50576155cad4df03
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 19 03:13:28 2021 +0000
-
- upstream: Ensure that all returned SSHFP records for the specified host
-
- name and hostkey type match instead of only one. While there, simplify the
- code somewhat and add some debugging. Based on discussion in bz#3322, ok
- djm@.
-
- OpenBSD-Commit-ID: 0a6a0a476eb7f9dfe8fe2c05a1a395e3e9b22ee4
-
-commit 1cc1fd095393663cd72ddac927d82c6384c622ba
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 19 02:21:50 2021 +0000
-
- upstream: Id sync only, -portable already has this.
-
- Put dh_set_moduli_file call inside ifdef WITH_OPENSSL. Fixes
- build with OPENSSL=no.
-
- OpenBSD-Commit-ID: af54abbebfb12bcde6219a44d544e18204defb15
-
-commit 33abbe2f4153f5ca5c874582f6a7cc91ae167485
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 19 02:46:34 2021 +0000
-
- upstream: Add test for host key verification via SSHFP records. This
-
- requires some external setup to operate so is disabled by default (see
- comments in sshfp-connect.sh).
-
- OpenBSD-Regress-ID: c52c461bd1df3a803d17498917d156ef64512fd9
-
-commit f0cd000d8e3afeb0416dce1c711c3d7c28d89bdd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 19 02:29:28 2021 +0000
-
- upstream: Add ed25519 key and test SSHFP export of it. Only test
-
- RSA SSHFP export if we have RSA functionality compiled in.
-
- OpenBSD-Regress-ID: b4ff5181b8c9a5862e7f0ecdd96108622333a9af
-
-commit 0075511e27e5394faa28edca02bfbf13b9a6693e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 19 00:16:26 2021 +0000
-
- upstream: Group keygen tests together.
-
- OpenBSD-Regress-ID: 07e2d25c527bb44f03b7c329d893a1f2d6c5c40c
-
-commit 034828820c7e62652e7c48f9ee6b67fb7ba6fa26
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Sun Jul 18 23:10:10 2021 +0000
-
- upstream: Add test for ssh-keygen printing of SSHFP records.
-
- OpenBSD-Regress-ID: fde9566b56eeb980e149bbe157a884838507c46b
-
-commit 52c3b6985ef1d5dadb4c4fe212f8b3a78ca96812
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Sat Jul 17 00:38:11 2021 +0000
-
- upstream: wrap some long lines
-
- OpenBSD-Commit-ID: 4f5186b1466656762dae37d3e569438d900c350d
-
-commit 43ec991a782791d0b3f42898cd789f99a07bfaa4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Sat Jul 17 00:36:53 2021 +0000
-
- upstream: fix sftp on ControlPersist connections, broken by recent
-
- SessionType change; spotted by sthen@
-
- OpenBSD-Commit-ID: 4c5ddc5698790ae6ff50d2a4f8f832f0eeeaa234
-
-commit 073f45c236550f158c9a94003e4611c07dea5279
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Fri Jul 16 09:00:23 2021 +0000
-
- upstream: Explicitly check for and start time-based rekeying in the
-
- client and server mainloops.
-
- Previously the rekey timeout could expire but rekeying would not start
- until a packet was sent or received. This could cause us to spin in
- select() on the rekey timeout if the connection was quiet.
-
- ok markus@
-
- OpenBSD-Commit-ID: 4356cf50d7900f3df0a8f2117d9e07c91b9ff987
-
-commit ef7c4e52d5d840607f9ca3a302a4cbb81053eccf
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date: Wed Jul 14 06:46:38 2021 +0000
-
- upstream: reorder SessionType; ok djm
-
- OpenBSD-Commit-ID: c7dd0b39e942b1caf4976a0b1cf0fed33d05418c
-
-commit 8aa2f9aeb56506dca996d68ab90ab9c0bebd7ec3
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Wed Jul 14 11:26:50 2021 +1000
-
- Make whitespace consistent.
-
-commit 4f4297ee9b8a39f4dfd243a74c5f51f9e7a05723
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Wed Jul 14 11:26:12 2021 +1000
-
- Add ARM64 Linux self-hosted runner.
