git: 644b4646c7ac - main - OpenSSH: Update to 10.1p1
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 12 May 2026 20:25:05 UTC
The branch main has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=644b4646c7acab87dc20d4e5dd53d2d9da152989
commit 644b4646c7acab87dc20d4e5dd53d2d9da152989
Merge: beab4a237a45 6409980cbba7
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2026-05-12 20:24:10 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2026-05-12 20:24:10 +0000
OpenSSH: Update to 10.1p1
Full release notes are available at
https://www.openssh.com/txt/release-10.1
Selected highlights from the release notes:
Potentially-incompatible changes
* ssh(1): add a warning when the connection negotiates a non-post
quantum key agreement algorithm.
* ssh(1), sshd(8): major changes to handling of DSCP marking/IPQoS
* ssh(1), sshd(8): deprecate support for IPv4 type-of-service (ToS)
keywords in the IPQoS configuration directive.
* ssh-add(1): when adding certificates to an agent, set the expiry
to the certificate expiry time plus a short (5 min) grace period.
* ssh-agent(1), sshd(8): move agent listener sockets from /tmp to
under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets
in sshd(8).
Security
* ssh(1): disallow control characters in usernames passed via the
commandline or expanded using %-sequences from the configuration
file, and disallow \0 characters in ssh:// URIs.
New features
* ssh(1), sshd(8): add SIGINFO handlers to log active channel and
session information.
Sponsored by: The FreeBSD Foundation
crypto/openssh/.depend | 25 +-
crypto/openssh/.github/ci-status.md | 22 +-
crypto/openssh/.github/configs | 13 +-
crypto/openssh/.github/install_libcrypto.sh | 75 +
crypto/openssh/.github/install_putty.sh | 37 +
crypto/openssh/.github/run_test.sh | 23 +-
crypto/openssh/.github/setup_ci.sh | 73 +-
crypto/openssh/.github/workflows/c-cpp.yml | 89 +-
crypto/openssh/.github/workflows/selfhosted.yml | 15 +-
crypto/openssh/.github/workflows/upstream.yml | 11 +-
crypto/openssh/.github/workflows/vm.yml | 371 +
crypto/openssh/.gitignore | 1 +
crypto/openssh/.skipped-commit-ids | 7 +
crypto/openssh/ChangeLog | 11611 +++++++++++--------
crypto/openssh/INSTALL | 2 +-
crypto/openssh/Makefile.in | 70 +-
crypto/openssh/PROTOCOL | 126 +-
crypto/openssh/PROTOCOL.agent | 13 +-
crypto/openssh/PROTOCOL.certkeys | 326 -
crypto/openssh/PROTOCOL.chacha20poly1305 | 107 -
crypto/openssh/README | 2 +-
crypto/openssh/TODO | 2 +-
crypto/openssh/atomicio.c | 6 -
crypto/openssh/audit-bsm.c | 2 +-
crypto/openssh/audit-linux.c | 4 +-
crypto/openssh/auth-krb5.c | 2 +-
crypto/openssh/auth-options.c | 7 +-
crypto/openssh/auth-pam.c | 127 +-
crypto/openssh/auth-passwd.c | 4 +-
crypto/openssh/auth-rhosts.c | 4 +-
crypto/openssh/auth-shadow.c | 4 +-
crypto/openssh/auth.c | 7 +-
crypto/openssh/auth2-chall.c | 10 +-
crypto/openssh/auth2-hostbased.c | 15 +-
crypto/openssh/auth2-pubkey.c | 16 +-
crypto/openssh/auth2-pubkeyfile.c | 23 +-
crypto/openssh/auth2.c | 2 +-
crypto/openssh/authfd.c | 27 +-
crypto/openssh/authfd.h | 8 +-
crypto/openssh/authfile.c | 8 +-
crypto/openssh/channels.c | 115 +-
crypto/openssh/channels.h | 13 +-
crypto/openssh/cipher.c | 17 +-
crypto/openssh/clientloop.c | 55 +-
crypto/openssh/config.h | 45 +-
crypto/openssh/configure.ac | 110 +-
crypto/openssh/contrib/Makefile | 7 +-
crypto/openssh/contrib/README | 8 +-
crypto/openssh/contrib/cygwin/ssh-user-config | 3 +-
crypto/openssh/contrib/gnome-ssh-askpass4.c | 249 +
crypto/openssh/contrib/redhat/openssh.spec | 17 +-
crypto/openssh/contrib/redhat/sshd.init | 2 +-
crypto/openssh/contrib/ssh-copy-id | 15 +-
crypto/openssh/contrib/suse/openssh.spec | 3 +-
crypto/openssh/crypto_api.h | 4 +-
crypto/openssh/defines.h | 14 +
crypto/openssh/digest-libc.c | 3 +-
crypto/openssh/dispatch.c | 6 +-
crypto/openssh/dns.c | 8 +-
