blob: a2ac83ddb513191def9db6008c79dba70c052618 [file] [log] [blame]
Darren Tucker712de4d2013-05-17 09:07:12 +10001 20130517
2 - (dtucker) OpenBSD CVS Sync
3 - djm@cvs.openbsd.org 2013/03/07 00:20:34
4 [regress/proxy-connect.sh]
5 repeat test with a style appended to the username
Darren Tucker7c8b1e72013-05-17 09:10:20 +10006 - dtucker@cvs.openbsd.org 2013/03/23 11:09:43
Darren Tucker75129022013-05-17 09:19:10 +10007 [regress/test-exec.sh]
Darren Tucker7c8b1e72013-05-17 09:10:20 +10008 Only regenerate host keys if they don't exist or if ssh-keygen has changed
9 since they were. Reduces test runtime by 5-30% depending on machine
10 speed.
Darren Tucker75129022013-05-17 09:19:10 +100011 - dtucker@cvs.openbsd.org 2013/04/06 06:00:22
12 [regress/rekey.sh regress/test-exec.sh regress/integrity.sh
13 regress/multiplex.sh Makefile regress/cfgmatch.sh]
14 Split the regress log into 3 parts: the debug output from ssh, the debug
15 log from sshd and the output from the client command (ssh, scp or sftp).
16 Somewhat functional now, will become more useful when ssh/sshd -E is added.
Darren Tuckerdfea3bc2013-05-17 09:31:39 +100017 - dtucker@cvs.openbsd.org 2013/04/07 02:16:03
18 [regress/Makefile regress/rekey.sh regress/integrity.sh
19 regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
20 use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
21 save the output from any failing tests. If a test fails the debug output
22 from ssh and sshd for the failing tests (and only the failing tests) should
23 be available in failed-ssh{,d}.log.
Darren Tuckerf3568fc2013-05-17 09:35:26 +100024 - djm@cvs.openbsd.org 2013/04/18 02:46:12
Darren Tucker40aaff72013-05-17 09:36:20 +100025 [regress/Makefile regress/sftp-chroot.sh]
Darren Tuckerf3568fc2013-05-17 09:35:26 +100026 test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
Darren Tucker40aaff72013-05-17 09:36:20 +100027 - dtucker@cvs.openbsd.org 2013/04/22 07:23:08
Darren Tuckera4df65b2013-05-17 09:37:31 +100028 [regress/multiplex.sh]
Darren Tucker40aaff72013-05-17 09:36:20 +100029 Write mux master logs to regress.log instead of ssh.log to keep separate
Darren Tucker5e951732013-05-17 09:41:33 +100030 - djm@cvs.openbsd.org 2013/05/10 03:46:14
Darren Tuckerc31c8722013-05-17 09:43:33 +100031 [regress/modpipe.c]
Darren Tucker5e951732013-05-17 09:41:33 +100032 sync some portability changes from portable OpenSSH (id sync only)
Darren Tuckera8a62fc2013-05-17 09:42:34 +100033 - dtucker@cvs.openbsd.org 2013/05/16 02:10:35
Darren Tuckerc31c8722013-05-17 09:43:33 +100034 [regress/rekey.sh]
Darren Tuckera8a62fc2013-05-17 09:42:34 +100035 Add test for time-based rekeying
Darren Tuckerc31c8722013-05-17 09:43:33 +100036 - dtucker@cvs.openbsd.org 2013/05/16 03:33:30
37 [regress/rekey.sh]
38 test rekeying when there's no data being transferred
Darren Tucker14490fe2013-05-17 09:44:20 +100039 - dtucker@cvs.openbsd.org 2013/05/16 04:26:10
40 [regress/rekey.sh]
41 add server-side rekey test
Darren Tucker982b0cb2013-05-17 09:45:12 +100042 - dtucker@cvs.openbsd.org 2013/05/16 05:48:31
43 [regress/rekey.sh]
44 add tests for RekeyLimit parsing
Darren Tucker56347ef2013-05-17 13:28:36 +100045 - dtucker@cvs.openbsd.org 2013/05/17 00:37:40
46 [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
47 regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
48 regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
49 regress/ssh-com.sh]
50 replace 'echo -n' with 'printf' since it's more portable
51 also remove "echon" hack.
Darren Tuckerb8b96b02013-05-17 14:46:20 +100052 - dtucker@cvs.openbsd.org 2013/05/17 01:16:09
53 [regress/agent-timeout.sh]
54 Pull back some portability changes from -portable:
55 - TIMEOUT is a read-only variable in some shells
56 - not all greps have -q so redirect to /dev/null instead.
57 (ID sync only)
Darren Tucker34035be2013-05-17 14:47:51 +100058 - dtucker@cvs.openbsd.org 2013/05/17 01:32:11
59 [regress/integrity.sh]
60 don't print output from ssh before getting it (it's available in ssh.log)
Darren Tucker59d928d2013-05-17 15:32:29 +100061 - dtucker@cvs.openbsd.org 2013/05/17 04:29:14
62 [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh
63 regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh
64 regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh
65 regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh
66 regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh
67 regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh
68 regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh
69 regress/multiplex.sh]
70 Move the setting of DATA and COPY into test-exec.sh
Darren Tuckerdd669172013-05-17 20:39:57 +100071 - dtucker@cvs.openbsd.org 2013/05/17 10:16:26
72 [regress/try-ciphers.sh]
73 use expr for math to keep diffs vs portable down
74 (id sync only)
Darren Tucker05b5e512013-05-17 20:41:07 +100075 - dtucker@cvs.openbsd.org 2013/05/17 10:23:52
76 [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh]
77 Use SUDO when cat'ing pid files and running the sshd log wrapper so that
78 it works with a restrictive umask and the pid files are not world readable.
79 Changes from -portable. (id sync only)
Darren Tucker1466bd22013-05-17 20:42:05 +100080 - dtucker@cvs.openbsd.org 2013/05/17 10:24:48
Darren Tucker438f60e2013-05-17 20:43:13 +100081 [regress/localcommand.sh]
Darren Tucker1466bd22013-05-17 20:42:05 +100082 use backticks for portability. (id sync only)
Darren Tucker438f60e2013-05-17 20:43:13 +100083 - dtucker@cvs.openbsd.org 2013/05/17 10:26:26
84 [regress/sftp-badcmds.sh]
85 remove unused BATCH variable. (id sync only)
Darren Tucker98989eb2013-05-17 20:44:09 +100086 - dtucker@cvs.openbsd.org 2013/05/17 10:28:11
87 [regress/sftp.sh]
88 only compare copied data if sftp succeeds. from portable (id sync only)
Darren Tucker00478d32013-05-17 20:45:06 +100089 - dtucker@cvs.openbsd.org 2013/05/17 10:30:07
90 [regress/test-exec.sh]
91 wait a bit longer for startup and use case for absolute path.
92 from portable (id sync only)
Darren Tucker62ee2222013-05-17 20:46:00 +100093 - dtucker@cvs.openbsd.org 2013/05/17 10:33:09
94 [regress/agent-getpeereid.sh]
95 don't redirect stdout from sudo. from portable (id sync only)
Darren Tucker6e1e60c2013-05-17 11:23:41 +100096 - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it
97 in portable and it's long gone in openbsd.
Darren Tucker91af05c2013-05-17 13:16:59 +100098 - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange
99 methods. When the openssl version doesn't support ECDH then next one on
100 the list is DH group exchange, but that causes a bit more traffic which can
101 mean that the tests flip bits in the initial exchange rather than the MACed
102 traffic and we get different errors to what the tests look for.
Darren Tucker8654dd22013-05-17 16:03:48 +1000103 - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits.
Darren Tucker7f193232013-05-17 19:02:28 +1000104 - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd.
Darren Tucker96457a52013-05-17 19:03:38 +1000105 - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd.
Darren Tucker5f1a89a2013-05-17 19:17:58 +1000106 - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh]
107 Move the jot helper function to portable-specific part of test-exec.sh.
Darren Tucker6f669812013-05-17 19:28:51 +1000108 - (dtucker) [regress/test-exec.sh] Move the portable-specific functions
109 together and add a couple of missing lines from openbsd.
Darren Tuckerf8d5b342013-05-17 19:53:25 +1000110 - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5
111 helper function to the portable part of test-exec.sh.
Darren Tucker9cc8ff72013-05-17 20:01:52 +1000112 - (dtucker) [regress/runtests.sh] Remove obsolete test driver script.
Darren Tucker044f32f2013-05-17 20:12:57 +1000113 - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by
114 rev 1.6 which calls wait.
Darren Tucker712de4d2013-05-17 09:07:12 +1000115
Damien Miller6aa3eac2013-05-16 11:10:17 +100011620130516
117 - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be
118 executed if mktemp failed; bz#2105 ok dtucker@
Darren Tucker2ca51bf2013-05-16 20:22:46 +1000119 - (dtucker) OpenBSD CVS Sync
120 - tedu@cvs.openbsd.org 2013/04/23 17:49:45
121 [misc.c]
122 use xasprintf instead of a series of strlcats and strdup. ok djm
Darren Tucker026d9db2013-05-16 20:23:52 +1000123 - tedu@cvs.openbsd.org 2013/04/24 16:01:46
124 [misc.c]
125 remove extra parens noticed by nicm
Darren Tucker5d8b7022013-05-16 20:24:23 +1000126 - dtucker@cvs.openbsd.org 2013/05/06 07:35:12
127 [sftp-server.8]
128 Reference the version of the sftp draft we actually implement. ok djm@
Darren Tucker54da6be2013-05-16 20:25:04 +1000129 - djm@cvs.openbsd.org 2013/05/10 03:40:07
130 [sshconnect2.c]
131 fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
Darren Tucker7e831ed2013-05-16 20:25:40 +1000132 Colin Watson
Darren Tuckercaf00102013-05-16 20:26:18 +1000133 - djm@cvs.openbsd.org 2013/05/10 04:08:01
134 [key.c]
135 memleak in cert_free(), wasn't actually freeing the struct;
136 bz#2096 from shm AT digitalsun.pl
Darren Tucker64c6fce2013-05-16 20:27:14 +1000137 - dtucker@cvs.openbsd.org 2013/05/10 10:13:50
138 [ssh-pkcs11-helper.c]
139 remove unused extern optarg. ok markus@
Darren Tuckerc53c2af2013-05-16 20:28:16 +1000140 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34
141 [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
142 ssh_config.5 packet.h]
143 Add an optional second argument to RekeyLimit in the client to allow
144 rekeying based on elapsed time in addition to amount of traffic.
145 with djm@ jmc@, ok djm
Darren Tucker5f96f3b2013-05-16 20:29:28 +1000146 - dtucker@cvs.openbsd.org 2013/05/16 04:09:14
147 [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
148 sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
149 rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
150 page.
Darren Tucker07636982013-05-16 20:30:03 +1000151 - djm@cvs.openbsd.org 2013/05/16 04:27:50
152 [ssh_config.5 readconf.h readconf.c]
153 add the ability to ignore specific unrecognised ssh_config options;
154 bz#866; ok markus@
Darren Tucker63e0df22013-05-16 20:30:31 +1000155 - jmc@cvs.openbsd.org 2013/05/16 06:28:45
156 [ssh_config.5]
157 put IgnoreUnknown in the right place;
Darren Tucker64d22942013-05-16 20:31:29 +1000158 - jmc@cvs.openbsd.org 2013/05/16 06:30:06
159 [sshd_config.5]
160 oops! avoid Xr to self;
Darren Tuckerdbee3082013-05-16 20:32:29 +1000161 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41
162 [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
163 Fix some "unused result" warnings found via clang and -portable.
164 ok markus@
Darren Tuckerb7ee8522013-05-16 20:33:10 +1000165 - dtucker@cvs.openbsd.org 2013/05/16 09:12:31
166 [readconf.c servconf.c]
167 switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@
Darren Tucker9113d0c2013-05-16 20:48:14 +1000168 - dtucker@cvs.openbsd.org 2013/05/16 10:43:34
169 [servconf.c readconf.c]
170 remove now-unused variables
Darren Tucker09c0f032013-05-16 20:48:57 +1000171 - dtucker@cvs.openbsd.org 2013/05/16 10:44:06
172 [servconf.c]
173 remove another now-unused variable
Darren Tuckere194ba42013-05-16 20:47:31 +1000174 - (dtucker) [configure.ac readconf.c servconf.c
175 openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
Damien Miller6aa3eac2013-05-16 11:10:17 +1000176
Darren Tuckerabbc7a72013-05-10 13:54:23 +100017720130510
178 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler
179 supports it. Mentioned by Colin Watson in bz#2100, ok djm.
Darren Tucker35b2fe92013-05-10 15:35:26 +1000180 - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to
181 getopt.c. Preprocessed source is identical other than line numbers.
Darren Tucker39332022013-05-10 15:38:11 +1000182 - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No
183 portability changes yet.
Darren Tuckerccfdfce2013-05-10 16:28:55 +1000184 - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c
185 openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
186 portability code to getopt_long.c and switch over Makefile and the ugly
187 hack in modpipe.c. Fixes bz#1448.
Darren Tucker0abfb552013-05-10 18:08:49 +1000188 - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c
189 openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
190 in to use it when we're using our own getopt.
Darren Tuckera75d2472013-05-10 18:11:55 +1000191 - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the
192 underlying libraries support them.
