src/secure/lib/libssh, branch main FreeBSD source tree openssl: Import version 3.5.1 2025-08-07T13:54:34+00:00 Pierre Pronchery khorben@FreeBSD.org 2025-07-11T21:57:10+00:00 4757b351ea9d59d71d4a38b82506d2d16fcd560d Migrate to OpenSSL 3.5 in advance of FreeBSD 15.0. OpenSSL 3.0 will be EOL after 2026-09-07. Approved by: philip (mentor) Sponsored by: Alpha-Omega Beach Cleaning Project Sponsored by: The FreeBSD Foundation Differential revision: https://reviews.freebsd.org/D51613 
Migrate to OpenSSL 3.5 in advance of FreeBSD 15.0. OpenSSL 3.0 will be
EOL after 2026-09-07.

Approved by:	philip (mentor)
Sponsored by:	Alpha-Omega Beach Cleaning Project
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D51613
build: remove the last vestiges of lint support 2025-06-05T23:55:34+00:00 Brooks Davis brooks@FreeBSD.org 2025-06-05T23:55:34+00:00 8e35800732573de6c4bc1dd3ac420447fca96231 Commit 1cbb58886a47 (shipped in 12.0.0) removed all lint infrastructure. A bunch of NO_LINT definitions remained (perhaps as a bootstrapping measture). Remove them. Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D50704 
Commit 1cbb58886a47 (shipped in 12.0.0) removed all lint infrastructure.
A bunch of NO_LINT definitions remained (perhaps as a bootstrapping
measture).  Remove them.

Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D50704
openssh: Add ${SKSRCS} to libssh 2025-05-20T22:58:23+00:00 Jose Luis Duran jlduran@FreeBSD.org 2025-05-20T22:58:23+00:00 ac62b97951c25a33ec0880e574ccff31be7452f7 sshkey.c references sshsk_sign(), which is defined in ${SKSRCS}. Due to how FreeBSD builds libssh, or put differently, due to upstream not building a shared libssh.so, we need to partially revert 65d8491719bb ("secure: Adapt Makefile to ssh-sk-client everywhere"), and add ${SKSRCS} back, to avoid linking problems, especially when building with GCC: /usr/local/bin/ld: /usr/obj/usr/src/amd64.amd64/secure/lib/libssh/libprivatessh.so: undefined reference to `sshsk_sign' collect2: error: ld returned 1 exit status` Put the sources in a separate line, to maintain line-by-line compatibility with upstream Makefile.in PR: 286580 Reviewed by: emaste Approved by: emaste (mentor) Fixes: 65d8491719bb ("secure: Adapt Makefile to ssh-sk-client everywhere") Differential Revision: https://reviews.freebsd.org/D50020 
sshkey.c references sshsk_sign(), which is defined in ${SKSRCS}.

Due to how FreeBSD builds libssh, or put differently, due to upstream
not building a shared libssh.so, we need to partially revert
65d8491719bb ("secure: Adapt Makefile to ssh-sk-client everywhere"), and
add ${SKSRCS} back, to avoid linking problems, especially when building
with GCC:

    /usr/local/bin/ld:
    /usr/obj/usr/src/amd64.amd64/secure/lib/libssh/libprivatessh.so:
    undefined reference to `sshsk_sign'
    collect2: error: ld returned 1 exit status`

Put the sources in a separate line, to maintain line-by-line
compatibility with upstream Makefile.in

PR:		286580
Reviewed by:	emaste
Approved by:	emaste (mentor)
Fixes:	65d8491719bb ("secure: Adapt Makefile to ssh-sk-client everywhere")
Differential Revision:	https://reviews.freebsd.org/D50020
secure: Adapt Makefile to ssh-sk-client everywhere 2025-04-17T19:12:39+00:00 Jose Luis Duran jlduran@FreeBSD.org 2025-04-17T19:08:02+00:00 65d8491719bbc88ed45637d2381931c2d29cfe87 Upstream commit 7b47b40b1 ("adapt Makefile to ssh-sk-client everywhere") adapted the Makefiles to ssh-sk-client. Do the same here. Reviewed by: emaste Approved by: emaste (mentor) Differential Revision: https://reviews.freebsd.org/D49795 
Upstream commit 7b47b40b1 ("adapt Makefile to ssh-sk-client everywhere")
adapted the Makefiles to ssh-sk-client.  Do the same here.