crypto/openssh/dns.h | 5 +-
crypto/openssh/groupaccess.c | 21 +-
crypto/openssh/gss-genr.c | 2 +-
crypto/openssh/gss-serv.c | 2 +-
crypto/openssh/hmac.c | 2 +-
crypto/openssh/hostfile.c | 62 +-
crypto/openssh/kex-names.c | 64 +-
crypto/openssh/kex.c | 9 +-
crypto/openssh/kex.h | 7 +-
crypto/openssh/kexdh.c | 3 +-
crypto/openssh/kexecdh.c | 3 +-
crypto/openssh/kexgen.c | 6 +-
crypto/openssh/kexgexc.c | 6 +-
crypto/openssh/kexgexs.c | 7 +-
crypto/openssh/kexmlkem768x25519.c | 6 +-
crypto/openssh/krb5_config.h | 1 +
crypto/openssh/krl.c | 5 +-
crypto/openssh/log.c | 4 +-
crypto/openssh/loginrec.c | 48 +-
crypto/openssh/logintest.c | 2 -
crypto/openssh/m4/openssh.m4 | 42 +-
crypto/openssh/mac.c | 23 +-
crypto/openssh/misc-agent.c | 357 +
crypto/openssh/misc.c | 103 +-
crypto/openssh/misc.h | 9 +-
crypto/openssh/moduli | 859 +-
crypto/openssh/moduli.c | 59 +-
crypto/openssh/monitor.c | 86 +-
crypto/openssh/monitor_fdpass.c | 12 +-
crypto/openssh/monitor_wrap.c | 93 +-
crypto/openssh/monitor_wrap.h | 6 +-
crypto/openssh/mux.c | 23 +-
crypto/openssh/openbsd-compat/Makefile.in | 5 +-
crypto/openssh/openbsd-compat/arc4random.c | 2 -
crypto/openssh/openbsd-compat/arc4random_uniform.c | 4 +-
crypto/openssh/openbsd-compat/bsd-misc.c | 55 +-
crypto/openssh/openbsd-compat/bsd-misc.h | 14 +-
crypto/openssh/openbsd-compat/bsd-openpty.c | 8 +-
crypto/openssh/openbsd-compat/bsd-poll.h | 6 +-
crypto/openssh/openbsd-compat/daemon.c | 4 +-
crypto/openssh/openbsd-compat/glob.c | 2 -
crypto/openssh/openbsd-compat/include/netgroup.h | 0
crypto/openssh/openbsd-compat/include/util.h | 0
crypto/openssh/openbsd-compat/memmem.c | 2 -
crypto/openssh/openbsd-compat/openssl-compat.c | 9 +-
crypto/openssh/openbsd-compat/openssl-compat.h | 19 +-
crypto/openssh/openbsd-compat/port-prngd.c | 4 +-
crypto/openssh/openbsd-compat/reallocarray.c | 2 -
crypto/openssh/openbsd-compat/recallocarray.c | 2 -
.../openssh/openbsd-compat/regress/utimensattest.c | 12 +-
crypto/openssh/packet.c | 107 +-
crypto/openssh/packet.h | 8 +-
crypto/openssh/pathnames.h | 13 +-
crypto/openssh/pkcs11.h | 1502 ++-
crypto/openssh/platform.c | 15 +-
crypto/openssh/poly1305.c | 4 +-
crypto/openssh/progressmeter.c | 12 +-
crypto/openssh/readconf.c | 75 +-
crypto/openssh/readconf.h | 8 +-
crypto/openssh/readpass.c | 8 +-
crypto/openssh/regress/Makefile | 69 +-
crypto/openssh/regress/agent-pkcs11-cert.sh | 57 +-
crypto/openssh/regress/agent-pkcs11-restrict.sh | 31 +-
crypto/openssh/regress/agent-pkcs11.sh | 72 +-
crypto/openssh/regress/agent-restrict.sh | 17 +-
crypto/openssh/regress/agent.sh | 8 +-
crypto/openssh/regress/cert-hostkey.sh | 4 +-
crypto/openssh/regress/cert-userkey.sh | 6 +-
crypto/openssh/regress/cfgmatch.sh | 4 +-
crypto/openssh/regress/cfgparse.sh | 19 +-
crypto/openssh/regress/connect-bigconf.sh | 17 +
crypto/openssh/regress/dropbear-server.sh | 76 +
crypto/openssh/regress/dsa_ssh2.prv | 14 -
crypto/openssh/regress/dsa_ssh2.pub | 13 -
crypto/openssh/regress/dynamic-forward.sh | 4 +-
crypto/openssh/regress/hostbased.sh | 3 +-
crypto/openssh/regress/keygen-comment.sh | 3 +-
crypto/openssh/regress/keytype.sh | 4 +-
crypto/openssh/regress/knownhosts-command.sh | 3 +-
crypto/openssh/regress/krl.sh | 3 +-
crypto/openssh/regress/limit-keytype.sh | 6 +-
crypto/openssh/regress/misc/fuzz-harness/Makefile | 11 +-
.../regress/misc/fuzz-harness/agent_fuzz_helper.c | 7 -
.../openssh/regress/misc/fuzz-harness/fixed-keys.h | 26 -
.../fuzz-harness/testdata/create-agent-corpus.sh | 2 +-
.../misc/fuzz-harness/testdata/id_dsa-cert.pub | 1 -
crypto/openssh/regress/misc/sk-dummy/sk-dummy.c | 7 +-
.../regress/misc/ssh-verify-attestation/Makefile | 4 +-
.../ssh-verify-attestation.c | 7 +-
crypto/openssh/regress/modpipe.c | 4 +-
crypto/openssh/regress/netcat.c | 36 +-
crypto/openssh/regress/password.sh | 60 +