Darren Tuckerc54e3e02013-05-10 18:53:14 +1000193 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so
194 we don't get a warning on compilers that *don't* support it. Add
195 -Wno-unknown-warning-option. Move both to the start of the list for
196 maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
Darren Tuckerabbc7a72013-05-10 13:54:23 +1000197
Damien Miller6332da22013-04-23 14:25:52 +100019820130423
199 - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support
200 platforms, such as Android, that lack struct passwd.pw_gecos. Report
201 and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@
Damien Miller62e9c4f2013-04-23 15:15:49 +1000202 - (djm) OpenBSD CVS Sync
203 - markus@cvs.openbsd.org 2013/03/05 20:16:09
204 [sshconnect2.c]
205 reset pubkey order on partial success; ok djm@
Damien Miller998cc562013-04-23 15:16:43 +1000206 - djm@cvs.openbsd.org 2013/03/06 23:35:23
207 [session.c]
208 fatal() when ChrootDirectory specified by running without root privileges;
209 ok markus@
Damien Miller5cbec4c2013-04-23 15:17:12 +1000210 - djm@cvs.openbsd.org 2013/03/06 23:36:53
211 [readconf.c]
212 g/c unused variable (-Wunused)
Damien Miller4ce189d2013-04-23 15:17:52 +1000213 - djm@cvs.openbsd.org 2013/03/07 00:19:59
214 [auth2-pubkey.c monitor.c]
215 reconstruct the original username that was sent by the client, which may
216 have included a style (e.g. "root:skey") when checking public key
217 signatures. Fixes public key and hostbased auth when the client specified
218 a style; ok markus@
Damien Miller91a55f22013-04-23 15:18:10 +1000219 - markus@cvs.openbsd.org 2013/03/07 19:27:25
220 [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5]
221 add submethod support to AuthenticationMethods; ok and freedback djm@
Damien Miller508b6c32013-04-23 15:18:28 +1000222 - djm@cvs.openbsd.org 2013/03/08 06:32:58
223 [ssh.c]
224 allow "ssh -f none ..." ok markus@
Damien Millerd677ad12013-04-23 15:18:51 +1000225 - djm@cvs.openbsd.org 2013/04/05 00:14:00
226 [auth2-gss.c krl.c sshconnect2.c]
227 hush some {unused, printf type} warnings
Damien Miller9f12b5d2013-04-23 15:19:11 +1000228 - djm@cvs.openbsd.org 2013/04/05 00:31:49
229 [pathnames.h]
230 use the existing _PATH_SSH_USER_RC define to construct the other
231 pathnames; bz#2077, ok dtucker@ (no binary change)
Damien Miller172859c2013-04-23 15:19:27 +1000232 - djm@cvs.openbsd.org 2013/04/05 00:58:51
233 [mux.c]
234 cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too
235 (in addition to ones already in OPEN); bz#2079, ok dtucker@
Damien Miller37f1c082013-04-23 15:20:43 +1000236 - markus@cvs.openbsd.org 2013/04/06 16:07:00
237 [channels.c sshd.c]
238 handle ECONNABORTED for accept(); ok deraadt some time ago...
Damien Miller03d4d7e2013-04-23 15:21:06 +1000239 - dtucker@cvs.openbsd.org 2013/04/07 02:10:33
240 [log.c log.h ssh.1 ssh.c sshd.8 sshd.c]
241 Add -E option to ssh and sshd to append debugging logs to a specified file
242 instead of stderr or syslog. ok markus@, man page help jmc@
Damien Miller69010322013-04-23 15:21:24 +1000243 - dtucker@cvs.openbsd.org 2013/04/07 09:40:27
244 [sshd.8]
245 clarify -e text. suggested by & ok jmc@
Damien Millerd5edefd2013-04-23 15:21:39 +1000246 - djm@cvs.openbsd.org 2013/04/11 02:27:50
247 [packet.c]
248 quiet disconnect notifications on the server from error() back to logit()
249 if it is a normal client closure; bz#2057 ok+feedback dtucker@
Damien Millerf1a02ae2013-04-23 15:22:13 +1000250 - dtucker@cvs.openbsd.org 2013/04/17 09:04:09
251 [session.c]
252 revert rev 1.262; it fails because uid is already set here. ok djm@
Damien Miller9303e652013-04-23 15:22:40 +1000253 - djm@cvs.openbsd.org 2013/04/18 02:16:07
254 [sftp.c]
255 make "sftp -q" do what it says on the sticker: hush everything but errors;
Damien Miller467b00c2013-04-23 15:23:07 +1000256 ok dtucker@
257 - djm@cvs.openbsd.org 2013/04/19 01:00:10
258 [sshd_config.5]
259 document the requirment that the AuthorizedKeysCommand be owned by root;
260 ok dtucker@ markus@
Damien Miller0d6771b2013-04-23 15:23:24 +1000261 - djm@cvs.openbsd.org 2013/04/19 01:01:00
262 [ssh-keygen.c]
263 fix some memory leaks; bz#2088 ok dtucker@
Damien Millera56086b2013-04-23 15:24:18 +1000264 - djm@cvs.openbsd.org 2013/04/19 01:03:01
265 [session.c]
266 reintroduce 1.262 without the connection-killing bug:
267 fatal() when ChrootDirectory specified by running without root privileges;
268 ok markus@
Damien Millerea111192013-04-23 19:24:32 +1000269 - djm@cvs.openbsd.org 2013/04/19 01:06:50
270 [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
271 [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
272 add the ability to query supported ciphers, MACs, key type and KEX
273 algorithms to ssh. Includes some refactoring of KEX and key type handling
274 to be table-driven; ok markus@
Damien Miller34bd20a2013-04-23 19:25:00 +1000275 - djm@cvs.openbsd.org 2013/04/19 11:10:18
276 [ssh.c]
277 add -Q to usage; reminded by jmc@
Damien Millerf8b894e2013-04-23 19:25:29 +1000278 - djm@cvs.openbsd.org 2013/04/19 12:07:08
279 [kex.c]
280 remove duplicated list entry pointed out by naddy@
Damien Millerbc02f162013-04-23 19:25:49 +1000281 - dtucker@cvs.openbsd.org 2013/04/22 01:17:18
282 [mux.c]
283 typo in debug output: evitval->exitval
Damien Miller6332da22013-04-23 14:25:52 +1000284
Damien Millerbc68f242013-04-18 11:26:25 +100028520130418
286 - (djm) [config.guess config.sub] Update to last versions before they switch
287 to GPL3. ok dtucker@
Darren Tuckerce1c9572013-04-18 21:36:19 +1000288 - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from
289 unused argument warnings (in particular, -fno-builtin-memset) from clang.
Damien Millerbc68f242013-04-18 11:26:25 +1000290
Darren Tucker19104782013-04-05 11:13:08 +110029120130404
292 - (dtucker) OpenBSD CVS Sync
293 - dtucker@cvs.openbsd.org 2013/02/17 23:16:57
294 [readconf.c ssh.c readconf.h sshconnect2.c]
295 Keep track of which IndentityFile options were manually supplied and which
296 were default options, and don't warn if the latter are missing.
297 ok markus@
Darren Tuckerf3c38142013-04-05 11:16:52 +1100298 - dtucker@cvs.openbsd.org 2013/02/19 02:12:47
299 [krl.c]
300 Remove bogus include. ok djm
Darren Tuckeraefa3682013-04-05 11:18:35 +1100301 - dtucker@cvs.openbsd.org 2013/02/22 04:45:09
302 [ssh.c readconf.c readconf.h]
303 Don't complain if IdentityFiles specified in system-wide configs are
304 missing. ok djm, deraadt.
Darren Tucker5d1d9542013-04-05 11:20:00 +1100305 - markus@cvs.openbsd.org 2013/02/22 19:13:56
306 [sshconnect.c]
307 support ProxyCommand=- (stdin/out already point to the proxy); ok djm@
Darren Tucker15fd19c2013-04-05 11:22:26 +1100308 - djm@cvs.openbsd.org 2013/02/22 22:09:01
309 [ssh.c]
310 Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier
311 version)
Darren Tucker19104782013-04-05 11:13:08 +1100312
Darren Tuckerc9627cd2013-04-01 12:40:48 +110031320130401
314 - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h
315 to avoid conflicting definitions of __int64, adding the required bits.
316 Patch from Corinna Vinschen.
317
Tim Rice75db01d2013-03-22 10:14:32 -070031820120323
319 - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit.
320
Damien Miller83efe7c2013-03-22 10:17:36 +110032120120322
322 - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil
323 Hands' greatly revised version.
Damien Millereed8dc22013-03-22 10:25:22 +1100324 - (djm) Release 6.2p1
Darren Tuckerc8a0f272013-03-22 12:49:14 +1100325 - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype.
Darren Tucker221b4b22013-03-22 12:51:09 +1100326 - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before
327 defining it again. Prevents warnings if someone, eg, sets it in CFLAGS.
Damien Miller83efe7c2013-03-22 10:17:36 +1100328
Damien Miller63b4bcd2013-03-20 12:55:14 +110032920120318
330 - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c]
331 [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's
332 so mark it as broken. Patch from des AT des.no
333
Tim Riceaa86c392013-03-16 20:55:46 -070033420120317
335 - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none
336 of the bits the configure test looks for.
337
Damien Millera2438bb2013-03-15 10:23:07 +110033820120316
339 - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform
340 is unable to successfully compile them. Based on patch from des AT
341 des.no
Damien Millerf4db77d2013-03-15 10:34:25 +1100342 - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
343 Add a usleep replacement for platforms that lack it; ok dtucker
Damien Miller58528402013-03-15 11:22:37 +1100344 - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to
345 occur after UID switch; patch from John Marshall via des AT des.no;
346 ok dtucker@
Damien Millera2438bb2013-03-15 10:23:07 +1100347
Darren Tuckerfe10a282013-03-12 11:19:40 +110034820120312
349 - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]
350 Improve portability of cipher-speed test, based mostly on a patch from
351 Iain Morgan.
Darren Tuckeraa97d132013-03-12 11:31:05 +1100352 - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")
353 in addition to root as an owner of system directories on AIX and HP-UX.
354 ok djm@
Darren Tuckerfe10a282013-03-12 11:19:40 +1100355
Darren Tuckerb3cd5032013-03-07 12:33:35 +110035620130307
357 - (dtucker) [INSTALL] Bump documented autoconf version to what we're
358 currently using.
Darren Tucker4d1a0fe2013-03-07 20:14:34 +1100359 - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it
Darren Tucker9243ef02013-03-07 20:06:13 +1100360 was removed in configure.ac rev 1.481 as it was redundant.
Tim Rice2b6ea472013-03-07 07:37:13 -0800361 - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days
362 ago.
Damien Millere4f43472013-03-08 12:14:22 +1100363 - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a
364 chance to complete on broken systems; ok dtucker@
Darren Tuckerb3cd5032013-03-07 12:33:35 +1100365
Darren Tucker834a0d62013-03-06 14:06:48 +110036620130306
367 - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding
368 connection to start so that the test works on slower machines.
Darren Tuckerff008de2013-03-06 17:48:48 +1100369 - (dtucker) [configure.ac] test that we can set number of file descriptors
370 to zero with setrlimit before enabling the rlimit sandbox. This affects
371 (at least) HPUX 11.11.
Darren Tucker834a0d62013-03-06 14:06:48 +1100372
Damien Miller43e5e602013-03-05 09:49:00 +110037320130305
374 - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for
375 HP/UX. Spotted by Kevin Brott
Darren Tucker5f0e54c2013-03-05 19:57:39 +1100376 - (dtucker) [configure.ac] use "=" for shell test and not "==". Spotted by
Darren Tuckerfef9f7c2013-03-05 20:02:24 +1100377 Amit Kulkarni and Kevin Brott.
Darren Tucker29c71512013-03-05 21:50:09 +1100378 - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure
379 build breakage on (at least) HP-UX 11.11. Found by Amit Kulkarni and Kevin
380 Brott.
Tim Riceff8bda82013-03-05 14:23:58 -0800381 - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov.
Damien Miller43e5e602013-03-05 09:49:00 +1100382
Damien Millerc0cc7ce2013-02-27 10:48:18 +110038320130227
384 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
385 [contrib/suse/openssh.spec] Crank version numbers
Tim Ricea514bc02013-02-26 19:35:26 -0800386 - (tim) [regress/forward-control.sh] use sh in case login shell is csh.
Tim Ricef9e20602013-02-26 20:27:29 -0800387 - (tim) [regress/integrity.sh] shell portability fix.
Tim Riceada7e172013-02-26 21:49:09 -0800388 - (tim) [regress/integrity.sh] keep old solaris awk from hanging.
Tim Rice21f591b2013-02-26 22:48:31 -0800389 - (tim) [regress/krl.sh] keep old solaris awk from hanging.
Damien Millerc0cc7ce2013-02-27 10:48:18 +1100390
Damien Miller1e657d52013-02-26 18:58:06 +110039120130226
392 - OpenBSD CVS Sync
393 - djm@cvs.openbsd.org 2013/02/20 08:27:50
394 [integrity.sh]
395 Add an option to modpipe that warns if the modification offset it not
396 reached in it's stream and turn it on for t-integrity. This should catch
397 cases where the session is not fuzzed for being too short (cf. my last
398 "oops" commit)
Damien Miller6c21bb82013-02-26 19:41:30 +1100399 - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage
400 for UsePAM=yes configuration
Damien Miller1e657d52013-02-26 18:58:06 +1100401
Darren Tucker03978c62013-02-25 11:24:44 +110040220130225
403 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed
404 to use Solaris native GSS libs. Patch from Pierre Ossman.
405
Darren Tuckera423fef2013-02-25 10:32:27 +110040620130223
Damien Millerb87f6b72013-02-23 09:12:23 +1100407 - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer
408 bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu.
409 ok tim
410
Darren Tuckera423fef2013-02-25 10:32:27 +110041120130222
Darren Tucker964de182013-02-22 10:39:59 +1100412 - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to
Darren Tuckera2b5a4c2013-02-22 10:43:15 +1100413 ssh(1) since they're not needed. Patch from Pierre Ossman, ok djm.
414 - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named
415 libgss too. Patch from Pierre Ossman, ok djm.
Damien Miller91f40d82013-02-22 11:37:00 +1100416 - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux
417 seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com;
418 ok dtucker
Darren Tucker964de182013-02-22 10:39:59 +1100419
Tim Rice0ec74232013-02-20 21:37:55 -080042020130221
421 - (tim) [regress/forward-control.sh] shell portability fix.