Reviewed by:	emaste
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D49795
secure: Rearrange Makefile SRCS to match upstream Makefile.in 2025-04-17T19:12:05+00:00 Jose Luis Duran jlduran@FreeBSD.org 2025-04-17T18:56:00+00:00 9440aad19dca73fdd224b128ac2dc2e78191ff15 SRCS entries are kept in the same order and with the same line breaks as upstream, to make comparison easier. No functional change intended. Reviewed by: emaste Approved by: emaste (mentor) Differential Revision: https://reviews.freebsd.org/D49793 
SRCS entries are kept in the same order and with the same line breaks as
upstream, to make comparison easier.

No functional change intended.

Reviewed by:	emaste
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D49793
ssh: Consolidate HAVE_LDNS / LIBWRAP in ssh.mk 2025-02-20T23:33:46+00:00 Ed Maste emaste@FreeBSD.org 2022-04-12T13:18:20+00:00 d71e7e57fc1472e3ea6d31c44e187c2819d2c71e Commit 9d63429fa163 ("ssh: move common Makefile boilerplate to a new ssh.mk") introduced ssh.mk for common OpenSSH paths and flags, as part of enabling FIDO/U2F. Move duplicated MK_LDNS and MK_TCP_WRAPPERS handling there. Reviewed by: kevans Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D31896 
Commit 9d63429fa163 ("ssh: move common Makefile boilerplate to a new
ssh.mk") introduced ssh.mk for common OpenSSH paths and flags, as part
of enabling FIDO/U2F.  Move duplicated MK_LDNS and MK_TCP_WRAPPERS
handling there.

Reviewed by:	kevans
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D31896
ssh: tidy include handling 2025-02-20T22:39:48+00:00 Ed Maste emaste@FreeBSD.org 2022-03-02T14:45:23+00:00 7f916236044d9a733de8b3c47b5dcbf71988cb03 Centralize optional krb5_config.h handling in ssh.mk. Do not add headers (that are committed to the src tree) to SRCS as there is no need. Reviewed by: imp, jlduran, kevans (all earlier) MFC after: 1 month Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34409 
Centralize optional krb5_config.h handling in ssh.mk.  Do not add
headers (that are committed to the src tree) to SRCS as there is no
need.

Reviewed by:	imp, jlduran, kevans (all earlier)
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D34409
openssh: Update to 9.9p1 2025-02-19T19:08:59+00:00 Ed Maste emaste@FreeBSD.org 2025-02-19T19:08:59+00:00 3d9fd9fcb432750f3716b28f6ccb0104cd9d351a Highlights from the release notes are reproduced below. Bug fixes and improvements that were previously merged into FreeBSD have been elided. See the upstream release notes for full details of the 9.9p1 release (https://www.openssh.com/releasenotes.html). --- Future deprecation notice ========================= OpenSSH plans to remove support for the DSA signature algorithm in early 2025. Potentially-incompatible changes -------------------------------- * ssh(1): remove support for pre-authentication compression. * ssh(1), sshd(8): processing of the arguments to the "Match" configuration directive now follows more shell-like rules for quoted strings, including allowing nested quotes and \-escaped characters. New features ------------ * ssh(1), sshd(8): add support for a new hybrid post-quantum key exchange based on the FIPS 203 Module-Lattice Key Enapsulation mechanism (ML-KEM) combined with X25519 ECDH as described by https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03 This algorithm "mlkem768x25519-sha256" is available by default. * ssh(1), sshd(8), ssh-agent(1): prevent private keys from being included in core dump files for most of their lifespans. This is in addition to pre-existing controls in ssh-agent(1) and sshd(8) that prevented coredumps. This feature is supported on OpenBSD, Linux and FreeBSD. * All: convert key handling to use the libcrypto EVP_PKEY API, with the exception of DSA. Bugfixes -------- * sshd(8): do not apply authorized_keys options when signature verification fails. Prevents more restrictive key options being incorrectly applied to subsequent keys in authorized_keys. bz3733 * ssh-keygen(1): include pathname in some of ssh-keygen's passphrase prompts. Helps the user know what's going on when ssh-keygen is invoked via other tools. Requested in GHPR503 * ssh(1), ssh-add(1): make parsing user@host consistently look for the last '@' in the string rather than the first. This makes it possible to more consistently use usernames that contain '@' characters. * ssh(1), sshd(8): be more strict in parsing key type names. Only allow short names (e.g "rsa") in user-interface code and require full SSH protocol names (e.g. "ssh-rsa") everywhere else. bz3725 * ssh-keygen(1): clarify that ed25519 is the default key type generated and clarify that rsa-sha2-512 is the default signature scheme when RSA is in use. GHPR505 --- Reviewed by: jlduran (build infrastructure) Reviewed by: cy (build infrastructure) Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D48947 
Highlights from the release notes are reproduced below.  Bug fixes and
improvements that were previously merged into FreeBSD have been elided.