-
-commit eda8909d1b0a85b9c3804a04d03ec6738fd9dc7f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jul 13 23:48:36 2021 +0000
-
- upstream: add a SessionType directive to ssh_config, allowing the
-
- configuration file to offer equivalent control to the -N (no session) and -s
- (subsystem) command-line flags.
-
- Part of GHPR#231 by Volker Diels-Grabsch with some minor tweaks;
- feedback and ok dtucker@
-
- OpenBSD-Commit-ID: 726ee931dd4c5cc7f1d7a187b26f41257f9a2d12
-
-commit 7ae69f2628e338ba6e0eae7ee8a63bcf8fea7538
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Mon Jul 12 02:12:22 2021 +0000
-
- upstream: fix some broken tests; clean up output
-
- OpenBSD-Regress-ID: 1d5038edb511dc4ce1622344c1e724626a253566
-
-commit f5fc6a4c3404bbf65c21ca6361853b33d78aa87e
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Mon Jul 12 18:00:05 2021 +1000
-
- Add configure-time detection for SSH_TIME_T_MAX.
-
- Should fix printing cert times exceeding INT_MAX (bz#3329) on platforms
- were time_t is a long long. The limit used is for the signed type, so if
- some system has a 32bit unsigned time_t then the lower limit will still
- be imposed and we would need to add some way to detect this. Anyone using
- an unsigned 64bit can let us know when it starts being a problem.
-
-commit fd2d06ae4442820429d634c0a8bae11c8e40c174
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 12 06:22:57 2021 +0000
-
- upstream: Make limit for time_t test unconditional in the
-
- format_absolute_time fix for bz#3329 that allows printing of timestamps past
- INT_MAX. This was incorrectly included with the previous commit. Based on
- discussion with djm@.
-
- OpenBSD-Commit-ID: 835936f6837c86504b07cabb596b613600cf0f6e
-
-commit 6c29b387cd64a57b0ec8ae7d2c8d02789d88fcc3
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 12 06:08:57 2021 +0000
-
- upstream: Use existing format_absolute_time() function when
-
- printing cert validity instead of doing it inline. Part of bz#3329.
-
- OpenBSD-Commit-ID: a13d4e3c4f59644c23745eb02a09b2a4e717c00c
-
-commit 99981d5f8bfa383791afea03f6bce8454e96e323
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Fri Jul 9 09:55:56 2021 +0000
-
- upstream: silence redundant error message; reported by Fabian Stelzer
-
- OpenBSD-Commit-ID: 9349a703016579a60557dafd03af2fe1d44e6aa2
-
-commit e86097813419b49d5bff5c4b51d1c3a5d4d2d804
-Author: John Ericson <John.Ericson@Obsidian.Systems>
-Date: Sat Dec 26 11:40:49 2020 -0500
-
- Re-indent krb5 section after pkg-config addition.
-
-commit 32dd2daa56c294e40ff7efea482c9eac536d8cbb
-Author: John Ericson <John.Ericson@Obsidian.Systems>
-Date: Sat Dec 26 11:40:49 2020 -0500
-
- Support finding Kerberos via pkg-config
-
- This makes cross compilation easier.
-
-commit def7a72234d7e4f684d72d33a0f7229f9eee0aa4
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jul 9 14:34:06 2021 +1000
-
- Update comments about EGD to include prngd.
-
-commit b5d23150b4e3368f4983fd169d432c07afeee45a
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 5 01:21:07 2021 +0000
-
- upstream: Fix a couple of whitespace things. Portable already has
-
- these so this removes two diffs between the two.
-
- OpenBSD-Commit-ID: 769f017ebafd8e741e337b3e9e89eb5ac73c9c56
-
-commit 8f57be9f279b8e905f9883066aa633c7e67b31cf
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 5 01:16:46 2021 +0000
-
- upstream: Order includes as per style(9). Portable already has
-
- these so this removes a handful of diffs between the two.