422
Tim Ricec08b3ef2013-02-19 11:53:29 -080042320130220
424 - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix.
Tim Ricec31db8c2013-02-19 19:01:51 -0800425 - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded
426 err.h include from krl.c. Additional portability fixes for modpipe. OK djm
Damien Miller283e5752013-02-20 21:13:27 +1100427 - OpenBSD CVS Sync
428 - djm@cvs.openbsd.org 2013/02/20 08:27:50
429 [regress/integrity.sh regress/modpipe.c]
430 Add an option to modpipe that warns if the modification offset it not
431 reached in it's stream and turn it on for t-integrity. This should catch
432 cases where the session is not fuzzed for being too short (cf. my last
433 "oops" commit)
Damien Miller5acc6be2013-02-20 21:16:07 +1100434 - djm@cvs.openbsd.org 2013/02/20 08:29:27
435 [regress/modpipe.c]
436 s/Id/OpenBSD/ in RCS tag
Tim Ricec08b3ef2013-02-19 11:53:29 -0800437
Damien Miller0dc3bc92013-02-19 09:28:32 +110043820130219
439 - OpenBSD CVS Sync
440 - djm@cvs.openbsd.org 2013/02/18 22:26:47
441 [integrity.sh]
442 crank the offset yet again; it was still fuzzing KEX one of Darren's
443 portable test hosts at 2800
Damien Millerb3764e12013-02-19 13:15:01 +1100444 - djm@cvs.openbsd.org 2013/02/19 02:14:09
445 [integrity.sh]
446 oops, forgot to increase the output of the ssh command to ensure that
447 we actually reach $offset
Damien Millerdae85cc2013-02-19 14:27:44 +1100448 - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that
449 lack support for SHA2.
Tim Ricec31db8c2013-02-19 19:01:51 -0800450 - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms
451 that do not have them.
Damien Miller0dc3bc92013-02-19 09:28:32 +1100452
Damien Miller33d52562013-02-18 10:18:05 +110045320130217
454 - OpenBSD CVS Sync
455 - djm@cvs.openbsd.org 2013/02/17 23:16:55
456 [integrity.sh]
457 make the ssh command generates some output to ensure that there are at
458 least offset+tries bytes in the stream.
459
Damien Miller5d7b9562013-02-16 17:32:31 +110046020130216
461 - OpenBSD CVS Sync
462 - djm@cvs.openbsd.org 2013/02/16 06:08:45
463 [integrity.sh]
464 make sure the fuzz offset is actually past the end of KEX for all KEX
465 types. diffie-hellman-group-exchange-sha256 requires an offset around
466 2700. Noticed via test failures in portable OpenSSH on platforms that
467 lack ECC and this the more byte-frugal ECDH KEX algorithms.
468
Damien Miller91edc1c2013-02-15 10:23:44 +110046920130215
470 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from
471 Iain Morgan
Darren Tucker3c4a24c2013-02-15 11:41:35 +1100472 - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
473 Use getpgrp() if we don't have getpgid() (old BSDs, maybe others).
Darren Tucker8e6fb782013-02-15 12:13:01 +1100474 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c
475 openbsd-compat/openbsd-compat.h] Add strtoull to compat library for
476 platforms that don't have it.
Darren Tuckerf32db832013-02-15 12:20:41 +1100477 - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul,
478 group strto* function prototypes together.
Darren Tucker2991d282013-02-15 14:55:38 +1100479 - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes
480 an argument. Pointed out by djm.
Damien Miller4018dc02013-02-15 10:28:55 +1100481 - (djm) OpenBSD CVS Sync
482 - djm@cvs.openbsd.org 2013/02/14 21:35:59
483 [auth2-pubkey.c]
484 Correct error message that had a typo and was logging the wrong thing;
485 patch from Petr Lautrbach
Damien Miller5ceddc32013-02-15 12:18:32 +1100486 - dtucker@cvs.openbsd.org 2013/02/15 00:21:01
487 [sshconnect2.c]
488 Warn more loudly if an IdentityFile provided by the user cannot be read.
489 bz #1981, ok djm@
Damien Miller91edc1c2013-02-15 10:23:44 +1100490
Damien Miller2653f5c2013-02-14 10:14:51 +110049120130214
492 - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC.
Damien Miller6d77d6e2013-02-14 10:31:03 +1100493 - (djm) [regress/krl.sh] typo; found by Iain Morgan
Damien Miller57f92182013-02-14 10:32:33 +1100494 - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead
495 of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by
496 Iain Morgan
Damien Miller2653f5c2013-02-14 10:14:51 +1100497
Damien Millerea078462013-02-12 10:54:37 +110049820130212
499 - (djm) OpenBSD CVS Sync
500 - djm@cvs.openbsd.org 2013/01/24 21:45:37
501 [krl.c]
502 fix handling of (unused) KRL signatures; skip string in correct buffer
Damien Miller6045f5d2013-02-12 10:54:54 +1100503 - djm@cvs.openbsd.org 2013/01/24 22:08:56
504 [krl.c]
505 skip serial lookup when cert's serial number is zero
Damien Miller377d9a42013-02-12 10:55:16 +1100506 - krw@cvs.openbsd.org 2013/01/25 05:00:27
507 [krl.c]
508 Revert last. Breaks due to likely typo. Let djm@ fix later.
509 ok djm@ via dlg@
Damien Miller60565bc2013-02-12 10:56:42 +1100510 - djm@cvs.openbsd.org 2013/01/25 10:22:19
511 [krl.c]
512 redo last commit without the vi-vomit that snuck in:
513 skip serial lookup when cert's serial number is zero
514 (now with 100% better comment)
Damien Millerf0a8ded2013-02-12 11:00:34 +1100515 - djm@cvs.openbsd.org 2013/01/26 06:11:05
516 [Makefile.in acss.c acss.h cipher-acss.c cipher.c]
517 [openbsd-compat/openssl-compat.h]
518 remove ACSS, now that it is gone from libcrypto too
Damien Miller0cd2f8e2013-02-12 11:01:39 +1100519 - djm@cvs.openbsd.org 2013/01/27 10:06:12
520 [krl.c]
521 actually use the xrealloc() return value; spotted by xi.wang AT gmail.com
Damien Miller1f583df2013-02-12 11:02:08 +1100522 - dtucker@cvs.openbsd.org 2013/02/06 00:20:42
523 [servconf.c sshd_config sshd_config.5]
524 Change default of MaxStartups to 10:30:100 to start doing random early
525 drop at 10 connections up to 100 connections. This will make it harder
526 to DoS as CPUs have come a long way since the original value was set
527 back in 2000. Prompted by nion at debian org, ok markus@
Damien Miller18de9132013-02-12 11:02:27 +1100528 - dtucker@cvs.openbsd.org 2013/02/06 00:22:21
529 [auth.c]
530 Fix comment, from jfree.e1 at gmail
Damien Millerd6d9fa02013-02-12 11:02:46 +1100531 - djm@cvs.openbsd.org 2013/02/08 00:41:12
532 [sftp.c]
533 fix NULL deref when built without libedit and control characters
534 entered as command; debugging and patch from Iain Morgan an
535 Loganaden Velvindron in bz#1956
Damien Millerfd051542013-02-12 11:03:10 +1100536 - markus@cvs.openbsd.org 2013/02/10 21:19:34
537 [version.h]
538 openssh 6.2
Damien Miller78d22712013-02-12 11:03:36 +1100539 - djm@cvs.openbsd.org 2013/02/10 23:32:10
540 [ssh-keygen.c]
541 append to moduli file when screening candidates rather than overwriting.
542 allows resumption of interrupted screen; patch from Christophe Garault
543 in bz#1957; ok dtucker@
Damien Miller894926e2013-02-12 11:03:58 +1100544 - djm@cvs.openbsd.org 2013/02/10 23:35:24
545 [packet.c]
546 record "Received disconnect" messages at ERROR rather than INFO priority,
547 since they are abnormal and result in a non-zero ssh exit status; patch
548 from Iain Morgan in bz#2057; ok dtucker@
Damien Miller22e8a1e2013-02-12 11:04:48 +1100549 - dtucker@cvs.openbsd.org 2013/02/11 21:21:58
550 [sshd.c]
551 Add openssl version to debug output similar to the client. ok markus@
Damien Miller58e2c5b2013-02-12 11:16:57 +1100552 - djm@cvs.openbsd.org 2013/02/11 23:58:51
553 [regress/try-ciphers.sh]
554 remove acss here too
Damien Miller2f20de52013-02-12 11:31:38 +1100555 - (djm) [regress/try-ciphers.sh] clean up CVS merge botch
Damien Millerea078462013-02-12 10:54:37 +1100556
Damien Millerb6f73b32013-02-11 10:39:12 +110055720130211
558 - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old
559 libcrypto that lacks EVP_CIPHER_CTX_ctrl
560
Damien Millere7f50e12013-02-08 10:49:37 +110056120130208
562 - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer;
563 patch from Iain Morgan in bz#2059
Darren Tucker951b53b2013-02-08 11:50:09 +1100564 - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows
565 __attribute__ on return values and work around if necessary. ok djm@
Damien Millere7f50e12013-02-08 10:49:37 +1100566
56720130207
Damien Miller5c3bbd72013-02-07 10:11:05 +1100568 - (djm) [configure.ac] Don't probe seccomp capability of running kernel
569 at configure time; the seccomp sandbox will fall back to rlimit at
570 runtime anyway. Patch from plautrba AT redhat.com in bz#2011
571
Damien Millerda5cc5d2013-01-20 22:31:29 +110057220130120
573 - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h]
574 Move prototypes for replacement ciphers to openssl-compat.h; fix EVP
575 prototypes for openssl-1.0.0-fips.
Damien Millerac5542b2013-01-20 22:33:02 +1100576 - (djm) OpenBSD CVS Sync
577 - jmc@cvs.openbsd.org 2013/01/18 07:57:47
578 [ssh-keygen.1]
579 tweak previous;
Damien Miller3d6d68b2013-01-20 22:33:23 +1100580 - jmc@cvs.openbsd.org 2013/01/18 07:59:46
581 [ssh-keygen.c]
582 -u before -V in usage();
Damien Miller72abeb72013-01-20 22:33:44 +1100583 - jmc@cvs.openbsd.org 2013/01/18 08:00:49
584 [sshd_config.5]
585 tweak previous;
Damien Miller072fdcd2013-01-20 22:34:04 +1100586 - jmc@cvs.openbsd.org 2013/01/18 08:39:04
587 [ssh-keygen.1]
588 add -Q to the options list; ok djm
Damien Miller881a7a22013-01-20 22:34:46 +1100589 - jmc@cvs.openbsd.org 2013/01/18 21:48:43
590 [ssh-keygen.1]
591 command-line (adj.) -> command line (n.);
Damien Millera0a7ee82013-01-20 22:35:06 +1100592 - jmc@cvs.openbsd.org 2013/01/19 07:13:25
593 [ssh-keygen.1]
594 fix some formatting; ok djm
Damien Millera7522d92013-01-20 22:35:31 +1100595 - markus@cvs.openbsd.org 2013/01/19 12:34:55
596 [krl.c]
597 RB_INSERT does not remove existing elments; ok djm@
Damien Millerd60b2102013-01-20 22:49:58 +1100598 - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer
599 version.
Damien Millerdc75d1f2013-01-20 22:58:51 +1100600 - (djm) [regress/krl.sh] replacement for jot; most platforms lack it
Damien Millerda5cc5d2013-01-20 22:31:29 +1100601
Damien Millerf3747bf2013-01-18 11:44:04 +110060220130118
603 - (djm) OpenBSD CVS Sync
604 - djm@cvs.openbsd.org 2013/01/17 23:00:01
605 [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
606 [krl.c krl.h PROTOCOL.krl]
607 add support for Key Revocation Lists (KRLs). These are a compact way to
608 represent lists of revoked keys and certificates, taking as little as
609 a single bit of incremental cost to revoke a certificate by serial number.
610 KRLs are loaded via the existing RevokedKeys sshd_config option.
611 feedback and ok markus@
Damien Millerebafebd2013-01-18 11:51:56 +1100612 - djm@cvs.openbsd.org 2013/01/18 00:45:29
613 [regress/Makefile regress/cert-userkey.sh regress/krl.sh]
614 Tests for Key Revocation Lists (KRLs)
Damien Miller13f5f762013-01-18 15:32:03 +1100615 - djm@cvs.openbsd.org 2013/01/18 03:00:32
616 [krl.c]
617 fix KRL generation bug for list sections
Damien Millerf3747bf2013-01-18 11:44:04 +1100618
Damien Millerb26699b2013-01-17 14:31:57 +110061920130117
620 - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
621 check for GCM support before testing GCM ciphers.