See the upstream release notes for full details of the 9.9p1 release
(https://www.openssh.com/releasenotes.html).

---

Future deprecation notice
=========================

OpenSSH plans to remove support for the DSA signature algorithm in
early 2025.

Potentially-incompatible changes
--------------------------------

 * ssh(1): remove support for pre-authentication compression.

 * ssh(1), sshd(8): processing of the arguments to the "Match"
   configuration directive now follows more shell-like rules for
   quoted strings, including allowing nested quotes and \-escaped
   characters.

New features
------------

 * ssh(1), sshd(8): add support for a new hybrid post-quantum key
   exchange based on the FIPS 203 Module-Lattice Key Enapsulation
   mechanism (ML-KEM) combined with X25519 ECDH as described by
   https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03
   This algorithm "mlkem768x25519-sha256" is available by default.

 * ssh(1), sshd(8), ssh-agent(1): prevent private keys from being
   included in core dump files for most of their lifespans. This is
   in addition to pre-existing controls in ssh-agent(1) and sshd(8)
   that prevented coredumps. This feature is supported on OpenBSD,
   Linux and FreeBSD.

 * All: convert key handling to use the libcrypto EVP_PKEY API, with
   the exception of DSA.

Bugfixes
--------

 * sshd(8): do not apply authorized_keys options when signature
   verification fails. Prevents more restrictive key options being
   incorrectly applied to subsequent keys in authorized_keys. bz3733

 * ssh-keygen(1): include pathname in some of ssh-keygen's passphrase
   prompts. Helps the user know what's going on when ssh-keygen is
   invoked via other tools. Requested in GHPR503

 * ssh(1), ssh-add(1): make parsing user@host consistently look for
   the last '@' in the string rather than the first. This makes it
   possible to more consistently use usernames that contain '@'
   characters.

 * ssh(1), sshd(8): be more strict in parsing key type names. Only
   allow short names (e.g "rsa") in user-interface code and require
   full SSH protocol names (e.g. "ssh-rsa") everywhere else. bz3725

 * ssh-keygen(1): clarify that ed25519 is the default key type
   generated and clarify that rsa-sha2-512 is the default signature
   scheme when RSA is in use. GHPR505

---

Reviewed by:	jlduran (build infrastructure)
Reviewed by:	cy (build infrastructure)
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48947
openssh: Update to 9.8p1 2025-02-19T17:20:44+00:00 Ed Maste emaste@FreeBSD.org 2025-02-19T17:20:44+00:00 0fdf8fae8b569bf9fff3b5171e669dcd7cf9c79e Highlights from the release notes are reproduced below. Some security and bug fixes were previously merged into FreeBSD and have been elided. See the upstream release notes for full details (https://www.openssh.com/releasenotes.html). --- Future deprecation notice ========================= OpenSSH plans to remove support for the DSA signature algorithm in early 2025. Potentially-incompatible changes -------------------------------- * sshd(8): the server will now block client addresses that repeatedly fail authentication, repeatedly connect without ever completing authentication or that crash the server. See the discussion of PerSourcePenalties below for more information. Operators of servers that accept connections from many users, or servers that accept connections from addresses behind NAT or proxies may need to consider these settings. * sshd(8): the server has been split into a listener binary, sshd(8), and a per-session binary "sshd-session". This allows for a much smaller listener binary, as it no longer needs to support the SSH protocol. As part of this work, support for disabling privilege separation (which previously required code changes to disable) and disabling re-execution of sshd(8) has been removed. Further separation of sshd-session into additional, minimal binaries is planned for the future. * sshd(8): several log messages have changed. In particular, some log messages will be tagged with as originating from a process named "sshd-session" rather than "sshd". * ssh-keyscan(1): this tool previously emitted comment lines containing the hostname and SSH protocol banner to standard error. This release now emits them to standard output, but adds a new "-q" flag to silence them altogether. * sshd(8): (portable OpenSSH only) sshd will no longer use argv[0] as the PAM service name. A new "PAMServiceName" sshd_config(5) directive allows selecting the service name at runtime. This defaults to "sshd". bz2101 New features ------------ * sshd(8): sshd(8) will now penalise client addresses that, for various reasons, do not successfully complete authentication. This feature is controlled by a new sshd_config(5) PerSourcePenalties option and is on by default. * ssh(8): allow the HostkeyAlgorithms directive to disable the implicit fallback from certificate host key to plain host keys. Portability ----------- * sshd(8): expose SSH_AUTH_INFO_0 always to PAM auth modules unconditionally. The previous behaviour was to expose it only when particular authentication methods were in use. * ssh(1), ssh-agent(8): allow the presence of the WAYLAND_DISPLAY environment variable to enable SSH_ASKPASS, similarly to the X11 DISPLAY environment variable. GHPR479 --- Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D48914 
Highlights from the release notes are reproduced below.  Some security
and bug fixes were previously merged into FreeBSD and have been elided.
See the upstream release notes for full details
(https://www.openssh.com/releasenotes.html).

