diff options
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 1683 |
1 files changed, 824 insertions, 859 deletions
diff --git a/ChangeLog b/ChangeLog index 6d7a7d265eb8..0307f62e0557 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,827 @@ +commit aede1c34243a6f7feae2fb2cb686ade5f9be6f3d +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 17 11:01:20 2018 +1100 + + Require OpenSSL 1.1.x series 1.1.0g or greater + + Previous versions have a bug with EVP_CipherInit() when passed a + NULL EVP_CIPHER, per https://github.com/openssl/openssl/pull/4613 + + ok dtucker@ + +commit 08300c211409c212e010fe2e2f2883e573a04ce2 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 17 08:12:02 2018 +1100 + + unbreak compilation with --with-ssl-engine + + Missing last argument to OPENSSL_init_crypto() + +commit 1673274aee67ce0eb6f00578b6f3d2bcbd58f937 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Tue Oct 16 14:45:57 2018 +1100 + + Remove gcc spectre mitigation flags. + + Current impementions of the gcc spectre mitigation flags cause + miscompilations when combined with other flags and do not provide much + protection. Found by fweimer at redhat.com, ok djm@ + +commit 4e23deefd7959ef83c73ed9cce574423438f6133 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 16 10:51:52 2018 +1100 + + Avoid deprecated OPENSSL_config when using 1.1.x + + OpenSSL 1.1.x soft-deprecated OPENSSL_config in favour of + OPENSSL_init_crypto; pointed out by Jakub Jelen + +commit 797cdd9c8468ed1125ce60d590ae3f1397866af4 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Oct 12 16:58:47 2018 +1100 + + Don't avoid our *sprintf replacements. + + Don't let systems with broken printf(3) avoid our replacements + via asprintf(3)/vasprintf(3) calling libc internally. From djm@ + +commit e526127cbd2f8ad88fb41229df0c9b850c722830 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Oct 12 16:43:35 2018 +1100 + + Check if snprintf understands %zu. + + If the platforms snprintf and friends don't understand %zu, use the + compat replacement. Prevents segfaults on those platforms. + +commit cf39f875191708c5f2f1a3c1c9019f106e74aea3 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Oct 12 09:48:05 2018 +1100 + + remove stale link, tweak + +commit a7205e68decf7de2005810853b4ce6b222b65e2a +Author: Damien Miller <djm@mindrot.org> +Date: Fri Oct 12 09:47:20 2018 +1100 + + update version numbers ahead of release + +commit 1a4a9cf80f5b92b9d1dadd0bfa8867c04d195391 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Oct 11 03:48:04 2018 +0000 + + upstream: don't send new-style rsa-sha2-*-cert-v01@openssh.com names to + + older OpenSSH that can't handle them. spotted by Adam Eijdenberg; ok dtucker + + OpenBSD-Commit-ID: 662bbc402e3d7c9b6c322806269698106a6ae631 + +commit dc8ddcdf1a95e011c263486c25869bb5bf4e30ec +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 11 13:08:59 2018 +1100 + + update depends + +commit 26841ac265603fd2253e6832e03602823dbb4022 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 11 13:02:11 2018 +1100 + + some more duplicated key algorithm lines + + From Adam Eijdenberg + +commit 5d9d17603bfbb620195a4581025052832b4c4adc +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 11 11:56:36 2018 +1100 + + fix duplicated algorithm specification lines + + Spotted by Adam Eijdenberg + +commit ebfafd9c7a5b2a7fb515ee95dbe0e44e11d0a663 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Oct 11 00:52:46 2018 +0000 + + upstream: typo in plain RSA algorithm counterpart names for + + certificates; spotted by Adam Eijdenberg; ok dtucker@ + + OpenBSD-Commit-ID: bfcdeb6f4fc9e7607f5096574c8f118f2e709e00 + +commit c29b111e7d87c2324ff71c80653dd8da168c13b9 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 11 11:29:35 2018 +1100 + + check pw_passwd != NULL here too + + Again, for systems with broken NIS implementations. + + Prompted by coolbugcheckers AT gmail.com + +commit fe8e8f349a553ef4c567acd418aac769a82b7729 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 11 11:03:15 2018 +1100 + + check for NULL return from shadow_pw() + + probably unreachable on this platform; pointed out by + coolbugcheckers AT gmail.com + +commit acc59cbe7a1fb169e1c3caba65a39bd74d6e030d +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Wed Oct 10 16:43:49 2018 +0000 + + upstream: introducing openssh 7.9 + + OpenBSD-Commit-ID: 42d526a9fe01a40dd299ac58014d3349adf40e25 + +commit 12731158c75c8760a8bea06350eeb3e763fe1a07 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Oct 11 10:29:29 2018 +1100 + + supply callback to PEM_read_bio_PrivateKey + + OpenSSL 1.1.0i has changed the behaviour of their PEM APIs, + so that empty passphrases are interpreted differently. This + probabalistically breaks loading some keys, because the PEM format + is terrible and doesn't include a proper MAC. + + Avoid this by providing a basic callback to avoid passing empty + passphrases to OpenSSL in cases where one is required. + + Based on patch from Jakub Jelen in bz#2913; ok dtucker@ + +commit d1d301a1dd5d6cc3a9ed93ab7ab09dda4cb456e0 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Oct 10 14:57:00 2018 +1100 + + in pick_salt() avoid dereference of NULL passwords + + Apparently some NIS implementations can leave pw->pw_passwd (or the + shadow equivalent) NULL. + + bz#2909; based on patch from Todd Eigenschink + +commit edbb6febccee084d212fdc0cb05b40cb1c646ab1 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Oct 9 05:42:23 2018 +0000 + + upstream: Treat all PEM_read_bio_PrivateKey() errors when a passphrase + + is specified as "incorrect passphrase" instead of trying to choose between + that and "invalid format". + + libcrypto can return ASN1 parsing errors rather than the expected + decrypt error in certain infrequent cases when trying to decrypt/parse + PEM private keys when supplied with an invalid passphrase. + + Report and repro recipe from Thomas Deutschmann in bz#2901 + + ok markus@ + + OpenBSD-Commit-ID: b1d4cd92395f9743f81c0d23aab2524109580870 + +commit 2581333d564d8697837729b3d07d45738eaf5a54 +Author: naddy@openbsd.org <naddy@openbsd.org> +Date: Fri Oct 5 14:26:09 2018 +0000 + + upstream: Support using service names for port numbers. + + * Try to resolve a port specification with getservbyname(3) if a + numeric conversion fails. + * Make the "Port" option in ssh_config handle its argument as a + port rather than a plain integer. + + ok dtucker@ deraadt@ + + OpenBSD-Commit-ID: e7f03633133205ab3dfbc67f9df7475fabae660d + +commit e0d6501e86734c48c8c503f81e1c0926e98c5c4c +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Oct 