-
- OpenBSD-Commit-ID: 8bd7452d809b199c19bfc49511a798f414eb4a77
-
-commit b75624f8733b3ed9e240f86cac5d4a39dae11848
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon Jul 5 00:50:25 2021 +0000
-
- upstream: Remove comment referencing now-removed
-
- RhostsRSAAuthentication. ok djm@
-
- OpenBSD-Commit-ID: 3d864bfbd99a1d4429a58e301688f3be464827a9
-
-commit b67eb12f013c5441bb4f0893a97533582ad4eb13
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Mon Jul 5 00:25:42 2021 +0000
-
- upstream: allow spaces to appear in usernames for local to remote,
-
- and scp -3 remote to remote copies. with & ok dtucker bz#1164
-
- OpenBSD-Commit-ID: e9b550f3a85ffbb079b6720833da31317901d6dd
-
-commit 8c4ef0943e574f614fc7c6c7e427fd81ee64ab87
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Fri Jul 2 07:20:44 2021 +0000
-
- upstream: Remove obsolete comments about SSHv1 auth methods. ok
-
- djm@
-
- OpenBSD-Commit-ID: 6060f70966f362d8eb4bec3da2f6c4712fbfb98f
-
-commit 88908c9b61bcb99f16e8d398fc41e2b3b4be2003
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Sat Jul 3 23:00:19 2021 +1000
-
- Remove reference to ChallengeResponse.
-
- challenge_response_authentication was removed from the struct, keeping
- kbd_interactive_authentication.
-
-commit 321874416d610ad2158ce6112f094a4862c2e37f
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Sat Jul 3 20:38:09 2021 +1000
-
- Move signal.h up include order to match upstream.
-
-commit 4fa83e2d0e32c2dd758653e0359984bbf1334f32
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Sat Jul 3 20:36:06 2021 +1000
-
- Remove old OpenBSD version marker.
-
- Looks like an accidental leftover from a sync.
-
-commit 9d5e31f55d5f3899b72645bac41a932d298ad73b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Sat Jul 3 20:34:19 2021 +1000
-
- Remove duplicate error on error path.
-
- There's an extra error() call on the listen error path, it looks like
- its removal was missed during an upstream sync.
-
-commit 888c459925c7478ce22ff206c9ac1fb812a40caf
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Sat Jul 3 20:32:46 2021 +1000
-
- Remove some whitespace not in upstream.
-
- Reduces diff vs OpenBSD by a small amount.
-
-commit 4d2d4d47a18d93f3e0a91a241a6fdb545bbf7dc2
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Sat Jul 3 19:27:43 2021 +1000
-
- Replace remaining references to ChallengeResponse.
-
- Portable had a few additional references to ChallengeResponse related to
- UsePAM, replaces these with equivalent keyboard-interactive ones.
-
-commit 53237ac789183946dac6dcb8838bc3b6b9b43be1
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Sat Jul 3 19:23:28 2021 +1000
-
- Sync remaining ChallengeResponse removal.
-
- These were omitted from commit 88868fd131.
-
-commit 2c9e4b319f7e98744b188b0f58859d431def343b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Sat Jul 3 19:17:31 2021 +1000
-
- Disable rocky84 to figure out why agent test fails
-
-commit bfe19197a92b7916f64a121fbd3c179abf15e218
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jul 2 15:43:28 2021 +1000
-
- Remove now-unused SSHv1 enums.
-
- sRhostsRSAAuthentication and sRSAAuthentication are protocol 1 options
- and are no longer used.
-
-commit c73b02d92d72458a5312bd098f32ce88868fd131
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Fri Jul 2 05:11:20 2021 +0000
-
- upstream: Remove references to ChallengeResponseAuthentication in
-
- favour of KbdInteractiveAuthentication. The former is what was in SSHv1, the
- latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but
- not entirely equivalent. We retain the old name as deprecated alias so
- config files continue to work and a reference in the man page for people
- looking for it.
-
- Prompted by bz#3303 which pointed out the discrepancy between the two
- when used with Match. Man page help & ok jmc@, with & ok djm@
-
- OpenBSD-Commit-ID: 2c1bff8e5c9852cfcdab1f3ea94dfef5a22f3b7e
-
-commit f841fc9c8c7568a3b5d84a4cc0cefacb7dbc16b9
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jul 2 15:20:32 2021 +1000
-
- Fix ifdefs around get_random_bytes_prngd.
-
- get_random_bytes_prngd() is used if either of PRNGD_PORT or PRNGD_SOCKET
- are defined, so adjust ifdef accordingly.