622
Damien Millerc20eb8b2013-01-12 22:41:26 +110062320130112
624 - (djm) OpenBSD CVS Sync
625 - djm@cvs.openbsd.org 2013/01/12 11:22:04
626 [cipher.c]
627 improve error message for integrity failure in AES-GCM modes; ok markus@
Damien Miller846dc7f2013-01-12 22:46:26 +1100628 - djm@cvs.openbsd.org 2013/01/12 11:23:53
629 [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
630 test AES-GCM modes; feedback markus@
Damien Millerefa1c952013-01-12 23:10:47 +1100631 - (djm) [regress/integrity.sh] repair botched merge
Damien Millerc20eb8b2013-01-12 22:41:26 +1100632
Damien Miller4e14a582013-01-09 15:54:48 +110063320130109
634 - (djm) OpenBSD CVS Sync
635 - dtucker@cvs.openbsd.org 2012/12/14 05:26:43
636 [auth.c]
637 use correct string in error message; from rustybsd at gmx.fr
Damien Miller73298f42013-01-09 15:55:50 +1100638 - djm@cvs.openbsd.org 2013/01/02 00:32:07
639 [clientloop.c mux.c]
640 channel_setup_local_fwd_listener() returns 0 on failure, not -ve
641 bz#2055 reported by mathieu.lacage AT gmail.com
Damien Miller697485d2013-01-09 15:56:13 +1100642 - djm@cvs.openbsd.org 2013/01/02 00:33:49
643 [PROTOCOL.agent]
644 correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED
645 bz#2051 from david AT lechnology.com
Damien Miller44138442013-01-09 15:56:45 +1100646 - djm@cvs.openbsd.org 2013/01/03 05:49:36
647 [servconf.h]
648 add a couple of ServerOptions members that should be copied to the privsep
649 child (for consistency, in this case they happen only to be accessed in
650 the monitor); ok dtucker@
Damien Miller3739c8f2013-01-09 15:57:16 +1100651 - djm@cvs.openbsd.org 2013/01/03 12:49:01
652 [PROTOCOL]
653 fix description of MAC calculation for EtM modes; ok markus@
Damien Miller502ab0e2013-01-09 15:57:36 +1100654 - djm@cvs.openbsd.org 2013/01/03 12:54:49
655 [sftp-server.8 sftp-server.c]
656 allow specification of an alternate start directory for sftp-server(8)
657 "I like this" markus@
Damien Millerec77c952013-01-09 15:58:00 +1100658 - djm@cvs.openbsd.org 2013/01/03 23:22:58
659 [ssh-keygen.c]
660 allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ...
661 ok markus@
Damien Milleraa7ad302013-01-09 15:58:21 +1100662 - jmc@cvs.openbsd.org 2013/01/04 19:26:38
663 [sftp-server.8 sftp-server.c]
664 sftp-server.8: add argument name to -d
665 sftp-server.c: add -d to usage()
666 ok djm
Damien Miller1d75abf2013-01-09 16:12:19 +1100667 - markus@cvs.openbsd.org 2013/01/08 18:49:04
668 [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c]
669 [myproposal.h packet.c ssh_config.5 sshd_config.5]
670 support AES-GCM as defined in RFC 5647 (but with simpler KEX handling)
671 ok and feedback djm@
Damien Miller1422c082013-01-09 16:44:54 +1100672 - djm@cvs.openbsd.org 2013/01/09 05:40:17
673 [ssh-keygen.c]
674 correctly initialise fingerprint type for fingerprinting PKCS#11 keys
Damien Millerd522c682013-01-09 16:42:47 +1100675 - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h]
676 Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little
677 cipher compat code to openssl-compat.h
Damien Miller4e14a582013-01-09 15:54:48 +1100678
Darren Tucker0fc77292012-12-17 15:59:42 +110067920121217
680 - (dtucker) [Makefile.in] Add some scaffolding so that the new regress
681 tests will work with VPATH directories.
682
Damien Miller8c05da32012-12-13 07:18:59 +110068320121213
684 - (djm) OpenBSD CVS Sync
685 - markus@cvs.openbsd.org 2012/12/12 16:45:52
686 [packet.c]
687 reset incoming_packet buffer for each new packet in EtM-case, too;
688 this happens if packets are parsed only parially (e.g. ignore
689 messages sent when su/sudo turn off echo); noted by sthen/millert
Damien Miller25a02b02012-12-13 08:18:56 +1100690 - naddy@cvs.openbsd.org 2012/12/12 16:46:10
691 [cipher.c]
692 use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled
693 counter mode code; ok djm@
694 - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our
695 compat code for older OpenSSL
Damien Miller13cbff12012-12-13 08:25:07 +1100696 - (djm) [cipher.c] Fix missing prototype for compat code
Damien Miller8c05da32012-12-13 07:18:59 +1100697
Damien Miller6a1937e2012-12-12 10:44:38 +110069820121212
699 - (djm) OpenBSD CVS Sync
700 - markus@cvs.openbsd.org 2012/12/11 22:16:21
701 [monitor.c]
702 drain the log messages after receiving the keystate from the unpriv
703 child. otherwise it might block while sending. ok djm@
Damien Milleraf43a7a2012-12-12 10:46:31 +1100704 - markus@cvs.openbsd.org 2012/12/11 22:31:18
705 [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
706 [packet.c ssh_config.5 sshd_config.5]
707 add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
708 that change the packet format and compute the MAC over the encrypted
709 message (including the packet size) instead of the plaintext data;
710 these EtM modes are considered more secure and used by default.
711 feedback and ok djm@
Damien Miller74f13bd2012-12-12 10:46:53 +1100712 - sthen@cvs.openbsd.org 2012/12/11 22:51:45
713 [mac.c]
714 fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@
Damien Miller1a45b632012-12-12 10:52:07 +1100715 - markus@cvs.openbsd.org 2012/12/11 22:32:56
716 [regress/try-ciphers.sh]
717 add etm modes
Damien Miller1fb593a2012-12-12 10:54:37 +1100718 - markus@cvs.openbsd.org 2012/12/11 22:42:11
719 [regress/Makefile regress/modpipe.c regress/integrity.sh]
720 test the integrity of the packets; with djm@
Damien Millerec7ce9a2012-12-12 10:55:32 +1100721 - markus@cvs.openbsd.org 2012/12/11 23:12:13
722 [try-ciphers.sh]
723 add hmac-ripemd160-etm@openssh.com
Damien Miller37834af2012-12-12 11:00:37 +1100724 - (djm) [mac.c] fix merge botch
Damien Miller37461d72012-12-12 12:37:32 +1100725 - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test
726 work on platforms without 'jot'
727 - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip
Damien Millerfaabeb62012-12-12 12:51:54 +1100728 - (djm) [regress/Makefile] fix t-exec rule
Damien Miller6a1937e2012-12-12 10:44:38 +1100729
Darren Tucker3dfb8772012-12-07 13:03:10 +110073020121207
731 - (dtucker) OpenBSD CVS Sync
732 - dtucker@cvs.openbsd.org 2012/12/06 06:06:54
733 [regress/keys-command.sh]
734 Fix some problems with the keys-command test:
735 - use string comparison rather than numeric comparison
736 - check for existing KEY_COMMAND file and don't clobber if it exists
737 - clean up KEY_COMMAND file if we do create it.
738 - check that KEY_COMMAND is executable (which it won't be if eg /var/run
739 is mounted noexec).
740 ok djm.
Darren Tuckerf9333d52012-12-07 13:06:13 +1100741 - jmc@cvs.openbsd.org 2012/12/03 08:33:03
742 [ssh-add.1 sshd_config.5]
743 tweak previous;
Darren Tucker8a965222012-12-07 13:07:02 +1100744 - markus@cvs.openbsd.org 2012/12/05 15:42:52
745 [ssh-add.c]
746 prevent double-free of comment; ok djm@
Darren Tucker3e1027c2012-12-07 13:07:46 +1100747 - dtucker@cvs.openbsd.org 2012/12/07 01:51:35
748 [serverloop.c]
749 Cast signal to int for logging. A no-op on openbsd (they're always ints)
750 but will prevent warnings in portable. ok djm@
Darren Tucker3dfb8772012-12-07 13:03:10 +1100751
Tim Rice96ce9a12012-12-04 07:50:03 -080075220121205
753 - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@.
754
Damien Millercf6ef132012-12-03 09:37:56 +110075520121203
756 - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get
757 TAILQ_FOREACH_SAFE needed for upcoming changes.
Damien Millercb6b68b2012-12-03 09:49:52 +1100758 - (djm) OpenBSD CVS Sync
759 - djm@cvs.openbsd.org 2012/12/02 20:26:11
760 [ssh_config.5 sshconnect2.c]
761 Make IdentitiesOnly apply to keys obtained from a PKCS11Provider.
762 This allows control of which keys are offered from tokens using
763 IdentityFile. ok markus@
Damien Miller33a81362012-12-03 09:50:24 +1100764 - djm@cvs.openbsd.org 2012/12/02 20:42:15
765 [ssh-add.1 ssh-add.c]
766 make deleting explicit keys "ssh-add -d" symmetric with adding keys -
767 try to delete the corresponding certificate too and respect the -k option
768 to allow deleting of the key only; feedback and ok markus@
Damien Milleraa5b3f82012-12-03 09:50:54 +1100769 - djm@cvs.openbsd.org 2012/12/02 20:46:11
770 [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c]
771 [sshd_config.5]
772 make AllowTcpForwarding accept "local" and "remote" in addition to its
773 current "yes"/"no" to allow the server to specify whether just local or
774 remote TCP forwarding is enabled. ok markus@
Damien Millerfa51d8b2012-12-03 10:08:25 +1100775 - dtucker@cvs.openbsd.org 2012/10/05 02:20:48
776 [regress/cipher-speed.sh regress/try-ciphers.sh]
777 Add umac-128@openssh.com to the list of MACs to be tested
Damien Miller6618e922012-12-03 10:09:04 +1100778 - djm@cvs.openbsd.org 2012/10/19 05:10:42
779 [regress/cert-userkey.sh]
780 include a serial number when generating certs
Damien Miller771c43c2012-12-03 10:12:13 +1100781 - djm@cvs.openbsd.org 2012/11/22 22:49:30
782 [regress/Makefile regress/keys-command.sh]
783 regress for AuthorizedKeysCommand; hints from markus@
Damien Miller999bd2d2012-12-03 10:13:39 +1100784 - djm@cvs.openbsd.org 2012/12/02 20:47:48
785 [Makefile regress/forward-control.sh]
786 regress for AllowTcpForwarding local/remote; ok markus@
Damien Miller55aca022012-12-03 11:25:30 +1100787 - djm@cvs.openbsd.org 2012/12/03 00:14:06
788 [auth2-chall.c ssh-keygen.c]
789 Fix compilation with -Wall -Werror (trivial type fixes)
Damien Miller03af12e2012-12-03 11:55:53 +1100790 - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation
791 debugging. ok dtucker@
Damien Miller8b489822012-12-03 12:35:55 +1100792 - (djm) [configure.ac] Revert previous. configure.ac already does this
793 for us.
Damien Millercf6ef132012-12-03 09:37:56 +1100794
Damien Miller1e854692012-11-14 19:04:02 +110079520121114
796 - (djm) OpenBSD CVS Sync
797 - djm@cvs.openbsd.org 2012/11/14 02:24:27
798 [auth2-pubkey.c]
799 fix username passed to helper program
800 prepare stdio fds before closefrom()
801 spotted by landry@
Damien Miller6f3b3622012-11-14 19:04:33 +1100802 - djm@cvs.openbsd.org 2012/11/14 02:32:15
803 [ssh-keygen.c]
804 allow the full range of unsigned serial numbers; 'fine' deraadt@
Damien Miller15b05cf2012-12-03 09:53:20 +1100805 - djm@cvs.openbsd.org 2012/12/02 20:34:10
806 [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c]
807 [monitor.c monitor.h]
808 Fixes logging of partial authentication when privsep is enabled
809 Previously, we recorded "Failed xxx" since we reset authenticated before
810 calling auth_log() in auth2.c. This adds an explcit "Partial" state.
811
812 Add a "submethod" to auth_log() to report which submethod is used
813 for keyboard-interactive.
814
815 Fix multiple authentication when one of the methods is
816 keyboard-interactive.
817
818 ok markus@
Damien Millerd27a0262012-12-03 10:06:37 +1100819 - dtucker@cvs.openbsd.org 2012/10/05 02:05:30
820 [regress/multiplex.sh]
821 Use 'kill -0' to test for the presence of a pid since it's more portable
Damien Miller1e854692012-11-14 19:04:02 +1100822
Damien Millerd5c3d4c2012-11-07 08:35:38 +110082320121107
824 - (djm) OpenBSD CVS Sync
825 - eric@cvs.openbsd.org 2011/11/28 08:46:27
826 [moduli.5]
827 fix formula
828 ok djm@
Damien Miller0120c412012-11-07 08:36:00 +1100829 - jmc@cvs.openbsd.org 2012/09/26 17:34:38
830 [moduli.5]
831 last stage of rfc changes, using consistent Rs/Re blocks, and moving the
832 references into a STANDARDS section;
Damien Millerd5c3d4c2012-11-07 08:35:38 +1100833
Darren Tuckerf96ff182012-11-05 17:04:37 +110083420121105
835 - (dtucker) [uidswap.c openbsd-compat/Makefile.in
836 openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h
837 openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids
838 and gids from uidswap.c to the compat library, which allows it to work with
839 the new setresuid calls in auth2-pubkey. with tim@, ok djm@
Darren Tucker737f7af2012-11-05 17:07:43 +1100840 - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that
841 don't have it. Spotted by tim@.
Darren Tuckerf96ff182012-11-05 17:04:37 +1100842
Damien Millerf33580e2012-11-04 22:22:52 +110084320121104
844 - (djm) OpenBSD CVS Sync
845 - jmc@cvs.openbsd.org 2012/10/31 08:04:50
846 [sshd_config.5]
847 tweak previous;
Damien Millerd0d10992012-11-04 22:23:14 +1100848 - djm@cvs.openbsd.org 2012/11/04 10:38:43
849 [auth2-pubkey.c sshd.c sshd_config.5]
850 Remove default of AuthorizedCommandUser. Administrators are now expected
851 to explicitly specify a user. feedback and ok markus@
Damien Millera6e3f012012-11-04 23:21:40 +1100852 - djm@cvs.openbsd.org 2012/11/04 11:09:15
853 [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c]
854 [sshd_config.5]
855 Support multiple required authentication via an AuthenticationMethods
856 option. This option lists one or more comma-separated lists of
857 authentication method names. Successful completion of all the methods in
858 any list is required for authentication to complete;
859 feedback and ok markus@
Damien Millerf33580e2012-11-04 22:22:52 +1100860
Damien Miller07daed52012-10-31 08:57:55 +110086120121030
862 - (djm) OpenBSD CVS Sync
863 - markus@cvs.openbsd.org 2012/10/05 12:34:39
864 [sftp.c]
865 fix signed vs unsigned warning; feedback & ok: djm@
Damien Miller09d3e122012-10-31 08:58:58 +1100866 - djm@cvs.openbsd.org 2012/10/30 21:29:55
867 [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
868 [sshd.c sshd_config sshd_config.5]
869 new sshd_config option AuthorizedKeysCommand to support fetching
870 authorized_keys from a command in addition to (or instead of) from
871 the filesystem. The command is run as the target server user unless
872 another specified via a new AuthorizedKeysCommandUser option.