4 07:47:35 2018 +0000 + + upstream: when the peer sends a channel-close message, make sure we + + close the local extended read fd (stderr) along with the regular read fd + (stdout). Avoids weird stuck processed in multiplexing mode. + + Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863 + + ok dtucker@ markus@ + + OpenBSD-Commit-ID: a48a2467fe938de4de69d2e7193d5fa701f12ae9 + +commit 6f1aabb128246f445e33b8844fad3de9cb1d18cb +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Oct 4 01:04:52 2018 +0000 + + upstream: factor out channel status formatting from + + channel_open_message() so we can use it in other debug messages + + OpenBSD-Commit-ID: 9c3903ca28fcabad57f566c9d0045b41ab7d52ba + +commit f1dd179e122bdfdb7ca3072d9603607740efda05 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Oct 4 00:10:11 2018 +0000 + + upstream: include a little more information about the status and + + disposition of channel's extended (stderr) fd; makes debugging some things a + bit easier. No behaviour change. + + OpenBSD-Commit-ID: 483eb6467dc7d5dbca8eb109c453e7a43075f7ce + +commit 2d1428b11c8b6f616f070f2ecedce12328526944 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Oct 4 00:04:41 2018 +0000 + + upstream: explicit_bzero here to be consistent with other kex*.c; + + report from coolbugcheckers AT gmail.com + + OpenBSD-Commit-ID: a90f146c5b5f5b1408700395e394f70b440856cb + +commit 5eff5b858e717e901e6af6596306a114de9f79f2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Oct 3 06:38:35 2018 +0000 + + upstream: Allow ssh_config IdentityAgent directive to accept + + environment variable names as well as explicit paths. ok dtucker@ + + OpenBSD-Commit-ID: 2f0996e103876c53d8c9dd51dcce9889d700767b + +commit a46ac4d86b25414d78b632e8173578b37e5f8a83 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Oct 2 12:51:58 2018 +0000 + + upstream: mention INFO@openssh.com for sending SIGINFO + + OpenBSD-Commit-ID: 132471eeb0df658210afd27852fe65131b26e900 + +commit ff3a411cae0b484274b7900ef52ff4dad3e12876 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Oct 2 22:49:40 2018 +1000 + + only support SIGINFO on systems with SIGINFO + +commit cd98925c6405e972dc9f211afc7e75e838abe81c +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Oct 2 12:40:07 2018 +0000 + + upstream: Add server support for signalling sessions via the SSH + + channel/ session protocol. Signalling is only supported to sesssions that are + not subsystems and were not started with a forced command. + + Long requested in bz#1424 + + Based on a patch from markus@ and reworked by dtucker@; + ok markus@ dtucker@ + + OpenBSD-Commit-ID: 4bea826f575862eaac569c4bedd1056a268be1c3 + +commit dba50258333f2604a87848762af07ba2cc40407a +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 26 07:32:44 2018 +0000 + + upstream: remove big ugly TODO comment from start of file. Some of + + the mentioned tasks are obsolete and, of the remainder, most are already + captured in PROTOCOL.mux where they better belong + + OpenBSD-Commit-ID: 16d9d76dee42a5bb651c9d6740f7f0ef68aeb407 + +commit 92b61a38ee9b765f5049f03cd1143e13f3878905 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 26 07:30:05 2018 +0000 + + upstream: Document mux proxy mode; added by Markus in openssh-7.4 + + Also add a little bit of information about the overall packet format + + OpenBSD-Commit-ID: bdb6f6ea8580ef96792e270cae7857786ad84a95 + +commit 9d883a1ce4f89b175fd77405ff32674620703fb2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 26 01:48:57 2018 +0000 + + upstream: s/process_mux_master/mux_master_process/ in mux master + + function names, + + Gives better symmetry with the existing mux_client_*() names and makes + it more obvious when a message comes from the master vs client (they + are interleved in ControlMaster=auto mode). + + no functional change beyond prefixing a could of log messages with + __func__ where they were previously lacking. + + OpenBSD-Commit-ID: b01f7c3fdf92692e1713a822a89dc499333daf75 + +commit c2fa53cd6462da82d3a851dc3a4a3f6b920337c8 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Sat Sep 22 14:41:24 2018 +1000 + + Remove unused variable in _ssh_compat_fflush. + +commit d1b3540c21212624af907488960d703c7d987b42 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Thu Sep 20 18:08:43 2018 +1000 + + Import updated moduli. + +commit b5e412a8993ad17b9e1141c78408df15d3d987e1 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 21 12:46:22 2018 +0000 + + upstream: Allow ssh_config ForwardX11Timeout=0 to disable the + + timeout and allow X11 connections in untrusted mode indefinitely. ok dtucker@ + + OpenBSD-Commit-ID: ea1ceed3f540b48e5803f933e59a03b20db10c69 + +commit cb24d9fcc901429d77211f274031653476864ec6 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 21 12:23:17 2018 +0000 + + upstream: when compiled with GSSAPI support, cache supported method + + OIDs by calling ssh_gssapi_prepare_supported_oids() regardless of whether + GSSAPI authentication is enabled in the main config. + + This avoids sandbox violations for configurations that enable GSSAPI + auth later, e.g. + + Match user djm + GSSAPIAuthentication yes + + bz#2107; ok dtucker@ + + OpenBSD-Commit-ID: a5dd42d87c74e27cfb712b15b0f97ab20e0afd1d + +commit bbc8af72ba68da014d4de6e21a85eb5123384226 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 21 12:20:12 2018 +0000 + + upstream: In sshkey_in_file(), ignore keys that are considered for + + being too short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered + to be "in the file". This allows key revocation lists to contain short keys + without the entire revocation list being considered invalid. + + bz#2897; ok dtucker + + OpenBSD-Commit-ID: d9f3d857d07194a42ad7e62889a74dc3f9d9924b + +commit 383a33d160cefbfd1b40fef81f72eadbf9303a66 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 21 03:11:36 2018 +0000 + + upstream: Treat connections with ProxyJump specified the same as ones + + with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't + try to canonicalise the hostname unless CanonicalizeHostname is set to + 'always'). + + Patch from Sven Wegener via bz#2896 + + OpenBSD-Commit-ID: 527ff501cf98bf65fb4b29ed0cb847dda10f4d37 + +commit 0cbed248ed81584129b67c348dbb801660f25a6a +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Sep 20 23:40:16 2018 +0000 + + upstream: actually make CASignatureAlgorithms available as a config + + option + + OpenBSD-Commit-ID: 93fa7ff58314ed7b1ab7744090a6a91232e6ae52 + +commit 62528870c0ec48cd86a37dd7320fb85886c3e6ee +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Thu Sep 