-
-commit 0767627cf66574484b9c0834500b42ea04fe528a
-Author: Damien Miller <djm@mindrot.org>
-Date: Fri Jul 2 14:30:23 2021 +1000
-
- wrap get_random_bytes_prngd() in ifdef
-
- avoid unused static function warning
-
-commit f93fdc4de158386efe1116bd44c5b3f4a7a82c25
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Mon Jun 28 13:06:37 2021 +1000
-
- Add rocky84 test target.
-
-commit d443006c0ddfa7f6a5bd9c0ae92036f3d5f2fa3b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Fri Jun 25 06:30:22 2021 +0000
-
- upstream: fix decoding of X.509 subject name; from Leif Thuresson
-
- via bz3327 ok markus@
-
- OpenBSD-Commit-ID: 0ea2e28f39750dd388b7e317bc43dd997a217ae8
-
-commit 2a5704ec142202d387fda2d6872fd4715ab81347
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Fri Jun 25 06:20:39 2021 +0000
-
- upstream: Use better language to refer to the user. From l1ving
-
- via github PR#250, ok jmc@
-
- OpenBSD-Commit-ID: 07ca3526626996613e128aeddf7748c93c4d6bbf
-
-commit 4bdf7a04797a0ea1c431a9d54588417c29177d19
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Fri Jun 25 03:38:17 2021 +0000
-
- upstream: Replace SIGCHLD/notify_pipe kludge with pselect.
-
- Previously sshd's SIGCHLD handler would wake up select() by writing a
- byte to notify_pipe. We can remove this by blocking SIGCHLD, checking
- for child terminations then passing the original signal mask through
- to pselect. This ensures that the pselect will immediately wake up if
- a child terminates between wait()ing on them and the pselect.
-
- In -portable, for platforms that do not have pselect the kludge is still
- there but is hidden behind a pselect interface.
-
- Based on other changes for bz#2158, ok djm@
-
- OpenBSD-Commit-ID: 202c85de0b3bdf1744fe53529a05404c5480d813
-
-commit c9f7bba2e6f70b7ac1f5ea190d890cb5162ce127
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jun 25 15:08:18 2021 +1000
-
- Move closefrom() to before first malloc.
-
- When built against tcmalloc, tcmalloc allocates a descriptor for its
- internal use, so calling closefrom() afterward causes the descriptor
- number to be reused resulting in a corrupted connection. Moving the
- closefrom a little earlier should resolve this. From kircherlike at
- outlook.com via bz#3321, ok djm@
-
-commit 7ebfe4e439853b88997c9cfc2ff703408a1cca92
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jun 18 20:41:45 2021 +1000
-
- Put second -lssh in link line for sftp-server.
-
- When building --without-openssl the recent port-prngd.c change adds
- a dependency on atomicio, but since nothing else in sftp-server uses
- it, the linker may not find it. Add a second -lssh similar to other
- binaries.
-
-commit e409d7966785cfd9f5970e66a820685c42169717
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jun 18 18:34:08 2021 +1000
-
- Try EGD/PRNGD if random device fails.
-
- When built --without-openssl, try EGD/PRGGD (if configured) as a last
- resort before failing.
-
-commit e43a898043faa3a965dbaa1193cc60e0b479033d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jun 18 18:32:51 2021 +1000
-
- Split EGD/PRNGD interface into its own file.
-
- This will allow us to use it when building --without-openssl.
-
-commit acb2887a769a1b1912cfd7067f3ce04fad240260
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Thu Jun 17 21:03:19 2021 +1000
-
- Handle GIDs > 2^31 in getgrouplist.
-
- When compiled in 32bit mode, the getgrouplist implementation may fail
- for GIDs greater than LONG_MAX. Analysis and change from ralf.winkel
- at tui.com.
-
-commit 31fac20c941126281b527605b73bff30a8f02edd
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Thu Jun 10 09:46:28 2021 +0000
-
- upstream: Use $SUDO when reading sshd's pidfile here too.
-
- OpenBSD-Regress-ID: 6bfb0d455d493f24839034a629c5306f84dbd409
-
-commit a3a58acffc8cc527f8fc6729486d34e4c3d27643
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Thu Jun 10 09:43:51 2021 +0000
-
- upstream: Use $SUDO when reading sshd's pidfile in case it was
-
- created with a very restrictive umask. This resyncs with -portable.