---

Future deprecation notice
=========================

OpenSSH plans to remove support for the DSA signature algorithm in
early 2025.

Potentially-incompatible changes
--------------------------------

 * sshd(8): the server will now block client addresses that
   repeatedly fail authentication, repeatedly connect without ever
   completing authentication or that crash the server. See the
   discussion of PerSourcePenalties below for more information.
   Operators of servers that accept connections from many users, or
   servers that accept connections from addresses behind NAT or
   proxies may need to consider these settings.

 * sshd(8): the server has been split into a listener binary, sshd(8),
   and a per-session binary "sshd-session". This allows for a much
   smaller listener binary, as it no longer needs to support the SSH
   protocol. As part of this work, support for disabling privilege
   separation (which previously required code changes to disable) and
   disabling re-execution of sshd(8) has been removed. Further
   separation of sshd-session into additional, minimal binaries is
   planned for the future.

 * sshd(8): several log messages have changed. In particular, some
   log messages will be tagged with as originating from a process
   named "sshd-session" rather than "sshd".

 * ssh-keyscan(1): this tool previously emitted comment lines
   containing the hostname and SSH protocol banner to standard error.
   This release now emits them to standard output, but adds a new
   "-q" flag to silence them altogether.

 * sshd(8): (portable OpenSSH only) sshd will no longer use argv[0]
   as the PAM service name. A new "PAMServiceName" sshd_config(5)
   directive allows selecting the service name at runtime. This
   defaults to "sshd". bz2101

New features
------------

 * sshd(8): sshd(8) will now penalise client addresses that, for various
   reasons, do not successfully complete authentication. This feature is
   controlled by a new sshd_config(5) PerSourcePenalties option and is
   on by default.

 * ssh(8): allow the HostkeyAlgorithms directive to disable the
   implicit fallback from certificate host key to plain host keys.

Portability
-----------

 * sshd(8): expose SSH_AUTH_INFO_0 always to PAM auth modules
   unconditionally. The previous behaviour was to expose it only when
   particular authentication methods were in use.

 * ssh(1), ssh-agent(8): allow the presence of the WAYLAND_DISPLAY
   environment variable to enable SSH_ASKPASS, similarly to the X11
   DISPLAY environment variable. GHPR479

---

Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48914
libssh: Remove progressmeter 2025-02-08T23:55:51+00:00 Ed Maste emaste@FreeBSD.org 2025-02-06T19:21:12+00:00 c0af32952564099fe30a34aeb335f95a6dc811ba It is used only by scp and sftp, and already included directly in their Makefiles. It does not belong in libssh. Fixes: d8b043c8d497 ("Update for 3.6.1p1; also remove Kerberos IV shims.") Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D48871 
It is used only by scp and sftp, and already included directly in their
Makefiles.  It does not belong in libssh.

Fixes: d8b043c8d497 ("Update for 3.6.1p1; also remove Kerberos IV shims.")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48871