crypto/openssh/regress/penalty-expire.sh | 2 +-
crypto/openssh/regress/penalty.sh | 2 +-
crypto/openssh/regress/percent.sh | 45 +-
crypto/openssh/regress/rekey.sh | 2 +-
crypto/openssh/regress/ssh-com-client.sh | 14 +-
crypto/openssh/regress/ssh-com.sh | 26 +-
crypto/openssh/regress/ssh2putty.sh | 3 +-
crypto/openssh/regress/sshcfgparse.sh | 27 +-
crypto/openssh/regress/sshsig.sh | 4 +-
crypto/openssh/regress/test-exec.sh | 54 +-
crypto/openssh/regress/unittests/Makefile.inc | 29 +-
crypto/openssh/regress/unittests/authopt/Makefile | 8 +-
crypto/openssh/regress/unittests/authopt/tests.c | 10 +-
crypto/openssh/regress/unittests/bitmap/Makefile | 7 +-
crypto/openssh/regress/unittests/bitmap/tests.c | 32 +-
.../openssh/regress/unittests/conversion/Makefile | 4 +-
.../openssh/regress/unittests/conversion/tests.c | 10 +-
crypto/openssh/regress/unittests/hostkeys/Makefile | 8 +-
.../regress/unittests/hostkeys/mktestdata.sh | 13 +-
.../regress/unittests/hostkeys/test_iterate.c | 214 +-
.../regress/unittests/hostkeys/testdata/dsa_1.pub | 1 -
.../regress/unittests/hostkeys/testdata/dsa_2.pub | 1 -
.../regress/unittests/hostkeys/testdata/dsa_3.pub | 1 -
.../regress/unittests/hostkeys/testdata/dsa_4.pub | 1 -
.../regress/unittests/hostkeys/testdata/dsa_5.pub | 1 -
.../regress/unittests/hostkeys/testdata/dsa_6.pub | 1 -
.../unittests/hostkeys/testdata/known_hosts | 12 +-
crypto/openssh/regress/unittests/hostkeys/tests.c | 13 +-
crypto/openssh/regress/unittests/kex/Makefile | 8 +-
crypto/openssh/regress/unittests/kex/test_kex.c | 79 +-
.../openssh/regress/unittests/kex/test_proposal.c | 2 -
crypto/openssh/regress/unittests/kex/tests.c | 9 +-
crypto/openssh/regress/unittests/match/Makefile | 4 +-
crypto/openssh/regress/unittests/match/tests.c | 10 +-
crypto/openssh/regress/unittests/misc/Makefile | 6 +-
crypto/openssh/regress/unittests/misc/test_argv.c | 2 -
.../openssh/regress/unittests/misc/test_convtime.c | 2 -
.../openssh/regress/unittests/misc/test_expand.c | 31 +-
.../openssh/regress/unittests/misc/test_hpdelim.c | 2 -
crypto/openssh/regress/unittests/misc/test_misc.c | 436 +
crypto/openssh/regress/unittests/misc/test_parse.c | 10 +-
.../openssh/regress/unittests/misc/test_ptimeout.c | 8 +-
.../openssh/regress/unittests/misc/test_strdelim.c | 2 -
.../openssh/regress/unittests/misc/test_xextendf.c | 89 +
crypto/openssh/regress/unittests/misc/tests.c | 14 +-
.../openssh/regress/unittests/sshbuf/test_sshbuf.c | 4 +-
.../regress/unittests/sshbuf/test_sshbuf_fixed.c | 4 +-
.../regress/unittests/sshbuf/test_sshbuf_fuzz.c | 4 +-
.../unittests/sshbuf/test_sshbuf_getput_basic.c | 11 +-
.../unittests/sshbuf/test_sshbuf_getput_crypto.c | 11 +-
.../unittests/sshbuf/test_sshbuf_getput_fuzz.c | 18 +-
.../regress/unittests/sshbuf/test_sshbuf_misc.c | 223 +-
crypto/openssh/regress/unittests/sshbuf/tests.c | 12 +-
crypto/openssh/regress/unittests/sshkey/Makefile | 6 +-
crypto/openssh/regress/unittests/sshkey/common.c | 49 +-
crypto/openssh/regress/unittests/sshkey/common.h | 5 +-
.../openssh/regress/unittests/sshkey/mktestdata.sh | 53 +-
.../openssh/regress/unittests/sshkey/test_file.c | 98 +-
.../openssh/regress/unittests/sshkey/test_fuzz.c | 77 +-
.../openssh/regress/unittests/sshkey/test_sshkey.c | 225 +-
.../regress/unittests/sshkey/testdata/dsa_1 | 12 -
.../unittests/sshkey/testdata/dsa_1-cert.fp | 1 -
.../unittests/sshkey/testdata/dsa_1-cert.pub | 1 -
.../regress/unittests/sshkey/testdata/dsa_1.fp | 1 -
.../regress/unittests/sshkey/testdata/dsa_1.fp.bb | 1 -
.../unittests/sshkey/testdata/dsa_1.param.g | 1 -
.../unittests/sshkey/testdata/dsa_1.param.priv | 1 -
.../unittests/sshkey/testdata/dsa_1.param.pub | 1 -
.../regress/unittests/sshkey/testdata/dsa_1.pub | 1 -
.../regress/unittests/sshkey/testdata/dsa_1_pw | 15 -
.../regress/unittests/sshkey/testdata/dsa_2 | 12 -