-
- OpenBSD-Regress-ID: 07fd2af06df759d4f64b82c59094accca1076a5d
-
-commit 249ad4ae51cd3bc235e75a4846eccdf8b1416611
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Thu Jun 10 09:37:59 2021 +0000
-
- upstream: Set umask when creating hostkeys to prevent excessive
-
- permissions warning.
-
- OpenBSD-Regress-ID: 382841db0ee28dfef7f7bffbd511803e1b8ab0ef
-
-commit 9d0892153c005cc65897e9372b01fa66fcbe2842
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Thu Jun 10 03:45:31 2021 +0000
-
- upstream: Add regress test for SIGHUP restart
-
- while handling active and unauthenticated clients. Should catch anything
- similar to the pselect bug just fixed in sshd.c.
-
- OpenBSD-Regress-ID: 3b3c19b5e75e43af1ebcb9586875b3ae3a4cac73
-
-commit 73f6f191f44440ca3049b9d3c8e5401d10b55097
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Thu Jun 10 03:14:14 2021 +0000
-
- upstream: Continue accept loop when pselect
-
- returns -1, eg if it was interrupted by a signal. This should prevent
- the hang discovered by sthen@ wherein sshd receives a SIGHUP while it has
- an unauthenticated child and goes on to a blocking read on a notify_pipe.
- feedback deraadt@, ok djm@
-
- OpenBSD-Commit-ID: 0243c1c5544fca0974dae92cd4079543a3fceaa0
-
-commit c785c0ae134a8e8b5c82b2193f64c632a98159e4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jun 8 22:30:27 2021 +0000
-
- upstream: test that UserKnownHostsFile correctly accepts multiple
-
- arguments; would have caught readconf.c r1.356 regression
-
- OpenBSD-Regress-ID: 71ca54e66c2a0211b04999263e56390b1f323a6a
-
-commit 1a6f6b08e62c78906a3032e8d9a83e721c84574e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jun 8 22:06:12 2021 +0000
-
- upstream: fix regression in r1.356: for ssh_config options that
-
- accepted multiple string arguments, ssh was only recording the first.
- Reported by Lucas via bugs@
-
- OpenBSD-Commit-ID: 7cbf182f7449bf1cb7c5b4452667dc2b41170d6d
-
-commit 78e30af3e2b2dd540a341cc827c6b98dd8b0a6de
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jun 8 07:40:12 2021 +0000
-
- upstream: test argv_split() optional termination on comments
-
- OpenBSD-Regress-ID: 9fd1c4a27a409897437c010cfd79c54b639a059c
-
-commit a023138957ea2becf1c7f93fcc42b0aaac6f2b03
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Tue Jun 8 07:05:27 2021 +0000
-
- upstream: Add testcases from bz#3319 for IPQoS and TunnelDevice
-
- being overridden on the command line.
-
- OpenBSD-Regress-ID: 801674d5d2d02abd58274a78cab2711f11de14a8
-
-commit 660cea10b2cdc11f13ba99c89b1bbb368a4d9ff2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jun 8 06:52:43 2021 +0000
-
- upstream: sprinkle some "# comment" at end of configuration lines
-
- to test comment handling
-
- OpenBSD-Regress-ID: cb82fbf40bda5c257a9f742c63b1798e5a8fdda7
-
-commit acc9c32dcb6def6c7d3688bceb4c0e59bd26b411
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jun 8 06:51:47 2021 +0000
-
- upstream: more descriptive failure message
-
- OpenBSD-Regress-ID: 5300f6faf1d9e99c0cd10827b51756c5510e3509
-
-commit ce04dd4eae23d1c9cf7c424a702f48ee78573bc1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Mon Jun 7 01:16:34 2021 +0000
-
- upstream: test AuthenticationMethods inside a Match block as well
-
- as in the main config section
-
- OpenBSD-Regress-ID: ebe0a686621b7cb8bb003ac520975279c28747f7
-
-commit 9018bd821fca17e26e92f7a7e51d9b24cd62f2db
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Mon Jun 7 00:00:50 2021 +0000
-
- upstream: prepare for stricter sshd_config parsing that will refuse
-
- a config that has {Allow,Deny}{Users,Groups} on a line with no subsequent
- arguments. Such lines are permitted but are nonsensical noops ATM
-
- OpenBSD-Regress-ID: ef65463fcbc0bd044e27f3fe400ea56eb4b8f650
-
-commit a10f929d1ce80640129fc5b6bc1acd9bf689169e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jun 8 07:09:42 2021 +0000
-
- upstream: switch sshd_config parsing to argv_split()
-
- similar to the previous commit, this switches sshd_config parsing to
- the newer tokeniser. Config parsing will be a little stricter wrt
- quote correctness and directives appearing without arguments.