20 08:07:03 2018 +0000 + + upstream: Import updated moduli. + + OpenBSD-Commit-ID: 04431e8e7872f49a2129bf080a6b73c19d576d40 + +commit e6933a2ffa0659d57f3c7b7c457b2c62b2a84613 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Thu Sep 20 06:58:48 2018 +0000 + + upstream: reorder CASignatureAlgorithms, and add them to the + + various -o lists; ok djm + + OpenBSD-Commit-ID: ecb88baecc3c54988b4d1654446ea033da359288 + +commit aa083aa9624ea7b764d5a81c4c676719a1a3e42b +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Sep 20 03:31:49 2018 +0000 + + upstream: fix "ssh -Q sig" to show correct signature algorithm list + + (it was erroneously showing certificate algorithms); prompted by markus@ + + OpenBSD-Commit-ID: 1cdee002f2f0c21456979deeb887fc889afb154d + +commit ecac7e1f7add6b28874959a11f2238d149dc2c07 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Sep 20 03:30:44 2018 +0000 + + upstream: add CASignatureAlgorithms option for the client, allowing + + it to specify which signature algorithms may be used by CAs when signing + certificates. Useful if you want to ban RSA/SHA1; ok markus@ + + OpenBSD-Commit-ID: 9159e5e9f67504829bf53ff222057307a6e3230f + +commit 86e5737c39153af134158f24d0cab5827cbd5852 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Sep 20 03:28:06 2018 +0000 + + upstream: Add sshd_config CASignatureAlgorithms option to allow + + control over which signature algorithms a CA may use when signing + certificates. In particular, this allows a sshd to ban certificates signed + with RSA/SHA1. + + ok markus@ + + OpenBSD-Commit-ID: b05c86ef8b52b913ed48d54a9b9c1a7714d96bac + +commit f80e68ea7d62e2dfafc12f1a60ab544ae4033a0f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 19 02:03:02 2018 +0000 + + upstream: Make "ssh-add -q" do what it says on the tin: silence + + output from successful operations. + + Based on patch from Thijs van Dijk; ok dtucker@ deraadt@ + + OpenBSD-Commit-ID: c4f754ecc055c10af166116ce7515104aa8522e1 + +commit 5e532320e9e51de720d5f3cc2596e95d29f6e98f +Author: millert@openbsd.org <millert@openbsd.org> +Date: Mon Sep 17 15:40:14 2018 +0000 + + upstream: When choosing a prime from the moduli file, avoid + + re-using the linenum variable for something that is not a line number to + avoid the confusion that resulted in the bug in rev. 1.64. This also lets us + pass the actual linenum to parse_prime() so the error messages include the + correct line number. OK markus@ some time ago. + + OpenBSD-Commit-ID: 4d8e5d3e924d6e8eb70053e3defa23c151a00084 + +commit cce8cbe0ed7d1ba3a575310e0b63c193326ae616 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Sat Sep 15 19:44:06 2018 +1000 + + Fix openssl-1.1 fallout for --without-openssl. + + ok djm@ + +commit 149519b9f201dac755f3cba4789f4d76fecf0ee1 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 15 19:37:48 2018 +1000 + + add futex(2) syscall to seccomp sandbox + + Apparently needed for some glibc/openssl combinations. + + Patch from Arkadiusz MiĆkiewicz + +commit 4488ae1a6940af704c4dbf70f55bf2f756a16536 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 15 19:36:55 2018 +1000 + + really add source for authopt_fuzz this time + +commit 9201784b4a257c8345fbd740bcbdd70054885707 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Sep 15 19:35:40 2018 +1000 + + remove accidentally checked-in authopt_fuzz binary + +commit beb9e522dc7717df08179f9e59f36b361bfa14ab +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 14 05:26:27 2018 +0000 + + upstream: second try, deals properly with missing and private-only + + Use consistent format in debug log for keys readied, offered and + received during public key authentication. + + This makes it a little easier to see what is going on, as each message + now contains (where available) the key filename, its type and fingerprint, + and whether the key is hosted in an agent or a token. + + OpenBSD-Commit-ID: f1c6a8e9cfc4e108c359db77f24f9a40e1e25ea7 + +commit 6bc5a24ac867bfdc3ed615589d69ac640f51674b +Author: Damien Miller <djm@mindrot.org> +Date: Fri Sep 14 15:16:34 2018 +1000 + + fuzzer harness for authorized_keys option parsing + +commit 6c8b82fc6929b6a9a3f645151b6ec26c5507d9ef +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 14 04:44:04 2018 +0000 + + upstream: revert following; deals badly with agent keys + + revision 1.285 + date: 2018/09/14 04:17:12; author: djm; state: Exp; lines: +47 -26; commitid: lflGFcNb2X2HebaK; + Use consistent format in debug log for keys readied, offered and + received during public key authentication. + + This makes it a little easier to see what is going on, as each message + now contains the key filename, its type and fingerprint, and whether + the key is hosted in an agent or a token. + + OpenBSD-Commit-ID: e496bd004e452d4b051f33ed9ae6a54ab918f56d + +commit 6da046f9c3374ce7e269ded15d8ff8bc45017301 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 14 04:17:44 2018 +0000 + + upstream: garbage-collect moribund ssh_new_private() API. + + OpenBSD-Commit-ID: 7c05bf13b094093dfa01848a9306c82eb6e95f6c + +commit 1f24ac5fc05252ceb1c1d0e8cab6a283b883c780 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 14 04:17:12 2018 +0000 + + upstream: Use consistent format in debug log for keys readied, + + offered and received during public key authentication. + + This makes it a little easier to see what is going on, as each message + now contains the key filename, its type and fingerprint, and whether + the key is hosted in an agent or a token. + + OpenBSD-Commit-ID: 2a01d59285a8a7e01185bb0a43316084b4f06a1f + +commit 488c9325bb7233e975dbfbf89fa055edc3d3eddc +Author: millert@openbsd.org <millert@openbsd.org> +Date: Thu Sep 13 15:23:32 2018 +0000 + + upstream: Fix warnings caused by user_from_uid() and group_from_gid() + + now returning const char *. + + OpenBSD-Commit-ID: b5fe571ea77cfa7b9035062829ab05eb87d7cc6f + +commit 0aa1f230846ebce698e52051a107f3127024a05a +Author: Damien Miller <djm@mindrot.org> +Date: Fri Sep 14 10:31:47 2018 +1000 + + allow SIGUSR1 as synonym for SIGINFO + + Lets users on those unfortunate operating systems that lack SIGINFO + still be able to obtain progress information from unit tests :) + +commit d64e78526596f098096113fcf148216798c327ff +Author: Damien Miller <djm@mindrot.org> +Date: Thu Sep 13 19:05:48 2018 +1000 + + add compat header + +commit a3fd8074e2e2f06602e25618721f9556c731312c +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Sep 13 09:03:20 2018 +0000 + + upstream: missed a bit of openssl-1.0.x API in this unittest + + OpenBSD-Regress-ID: a73a54d7f7381856a3f3a2d25947bee7a9a5dbc9 + +commit 86e0a9f3d249d5580390daf58e015e68b01cef10 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Sep 13 05:06:51 2018 +0000 + + upstream: use only openssl-1.1.x API here too + + OpenBSD-Regress-ID: ae877064597c349954b1b443769723563cecbc8f + +commit 48f54b9d12c1c79fba333bc86d455d8f4cda8cfc +Author: Damien Miller <djm@mindrot.org> +Date: Thu Sep 13 12:13:50 2018 +1000 + + adapt -portable to OpenSSL 1.1x API + + Polyfill missing API with replacement functions extracted from LibreSSL + +commit 86112951d63d48839f035b5795be62635a463f99 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Sep 13 12:12:42 2018 +1000 + + forgot to stage these test files in commit d70d061 + +commit 482d23bcacdd3664f21cc82a5135f66fc598275f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Sep 13 02:08:33 2018 +0000 + + upstream: hold our collective noses and use the openssl-1.1.x API in + + OpenSSH; feedback and ok tb@ jsing@ markus@ + + OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417 + +commit d70d061828730a56636ab6f1f24fe4a8ccefcfc1 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:36:45 2018 +0000 + + upstream: Include certs with multiple RSA signature variants in + + test data Ensure that cert->signature_key is populated correctly + + OpenBSD-Regress-ID: 56e68f70fe46cb3a193ca207385bdb301fd6603a + +commit f803b2682992cfededd40c91818b653b5d923ef5 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:23:48 2018 +0000 + + upstream: test revocation by explicit hash and by fingerprint + + OpenBSD-Regress-ID: 079c18a9ab9663f4af419327c759fc1e2bc78fd8 + +commit 2de78bc7da70e1338b32feeefcc6045cf49efcd4 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:22:43 2018 +0000 + + upstream: s/sshkey_demote/sshkey_from_private/g + + OpenBSD-Regress-ID: 782bde7407d94a87aa8d1db7c23750e09d4443c4 + +commit 41c115a5ea1cb79a6a3182773c58a23f760e8076 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Sep 12 16:50:01 2018 +1000 + + delete the correct thing; kexfuzz binary + +commit f0fcd7e65087db8c2496f13ed39d772f8e38b088 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 06:18:59 2018 +0000 + + upstream: fix edit mistake; spotted by jmc@ + + OpenBSD-Commit-ID: dd724e1c52c9d6084f4cd260ec7e1b2b138261c6 + +commit 4cc259bac699f4d2a5c52b92230f9e488c88a223 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:34:02 2018 +0000 + + upstream: add SSH_ALLOWED_CA_SIGALGS - the default list of + + signature algorithms that are allowed for CA signatures. Notably excludes + ssh-dsa. + + ok markus@ + + OpenBSD-Commit-ID: 1628e4181dc8ab71909378eafe5d06159a22deb4 + +commit ba9e788315b1f6a350f910cb2a9e95b2ce584e89 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:32:54 2018 +0000 + + upstream: add sshkey_check_cert_sigtype() that checks a + + cert->signature_type against a supplied whitelist; ok markus + + OpenBSD-Commit-ID: caadb8073292ed7a9535e5adc067d11d356d9302 + +commit a70fd4ad7bd9f2ed223ff635a3d41e483057f23b +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:31:30 2018 +0000 + + upstream: add cert->signature_type field and keep it in sync with + + certificate signature wrt loading and certification operations; ok markus@ + + OpenBSD-Commit-ID: e8b8b9f76b66707a0cd926109c4383db8f664df3 + +commit 357128ac48630a9970e3af0e6ff820300a28da47 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:30:10 2018 +0000 + + upstream: Add "ssh -Q sig" to allow listing supported signature + + algorithms ok markus@ + + OpenBSD-Commit-ID: 7a8c6eb6c249dc37823ba5081fce64876d10fe2b + +commit 9405c6214f667be604a820c6823b27d0ea77937d +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:21:34 2018 +0000 + + upstream: allow key revocation by SHA256 hash and allow ssh-keygen + + to create KRLs using SHA256/base64 key fingerprints; ok markus@ + + OpenBSD-Commit-ID: a0590fd34e7f1141f2873ab3acc57442560e6a94 + +commit 50e2687ee0941c0ea216d6ffea370ffd2c1f14b9 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Sep 12 01:19:12 2018 +0000 + + upstream: log certificate fingerprint in authentication + + success/failure message (previously we logged only key ID and CA key + fingerprint). + + ok markus@ + + OpenBSD-Commit-ID: a8ef2d172b7f1ddbcce26d6434b2de6d94f6c05d + +commit de37ca909487d23e5844aca289b3f5e75d3f1e1f +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri Sep 7 04:26:56 2018 +0000 + + upstream: Add FALLTHROUGH comments where appropriate. Patch from + + jjelen at redhat via bz#2687. + + OpenBSD-Commit-ID: c48eb457be697a19d6d2950c6d0879f3ccc851d3 + +commit 247766cd3111d5d8c6ea39833a3257ca8fb820f2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Sep 7 01:42:54 2018 +0000 + + upstream: ssh -MM requires confirmation for all operations that + + change the multiplexing state, not just new sessions. + + mention that confirmation is checked via ssh-askpass + + OpenBSD-Commit-ID: 0f1b45551ebb9cc5c9a4fe54ad3b23ce90f1f5c2 + +commit db8bb80e3ac1bcb3e1305d846cd98c6b869bf03f +Author: mestre@openbsd.org <mestre@openbsd.org> +Date: Tue Aug 28 12:25:53 2018 +0000 + + upstream: fix misplaced parenthesis inside if-clause. it's harmless + + and the only issue is showing an unknown error (since it's not defined) + during fatal(), if it ever an error occurs inside that condition. + + OK deraadt@ markus@ djm@ + + OpenBSD-Commit-ID: acb0a8e6936bfbe590504752d01d1d251a7101d8 + +commit 086cc614f550b7d4f100c95e472a6b6b823938ab +Author: mestre@openbsd.org <mestre@openbsd.org> +Date: Tue Aug 28 12:17:45 2018 +0000 + + upstream: fix build with DEBUG_PK enabled + + OK dtucker@ + + OpenBSD-Commit-ID: ec1568cf27726e9638a0415481c20c406e7b441c + +commit 2678833013e97f8b18f09779b7f70bcbf5eb2ab2 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Sep 7 14:41:53 2018 +1000 + + Handle ngroups>_SC_NGROUPS_MAX. + + Based on github pull request #99 from Darren Maffat at Oracle: Solaris' + getgrouplist considers _SC_NGROUPS_MAX more of a guideline and can return + a larger number of groups. In this case, retry getgrouplist with a + larger array and defer allocating groups_byname. ok djm@ + +commit 039bf2a81797b8f3af6058d34005a4896a363221 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Sep 7 14:06:57 2018 +1000 + + Initial len for the fmt=NULL case. + + Patch from jjelen at redhat via bz#2687. (OpenSSH never calls + setproctitle with a null format so len is always initialized). + +commit ea9c06e11d2e8fb2f4d5e02f8a41e23d2bd31ca9 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Sep 7 14:01:39 2018 +1000 + + Include stdlib.h. + + Patch from jjelen at redhat via bz#2687. + +commit 9617816dbe73ec4d65075f4d897443f63a97c87f +Author: Damien Miller <djm@mindrot.org> +Date: Mon Aug 27 13:08:01 2018 +1000 + + document some more regress control env variables + + Specifically SKIP_UNIT, USE_VALGRING and LTESTS. Sort the list of + environment variables. + + Based on patch from Jakub Jelen + commit 71508e06fab14bc415a79a08f5535ad7bffa93d9 Author: Damien Miller <djm@mindrot.org> Date: Thu Aug 23 15:41:42 2018 +1000 @@ -8880,862 +9704,3 @@ Date: Thu Oct 20 03:42:09 2016 +1100 Remote channels .orig and .rej files. These files were incorrectly added during an OpenBSD sync. - -commit 246aa842a4ad368d8ce030495e657ef3a0e1f95c -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue Oct 18 17:32:54 2016 +0000 - - upstream commit - - Remove channel_input_port_forward_request(); the only caller - was the recently-removed SSH1 server code so it's now dead code. ok markus@ - - Upstream-ID: 05453983230a1f439562535fec2818f63f297af9 - -commit 2c6697c443d2c9c908260eed73eb9143223e3ec9 -Author: millert@openbsd.org <millert@openbsd.org> -Date: Tue Oct 18 12:41:22 2016 +0000 - - upstream commit - - Install a signal handler for tty-generated signals and - wait for the ssh child to suspend before suspending sftp. This lets ssh - restore the terminal mode as needed when it is suspended at the password - prompt. OK dtucker@ - - Upstream-ID: a31c1f42aa3e2985dcc91e46e6a17bd22e372d69 - -commit fd2a8f1033fa2316fff719fd5176968277560158 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Sat Oct 15 19:56:25 2016 +0000 - - upstream commit - - various formatting fixes, specifically removing Dq; - - Upstream-ID: 81e85df2b8e474f5f93d66e61d9a4419ce87347c - -commit 8f866d8a57b9a2dc5dd04504e27f593b551618e3 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Oct 19 03:26:09 2016 +1100 - - Import readpassphrase.c rev 1.26. - - Author: miller@openbsd.org: - Avoid generate SIGTTOU when restoring the terminal mode. If we get - SIGTTOU it means the process is not in the foreground process group - which, in most cases, means that the shell has taken control of the tty. - Requiring the user the fg the process in this case doesn't make sense - and can result in both SIGTSTP and SIGTTOU being sent which can lead to - the process being suspended again immediately after being brought into - the foreground. - -commit f901440cc844062c9bab0183d133f7ccc58ac3a5 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Oct 19 03:23:16 2016 +1100 - - Import readpassphrase.c rev 1.25. - - Wrap <readpassphrase.h> so internal calls go direct and - readpassphrase is weak. - - (DEF_WEAK is a no-op in portable.) - -commit 032147b69527e5448a511049b2d43dbcae582624 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Sat Oct 15 05:51:12 2016 +1100 - - Move DEF_WEAK into defines.h. - - As well pull in more recent changes from OpenBSD these will start to - arrive so put it where the definition is shared. - -commit e0259a82ddd950cfb109ddee86fcebbc09c6bd04 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Sat Oct 15 04:34:46 2016 +1100 - - Remove do_pam_set_tty which is dead code. - - The callers of do_pam_set_tty were removed in 2008, so this is now dead - code. bz#2604, pointed out by jjelen at redhat.com. - -commit ca04de83f210959ad2ed870a30ba1732c3ae00e3 -Author: Damien Miller <djm@mindrot.org> -Date: Thu Oct 13 18:53:43 2016 +1100 - - unbreak principals-command test - - Undo inconsistetly updated variable name. - -commit 1723ec92eb485ce06b4cbf49712d21975d873909 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Oct 11 21:49:54 2016 +0000 - - upstream commit - - fix the KEX fuzzer - the previous method of obtaining the - packet contents was broken. This now uses the new per-packet input hook, so - it sees exact post-decrypt packets and doesn't have to pass packet integrity - checks. ok markus@ - - Upstream-Regress-ID: 402fb6ffabd97de590e8e57b25788949dce8d2fd - -commit 09f997893f109799cddbfce6d7e67f787045cbb2 -Author: natano@openbsd.org <natano@openbsd.org> -Date: Thu Oct 6 09:31:38 2016 +0000 - - upstream commit - - Move USER out of the way to unbreak the BUILDUSER - mechanism. ok tb - - Upstream-Regress-ID: 74ab9687417dd071d62316eaadd20ddad1d5af3c - -commit 3049a012c482a7016f674db168f23fd524edce27 -Author: bluhm@openbsd.org <bluhm@openbsd.org> -Date: Fri Sep 30 11:55:20 2016 +0000 - - upstream commit - - In ssh tests set REGRESS_FAIL_EARLY with ?= so that the - environment can change it. OK djm@ - - Upstream-Regress-ID: 77bcb50e47b68c7209c7f0a5a020d73761e5143b - -commit 39af7b444db28c1cb01b7ea468a4f574a44f375b -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Oct 11 21:47:45 2016 +0000 - - upstream commit - - Add a per-packet input hook that is called with the - decrypted packet contents. This will be used for fuzzing; ok markus@ - - Upstream-ID: a3221cee6b1725dd4ae1dd2c13841b4784cb75dc - -commit ec165c392ca54317dbe3064a8c200de6531e89ad -Author: markus@openbsd.org <markus@openbsd.org> -Date: Mon Oct 10 19:28:48 2016 +0000 - - upstream commit - - Unregister the KEXINIT handler after message has been - received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause - allocation of up to 128MB -- until the connection is closed. Reported by - shilei-c at 360.cn - - Upstream-ID: 43649ae12a27ef94290db16d1a98294588b75c05 - -commit 29d40319392e6e19deeca9d45468aa1119846e50 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Oct 13 04:07:20 2016 +1100 - - Import rev 1.24 from OpenBSD. - - revision 1.24 - date: 2013/11/24 23:51:29; author: deraadt; state: Exp; lines: +4 -4; - most obvious unsigned char casts for ctype - ok jca krw ingo - -commit 12069e56221de207ed666c2449dedb431a2a7ca2 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Oct 13 04:04:44 2016 +1100 - - Import rev 1.23 from OpenBSD. Fixes bz#2619. - - revision 1.23 - date: 2010/05/14 13:30:34; author: millert; state: Exp; lines: +41 -39; - Defer installing signal handlers until echo is disabled so that we - get suspended normally when not the foreground process. Fix potential - infinite loop when restoring terminal settings if process is in the - background when restore occurs. OK miod@ - -commit 7508d83eff89af069760b4cc587305588a64e415 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Oct 13 03:53:51 2016 +1100 - - If we don't have TCSASOFT, define it to zero. - - This makes it a no-op when we use it below, which allows us to re-sync - those lines with the upstream and make future updates easier. - -commit aae4dbd4c058d3b1fe1eb5c4e6ddf35827271377 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Fri Oct 7 14:41:52 2016 +0000 - - upstream commit - - tidy up the formatting in this file. more specifically, - replace .Dq, which looks appalling, with .Cm, where appropriate; - - Upstream-ID: ff8e90aa0343d9bb56f40a535e148607973cc738 - -commit a571dbcc7b7b25371174569b13df5159bc4c6c7a -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Oct 4 21:34:40 2016 +0000 - - upstream commit - - add a comment about implicitly-expected checks to - sshkey_ec_validate_public() - - Upstream-ID: 74a7f71c28f7c13a50f89fc78e7863b9cd61713f - -commit 2f78a2a698f4222f8e05cad57ac6e0c3d1faff00 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Sep 30 20:24:46 2016 +0000 - - upstream commit - - fix some -Wpointer-sign warnings in the new mux proxy; ok - markus@ - - Upstream-ID: b1ba7b3769fbc6b7f526792a215b0197f5e55dfd - -commit ca71c36645fc26fcd739a8cfdc702cec85607761 -Author: bluhm@openbsd.org <bluhm@openbsd.org> -Date: Wed Sep 28 20:09:52 2016 +0000 - - upstream commit - - Add a makefile rule to create the ssh library when - regress needs it. This allows to run the ssh regression tests without doing - a "make build" before. Discussed with dtucker@ and djm@; OK djm@ - - Upstream-Regress-ID: ce489bd53afcd471225a125b4b94565d4717c025 - -commit ce44c970f913d2a047903dba8670554ac42fc479 -Author: bluhm@openbsd.org <bluhm@openbsd.org> -Date: Mon Sep 26 21:34:38 2016 +0000 - - upstream commit - - Allow to run ssh regression tests as root. If the user - is already root, the test should not expect that SUDO is set. If ssh needs - another user, use sudo or doas to switch from root if necessary. OK dtucker@ - - Upstream-Regress-ID: b464e55185ac4303529e3e6927db41683aaeace2 - -commit 8d0578478586e283e751ca51e7b0690631da139a -Author: markus@openbsd.org <markus@openbsd.org> -Date: Fri Sep 30 09:19:13 2016 +0000 - - upstream commit - - ssh proxy mux mode (-O proxy; idea from Simon Tatham): - mux - client speaks the ssh-packet protocol directly over unix-domain socket. - mux - server acts as a proxy, translates channel IDs and relays to the server. - no - filedescriptor passing necessary. - combined with unix-domain forwarding it's - even possible to run mux client and server on different machines. feedback - & ok djm@ - - Upstream-ID: 666a2fb79f58e5c50e246265fb2b9251e505c25b - -commit b7689155f3f5c4999846c07a852b1c7a43b09cec -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 28 21:44:52 2016 +0000 - - upstream commit - - put back some pre-auth zlib bits that I shouldn't have - removed - they are still used by the client. Spotted by naddy@ - - Upstream-ID: 80919468056031037d56a1f5b261c164a6f90dc2 - -commit 4577adead6a7d600c8e764619d99477a08192c8f -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 28 20:32:42 2016 +0000 - - upstream commit - - restore pre-auth compression support in the client -- the - previous commit was intended to remove it from the server only. - - remove a few server-side pre-auth compression bits that escaped - - adjust wording of Compression directive in sshd_config(5) - - pointed out by naddy@ ok markus@ - - Upstream-ID: d23696ed72a228dacd4839dd9f2dec424ba2016b - -commit 80d1c963b4dc84ffd11d09617b39c4bffda08956 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Wed Sep 28 17:59:22 2016 +0000 - - upstream commit - - use a separate TOKENS section, as we've done for - sshd_config(5); help/ok djm - - Upstream-ID: 640e32b5e4838e4363738cdec955084b3579481d - -commit 1cfd5c06efb121e58e8b6671548fda77ef4b4455 -Author: Damien Miller <djm@mindrot.org> -Date: Thu Sep 29 03:19:23 2016 +1000 - - Remove portability support for mmap - - We no longer need to wrap/replace mmap for portability now that - pre-auth compression has been removed from OpenSSH. - -commit 0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 28 16:33:06 2016 +0000 - - upstream commit - - Remove support for pre-authentication compression. Doing - compression early in the protocol probably seemed reasonable in the 1990s, - but today it's clearly a bad idea in terms of both cryptography (cf. multiple - compression oracle attacks in TLS) and attack surface. - - Moreover, to support it across privilege-separation zlib needed - the assistance of a complex shared-memory manager that made the - required attack surface considerably larger. - - Prompted by Guido Vranken pointing out a compiler-elided security - check in the shared memory manager found by Stack - (http://css.csail.mit.edu/stack/); ok deraadt@ markus@ - - NB. pre-auth authentication has been disabled by default in sshd - for >10 years. - - Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf - -commit 27c3a9c2aede2184856b5de1e6eca414bb751c38 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Sep 26 21:16:11 2016 +0000 - - upstream commit - - Avoid a theoretical signed integer overflow should - BN_num_bytes() ever violate its manpage and return a negative value. Improve - order of tests to avoid confusing increasingly pedantic compilers. - - Reported by Guido Vranken from stack (css.csail.mit.edu/stack) - unstable optimisation analyser output. ok deraadt@ - - Upstream-ID: f8508c830c86d8f36c113985e52bf8eedae23505 - -commit 8663e51c80c6aa3d750c6d3bcff6ee05091922be -Author: Damien Miller <djm@mindrot.org> -Date: Wed Sep 28 07:40:33 2016 +1000 - - fix mdoc2man.awk formatting for top-level lists - - Reported by Glenn Golden - Diagnosis and fix from Ingo Schwarze - -commit b97739dc21570209ed9d4e7beee0c669ed23b097 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Sep 22 21:15:41 2016 +0000 - - upstream commit - - missing bit from previous commit - - Upstream-ID: 438d5ed6338b28b46e822eb13eee448aca31df37 - -commit de6a175a99d22444e10d19ad3fffef39bc3ee3bb -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Thu Sep 22 19:19:01 2016 +0000 - - upstream commit - - organise the token stuff into a separate section; ok - markus for an earlier version of the diff ok/tweaks djm - - Upstream-ID: 81a6daa506a4a5af985fce7cf9e59699156527c8 - -commit 16277fc45ffc95e4ffc3d45971ff8320b974de2b -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Sep 22 17:55:13 2016 +0000 - - upstream commit - - mention curve25519-sha256 KEX - - Upstream-ID: 33ae1f433ce4795ffa6203761fbdf86e0d7ffbaf - -commit 0493766d5676c7ca358824ea8d3c90f6047953df -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Sep 22 17:52:53 2016 +0000 - - upstream commit - - support plain curve25519-sha256 KEX algorithm now that it - is approaching standardisation (same algorithm is currently supported as - curve25519-sha256@libssh.org) - - Upstream-ID: 5e2b6db2e72667048cf426da43c0ee3fc777baa2 - -commit f31c654b30a6f02ce0b8ea8ab81791b675489628 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Sep 22 02:29:57 2016 +0000 - - upstream