873
874 patch originally by jchadima AT redhat.com, reworked by me; feedback
875 and ok markus@
Damien Miller07daed52012-10-31 08:57:55 +1100876
Tim Ricec0e5cbe2012-10-18 21:38:58 -070087720121019
878 - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in
879 the generated file as intended.
880
Darren Tucker0af24052012-10-05 10:41:25 +100088120121005
882 - (dtucker) OpenBSD CVS Sync
883 - djm@cvs.openbsd.org 2012/09/17 09:54:44
884 [sftp.c]
885 an XXX for later
Darren Tucker302889a2012-10-05 10:42:53 +1000886 - markus@cvs.openbsd.org 2012/09/17 13:04:11
887 [packet.c]
888 clear old keys on rekeing; ok djm
Darren Tucker063018d2012-10-05 10:43:58 +1000889 - dtucker@cvs.openbsd.org 2012/09/18 10:36:12
890 [sftp.c]
891 Add bounds check on sftp tab-completion. Part of a patch from from
892 Jean-Marc Robert via tech@, ok djm
Darren Tucker191fcc62012-10-05 10:45:01 +1000893 - dtucker@cvs.openbsd.org 2012/09/21 10:53:07
894 [sftp.c]
895 Fix improper handling of absolute paths when PWD is part of the completed
896 path. Patch from Jean-Marc Robert via tech@, ok djm.
Darren Tucker17146d32012-10-05 10:46:16 +1000897 - dtucker@cvs.openbsd.org 2012/09/21 10:55:04
898 [sftp.c]
899 Fix handling of filenames containing escaped globbing characters and
900 escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm.
Darren Tucker628a3fd2012-10-05 10:50:15 +1000901 - jmc@cvs.openbsd.org 2012/09/26 16:12:13
902 [ssh.1]
903 last stage of rfc changes, using consistent Rs/Re blocks, and moving the
904 references into a STANDARDS section;
Darren Tucker3a7c0412012-10-05 10:51:59 +1000905 - naddy@cvs.openbsd.org 2012/10/01 13:59:51
906 [monitor_wrap.c]
907 pasto; ok djm@
Darren Tucker0dc283b2012-10-05 10:52:51 +1000908 - djm@cvs.openbsd.org 2012/10/02 07:07:45
909 [ssh-keygen.c]
910 fix -z option, broken in revision 1.215
Darren Tucker427e4092012-10-05 11:02:39 +1000911 - markus@cvs.openbsd.org 2012/10/04 13:21:50
912 [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
913 add umac128 variant; ok djm@ at n2k12
Darren Tucker189e5ba2012-10-05 11:41:52 +1000914 - dtucker@cvs.openbsd.org 2012/09/06 04:11:07
915 [regress/try-ciphers.sh]
916 Restore missing space. (Id sync only).
Darren Tucker6fc5aa82012-10-05 11:43:57 +1000917 - dtucker@cvs.openbsd.org 2012/09/09 11:51:25
918 [regress/multiplex.sh]
919 Add test for ssh -Ostop
Darren Tucker9b2c0362012-10-05 11:45:39 +1000920 - dtucker@cvs.openbsd.org 2012/09/10 00:49:21
921 [regress/multiplex.sh]
922 Log -O cmd output to the log file and make logging consistent with the
923 other tests. Test clean shutdown of an existing channel when testing
924 "stop".
Darren Tuckeree4ad772012-10-05 12:04:10 +1000925 - dtucker@cvs.openbsd.org 2012/09/10 01:51:19
926 [regress/multiplex.sh]
927 use -Ocheck and waiting for completions by PID to make multiplexing test
928 less racy and (hopefully) more reliable on slow hardware.
Darren Tucker992faad2012-10-05 11:38:24 +1000929 - [Makefile umac.c] Add special-case target to build umac128.o.
Darren Tucker50ce4472012-10-05 12:11:33 +1000930 - [umac.c] Enforce allowed umac output sizes. From djm@.
Darren Tuckercc8e9ff2012-10-05 15:41:06 +1000931 - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom".
Darren Tucker0af24052012-10-05 10:41:25 +1000932
Darren Tuckerbb6cc072012-09-17 13:25:06 +100093320120917
934 - (dtucker) OpenBSD CVS Sync
935 - dtucker@cvs.openbsd.org 2012/09/13 23:37:36
936 [servconf.c]
937 Fix comment line length
Darren Tucker26b9e3b2012-09-17 13:25:44 +1000938 - markus@cvs.openbsd.org 2012/09/14 16:51:34
939 [sshconnect.c]
940 remove unused variable
Darren Tuckerbb6cc072012-09-17 13:25:06 +1000941
Darren Tucker92a39cf2012-09-07 11:20:20 +100094220120907
943 - (dtucker) OpenBSD CVS Sync
944 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13
945 [clientloop.c]
946 Make the escape command help (~?) context sensitive so that only commands
947 that will work in the current session are shown. ok markus@
Darren Tucker83d0af62012-09-07 11:21:03 +1000948 - jmc@cvs.openbsd.org 2012/09/06 13:57:42
949 [ssh.1]
950 missing letter in previous;
Darren Tuckerf111d402012-09-07 11:21:42 +1000951 - dtucker@cvs.openbsd.org 2012/09/07 00:30:19
952 [clientloop.c]
953 Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@
Darren Tuckerca0d0fd2012-09-07 11:22:24 +1000954 - dtucker@cvs.openbsd.org 2012/09/07 01:10:21
955 [clientloop.c]
956 Merge escape help text for ~v and ~V; ok djm@
Darren Tucker48bf4b02012-09-07 16:38:53 +1000957 - dtucker@cvs.openbsd.org 2012/09/07 06:34:21
958 [clientloop.c]
959 when muxmaster is run with -N, make it shut down gracefully when a client
960 sends it "-O stop" rather than hanging around (bz#1985). ok djm@
Darren Tucker92a39cf2012-09-07 11:20:20 +1000961
Darren Tucker3ee50c52012-09-06 21:18:11 +100096220120906
963 - (dtucker) OpenBSD CVS Sync
964 - jmc@cvs.openbsd.org 2012/08/15 18:25:50
965 [ssh-keygen.1]
966 a little more info on certificate validity;
967 requested by Ross L Richardson, and provided by djm
Darren Tucker66cb0e02012-09-06 21:19:05 +1000968 - dtucker@cvs.openbsd.org 2012/08/17 00:45:45
969 [clientloop.c clientloop.h mux.c]
970 Force a clean shutdown of ControlMaster client sessions when the ~. escape
971 sequence is used. This means that ~. should now work in mux clients even
972 if the server is no longer responding. Found by tedu, ok djm.
Darren Tuckerae608bd2012-09-06 21:19:51 +1000973 - djm@cvs.openbsd.org 2012/08/17 01:22:56
974 [kex.c]
975 add some comments about better handling first-KEX-follows notifications
976 from the server. Nothing uses these right now. No binary change
Darren Tuckerf09a8a62012-09-06 21:20:39 +1000977 - djm@cvs.openbsd.org 2012/08/17 01:25:58
978 [ssh-keygen.c]
979 print details of which host lines were deleted when using
980 "ssh-keygen -R host"; ok markus@
Darren Tucker00c15182012-09-06 21:21:56 +1000981 - djm@cvs.openbsd.org 2012/08/17 01:30:00
982 [compat.c sshconnect.c]
983 Send client banner immediately, rather than waiting for the server to
984 move first for SSH protocol 2 connections (the default). Patch based on
985 one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@
Darren Tucker50a48d02012-09-06 21:25:37 +1000986 - dtucker@cvs.openbsd.org 2012/09/06 04:37:39
987 [clientloop.c log.c ssh.1 log.h]
988 Add ~v and ~V escape sequences to raise and lower the logging level
989 respectively. Man page help from jmc, ok deraadt jmc
Darren Tucker3ee50c52012-09-06 21:18:11 +1000990
Darren Tucker23e4b802012-08-30 10:42:47 +100099120120830
992 - (dtucker) [moduli] Import new moduli file.
993
Darren Tucker31854182012-08-28 19:57:19 +100099420120828
Damien Miller4eb0a532012-08-29 10:26:20 +1000995 - (djm) Release openssh-6.1
996
99720120828
Darren Tucker31854182012-08-28 19:57:19 +1000998 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN
999 for compatibility with future mingw-w64 headers. Patch from vinschen at
1000 redhat com.
1001
Damien Miller39a9d2c2012-08-22 21:57:13 +1000100220120822
1003 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
1004 [contrib/suse/openssh.spec] Update version numbers
1005
Damien Miller709a1e92012-07-31 12:20:43 +1000100620120731
1007 - (djm) OpenBSD CVS Sync
1008 - jmc@cvs.openbsd.org 2012/07/06 06:38:03
1009 [ssh-keygen.c]
1010 missing full stop in usage();
Damien Miller5a5c2b92012-07-31 12:21:34 +10001011 - djm@cvs.openbsd.org 2012/07/10 02:19:15
1012 [servconf.c servconf.h sshd.c sshd_config]
1013 Turn on systrace sandboxing of pre-auth sshd by default for new installs
1014 by shipping a config that overrides the current UsePrivilegeSeparation=yes
1015 default. Make it easier to flip the default in the future by adding too.
Damien Miller1cce1032012-07-31 12:22:18 +10001016 prodded markus@ feedback dtucker@ "get it in" deraadt@
Damien Miller46cb75a2012-07-31 12:22:37 +10001017 - dtucker@cvs.openbsd.org 2012/07/13 01:35:21
1018 [servconf.c]
1019 handle long comments in config files better. bz#2025, ok markus
Damien Miller38fe6622012-07-31 12:23:16 +10001020 - markus@cvs.openbsd.org 2012/07/22 18:19:21
1021 [version.h]
1022 openssh 6.1
Damien Miller709a1e92012-07-31 12:20:43 +10001023
Darren Tuckerd809a4b2012-07-20 10:42:06 +1000102420120720
1025 - (dtucker) Import regened moduli file.
1026
Damien Millera0433a72012-07-06 10:27:10 +1000102720120706
1028 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is
1029 not available. Allows use of sshd compiled on host with a filter-capable
1030 kernel on hosts that lack the support. bz#2011 ok dtucker@
Damien Miller77eab7b2012-07-06 11:49:28 +10001031 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no
1032 unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
1033 esperi.org.uk; ok dtucker@
Damien Millerdfceafe2012-07-06 13:44:19 +10001034- (djm) OpenBSD CVS Sync
1035 - dtucker@cvs.openbsd.org 2012/07/06 00:41:59
1036 [moduli.c ssh-keygen.1 ssh-keygen.c]
1037 Add options to specify starting line number and number of lines to process
1038 when screening moduli candidates. This allows processing of different
1039 parts of a candidate moduli file in parallel. man page help jmc@, ok djm@
Damien Millerab523b02012-07-06 13:44:43 +10001040 - djm@cvs.openbsd.org 2012/07/06 01:37:21
1041 [mux.c]
1042 fix memory leak of passed-in environment variables and connection
1043 context when new session message is malformed; bz#2003 from Bert.Wesarg
1044 AT googlemail.com
Damien Millerfff9f092012-07-06 13:45:01 +10001045 - djm@cvs.openbsd.org 2012/07/06 01:47:38
1046 [ssh.c]
1047 move setting of tty_flag to after config parsing so RequestTTY options
1048 are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
1049 ok dtucker@
Damien Millera0433a72012-07-06 10:27:10 +10001050
Darren Tucker34f702a2012-07-04 08:50:09 +1000105120120704
1052 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for
1053 platforms that don't have it. "looks good" tim@
1054
Darren Tucker60395f92012-07-03 14:31:18 +1000105520120703
1056 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with
1057 setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
Darren Tuckerd545a4b2012-07-03 22:48:31 +10001058 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not
1059 setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its
1060 benefit is minor, so it's not worth disabling the sandbox if it doesn't
1061 work.
Darren Tucker60395f92012-07-03 14:31:18 +10001062
Darren Tuckerecbf14a2012-07-02 18:53:37 +1000106320120702
1064- (dtucker) OpenBSD CVS Sync
1065 - naddy@cvs.openbsd.org 2012/06/29 13:57:25
1066 [ssh_config.5 sshd_config.5]
1067 match the documented MAC order of preference to the actual one;
1068 ok dtucker@
Darren Tucker3b4b2d32012-07-02 18:54:31 +10001069 - markus@cvs.openbsd.org 2012/06/30 14:35:09
1070 [sandbox-systrace.c sshd.c]
1071 fix a during the load of the sandbox policies (child can still make
1072 the read-syscall and wait forever for systrace-answers) by replacing
1073 the read/write synchronisation with SIGSTOP/SIGCONT;
1074 report and help hshoexer@; ok djm@, dtucker@
Darren Tucker7b305012012-07-02 18:55:09 +10001075 - dtucker@cvs.openbsd.org 2012/07/02 08:50:03
1076 [ssh.c]
1077 set interactive ToS for forwarded X11 sessions. ok djm@
Darren Tucker4908d442012-07-02 22:15:38 +10001078 - dtucker@cvs.openbsd.org 2012/07/02 12:13:26
1079 [ssh-pkcs11-helper.c sftp-client.c]
1080 fix a couple of "assigned but not used" warnings. ok markus@
Darren Tucker369ceed2012-07-03 00:53:18 +10001081 - dtucker@cvs.openbsd.org 2012/07/02 14:37:06
1082 [regress/connect-privsep.sh]
1083 remove exit from end of test since it prevents reporting failure
Darren Tuckerec1e15d2012-07-03 01:06:49 +10001084 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]
1085 Move cygwin detection to test-exec and use to skip reexec test on cygwin.
Darren Tucker6ea5dc62012-07-03 01:11:28 +10001086 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.