-
- feedback and ok markus@
-
- tested in snaps for the last five or so days - thanks Theo and those who
- caught bugs
-
- OpenBSD-Commit-ID: 9c4305631d20c2d194661504ce11e1f68b20d93e
-
-commit ea9e45c89a4822d74a9d97fef8480707d584da4d
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jun 8 07:07:15 2021 +0000
-
- upstream: Switch ssh_config parsing to use argv_split()
-
- This fixes a couple of problems with the previous tokeniser,
- strdelim()
-
- 1. strdelim() is permissive wrt accepting '=' characters. This is
- intended to allow it to tokenise "Option=value" but because it
- cannot keep state, it will incorrectly split "Opt=val=val2".
- 2. strdelim() has rudimentry handling of quoted strings, but it
- is incomplete and inconsistent. E.g. it doesn't handle escaped
- quotes inside a quoted string.
- 3. It has no support for stopping on a (unquoted) comment. Because
- of this readconf.c r1.343 added chopping of lines at '#', but
- this caused a regression because these characters may legitimately
- appear inside quoted strings.
-
- The new tokeniser is stricter is a number of cases, including #1 above
- but previously it was also possible for some directives to appear
- without arguments. AFAIK these were nonsensical in all cases, and the
- new tokeniser refuses to accept them.
-
- The new code handles quotes much better, permitting quoted space as
- well as escaped closing quotes. Finally, comment handling should be
- fixed - the tokeniser will terminate only on unquoted # characters.
-
- feedback & ok markus@
-
- tested in snaps for the last five or so days - thanks Theo and those who
- caught bugs
-
- OpenBSD-Commit-ID: dc72fd12af9d5398f4d9e159d671f9269c5b14d5
-
-commit d786424986c04d1d375f231fda177c8408e05c3e
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Tue Jun 8 07:02:46 2021 +0000
-
- upstream: Check if IPQoS or TunnelDevice are already set before
-
- overriding. Prevents values in config files from overriding values supplied
- on the command line. bz#3319, ok markus.
-
- OpenBSD-Commit-ID: f3b08b898c324debb9195e6865d8999406938f74
-
-commit aae4b4d3585b9f944d7dbd3c9e5ba0006c55e457
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Tue Jun 8 06:54:40 2021 +0000
-
- upstream: Allow argv_split() to optionally terminate tokenisation
-
- when it encounters an unquoted comment.
-
- Add some additional utility function for working with argument
- vectors, since we'll be switching to using them to parse
- ssh/sshd_config shortly.
-
- ok markus@ as part of a larger diff; tested in snaps
-
- OpenBSD-Commit-ID: fd9c108cef2f713f24e3bc5848861d221bb3a1ac
-
-commit da9f9acaac5bab95dca642b48e0c8182b246ab69
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Mon Jun 7 19:19:23 2021 +1000
-
- Save logs on failure for upstream test
-
-commit 76883c60161e5f3808787085a27a8c37f8cc4e08
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Mon Jun 7 14:36:32 2021 +1000
-
- Add obsdsnap-i386 upstream test target.
-
-commit d45b9c63f947ec5ec314696e70281f6afddc0ac3
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Mon Jun 7 03:38:38 2021 +0000
-
- upstream: fix debug message when finding a private key to match a
-
- certificate being attempted for user authentication. Previously it would
- print the certificate's path, whereas it was supposed to be showing the
- private key's path. Patch from Alex Sherwin via GHPR247
-
- OpenBSD-Commit-ID: d5af3be66d0f22c371dc1fe6195e774a18b2327b
-
-commit 530739d42f6102668aecd699be0ce59815c1eceb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Sun Jun 6 11:34:16 2021 +0000
-
- upstream: Match host certificates against host public keys, not private
-
- keys. Allows use of certificates with private keys held in a ssh-agent.