.../regress/unittests/sshkey/testdata/dsa_2.fp | 1 -
.../regress/unittests/sshkey/testdata/dsa_2.fp.bb | 1 -
.../regress/unittests/sshkey/testdata/dsa_2.pub | 1 -
.../regress/unittests/sshkey/testdata/dsa_n | 21 -
.../regress/unittests/sshkey/testdata/dsa_n_pw | 21 -
crypto/openssh/regress/unittests/sshkey/tests.c | 10 +-
crypto/openssh/regress/unittests/sshsig/Makefile | 6 +-
.../openssh/regress/unittests/sshsig/mktestdata.sh | 8 +-
.../openssh/regress/unittests/sshsig/testdata/dsa | 12 -
.../regress/unittests/sshsig/testdata/dsa.pub | 1 -
.../regress/unittests/sshsig/testdata/dsa.sig | 13 -
crypto/openssh/regress/unittests/sshsig/tests.c | 15 +-
.../openssh/regress/unittests/test_helper/fuzz.c | 7 +-
.../regress/unittests/test_helper/test_helper.c | 214 +-
.../regress/unittests/test_helper/test_helper.h | 28 +-
crypto/openssh/regress/unittests/utf8/Makefile | 7 +-
crypto/openssh/regress/unittests/utf8/tests.c | 8 +-
crypto/openssh/sandbox-capsicum.c | 8 +-
crypto/openssh/sandbox-darwin.c | 6 +-
crypto/openssh/sandbox-seccomp-filter.c | 66 +-
crypto/openssh/scp.1 | 19 +-
crypto/openssh/scp.c | 48 +-
crypto/openssh/servconf.c | 93 +-
crypto/openssh/serverloop.c | 40 +-
crypto/openssh/session.c | 56 +-
crypto/openssh/sftp-client.c | 40 +-
crypto/openssh/sftp-client.h | 3 +-
crypto/openssh/sftp-common.c | 2 -
crypto/openssh/sftp-glob.c | 4 +-
crypto/openssh/sftp-server.c | 16 +-
crypto/openssh/sftp.c | 22 +-
crypto/openssh/sk-api.h | 2 -
crypto/openssh/sk-usbhid.c | 11 +-
crypto/openssh/srclimit.c | 16 +-
crypto/openssh/ssh-add.1 | 13 +-
crypto/openssh/ssh-add.c | 224 +-
crypto/openssh/ssh-agent.1 | 38 +-
crypto/openssh/ssh-agent.c | 141 +-
crypto/openssh/ssh-dss.c | 457 -
crypto/openssh/ssh-ecdsa.c | 35 +-
crypto/openssh/ssh-ed25519.c | 37 +-
crypto/openssh/ssh-keygen.1 | 13 +-
crypto/openssh/ssh-keygen.c | 320 +-
crypto/openssh/ssh-keyscan.1 | 6 +-
crypto/openssh/ssh-keyscan.c | 42 +-
crypto/openssh/ssh-keysign.c | 14 +-
crypto/openssh/ssh-pkcs11-client.c | 517 +-
crypto/openssh/ssh-pkcs11-helper.c | 221 +-
crypto/openssh/ssh-pkcs11.c | 862 +-
crypto/openssh/ssh-pkcs11.h | 14 +-
crypto/openssh/ssh-rsa.c | 50 +-
crypto/openssh/ssh-sk-helper.c | 19 +-
crypto/openssh/ssh-sk.c | 4 +-
crypto/openssh/ssh-xmss.c | 389 -
crypto/openssh/ssh.c | 117 +-
crypto/openssh/ssh_config | 3 +-
crypto/openssh/ssh_config.5 | 50 +-
crypto/openssh/ssh_namespace.h | 44 +-
crypto/openssh/sshbuf-getput-basic.c | 4 +-
crypto/openssh/sshbuf-misc.c | 63 +-
crypto/openssh/sshbuf.h | 18 +-
crypto/openssh/sshconnect.c | 39 +-
crypto/openssh/sshconnect2.c | 4 +-
crypto/openssh/sshd-auth.c | 35 +-
crypto/openssh/sshd-session.c | 38 +-
crypto/openssh/sshd.8 | 6 +-
crypto/openssh/sshd.c | 60 +-
crypto/openssh/sshd_config | 2 +-
crypto/openssh/sshd_config.5 | 27 +-
crypto/openssh/sshkey-xmss.c | 1113 --
crypto/openssh/sshkey-xmss.h | 56 -
crypto/openssh/sshkey.c | 233 +-
crypto/openssh/sshkey.h | 43 +-
crypto/openssh/sshlogin.c | 2 +-
crypto/openssh/sshpty.c | 10 +-
crypto/openssh/sshsig.c | 5 +-
crypto/openssh/uidswap.c | 8 +-
crypto/openssh/umac.c | 9 +-
crypto/openssh/version.h | 8 +-
crypto/openssh/xmalloc.c | 8 +-
crypto/openssh/xmss_commons.c | 36 -
crypto/openssh/xmss_commons.h | 21 -
crypto/openssh/xmss_fast.c | 1106 --
crypto/openssh/xmss_fast.h | 111 -
crypto/openssh/xmss_hash.c | 137 -
crypto/openssh/xmss_hash.h | 22 -
crypto/openssh/xmss_hash_address.c | 66 -
crypto/openssh/xmss_hash_address.h | 40 -
crypto/openssh/xmss_wots.c | 192 -
crypto/openssh/xmss_wots.h | 64 -
secure/lib/libssh/Makefile | 4 +-
secure/ssh.mk | 2 +-
314 files changed, 14462 insertions(+), 14120 deletions(-)
diff --cc crypto/openssh/.github/install_libcrypto.sh
index 000000000000,d1aa23450679..d1aa23450679
mode 000000,100755..100755
--- a/crypto/openssh/.github/install_libcrypto.sh
+++ b/crypto/openssh/.github/install_libcrypto.sh