Darren Tuckerecbf14a2012-07-02 18:53:37 +10001087
Damien Miller97f43bb2012-06-30 08:32:29 +1000108820120629
1089 - OpenBSD CVS Sync
1090 - dtucker@cvs.openbsd.org 2012/06/21 00:16:07
1091 [addrmatch.c]
1092 fix strlcpy truncation check. from carsten at debian org, ok markus
Damien Miller5f58a872012-06-30 08:33:17 +10001093 - dtucker@cvs.openbsd.org 2012/06/22 12:30:26
1094 [monitor.c sshconnect2.c]
1095 remove dead code following 'for (;;)' loops.
1096 From Steve.McClellan at radisys com, ok markus@
Damien Millerea858292012-06-30 08:33:32 +10001097 - dtucker@cvs.openbsd.org 2012/06/22 14:36:33
1098 [sftp.c]
1099 Remove unused variable leftover from tab-completion changes.
1100 From Steve.McClellan at radisys com, ok markus@
Damien Miller560de922012-06-30 08:33:53 +10001101 - dtucker@cvs.openbsd.org 2012/06/26 11:02:30
1102 [sandbox-systrace.c]
1103 Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
1104 sandbox" since malloc now uses it. From johnw.mail at gmail com.
Damien Millerdb4f8e82012-06-30 08:34:59 +10001105 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45
1106 [mac.c myproposal.h ssh_config.5 sshd_config.5]
1107 Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
1108 from draft6 of the spec and will not be in the RFC when published. Patch
1109 from mdb at juniper net via bz#2023, ok markus.
Damien Milleree3c1962012-06-30 08:35:59 +10001110 - naddy@cvs.openbsd.org 2012/06/29 13:57:25
1111 [ssh_config.5 sshd_config.5]
1112 match the documented MAC order of preference to the actual one; ok dtucker@
Darren Tucker30139032012-06-30 15:01:22 +10001113 - dtucker@cvs.openbsd.org 2012/05/13 01:42:32
1114 [regress/addrmatch.sh]
1115 Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
1116 to match. Feedback and ok djm@ markus@.
Darren Tucker4430a862012-06-30 15:03:28 +10001117 - djm@cvs.openbsd.org 2012/06/01 00:47:35
Darren Tucker2920bc12012-06-30 15:06:28 +10001118 [regress/multiplex.sh regress/forwarding.sh]
Darren Tucker4430a862012-06-30 15:03:28 +10001119 append to rather than truncate test log; bz#2013 from openssh AT
1120 roumenpetrov.info
Darren Tuckerff32d7c2012-06-30 15:04:13 +10001121 - djm@cvs.openbsd.org 2012/06/01 00:52:52
Darren Tucker2920bc12012-06-30 15:06:28 +10001122 [regress/sftp-cmds.sh]
Darren Tuckerff32d7c2012-06-30 15:04:13 +10001123 don't delete .* on cleanup due to unintended env expansion; pointed out in
1124 bz#2014 by openssh AT roumenpetrov.info
Darren Tucker2920bc12012-06-30 15:06:28 +10001125 - dtucker@cvs.openbsd.org 2012/06/26 12:06:59
1126 [regress/connect-privsep.sh]
1127 test sandbox with every malloc option
Darren Tuckera08c2072012-06-30 15:08:53 +10001128 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45
1129 [regress/try-ciphers.sh regress/cipher-speed.sh]
1130 Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
1131 from draft6 of the spec and will not be in the RFC when published. Patch
1132 from mdb at juniper net via bz#2023, ok markus.
Darren Tucker3886f952012-06-30 19:47:01 +10001133 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error.
Darren Tucker14a9d252012-06-30 20:05:02 +10001134 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have
1135 the required functions in libcrypto.
Damien Miller97f43bb2012-06-30 08:32:29 +10001136
Darren Tucker8908da72012-06-28 15:21:32 +1000113720120628
1138 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null
1139 pointer deref in the client when built with LDNS and using DNSSEC with a
1140 CNAME. Patch from gregdlg+mr at hochet info.
1141
Darren Tucker62dcd632012-06-22 22:02:42 +1000114220120622
1143 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as
1144 can logon as a service. Patch from vinschen at redhat com.
1145
Damien Millerefc6fc92012-06-20 21:44:56 +1000114620120620
1147 - (djm) OpenBSD CVS Sync
1148 - djm@cvs.openbsd.org 2011/12/02 00:41:56
1149 [mux.c]
1150 fix bz#1948: ssh -f doesn't fork for multiplexed connection.
1151 ok dtucker@
Damien Miller140df632012-06-20 21:46:57 +10001152 - djm@cvs.openbsd.org 2011/12/04 23:16:12
1153 [mux.c]
1154 revert:
1155 > revision 1.32
1156 > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1
1157 > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
1158 > ok dtucker@
1159 it interacts badly with ControlPersist
Damien Millerac58ce82012-06-20 21:50:47 +10001160 - djm@cvs.openbsd.org 2012/01/07 21:11:36
1161 [mux.c]
1162 fix double-free in new session handler
1163 NB. Id sync only
Damien Miller3bde12a2012-06-20 21:51:11 +10001164 - djm@cvs.openbsd.org 2012/05/23 03:28:28
1165 [dns.c dns.h key.c key.h ssh-keygen.c]
1166 add support for RFC6594 SSHFP DNS records for ECDSA key types.
1167 patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@
Darren Tucker86dc9b42012-09-07 18:08:23 +10001168 (Original authors Ondřej Surý, Ondřej Caletka and Daniel Black)
Damien Miller7f121572012-06-20 21:51:29 +10001169 - djm@cvs.openbsd.org 2012/06/01 00:49:35
1170 [PROTOCOL.mux]
1171 correct types of port numbers (integers, not strings); bz#2004 from
1172 bert.wesarg AT googlemail.com
Damien Miller2e7decf2012-06-20 21:52:00 +10001173 - djm@cvs.openbsd.org 2012/06/01 01:01:22
1174 [mux.c]
1175 fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
1176 AT googlemail.com
Damien Miller276dcfd2012-06-20 21:52:18 +10001177 - dtucker@cvs.openbsd.org 2012/06/18 11:43:53
1178 [jpake.c]
1179 correct sizeof usage. patch from saw at online.de, ok deraadt
Damien Miller71924332012-06-20 21:52:38 +10001180 - dtucker@cvs.openbsd.org 2012/06/18 11:49:58
1181 [ssh_config.5]
1182 RSA instead of DSA twice. From Steve.McClellan at radisys com
Damien Millerb9902cf2012-06-20 21:52:58 +10001183 - dtucker@cvs.openbsd.org 2012/06/18 12:07:07
1184 [ssh.1 sshd.8]
1185 Remove mention of 'three' key files since there are now four. From
1186 Steve.McClellan at radisys com.
Damien Miller36378c62012-06-20 21:53:25 +10001187 - dtucker@cvs.openbsd.org 2012/06/18 12:17:18
1188 [ssh.1]
1189 Clarify description of -W. Noted by Steve.McClellan at radisys com,
1190 ok jmc
Damien Millerc24da772012-06-20 21:53:58 +10001191 - markus@cvs.openbsd.org 2012/06/19 18:25:28
1192 [servconf.c servconf.h sshd_config.5]
1193 sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
1194 this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
1195 ok djm@ (back in March)
Damien Millerf8268502012-06-20 21:54:15 +10001196 - jmc@cvs.openbsd.org 2012/06/19 21:35:54
1197 [sshd_config.5]
1198 tweak previous; ok markus
Damien Miller6c6da332012-06-20 22:31:26 +10001199 - djm@cvs.openbsd.org 2012/06/20 04:42:58
1200 [clientloop.c serverloop.c]
1201 initialise accept() backoff timer to avoid EINVAL from select(2) in
1202 rekeying
Damien Millerefc6fc92012-06-20 21:44:56 +10001203
Darren Tuckerd0494fd2012-05-19 14:25:39 +1000120420120519
1205 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch
1206 from cjwatson at debian org.
Darren Tucker59353892012-05-19 15:24:37 +10001207 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find
1208 pkg-config so it does the right thing when cross-compiling. Patch from
1209 cjwatson at debian org.
Darren Tuckerfbcf8272012-05-19 19:37:01 +10001210- (dtucker) OpenBSD CVS Sync
1211 - dtucker@cvs.openbsd.org 2012/05/13 01:42:32
1212 [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
1213 Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
1214 to match. Feedback and ok djm@ markus@.
Darren Tuckerba9ea322012-05-19 19:37:33 +10001215 - dtucker@cvs.openbsd.org 2012/05/19 06:30:30
1216 [sshd_config.5]
1217 Document PermitOpen none. bz#2001, patch from Loganaden Velvindron
Darren Tuckerd0494fd2012-05-19 14:25:39 +10001218
Darren Tuckere1a3ddf2012-05-04 11:05:45 +1000121920120504
1220 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>
1221 to fix building on some plaforms. Fom bowman at math utah edu and
1222 des at des no.
1223
Darren Tuckerd0d3fff2012-04-27 10:55:39 +1000122420120427
1225 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6
1226 platform rather than exiting early, so that we still clean up and return
1227 success or failure to test-exec.sh
1228
Damien Miller7584cb12012-04-26 09:51:26 +1000122920120426
1230 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
1231 via Niels
Damien Miller025bfd12012-04-26 09:52:15 +10001232 - (djm) [auth-krb5.c] Save errno across calls that might modify it;
1233 ok dtucker@
Damien Miller7584cb12012-04-26 09:51:26 +10001234
Damien Millerba77e1f2012-04-23 18:21:05 +1000123520120423
1236 - OpenBSD CVS Sync
1237 - djm@cvs.openbsd.org 2012/04/23 08:18:17
1238 [channels.c]
1239 fix function proto/source mismatch
1240
Damien Millera563cce2012-04-22 11:07:28 +1000124120120422
1242 - OpenBSD CVS Sync
1243 - djm@cvs.openbsd.org 2012/02/29 11:21:26
1244 [ssh-keygen.c]
1245 allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@
Damien Miller29cd1882012-04-22 11:08:10 +10001246 - guenther@cvs.openbsd.org 2012/03/15 03:10:27
1247 [session.c]
1248 root should always be excluded from the test for /etc/nologin instead
1249 of having it always enforced even when marked as ignorenologin. This
1250 regressed when the logic was incompletely flipped around in rev 1.251
1251 ok halex@ millert@
Damien Miller48348fc2012-04-22 11:08:30 +10001252 - djm@cvs.openbsd.org 2012/03/28 07:23:22
1253 [PROTOCOL.certkeys]
1254 explain certificate extensions/crit split rationale. Mention requirement
1255 that each appear at most once per cert.
Damien Millerc6081482012-04-22 11:18:53 +10001256 - dtucker@cvs.openbsd.org 2012/03/29 23:54:36
1257 [channels.c channels.h servconf.c]
1258 Add PermitOpen none option based on patch from Loganaden Velvindron
1259 (bz #1949). ok djm@
Damien Millera6508752012-04-22 11:21:10 +10001260 - djm@cvs.openbsd.org 2012/04/11 13:16:19
1261 [channels.c channels.h clientloop.c serverloop.c]
1262 don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
1263 while; ok deraadt@ markus@
Damien Miller9fed1612012-04-22 11:21:43 +10001264 - djm@cvs.openbsd.org 2012/04/11 13:17:54
1265 [auth.c]
1266 Support "none" as an argument for AuthorizedPrincipalsFile to indicate
1267 no file should be read.
Damien Millera116d132012-04-22 11:23:46 +10001268 - djm@cvs.openbsd.org 2012/04/11 13:26:40
1269 [sshd.c]
1270 don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
1271 while; ok deraadt@ markus@
Damien Miller839f7432012-04-22 11:24:21 +10001272 - djm@cvs.openbsd.org 2012/04/11 13:34:17
1273 [ssh-keyscan.1 ssh-keyscan.c]
1274 now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
1275 look for them by default; bz#1971
Damien Miller23528812012-04-22 11:24:43 +10001276 - djm@cvs.openbsd.org 2012/04/12 02:42:32
1277 [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
1278 VersionAddendum option to allow server operators to append some arbitrary
1279 text to the SSH-... banner; ok deraadt@ "don't care" markus@
Damien Miller8fef9eb2012-04-22 11:25:10 +10001280 - djm@cvs.openbsd.org 2012/04/12 02:43:55
1281 [sshd_config sshd_config.5]
1282 mention AuthorizedPrincipalsFile=none default
Damien Miller49223152012-04-22 11:25:47 +10001283 - djm@cvs.openbsd.org 2012/04/20 03:24:23
1284 [sftp.c]
1285 setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
Damien Miller70b2d552012-04-22 11:26:10 +10001286 - jmc@cvs.openbsd.org 2012/04/20 16:26:22
1287 [ssh.1]
1288 use "brackets" instead of "braces", for consistency;
Damien Millera563cce2012-04-22 11:07:28 +10001289
Damien Miller8beb3202012-04-20 10:58:34 +1000129020120420
1291 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
1292 [contrib/suse/openssh.spec] Update for release 6.0
Damien Millerbf230412012-04-20 14:11:04 +10001293 - (djm) [README] Update URL to release notes.