- Reported by Miles Zhou in bz3524; ok dtucker@
-
- OpenBSD-Commit-ID: 25f5bf70003126d19162862d9eb380bf34bac22a
-
-commit 4265215d7300901fd7097061c7517688ade82f8e
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Sun Jun 6 03:40:39 2021 +0000
-
- upstream: Client-side workaround for a bug in OpenSSH 7.4: this release
-
- allows RSA/SHA2 signatures for public key authentication but fails to
- advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
- server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse
- to offer valid keys.
-
- Reported by and based on patch from Gordon Messmer via bz3213, thanks
- also for additional analysis by Jakub Jelen. ok dtucker
-
- OpenBSD-Commit-ID: d6d0b7351d5d44c45f3daaa26efac65847a564f7
-
-commit bda270d7fb8522d43c21a79a4b02a052d7c64de8
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Sun Jun 6 03:17:02 2021 +0000
-
- upstream: degrade gracefully if a sftp-server offers the
-
- limits@openssh.com extension but fails when the client tries to invoke it.
- Reported by Hector Martin via bz3318
-
- OpenBSD-Commit-ID: bd9d1839c41811616ede4da467e25746fcd9b967
-
-commit d345d5811afdc2d6923019b653cdd93c4cc95f76
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Sun Jun 6 03:15:39 2021 +0000
-
- upstream: the limits@openssh.com extension was incorrectly marked
-
- as an operation that writes to the filesystem, which made it unavailable in
- sftp-server read-only mode. Spotted by Hector Martin via bz3318
-
- OpenBSD-Commit-ID: f054465230787e37516c4b57098fc7975e00f067
-
-commit 2b71010d9b43d7b8c9ec1bf010beb00d98fa765a
-Author: naddy@openbsd.org <naddy@openbsd.org>
-Date: Sat Jun 5 13:47:00 2021 +0000
-
- upstream: PROTOCOL.certkeys: update reference from IETF draft to
-
- RFC
-
- Also fix some typos.
- ok djm@
-
- OpenBSD-Commit-ID: 5e855b6c5a22b5b13f8ffa3897a868e40d349b44
-
-commit aa99b2d9a3e45b943196914e8d8bf086646fdb54
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jun 4 23:41:29 2021 +1000
-
- Clear notify_pipe from readset if present.
-
- Prevents leaking an implementation detail to the caller.
-
-commit 6de8dadf6b4d0627d35bca0667ca44b1d61c2c6b
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jun 4 23:24:25 2021 +1000
-
- space->tabs.
-
-commit c8677065070ee34c05c7582a9c2f58d8642e552d
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Fri Jun 4 18:39:48 2021 +1000
-
- Add pselect implementation for platforms without.
-
- This is basically the existing notify_pipe kludge from serverloop.c
- moved behind a pselect interface. It works by installing a signal
- handler that writes to a pipe that the select is watching, then calls
- the original handler.
-
- The select call in serverloop will become pselect soon, at which point the
- kludge will be removed from thereand will only exist in the compat layer.
- Original code by markus, help from djm.
-
-commit 7cd7f302d3a072748299f362f9e241d81fcecd26
-Author: Vincent Brillault <vincent.brillault@cern.ch>
-Date: Sun May 24 09:15:06 2020 +0200
-
- auth_log: dont log partial successes as failures
-
- By design, 'partial' logins are successful logins, so initially with
- authenticated set to 1, for which another authentication is required. As
- a result, authenticated is always reset to 0 when partial is set to 1.
- However, even if authenticated is 0, those are not failed login
- attempts, similarly to attempts with authctxt->postponed set to 1.