diff --cc crypto/openssh/.github/install_putty.sh
index 000000000000,6d6d0ad49f41..6d6d0ad49f41
mode 000000,100755..100755
--- a/crypto/openssh/.github/install_putty.sh
+++ b/crypto/openssh/.github/install_putty.sh
diff --cc crypto/openssh/.github/workflows/vm.yml
index 000000000000,9dcf5fcca764..9dcf5fcca764
mode 000000,100644..100644
--- a/crypto/openssh/.github/workflows/vm.yml
+++ b/crypto/openssh/.github/workflows/vm.yml
diff --cc crypto/openssh/.gitignore
index c419d0fd662b,000000000000..df0f2ce0464e
mode 100644,000000..100644
--- a/crypto/openssh/.gitignore
+++ b/crypto/openssh/.gitignore
@@@ -1,39 -1,0 +1,40 @@@
+Makefile
+buildpkg.sh
+config.h
+config.h.in~
+config.log
+config.status
+openbsd-compat/Makefile
+openbsd-compat/regress/Makefile
++openbsd-compat/include
+openssh.xml
+opensshd.init
+survey.sh
+**/*.o
+**/*.lo
+**/*.so
+**/*.dylib
+**/*.dll
+**/*.out
+**/*.a
+**/*.un~
+**/.*.swp
+autom4te.cache/
+scp
+sftp
+sftp-server
+ssh
+ssh-add
+ssh-agent
+ssh-keygen
+ssh-keyscan
+ssh-keysign
+ssh-pkcs11-helper
+ssh-sk-helper
+sshd
+sshd-session
+sshd-auth
+!regress/misc/**/Makefile
+!regress/unittests/**/Makefile
+tags
+
diff --cc crypto/openssh/INSTALL
index 113c25cc2203,000000000000..32f2e9ad53b5
mode 100644,000000..100644
--- a/crypto/openssh/INSTALL
+++ b/crypto/openssh/INSTALL
@@@ -1,295 -1,0 +1,295 @@@
+1. Prerequisites
+----------------
+
+A C compiler. Any C89 or better compiler that supports variadic macros
+should work. Where supported, configure will attempt to enable the
+compiler's run-time integrity checking options. Some notes about
+specific compilers:
+ - clang: -ftrapv and -sanitize=integer require the compiler-rt runtime
+ (CC=clang LDFLAGS=--rtlib=compiler-rt ./configure)
+
+To support Privilege Separation (which is now required) you will need
+to create the user, group and directory used by sshd for privilege
+separation. See README.privsep for details.
+
+
+The remaining items are optional.
+
+A working installation of zlib:
+Zlib 1.1.4 or 1.2.1.2 or greater (earlier 1.2.x versions have problems):
+https://zlib.net/
+
+libcrypto from either of LibreSSL or OpenSSL. Building without libcrypto
+is supported but severely restricts the available ciphers and algorithms.
+ - LibreSSL (https://www.libressl.org/) 3.1.0 or greater
+ - OpenSSL (https://www.openssl.org) 1.1.1 or greater
+
+LibreSSL/OpenSSL should be compiled as a position-independent library
+(i.e. -fPIC, eg by configuring OpenSSL as "./config [options] -fPIC"
+or LibreSSL as "CFLAGS=-fPIC ./configure") otherwise OpenSSH will not
+be able to link with it. If you must use a non-position-independent
+libcrypto, then you may need to configure OpenSSH --without-pie.
+
+If you build either from source, running the OpenSSL self-test ("make
+tests") or the LibreSSL equivalent ("make check") and ensuring that all
+tests pass is strongly recommended.
+
+NB. If you operating system supports /dev/random, you should configure
+libcrypto (LibreSSL/OpenSSL) to use it. OpenSSH relies on libcrypto's
+direct support of /dev/random, or failing that, either prngd or egd.
+
+PRNGD:
+
+If your system lacks kernel-based random collection, the use of Lutz
+Jaenicke's PRNGd is recommended. If you are using libcrypto it requires
+that the libcrypto is configured to support it. If you are building
+--without-openssl then the --with-prngd-socket option must match the
+socket provided by prngd.
+
+http://prngd.sourceforge.net/
+
+EGD:
+
+The Entropy Gathering Daemon (EGD) supports the same interface as prngd.
+The same caveats about configuration for prngd also apply.
+
+http://egd.sourceforge.net/
+
+PAM:
+
+OpenSSH can utilise Pluggable Authentication Modules (PAM) if your
+system supports it. PAM is standard most Linux distributions, Solaris,
+HP-UX 11, AIX >= 5.2, FreeBSD, NetBSD and Mac OS X.