commit - - If ssh receives a PACKET_DISCONNECT during userauth it - will cause ssh_dispatch_run(DISPATCH_BLOCK, ...) to return without the - session being authenticated. Check for this and exit if necessary. ok djm@ - - Upstream-ID: b3afe126c0839d2eae6cddd41ff2ba317eda0903 - -commit 1622649b7a829fc8dc313042a43a974f0f3e8a99 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 21 19:53:12 2016 +0000 - - upstream commit - - correctly return errors from kex_send_ext_info(). Fix from - Sami Farin via https://github.com/openssh/openssh-portable/pull/50 - - Upstream-ID: c85999af28aaecbf92cfa2283381df81e839b42c - -commit f83a0cfe16c7a73627b46a9a94e40087d60f32fb -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 21 17:44:20 2016 +0000 - - upstream commit - - cast uint64_t for printf - - Upstream-ID: 76d23e89419ccbd2320f92792a6d878211666ac1 - -commit 5f63ab474f58834feca4f35c498be03b7dd38a16 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 21 17:03:54 2016 +0000 - - upstream commit - - disable tests for affirmative negated match after backout of - match change - - Upstream-Regress-ID: acebb8e5042f03d66d86a50405c46c4de0badcfd - -commit a5ad3a9db5a48f350f257a67b62fafd719ecb7e0 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 21 16:55:42 2016 +0000 - - upstream commit - - Revert two recent changes to negated address matching. The - new behaviour offers unintuitive surprises. We'll find a better way to deal - with single negated matches. - - match.c 1.31: - > fix matching for pattern lists that contain a single negated match, - > e.g. "Host !example" - > - > report and patch from Robin Becker. bz#1918 ok dtucker@ - - addrmatch.c 1.11: - > fix negated address matching where the address list consists of a - > single negated match, e.g. "Match addr !192.20.0.1" - > - > Report and patch from Jakub Jelen. bz#2397 ok dtucker@ - - Upstream-ID: ec96c770f0f5b9a54e5e72fda25387545e9c80c6 - -commit 119b7a2ca0ef2bf3f81897ae10301b8ca8cba844 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 21 01:35:12 2016 +0000 - - upstream commit - - test all the AuthorizedPrincipalsCommand % expansions - - Upstream-Regress-ID: 0a79a84dfaa59f958e46b474c3db780b454d30e3 - -commit bfa9d969ab6235d4938ce069d4db7e5825c56a19 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 21 01:34:45 2016 +0000 - - upstream commit - - add a way for principals command to get see key ID and serial - too - - Upstream-ID: 0d30978bdcf7e8eaeee4eea1b030eb2eb1823fcb - -commit 920585b826af1c639e4ed78b2eba01fd2337b127 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Sep 16 06:09:31 2016 +0000 - - upstream commit - - add a note on kexfuzz' limitations - - Upstream-Regress-ID: 03804d4a0dbc5163e1a285a4c8cc0a76a4e864ec - -commit 0445ff184080b196e12321998b4ce80b0f33f8d1 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Sep 16 01:01:41 2016 +0000 - - upstream commit - - fix for newer modp DH groups - (diffie-hellman-group14-sha256 etc) - - Upstream-Regress-ID: fe942c669959462b507516ae1634fde0725f1c68 - -commit 28652bca29046f62c7045e933e6b931de1d16737 -Author: markus@openbsd.org <markus@openbsd.org> -Date: Mon Sep 19 19:02:19 2016 +0000 - - upstream commit - - move inbound NEWKEYS handling to kex layer; otherwise - early NEWKEYS causes NULL deref; found by Robert Swiecki/honggfuzz; fixed - with & ok djm@ - - Upstream-ID: 9a68b882892e9f51dc7bfa9f5a423858af358b2f - -commit 492710894acfcc2f173d14d1d45bd2e688df605d -Author: natano@openbsd.org <natano@openbsd.org> -Date: Mon Sep 19 07:52:42 2016 +0000 - - upstream commit - - Replace two more arc4random() loops with - arc4random_buf(). - - tweaks and ok dtucker - ok deraadt - - Upstream-ID: 738d3229130ccc7eac975c190276ca6fcf0208e4 - -commit 1036356324fecc13099ac6e986b549f6219327d7 -Author: tedu@openbsd.org <tedu@openbsd.org> -Date: Sat Sep 17 18:00:27 2016 +0000 - - upstream commit - - replace two arc4random loops with arc4random_buf ok - deraadt natano - - Upstream-ID: e18ede972d1737df54b49f011fa4f3917a403f48 - -commit 00df97ff68a49a756d4b977cd02283690f5dfa34 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 14 20:11:26 2016 +0000 - - upstream commit - - take fingerprint of correct key for - AuthorizedPrincipalsCommand - - Upstream-ID: 553581a549cd6a3e73ce9f57559a325cc2cb1f38 - -commit e7907c1cb938b96dd33d27c2fea72c4e08c6b2f6 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Sep 14 05:42:25 2016 +0000 - - upstream commit - - add %-escapes to AuthorizedPrincipalsCommand to match those - supported for AuthorizedKeysCommand (key, key type, fingerprint, etc) and a - few more to provide access to the certificate's CA key; 'looks ok' dtucker@ - - Upstream-ID: 6b00fd446dbebe67f4e4e146d2e492d650ae04eb - -commit 2b939c272a81c4d0c47badeedbcb2ba7c128ccda -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Wed Sep 14 00:45:31 2016 +0000 - - upstream commit - - Improve test coverage of ssh-keygen -T a bit. - - Upstream-Regress-ID: 8851668c721bcc2b400600cfc5a87644cc024e72 - -commit 44d82fc83be6c5ccd70881c2dac1a73e5050398b -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Sep 12 02:25:46 2016 +0000 - - upstream commit - - Add testcase for ssh-keygen -j, -J and -K options for - moduli screening. Does not currently test generation as that is extremely - slow. - - Upstream-Regress-ID: 9de6ce801377ed3ce0a63a1413f1cd5fd3c2d062 - -commit 44e5f756d286bc3a1a5272ea484ee276ba3ac5c2 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Aug 23 08:17:04 2016 +0000 - - upstream commit - - add tests for addr_match_list() - - Upstream-Regress-ID: fae2d1fef84687ece584738a924c7bf969616c8e - -commit 445e218878035b59c704c18406e8aeaff4c8aa25 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Sep 12 23:39:34 2016 +0000 - - upstream commit - - handle certs in rsa_hash_alg_from_ident(), saving an - unnecessary special case elsewhere. - - Upstream-ID: 901cb081c59d6d2698b57901c427f3f6dc7397d4 - -commit 130f5df4fa37cace8c079dccb690e5cafbf00751 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Sep 12 23:31:27 2016 +0000 - - upstream commit - - list all supported signature algorithms in the - server-sig-algs Reported by mb AT smartftp.com in bz#2547 and (independantly) - Ron Frederick; ok markus@ - - Upstream-ID: ddf702d721f54646b11ef2cee6d916666cb685cd - -commit 8f750ccfc07acb8aa98be5a5dd935033a6468cfd -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Sep 12 14:43:58 2016 +1000 - - Remove no-op brackets to resync with upstream. - -commit 7050896e7395866278c19c2ff080c26152619d1d -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Sep 12 13:57:28 2016 +1000 - - Resync ssh-keygen -W error