Damien Millerd5dacb42012-04-20 15:01:01 +10001294 - (djm) Release openssh-6.0
Damien Miller8beb3202012-04-20 10:58:34 +10001295
Damien Miller398c0ff2012-04-19 21:46:35 +1000129620120419
1297 - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil
1298 contains openpty() but not login()
1299
Damien Millere0956e32012-04-04 11:27:54 +1000130020120404
1301 - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox
1302 mode for Linux's new seccomp filter; patch from Will Drewry; feedback
1303 and ok dtucker@
1304
Darren Tucker67ccc862012-03-30 10:19:56 +1100130520120330
1306 - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING
1307 file from spec file. From crighter at nuclioss com.
Damien Miller4d557342012-03-30 11:34:27 +11001308 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
1309 openssh binaries on a newer fix release than they were compiled on.
1310 with and ok dtucker@
Damien Millerce1ec9d2012-03-30 14:07:05 +11001311 - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect
1312 assumptions when building on Cygwin; patch from Corinna Vinschen
Darren Tucker67ccc862012-03-30 10:19:56 +11001313
Damien Miller7bf7b882012-03-09 10:25:16 +1100131420120309
1315 - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux
1316 systems where sshd is run in te wrong context. Patch from Sven
1317 Vermeulen; ok dtucker@
Damien Miller54c38d22012-03-09 10:28:07 +11001318 - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6
1319 addressed connections. ok dtucker@
Damien Miller7bf7b882012-03-09 10:25:16 +11001320
Darren Tucker93a2d412012-02-24 10:40:41 +1100132120120224
1322 - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM
1323 audit breakage in Solaris 11. Patch from Magnus Johansson.
1324
Tim Ricee3609c92012-02-14 10:03:30 -0800132520120215
1326 - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for
1327 unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
1328 ok dtucker@
Tim Ricef79b5d32012-02-14 20:13:05 -08001329 - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so
1330 it actually works.
Tim Ricea3f297d2012-02-14 23:01:42 -08001331 - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote
1332 to work. Spotted by Angel Gonzalez
Tim Ricee3609c92012-02-14 10:03:30 -08001333
Damien Miller7b7901c2012-02-14 06:38:36 +1100133420120214
1335 - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of
1336 preserved Cygwin environment variables; from Corinna Vinschen
1337
Damien Millera2876db2012-02-11 08:16:06 +1100133820120211
1339 - (djm) OpenBSD CVS Sync
1340 - djm@cvs.openbsd.org 2012/01/05 00:16:56
1341 [monitor.c]
1342 memleak on error path
Damien Miller2ec03422012-02-11 08:16:28 +11001343 - djm@cvs.openbsd.org 2012/01/07 21:11:36
1344 [mux.c]
1345 fix double-free in new session handler
Damien Miller83ba8e62012-02-11 08:17:27 +11001346 - miod@cvs.openbsd.org 2012/01/08 13:17:11
1347 [ssh-ecdsa.c]
1348 Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
1349 ok markus@
Damien Millerfb12c6d2012-02-11 08:17:52 +11001350 - miod@cvs.openbsd.org 2012/01/16 20:34:09
1351 [ssh-pkcs11-client.c]
1352 Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
1353 While there, be sure to buffer_clear() between send_msg() and recv_msg().
1354 ok markus@
Damien Miller8d60be52012-02-11 08:18:17 +11001355 - dtucker@cvs.openbsd.org 2012/01/18 21:46:43
1356 [clientloop.c]
1357 Ensure that $DISPLAY contains only valid characters before using it to
1358 extract xauth data so that it can't be used to play local shell
1359 metacharacter games. Report from r00t_ati at ihteam.net, ok markus.
Damien Miller1de2cfe2012-02-11 08:18:43 +11001360 - markus@cvs.openbsd.org 2012/01/25 19:26:43
1361 [packet.c]
1362 do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;
1363 ok dtucker@, djm@
Damien Miller5d007702012-02-11 08:19:02 +11001364 - markus@cvs.openbsd.org 2012/01/25 19:36:31
1365 [authfile.c]
1366 memleak in key_load_file(); from Jan Klemkow
Damien Miller72de9822012-02-11 08:19:21 +11001367 - markus@cvs.openbsd.org 2012/01/25 19:40:09
1368 [packet.c packet.h]
1369 packet_read_poll() is not used anymore.
Damien Millerdb854552012-02-11 08:19:44 +11001370 - markus@cvs.openbsd.org 2012/02/09 20:00:18
1371 [version.h]
1372 move from 6.0-beta to 6.0
Damien Millera2876db2012-02-11 08:16:06 +11001373
Damien Millerb56e4932012-02-06 07:41:27 +1100137420120206
1375 - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
1376 that don't support ECC. Patch from Phil Oleson
Darren Tuckere9b3ad72012-01-17 14:03:34 +11001377
Damien Miller5360dff2011-12-19 10:51:11 +1100137820111219
1379 - OpenBSD CVS Sync
1380 - djm@cvs.openbsd.org 2011/12/02 00:41:56
1381 [mux.c]
1382 fix bz#1948: ssh -f doesn't fork for multiplexed connection.
1383 ok dtucker@
Damien Millerd0e582c2011-12-19 10:51:39 +11001384 - djm@cvs.openbsd.org 2011/12/02 00:43:57
1385 [mac.c]
1386 fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
1387 HMAC_init (this change in policy seems insane to me)
1388 ok dtucker@
Damien Miller913ddff2011-12-19 10:52:21 +11001389 - djm@cvs.openbsd.org 2011/12/04 23:16:12
1390 [mux.c]
1391 revert:
1392 > revision 1.32
1393 > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1
1394 > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
1395 > ok dtucker@
1396 it interacts badly with ControlPersist
Damien Miller8ed4de82011-12-19 10:52:50 +11001397 - djm@cvs.openbsd.org 2011/12/07 05:44:38
1398 [auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
1399 fix some harmless and/or unreachable int overflows;
1400 reported Xi Wang, ok markus@
Damien Miller5360dff2011-12-19 10:51:11 +11001401
Damien Miller47d81152011-11-25 13:53:48 +1100140220111125
1403 - OpenBSD CVS Sync
1404 - oga@cvs.openbsd.org 2011/11/16 12:24:28
1405 [sftp.c]
1406 Don't leak list in complete_cmd_parse if there are no commands found.
1407 Discovered when I was ``borrowing'' this code for something else.
1408 ok djm@
1409
Darren Tucker4a725ef2011-11-21 16:38:48 +1100141020111121
1411 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@
1412
Darren Tucker45c66d72011-11-04 10:50:40 +1100141320111104
1414 - (dtucker) OpenBSD CVS Sync
1415 - djm@cvs.openbsd.org 2011/10/18 05:15:28
1416 [ssh.c]
1417 ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@
Darren Tuckere68cf842011-11-04 10:51:51 +11001418 - djm@cvs.openbsd.org 2011/10/18 23:37:42
1419 [ssh-add.c]
1420 add -k to usage(); reminded by jmc@
Darren Tucker9ee09cf2011-11-04 10:52:43 +11001421 - djm@cvs.openbsd.org 2011/10/19 00:06:10
1422 [moduli.c]
1423 s/tmpfile/tmp/ to make this -Wshadow clean
Darren Tucker8a057952011-11-04 10:53:31 +11001424 - djm@cvs.openbsd.org 2011/10/19 10:39:48
1425 [umac.c]
1426 typo in comment; patch from Michael W. Bombardieri
Darren Tucker2d6665d2011-11-04 10:54:22 +11001427 - djm@cvs.openbsd.org 2011/10/24 02:10:46
1428 [ssh.c]
1429 bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
1430 was incorrectly requesting the forward in both the control master and
1431 slave. skip requesting it in the master to fix. ok markus@
Darren Tucker9c5d5532011-11-04 10:55:24 +11001432 - djm@cvs.openbsd.org 2011/10/24 02:13:13
1433 [session.c]
1434 bz#1859: send tty break to pty master instead of (probably already
1435 closed) slave side; "looks good" markus@
Darren Tuckerbe4032b2011-11-04 11:16:06 +11001436 - dtucker@cvs.openbsd.org 011/11/04 00:09:39
1437 [moduli]
1438 regenerated moduli file; ok deraadt
Darren Tuckeraa3cbd12011-11-04 11:25:24 +11001439 - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
1440 openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
1441 bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
1442 which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr)
1443 with some rework from myself and djm. ok djm.
Darren Tucker45c66d72011-11-04 10:50:40 +11001444
Darren Tucker9f157ab2011-10-25 09:37:57 +1100144520111025
1446 - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file
1447 fails. Patch from Corinna Vinschen.
1448
Damien Millerd3e69902011-10-18 16:04:57 +1100144920111018
1450 - (djm) OpenBSD CVS Sync
1451 - djm@cvs.openbsd.org 2011/10/04 14:17:32
1452 [sftp-glob.c]
1453 silence error spam for "ls */foo" in directory with files; bz#1683
Damien Miller390d0562011-10-18 16:05:19 +11001454 - dtucker@cvs.openbsd.org 2011/10/16 11:02:46
1455 [moduli.c ssh-keygen.1 ssh-keygen.c]
1456 Add optional checkpoints for moduli screening. feedback & ok deraadt
Damien Miller927d82b2011-10-18 16:05:38 +11001457 - jmc@cvs.openbsd.org 2011/10/16 15:02:41
1458 [ssh-keygen.c]
1459 put -K in the right place (usage());
Damien Miller91f3eae2011-10-18 16:05:55 +11001460 - stsp@cvs.openbsd.org 2011/10/16 15:51:39
1461 [moduli.c]
1462 add missing includes to unbreak tree; fix from rpointel
Damien Millerc51a5ab2011-10-18 16:06:14 +11001463 - djm@cvs.openbsd.org 2011/10/18 04:58:26
1464 [auth-options.c key.c]
1465 remove explict search for \0 in packet strings, this job is now done
1466 implicitly by buffer_get_cstring; ok markus
Damien Miller8f4279e2011-10-18 16:06:33 +11001467 - djm@cvs.openbsd.org 2011/10/18 05:00:48
1468 [ssh-add.1 ssh-add.c]
1469 new "ssh-add -k" option to load plain keys (skipping certificates);
1470 "looks ok" markus@
Damien Millerd3e69902011-10-18 16:04:57 +11001471
147220111001
Darren Tucker036876c2011-10-01 18:46:12 +10001473 - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning. ok djm
Darren Tucker1338b9e2011-10-02 18:57:35 +11001474 - (dtucker) OpenBSD CVS Sync
1475 - dtucker@cvs.openbsd.org 2011/09/23 00:22:04
1476 [channels.c auth-options.c servconf.c channels.h sshd.8]
1477 Add wildcard support to PermitOpen, allowing things like "PermitOpen
1478 localhost:*". bz #1857, ok djm markus.
Darren Tucker68afb8c2011-10-02 18:59:03 +11001479 - markus@cvs.openbsd.org 2011/09/23 07:45:05
1480 [mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c
1481 version.h]
1482 unbreak remote portforwarding with dynamic allocated listen ports:
1483 1) send the actual listen port in the open message (instead of 0).
1484 this allows multiple forwardings with a dynamic listen port
1485 2) update the matching permit-open entry, so we can identify where
1486 to connect to
1487 report: den at skbkontur.ru and P. Szczygielski
1488 feedback and ok djm@
Darren Tuckeraf1a60e2011-10-02 18:59:59 +11001489 - djm@cvs.openbsd.org 2011/09/25 05:44:47
1490 [auth2-pubkey.c]
1491 improve the AuthorizedPrincipalsFile debug log message to include
1492 file and line number
Darren Tucker95125e52011-10-02 19:09:07 +11001493 - dtucker@cvs.openbsd.org 2011/09/30 00:47:37
1494 [sshd.c]
1495 don't attempt privsep cleanup when not using privsep; ok markus@
Darren Tucker2e135602011-10-02 19:10:13 +11001496 - djm@cvs.openbsd.org 2011/09/30 21:22:49
1497 [sshd.c]
1498 fix inverted test that caused logspam; spotted by henning@
Darren Tucker036876c2011-10-01 18:46:12 +10001499
Damien Miller5ffe1c42011-09-29 11:11:51 +1000150020110929
1501 - (djm) [configure.ac defines.h] No need to detect sizeof(char); patch
1502 from des AT des.no
Darren Tuckerb54f50e2011-09-29 23:17:18 +10001503 - (dtucker) [configure.ac openbsd-compat/Makefile.in
1504 openbsd-compat/strnlen.c] Add strnlen to the compat library.
Damien Miller5ffe1c42011-09-29 11:11:51 +10001505
Damien Milleradd1e202011-09-23 10:38:01 +1000150620110923
Damien Milleracdf3fb2011-09-23 10:40:50 +10001507 - (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no
1508 longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
1509 want this longhand version)
Damien Millercd927902011-09-23 10:44:03 +10001510 - (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the
1511 upstream version is YPified and we don't want this
Damien Miller48886712011-09-23 10:56:29 +10001512 - (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version.
1513 The file was totally rewritten between what we had in tree and -current.
Damien Miller64efe962011-09-23 11:13:00 +10001514 - (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
1515 marker. The upstream API has changed (function and structure names)
1516 enough to put it out of sync with other providers of this interface.
Damien Millerd1a74582011-09-23 11:26:34 +10001517 - (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion
1518 of static __findenv() function from upstream setenv.c
Damien Milleradd1e202011-09-23 10:38:01 +10001519 - OpenBSD CVS Sync
1520 - millert@cvs.openbsd.org 2006/05/05 15:27:38
Damien Milleracdf3fb2011-09-23 10:40:50 +10001521 [openbsd-compat/strlcpy.c]
Damien Milleradd1e202011-09-23 10:38:01 +10001522 Convert do {} while loop -> while {} for clarity. No binary change
1523 on most architectures. From Oliver Smith. OK deraadt@ and henning@
Damien Miller834e8202011-09-23 10:42:02 +10001524 - tobias@cvs.openbsd.org 2007/10/21 11:09:30
Damien Miller3e6fe872011-09-23 11:16:09 +10001525 [openbsd-compat/mktemp.c]
Damien Miller834e8202011-09-23 10:42:02 +10001526 Comment fix about time consumption of _gettemp.