-
-commit e7606919180661edc7f698e6a1b4ef2cfb363ebf
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Fri Jun 4 06:19:07 2021 +0000
-
- upstream: The RB_GENERATE_STATIC(3) macro expands to a series of
-
- function definitions and not a statement, so there should be no semicolon
- following them. Patch from Michael Forney
-
- OpenBSD-Commit-ID: c975dd180580f0bdc0a4d5b7d41ab1f5e9b7bedd
-
-commit c298c4da574ab92df2f051561aeb3e106b0ec954
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Fri Jun 4 05:59:18 2021 +0000
-
- upstream: rework authorized_keys example section, removing irrelevant
-
- stuff, de-wrapping the example lines and better aligning the examples with
- common usage and FAQs; ok jmc
-
- OpenBSD-Commit-ID: d59f1c9281f828148e2a2e49eb9629266803b75c
-
-commit d9cb35bbec5f623589d7c58fc094817b33030f35
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Fri Jun 4 05:10:03 2021 +0000
-
- upstream: adjust SetEnv description to clarify $TERM handling
-
- OpenBSD-Commit-ID: 8b8cc0124856bc1094949d55615e5c44390bcb22
-
-commit 771f57a8626709f2ad207058efd68fbf30d31553
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Fri Jun 4 05:09:08 2021 +0000
-
- upstream: Switch the listening select loop from select() to
-
- pselect() and mask signals while checking signal flags, umasking for pselect
- and restoring afterwards. Also restore signals before sighup_restart so they
- don't remain blocked after restart.
-
- This prevents a race where a SIGTERM or SIGHUP can arrive between
- checking the flag and calling select (eg if sshd is processing a
- new connection) resulting in sshd not shutting down until the next
- time it receives a new connection. bz#2158, with & ok djm@
-
- OpenBSD-Commit-ID: bf85bf880fd78e00d7478657644fcda97b9a936f
-
-commit f64f8c00d158acc1359b8a096835849b23aa2e86
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Fri Jun 4 05:02:40 2021 +0000
-
- upstream: allow ssh_config SetEnv to override $TERM, which is otherwise
-
- handled specially by the protocol. Useful in ~/.ssh/config to set TERM to
- something generic (e.g. "xterm" instead of "xterm-256color") for destinations
- that lack terminfo entries. feedback and ok dtucker@
-
- OpenBSD-Commit-ID: 38b1ef4d5bc159c7d9d589d05e3017433e2d5758
-
-commit 60107677dc0ce1e93c61f23c433ad54687fcd9f5
-Author: djm@openbsd.org <djm@openbsd.org>
-Date: Fri Jun 4 04:02:21 2021 +0000
-
- upstream: correct extension name "no-presence-required" =>
-
- "no-touch-required"
-
- document "verify-required" option
-
- OpenBSD-Commit-ID: 1879ff4062cf61d79b515e433aff0bf49a6c55c5
-
-commit ecc186e46e3e30f27539b4311366dfda502f0a08
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Wed Jun 2 13:54:11 2021 +1000
-
- Retire fbsd7 test target.
-
- It's the slowest of the selfhosted targets (since it's 32bit but has
- most of the crypto algos). We still have coverage for 32bit i386.
-
-commit 5de0867b822ec48b5eec9abde0f5f95d1d646546
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Wed Jun 2 11:21:40 2021 +1000
-
- Check for $OPENSSL in md5 fallback too.
-
-commit 1db69d1b6542f8419c04cee7fd523a4a11004be2
-Author: Darren Tucker <dtucker@dtucker.net>
-Date: Wed Jun 2 11:17:54 2021 +1000
-
- Add dfly60 target.
-
-commit a3f2dd955f1c19cad387a139f0e719af346ca6ef
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Wed Jun 2 00:17:45 2021 +0000
-
- upstream: Merge back shell portability changes
-
- bringing it back in sync with -portable.
-
- OpenBSD-Regress-ID: c07905ba931e66ad7d849b87b7d19648007175d1
-
-commit 9d482295c9f073e84d75af46b720a1c0f7ec2867
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Tue Jun 1 23:56:20 2021 +0000
-
- upstream: Use a default value for $OPENSSL,
-
- allowing it to be overridden. Do the same in the PuTTY tests since it's
- needed there and not exported by test-exec.sh.
-
- OpenBSD-Regress-ID: c49dcd6aa7602a8606b7afa192196ca1fa65de16
-
-commit 07660b3c99f8ea74ddf4a440e55c16c9f7fb3dd1
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date: Mon May 24 10:25:18 2021 +0000
-
- upstream: Find openssl binary via environment variable. This
-
- allows overriding if necessary (eg in -portable where we're testing against a
- specific version of OpenSSL).
*** 1097 LINES SKIPPED ***