+
+Information about the various PAM implementations are available:
+
+Solaris PAM: http://www.sun.com/software/solaris/pam/
+Linux PAM: http://www.kernel.org/pub/linux/libs/pam/
+OpenPAM: http://www.openpam.org/
+
+If you wish to build the GNOME passphrase requester, you will need the GNOME
+libraries and headers.
+
+GNOME:
+http://www.gnome.org/
+
+Alternatively, Jim Knoble <jmknoble@pobox.com> has written an excellent X11
+passphrase requester. This is maintained separately at:
+
+http://www.jmknoble.net/software/x11-ssh-askpass/
+
+TCP Wrappers:
+
+If you wish to use the TCP wrappers functionality you will need at least
+tcpd.h and libwrap.a, either in the standard include and library paths,
+or in the directory specified by --with-tcp-wrappers. Version 7.6 is
+known to work.
+
+http://ftp.porcupine.org/pub/security/index.html
+
+LibEdit:
+
+sftp supports command-line editing via NetBSD's libedit. If your platform
+has it available natively you can use that, alternatively you might try
+these multi-platform ports:
+
+http://www.thrysoee.dk/editline/
+http://sourceforge.net/projects/libedit/
+
+LDNS:
+
+LDNS is a DNS BSD-licensed resolver library which supports DNSSEC.
+
+http://nlnetlabs.nl/projects/ldns/
+
+Autoconf:
+
+If you modify configure.ac or configure doesn't exist (eg if you checked
+the main git branch) then you will need autoconf-2.69 and automake-1.16.1
+or newer to rebuild the automatically generated files by running
+"autoreconf". Earlier versions may also work but this is not guaranteed.
+
+http://www.gnu.org/software/autoconf/
+http://www.gnu.org/software/automake/
+
+Basic Security Module (BSM):
+
+Native BSM support is known to exist in Solaris from at least 2.5.1,
+FreeBSD 6.1 and OS X. Alternatively, you may use the OpenBSM
+implementation (http://www.openbsm.org).
+
+makedepend:
+
+https://www.x.org/archive/individual/util/
+
+If you are making significant changes to the code you may need to rebuild
+the dependency (.depend) file using "make depend", which requires the
+"makedepend" tool from the X11 distribution.
+
+libfido2:
+
+libfido2 allows the use of hardware security keys over USB. libfido2
+in turn depends on libcbor. libfido2 >= 1.5.0 is strongly recommended.
+Limited functionality is possible with earlier libfido2 versions.
+
+https://github.com/Yubico/libfido2
+https://github.com/pjk/libcbor
+
+
+2. Building / Installation
+--------------------------
+
+To install OpenSSH with default options:
+
+./configure
+make
+make install
+
+This will install the OpenSSH binaries in /usr/local/bin, configuration files
+in /usr/local/etc, the server in /usr/local/sbin, etc. To specify a different
+installation prefix, use the --prefix option to configure:
+
+./configure --prefix=/opt
+make
+make install
+
+Will install OpenSSH in /opt/{bin,etc,lib,sbin}. You can also override
+specific paths, for example:
+
+./configure --prefix=/opt --sysconfdir=/etc/ssh
+make
+make install
+
+This will install the binaries in /opt/{bin,lib,sbin}, but will place the
+configuration files in /etc/ssh.
+
+If you are using PAM, you may need to manually install a PAM control
+file as "/etc/pam.d/sshd" (or wherever your system prefers to keep
+them). Note that the service name used to start PAM is __progname,
+which is the basename of the path of your sshd (e.g., the service name
+for /usr/sbin/osshd will be osshd). If you have renamed your sshd
+executable, your PAM configuration may need to be modified.
+
+A generic PAM configuration is included as "contrib/sshd.pam.generic",
+you may need to edit it before using it on your system. If you are
+using a recent version of Red Hat Linux, the config file in
+contrib/redhat/sshd.pam should be more useful. Failure to install a
+valid PAM file may result in an inability to use password
+authentication. On HP-UX 11 and Solaris, the standard /etc/pam.conf
+configuration will work with sshd (sshd will match the other service
+name).
+
+There are a few other options to the configure script:
+
+--with-audit=[module] enable additional auditing via the specified module.
+Currently, drivers for "debug" (additional info via syslog) and "bsm"
+(Sun's Basic Security Module) are supported.
+
+--with-pam enables PAM support. If PAM support is compiled in, it must
+also be enabled in sshd_config (refer to the UsePAM directive).
+
+--with-prngd-socket=/some/file allows you to enable EGD or PRNGD
+support and to specify a PRNGd socket. Use this if your Unix lacks
+/dev/random.
+
+--with-prngd-port=portnum allows you to enable EGD or PRNGD support
+and to specify a EGD localhost TCP port. Use this if your Unix lacks
+/dev/random.
+
+--with-lastlog=FILE will specify the location of the lastlog file.
+./configure searches a few locations for lastlog, but may not find
+it if lastlog is installed in a different place.
+
+--without-lastlog will disable lastlog support entirely.
+
+--with-osfsia, --without-osfsia will enable or disable OSF1's Security
+Integration Architecture. The default for OSF1 machines is enable.
+
+--with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny)
+support.
+
+--with-utmpx enables utmpx support. utmpx support is automatic for
+some platforms.
+
+--without-shadow disables shadow password support.
+
+--with-ipaddr-display forces the use of a numeric IP address in the
+$DISPLAY environment variable. Some broken systems need this.