message with upstream. - -commit 43cceff82cc20413cce58ba3375e19684e62cec4 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Sep 12 13:55:37 2016 +1000 - - Move ssh-keygen -W handling code to match upstream - -commit af48d541360b1d7737b35740a4b1ca34e1652cd9 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Sep 12 13:52:17 2016 +1000 - - Move ssh-keygen -T handling code to match upstream. - -commit d8c3cfbb018825c6c86547165ddaf11924901c49 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Sep 12 13:30:50 2016 +1000 - - Move -M handling code to match upstream. - -commit 7b63cf6dbbfa841c003de57d1061acbf2ff22364 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Sep 12 03:29:16 2016 +0000 - - upstream commit - - Spaces->tabs. - - Upstream-ID: f4829dfc3f36318273f6082b379ac562eead70b7 - -commit 11e5e644536821ceb3bb4dd8487fbf0588522887 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Sep 12 03:25:20 2016 +0000 - - upstream commit - - Style whitespace fix. Also happens to remove a no-op - diff with portable. - - Upstream-ID: 45d90f9a62ad56340913a433a9453eb30ceb8bf3 - -commit 9136ec134c97a8aff2917760c03134f52945ff3c -Author: deraadt@openbsd.org <deraadt@openbsd.org> -Date: Mon Sep 12 01:22:38 2016 +0000 - - upstream commit - - Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then - use those definitions rather than pulling <sys/param.h> and unknown namespace - pollution. ok djm markus dtucker - - Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8 - -commit f219fc8f03caca7ac82a38ed74bbd6432a1195e7 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Wed Sep 7 18:39:24 2016 +0000 - - upstream commit - - sort; from matthew martin - - Upstream-ID: 73cec7f7ecc82d37a4adffad7745e4684de67ce7 - -commit 06ce56b05def9460aecc7cdb40e861a346214793 -Author: markus@openbsd.org <markus@openbsd.org> -Date: Tue Sep 6 09:22:56 2016 +0000 - - upstream commit - - ssh_set_newkeys: print correct block counters on - rekeying; ok djm@ - - Upstream-ID: 32bb7a9cb9919ff5bab28d50ecef3a2b2045dd1e - -commit e5e8d9114ac6837a038f4952994ca95a97fafe8d -Author: markus@openbsd.org <markus@openbsd.org> -Date: Tue Sep 6 09:14:05 2016 +0000 - - upstream commit - - update ext_info_c every time we receive a kexinit msg; - fixes sending of ext_info if privsep is disabled; report Aris Adamantiadis & - Mancha; ok djm@ - - Upstream-ID: 2ceaa1076e19dbd3542254b4fb8e42d608f28856 - -commit da95318dbedbaa1335323dba370975c2f251afd8 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Sep 5 14:02:42 2016 +0000 - - upstream commit - - remove 3des-cbc from the client's default proposal; - 64-bit block ciphers are not safe in 2016 and we don't want to wait until - attacks like sweet32 are extended to SSH. - - As 3des-cbc was the only mandatory cipher in the SSH RFCs, this may - cause problems connecting to older devices using the defaults, but - it's highly likely that such devices already need explicit - configuration for KEX and hostkeys anyway. - - ok deraadt, markus, dtucker - - Upstream-ID: a505dfe65c6733af0f751b64cbc4bb7e0761bc2f - -commit b33ad6d997d36edfea65e243cd12ccd01f413549 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Sep 5 13:57:31 2016 +0000 - - upstream commit - - enforce expected request flow for GSSAPI calls; thanks to - Jakub Jelen for testing; ok markus@ - - Upstream-ID: d4bc0e70e1be403735d3d9d7e176309b1fd626b9 - -commit 0bb2980260fb24e5e0b51adac471395781b66261 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Sep 12 11:07:00 2016 +1000 - - Restore ssh-keygen's -J and -j option handling. - - These were incorrectly removed in the 1d9a2e28 sync commit. - -commit 775f8a23f2353f5869003c57a213d14b28e0736e -Author: Damien Miller <djm@mindrot.org> -Date: Wed Aug 31 10:48:07 2016 +1000 - - tighten PAM monitor calls - - only allow kbd-interactive ones when that authentication method is - enabled. Prompted by Solar Designer - -commit 7fd0ea8a1db4bcfb3d8cd9df149e5d571ebea1f4 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Aug 30 07:50:21 2016 +0000 - - upstream commit - - restrict monitor auth calls to be allowed only when their - respective authentication methods are enabled in the configuration. - - prompted by Solar Designer; ok markus dtucker - - Upstream-ID: 6eb3f89332b3546d41d6dbf5a8e6ff920142b553 - -commit b38b95f5bcc52278feb839afda2987933f68ff96 -Author: Damien Miller <djm@mindrot.org> -Date: Mon Aug 29 11:47:07 2016 +1000 - - Tighten monitor state-machine flow for PAM calls - - (attack surface reduction) - -commit dc664d1bd0fc91b24406a3e9575b81c285b8342b -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sun Aug 28 22:28:12 2016 +0000 - - upstream commit - - fix uninitialised optlen in getsockopt() call; harmless - on Unix/BSD but potentially crashy on Cygwin. Reported by James Slepicka ok - deraadt@ - - Upstream-ID: 1987ccee508ba5b18f016c85100d7ac3f70ff965 - -commit 5bcc1e2769f7d6927d41daf0719a9446ceab8dd7 -Author: guenther@openbsd.org <guenther@openbsd.org> -Date: Sat Aug 27 04:05:12 2016 +0000 - - upstream commit - - Pull in <sys/time.h> for struct timeval - - ok deraadt@ - - Upstream-ID: ae34525485a173bccd61ac8eefeb91c57e3b7df6 - -commit fa4a4c96b19127dc2fd4e92f20d99c0c7f34b538 -Author: guenther@openbsd.org <guenther@openbsd.org> -Date: Sat Aug 27 04:04:56 2016 +0000 - - upstream commit - - Pull in <stdlib.h> for NULL - - ok deraadt@ - - Upstream-ID: 7baa6a0f1e049bb3682522b4b95a26c866bfc043 - -commit ae363d74ccc1451185c0c8bd4631e28c67c7fd36 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Aug 25 23:57:54 2016 +0000 - - upstream commit - - add a sIgnore opcode that silently ignores options and - use it to suppress noisy deprecation warnings for the Protocol directive. - - req henning, ok markus - - Upstream-ID: 9fe040aca3d6ff393f6f7e60045cdd821dc4cbe0 - -commit a94c60306643ae904add6e8ed219e4be3494255c -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Aug 25 23:56:51 2016 +0000 - - upstream commit - - remove superfluous NOTREACHED comment - - Upstream-ID: a7485c1f1be618e8c9e38fd9be46c13b2d03b90c - -commit fc041c47144ce28cf71353124a8a5d183cd6a251 -Author: otto@openbsd.org <otto@openbsd.org> -Date: Tue Aug 23 16:21:45 2016 +0000 - - upstream commit - - fix previous, a condition was modified incorrectly; ok - markus@ deraadt@ - - Upstream-ID: c443e339768e7ed396dff3bb55f693e7d3641453 - -commit 23555eb13a9b0550371a16dcf8beaab7a5806a64 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Aug 23 08:17:42 2016 +0000 - - upstream commit - - downgrade an error() to a debug2() to match similar cases - in addr_match_list() - - Upstream-ID: 07c3d53e357214153d9d08f234411e0d1a3d6f5c |