+
+--with-default-path=PATH allows you to specify a default $PATH for sessions
+started by sshd. This replaces the standard path entirely.
+
+--with-pid-dir=PATH specifies the directory in which the sshd.pid file is
+created.
+
+--with-xauth=PATH specifies the location of the xauth binary
+
+--with-ssl-dir=DIR allows you to specify where your Libre/OpenSSL
+libraries are installed.
+
+--with-ssl-engine enables Libre/OpenSSL's (hardware) ENGINE support
+
+--without-openssl builds without using OpenSSL. Only a subset of ciphers
+and algorithms are supported in this configuration.
+
+--without-zlib builds without zlib. This disables the Compression option.
+
+--with-4in6 Check for IPv4 in IPv6 mapped addresses and convert them to
+real (AF_INET) IPv4 addresses. Works around some quirks on Linux.
+
+If you need to pass special options to the compiler or linker, you
+can specify these as environment variables before running ./configure.
+For example:
+
+CC="/usr/foo/cc" CFLAGS="-O" LDFLAGS="-s" LIBS="-lrubbish" ./configure
+
+3. Configuration
+----------------
+
+The runtime configuration files are installed by in ${prefix}/etc or
+whatever you specified as your --sysconfdir (/usr/local/etc by default).
+
+The default configuration should be instantly usable, though you should
+review it to ensure that it matches your security requirements.
+
+To generate a host key, run "make host-key". Alternately you can do so
+manually using the following commands:
+
+ ssh-keygen -t [type] -f /etc/ssh/ssh_host_key -N ""
+
- for each of the types you wish to generate (rsa, dsa or ecdsa) or
++for each of the types you wish to generate (rsa, ed25519 or ecdsa) or
+
+ ssh-keygen -A
+
+to generate keys for all supported types.
+
+Replacing /etc/ssh with the correct path to the configuration directory.
+(${prefix}/etc or whatever you specified with --sysconfdir during
+configuration).
+
+If you have configured OpenSSH with EGD/prngd support, ensure that EGD or
+prngd is running and has collected some entropy first.
+
+For more information on configuration, please refer to the manual pages
+for sshd, ssh and ssh-agent.
+
+4. (Optional) Send survey
+-------------------------
+
+$ make survey
+[check the contents of the file "survey" to ensure there's no information
+that you consider sensitive]
+$ make send-survey
+
+This will send configuration information for the currently configured
+host to a survey address. This will help determine which configurations
+are actually in use, and what valid combinations of configure options
+exist. The raw data is available only to the OpenSSH developers, however
+summary data may be published.
+
+5. Problems?
+------------
+
+If you experience problems compiling, installing or running OpenSSH,
+please refer to the "reporting bugs" section of the webpage at
+https://www.openssh.com/
diff --cc crypto/openssh/auth.c
index 28ee390f4a15,000000000000..496a0194b100
mode 100644,000000..100644
--- a/crypto/openssh/auth.c
+++ b/crypto/openssh/auth.c
@@@ -1,788 -1,0 +1,787 @@@
- /* $OpenBSD: auth.c,v 1.162 2024/09/15 01:18:26 djm Exp $ */
++/* $OpenBSD: auth.c,v 1.163 2025/09/15 04:39:15 djm Exp $ */
+/*
+ * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+
+#include <netinet/in.h>
+
+#include <stdlib.h>
+#include <errno.h>
+#include <fcntl.h>
- #ifdef HAVE_PATHS_H
- # include <paths.h>
- #endif
++#include <paths.h>
+#include <pwd.h>
+#ifdef HAVE_LOGIN_H
+#include <login.h>
+#endif
+#ifdef USE_SHADOW
+#include <shadow.h>
+#endif
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <limits.h>
+#include <netdb.h>
+#include <time.h>
+
+#include "xmalloc.h"
+#include "match.h"
+#include "groupaccess.h"
+#include "log.h"
+#include "sshbuf.h"
+#include "misc.h"
+#include "servconf.h"
+#include "sshkey.h"
+#include "hostfile.h"
+#include "auth.h"
+#include "auth-options.h"
+#include "canohost.h"
+#include "uidswap.h"
+#include "packet.h"
+#include "loginrec.h"
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
+#include "authfile.h"
+#include "monitor_wrap.h"
+#include "ssherr.h"
+#include "channels.h"
+#include "blocklist_client.h"
+
+/* import */
+extern ServerOptions options;
+extern struct include_list includes;
+extern struct sshbuf *loginmsg;
+extern struct passwd *privsep_pw;
+extern struct sshauthopt *auth_opts;
+
+/* Debugging messages */
+static struct sshbuf *auth_debug;
+
+/*
+ * Check if the user is allowed to log in via ssh. If user is listed
+ * in DenyUsers or one of user's groups is listed in DenyGroups, false
+ * will be returned. If AllowUsers isn't empty and user isn't listed
+ * there, or if AllowGroups isn't empty and one of user's groups isn't
+ * listed there, false will be returned.
+ * If the user's shell is not executable, false will be returned.
+ * Otherwise true is returned.
+ */
+int
+allowed_user(struct ssh *ssh, struct passwd * pw)
+{
+ struct stat st;
+ const char *hostname = NULL, *ipaddr = NULL;
+ u_int i;
+ int r;
+
+ /* Shouldn't be called if pw is NULL, but better safe than sorry... */
+ if (!pw || !pw->pw_name)
+ return 0;
+
+ if (!options.use_pam && platform_locked_account(pw)) {
+ logit("User %.100s not allowed because account is locked",
+ pw->pw_name);
+ return 0;
+ }
+
+ /*
+ * Deny if shell does not exist or is not executable unless we
+ * are chrooting.
+ */
+ if (options.chroot_directory == NULL ||
+ strcasecmp(options.chroot_directory, "none") == 0) {
+ char *shell = xstrdup((pw->pw_shell[0] == '\0') ?
+ _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */
+
+ if (stat(shell, &st) == -1) {
+ logit("User %.100s not allowed because shell %.100s "
+ "does not exist", pw->pw_name, shell);
+ free(shell);
+ return 0;
+ }
+ if (S_ISREG(st.st_mode) == 0 ||
+ (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
+ logit("User %.100s not allowed because shell %.100s "
+ "is not executable", pw->pw_name, shell);
+ free(shell);
+ return 0;
+ }
+ free(shell);
+ }
+
+ if (options.num_deny_users > 0 || options.num_allow_users > 0 ||
+ options.num_deny_groups > 0 || options.num_allow_groups > 0) {
+ hostname = auth_get_canonical_hostname(ssh, options.use_dns);
+ ipaddr = ssh_remote_ipaddr(ssh);
+ }
+
+ /* Return false if user is listed in DenyUsers */
+ if (options.num_deny_users > 0) {
+ for (i = 0; i < options.num_deny_users; i++) {
+ r = match_user(pw->pw_name, hostname, ipaddr,
+ options.deny_users[i]);
+ if (r < 0) {
+ fatal("Invalid DenyUsers pattern \"%.100s\"",
+ options.deny_users[i]);
+ } else if (r != 0) {
+ logit("User %.100s from %.100s not allowed "
+ "because listed in DenyUsers",
+ pw->pw_name, hostname);
+ return 0;
+ }
+ }
+ }
+ /* Return false if AllowUsers isn't empty and user isn't listed there */
+ if (options.num_allow_users > 0) {
+ for (i = 0; i < options.num_allow_users; i++) {
+ r = match_user(pw->pw_name, hostname, ipaddr,
+ options.allow_users[i]);
+ if (r < 0) {
+ fatal("Invalid AllowUsers pattern \"%.100s\"",
+ options.allow_users[i]);
+ } else if (r == 1)
+ break;
+ }
+ /* i < options.num_allow_users iff we break for loop */
+ if (i >= options.num_allow_users) {
+ logit("User %.100s from %.100s not allowed because "
+ "not listed in AllowUsers", pw->pw_name, hostname);
+ return 0;
+ }
+ }
+ if (options.num_deny_groups > 0 || options.num_allow_groups > 0) {
+ /* Get the user's group access list (primary and supplementary) */
+ if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
+ logit("User %.100s from %.100s not allowed because "
+ "not in any group", pw->pw_name, hostname);
+ return 0;
+ }
+
+ /* Return false if one of user's groups is listed in DenyGroups */
+ if (options.num_deny_groups > 0)
+ if (ga_match(options.deny_groups,
+ options.num_deny_groups)) {
+ ga_free();
+ logit("User %.100s from %.100s not allowed "
+ "because a group is listed in DenyGroups",
+ pw->pw_name, hostname);
+ return 0;
+ }
+ /*
+ * Return false if AllowGroups isn't empty and one of user's groups
+ * isn't listed there
+ */
+ if (options.num_allow_groups > 0)
+ if (!ga_match(options.allow_groups,
+ options.num_allow_groups)) {
+ ga_free();
+ logit("User %.100s from %.100s not allowed "
+ "because none of user's groups are listed "
+ "in AllowGroups", pw->pw_name, hostname);
+ return 0;
+ }
+ ga_free();
+ }
+
+#ifdef CUSTOM_SYS_AUTH_ALLOWED_USER
+ if (!sys_auth_allowed_user(pw, loginmsg))
+ return 0;
+#endif
+
+ /* We found no reason not to let this user try to log on... */
+ return 1;
+}
+
+/*
+ * Formats any key left in authctxt->auth_method_key for inclusion in
+ * auth_log()'s message. Also includes authxtct->auth_method_info if present.
+ */
+static char *
+format_method_key(Authctxt *authctxt)
+{
+ const struct sshkey *key = authctxt->auth_method_key;
+ const char *methinfo = authctxt->auth_method_info;
+ char *fp, *cafp, *ret = NULL;
+
+ if (key == NULL)
+ return NULL;
+
+ if (sshkey_is_cert(key)) {
+ fp = sshkey_fingerprint(key,
+ options.fingerprint_hash, SSH_FP_DEFAULT);
+ cafp = sshkey_fingerprint(key->cert->signature_key,
+ options.fingerprint_hash, SSH_FP_DEFAULT);
+ xasprintf(&ret, "%s %s ID %s (serial %llu) CA %s %s%s%s",
+ sshkey_type(key), fp == NULL ? "(null)" : fp,
+ key->cert->key_id,
+ (unsigned long long)key->cert->serial,
+ sshkey_type(key->cert->signature_key),
+ cafp == NULL ? "(null)" : cafp,
+ methinfo == NULL ? "" : ", ",
+ methinfo == NULL ? "" : methinfo);
+ free(fp);
*** 15227 LINES SKIPPED ***