1527 FreeBSD did this in revision 1.20.
1528 OK deraadt@, krw@
Damien Millerdc0e09b2011-09-23 10:46:48 +10001529 - deraadt@cvs.openbsd.org 2008/07/22 21:47:45
Damien Miller3e6fe872011-09-23 11:16:09 +10001530 [openbsd-compat/mktemp.c]
Damien Millerdc0e09b2011-09-23 10:46:48 +10001531 use arc4random_uniform(); ok djm millert
Damien Miller3a359b32011-09-23 10:47:29 +10001532 - millert@cvs.openbsd.org 2008/08/21 16:54:44
Damien Miller3e6fe872011-09-23 11:16:09 +10001533 [openbsd-compat/mktemp.c]
Damien Miller3a359b32011-09-23 10:47:29 +10001534 Remove useless code, the kernel will set errno appropriately if an
1535 element in the path does not exist. OK deraadt@ pvalchev@
Damien Miller3e6fe872011-09-23 11:16:09 +10001536 - otto@cvs.openbsd.org 2008/12/09 19:38:38
1537 [openbsd-compat/inet_ntop.c]
1538 fix inet_ntop(3) prototype; ok millert@ libc to be bumbed very soon
Damien Milleradd1e202011-09-23 10:38:01 +10001539
Damien Millere01a6272011-09-22 21:20:21 +1000154020110922
1541 - OpenBSD CVS Sync
1542 - pyr@cvs.openbsd.org 2011/05/12 07:15:10
1543 [openbsd-compat/glob.c]
1544 When the max number of items for a directory has reached GLOB_LIMIT_READDIR
1545 an error is returned but closedir() is not called.
1546 spotted and fix provided by Frank Denis obsd-tech@pureftpd.org
1547 ok otto@, millert@
Damien Millerc4bf7dd2011-09-22 21:21:48 +10001548 - stsp@cvs.openbsd.org 2011/09/20 10:18:46
1549 [glob.c]
1550 In glob(3), limit recursion during matching attempts. Similar to
1551 fnmatch fix. Also collapse consecutive '*' (from NetBSD).
1552 ok miod deraadt
Damien Millere128a502011-09-22 21:22:21 +10001553 - djm@cvs.openbsd.org 2011/09/22 06:27:29
1554 [glob.c]
1555 fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
1556 applied only to the gl_pathv vector and not the corresponding gl_statv
1557 array. reported in OpenSSH bz#1935; feedback and okay matthew@
Damien Millerefad7272011-09-22 21:33:53 +10001558 - djm@cvs.openbsd.org 2011/08/26 01:45:15
1559 [ssh.1]
1560 Add some missing ssh_config(5) options that can be used in ssh(1)'s
1561 -o argument. Patch from duclare AT guu.fi
Damien Millere5777722011-09-22 21:34:15 +10001562 - djm@cvs.openbsd.org 2011/09/05 05:56:13
1563 [scp.1 sftp.1]
1564 mention ControlPersist and KbdInteractiveAuthentication in the -o
1565 verbiage in these pages too (prompted by jmc@)
Damien Miller2918e032011-09-22 21:34:35 +10001566 - djm@cvs.openbsd.org 2011/09/05 05:59:08
1567 [misc.c]
1568 fix typo in IPQoS parsing: there is no "AF14" class, but there is
1569 an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
Damien Millere0296732011-09-22 21:34:56 +10001570 - jmc@cvs.openbsd.org 2011/09/05 07:01:44
1571 [scp.1]
1572 knock out a useless Ns;
Damien Miller6232a162011-09-22 21:36:00 +10001573 - deraadt@cvs.openbsd.org 2011/09/07 02:18:31
1574 [ssh-keygen.1]
1575 typo (they vs the) found by Lawrence Teo
Damien Millerf6e758c2011-09-22 21:37:13 +10001576 - djm@cvs.openbsd.org 2011/09/09 00:43:00
1577 [ssh_config.5 sshd_config.5]
1578 fix typo in IPQoS parsing: there is no "AF14" class, but there is
1579 an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
Damien Miller4cb855b2011-09-22 21:37:38 +10001580 - djm@cvs.openbsd.org 2011/09/09 00:44:07
1581 [PROTOCOL.mux]
1582 MUX_C_CLOSE_FWD includes forward type in message (though it isn't
1583 implemented anyway)
Damien Miller0603d982011-09-22 21:38:00 +10001584 - djm@cvs.openbsd.org 2011/09/09 22:37:01
1585 [scp.c]
1586 suppress adding '--' to remote commandlines when the first argument
1587 does not start with '-'. saves breakage on some difficult-to-upgrade
1588 embedded/router platforms; feedback & ok dtucker ok markus
Damien Miller9ee2c602011-09-22 21:38:30 +10001589 - djm@cvs.openbsd.org 2011/09/09 22:38:21
1590 [sshd.c]
1591 kill the preauth privsep child on fatal errors in the monitor;
1592 ok markus@
Damien Millerf6dff7c2011-09-22 21:38:52 +10001593 - djm@cvs.openbsd.org 2011/09/09 22:46:44
1594 [channels.c channels.h clientloop.h mux.c ssh.c]
1595 support for cancelling local and remote port forwards via the multiplex
1596 socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request
1597 the cancellation of the specified forwardings; ok markus@
Damien Millerff773642011-09-22 21:39:48 +10001598 - markus@cvs.openbsd.org 2011/09/10 22:26:34
1599 [channels.c channels.h clientloop.c ssh.1]
1600 support cancellation of local/dynamic forwardings from ~C commandline;
1601 ok & feedback djm@
Damien Miller1bcbd0a2011-09-22 21:40:45 +10001602 - okan@cvs.openbsd.org 2011/09/11 06:59:05
1603 [ssh.1]
1604 document new -O cancel command; ok djm@
Damien Miller3decdba2011-09-22 21:41:05 +10001605 - markus@cvs.openbsd.org 2011/09/11 16:07:26
1606 [sftp-client.c]
1607 fix leaks in do_hardlink() and do_readlink(); bz#1921
1608 from Loganaden Velvindron
Damien Miller57c38ac2011-09-22 21:42:45 +10001609 - markus@cvs.openbsd.org 2011/09/12 08:46:15
1610 [sftp-client.c]
1611 fix leak in do_lsreaddir(); ok djm
Damien Millerd7be70d2011-09-22 21:43:06 +10001612 - djm@cvs.openbsd.org 2011/09/22 06:29:03
1613 [sftp.c]
1614 don't let remote_glob() implicitly sort its results in do_globbed_ls() -
1615 in all likelihood, they will be resorted anyway
Damien Millere01a6272011-09-22 21:20:21 +10001616
Darren Tuckere8a82c52011-09-09 11:29:40 +1000161720110909
1618 - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng. From
1619 Colin Watson.
1620
Damien Millerfb9d8172011-09-07 09:11:53 +1000162120110906
1622 - (djm) [README version.h] Correct version
Damien Miller022ee242011-09-07 09:15:02 +10001623 - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon
1624 - (djm) Respin OpenSSH-5.9p1 release
Damien Millerfb9d8172011-09-07 09:11:53 +10001625
Damien Miller86dcd3e2011-09-05 10:29:04 +1000162620110905
1627 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
1628 [contrib/suse/openssh.spec] Update version numbers.
1629
Damien Miller6efd94f2011-09-04 19:04:16 +1000163020110904
1631 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal
1632 regress errors for the sandbox to warnings. ok tim dtucker
Darren Tucker0dd24e02011-09-04 19:59:26 +10001633 - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations
Damien Miller86dcd3e2011-09-05 10:29:04 +10001634 ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen
1635 support.
Damien Miller6efd94f2011-09-04 19:04:16 +10001636
Damien Miller58ac11a2011-08-29 16:09:52 +1000163720110829
1638 - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting
1639 to switch SELinux context away from unconfined_t, based on patch from
1640 Jan Chadima; bz#1919 ok dtucker@
1641
Darren Tucker44383542011-08-28 04:50:16 +1000164220110827
1643 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey.
1644
Tim Ricea6e60612011-08-17 21:48:22 -0700164520110818
1646 - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze
1647
Tim Ricea1226822011-08-16 17:29:01 -0700164820110817
1649 - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for
1650 OpenSSL 0.9.7. ok djm
Damien Miller9c083122011-08-17 11:31:07 +10001651 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
1652 binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
Damien Miller1a91c0f2011-08-17 11:59:25 +10001653 - (djm) [configure.ac] error out if the host lacks the necessary bits for
1654 an explicitly requested sandbox type
Damien Miller44a6c932011-08-17 12:01:44 +10001655 - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by
1656 bisson AT archlinux.org
Damien Miller9231c8b2011-08-17 12:08:15 +10001657 - (djm) OpenBSD CVS Sync
1658 - dtucker@cvs.openbsd.org 2011/06/03 05:35:10
1659 [regress/cfgmatch.sh]
1660 use OBJ to find test configs, patch from Tim Rice
Damien Millerfaf4d802011-08-17 12:09:19 +10001661 - markus@cvs.openbsd.org 2011/06/30 22:44:43
1662 [regress/connect-privsep.sh]
1663 test with sandbox enabled; ok djm@
Damien Miller062fa302011-08-17 12:10:02 +10001664 - djm@cvs.openbsd.org 2011/08/02 01:23:41
1665 [regress/cipher-speed.sh regress/try-ciphers.sh]
1666 add SHA256/SHA512 based HMAC modes
Damien Miller2df1bec2011-08-17 12:25:46 +10001667 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2
1668 MAC tests for platforms that hack EVP_SHA2 support
Tim Ricea1226822011-08-16 17:29:01 -07001669
Darren Tucker4d47ec92011-08-12 10:12:53 +1000167020110812
1671 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
1672 change error by reporting old and new context names Patch from
1673 jchadima at redhat.
Damien Miller2db99772011-08-12 11:02:35 +10001674 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
1675 [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
Damien Millerd1eb1dd2011-08-12 11:22:47 +10001676 init scrips from imorgan AT nas.nasa.gov; bz#1920
1677 - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
1678 identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
1679 AT gmail.com; ok dtucker@
Darren Tucker4d47ec92011-08-12 10:12:53 +10001680
Darren Tucker578451d2011-08-07 23:09:20 +1000168120110807
1682 - (dtucker) OpenBSD CVS Sync
1683 - jmc@cvs.openbsd.org 2008/06/26 06:59:39
1684 [moduli.5]
1685 tweak previous;
Darren Tuckerf2794742011-08-07 23:10:11 +10001686 - sobrado@cvs.openbsd.org 2009/10/28 08:56:54
1687 [moduli.5]
1688 "Diffie-Hellman" is the usual spelling for the cryptographic protocol
1689 first published by Whitfield Diffie and Martin Hellman in 1976.
1690 ok jmc@
Darren Tucker91e6b572011-08-07 23:10:56 +10001691 - jmc@cvs.openbsd.org 2010/10/14 20:41:28
1692 [moduli.5]
1693 probabalistic -> probabilistic; from naddy
Darren Tuckerddccfb42011-08-07 23:12:26 +10001694 - dtucker@cvs.openbsd.org 2011/08/07 12:55:30
1695 [sftp.1]
1696 typo, fix from Laurent Gautrot
Darren Tucker578451d2011-08-07 23:09:20 +10001697
Damien Miller7741ce82011-08-06 06:15:15 +1000169820110805
1699 - OpenBSD CVS Sync
1700 - djm@cvs.openbsd.org 2011/06/23 23:35:42
1701 [monitor.c]
1702 ignore EINTR errors from poll()
Damien Miller6ea5e442011-08-06 06:16:00 +10001703 - tedu@cvs.openbsd.org 2011/07/06 18:09:21
1704 [authfd.c]
1705 bzero the agent address. the kernel was for a while very cranky about
1706 these things. evne though that's fixed, always good to initialize
1707 memory. ok deraadt djm
Damien Miller35e48192011-08-06 06:16:23 +10001708 - djm@cvs.openbsd.org 2011/07/29 14:42:45
1709 [sandbox-systrace.c]
1710 fail open(2) with EPERM rather than SIGKILLing the whole process. libc
1711 will call open() to do strerror() when NLS is enabled;
1712 feedback and ok markus@
Damien Milleradb467f2011-08-06 06:16:46 +10001713 - markus@cvs.openbsd.org 2011/08/01 19:18:15
1714 [gss-serv.c]
1715 prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
1716 report Adam Zabrock; ok djm@, deraadt@
Damien Miller20bd4532011-08-06 06:17:30 +10001717 - djm@cvs.openbsd.org 2011/08/02 01:22:11
1718 [mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
1719 Add new SHA256 and SHA512 based HMAC modes from
1720 http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
1721 Patch from mdb AT juniper.net; feedback and ok markus@
Damien Millerc4718602011-08-06 06:17:48 +10001722 - djm@cvs.openbsd.org 2011/08/02 23:13:01
1723 [version.h]
1724 crank now, release later
Damien Miller765f8c42011-08-06 06:18:16 +10001725 - djm@cvs.openbsd.org 2011/08/02 23:15:03
1726 [ssh.c]
1727 typo in comment
Damien Miller7741ce82011-08-06 06:15:15 +10001728
Damien Millercd5e52e2011-06-27 07:18:18 +1000172920110624
1730 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
1731 Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
1732 markus@
1733
Damien Miller82c55872011-06-23 08:20:30 +1000173420110623
1735 - OpenBSD CVS Sync
1736 - djm@cvs.openbsd.org 2011/06/22 21:47:28
1737 [servconf.c]
1738 reuse the multistate option arrays to pretty-print options for "sshd -T"
Damien Miller69ff1df2011-06-23 08:30:03 +10001739 - djm@cvs.openbsd.org 2011/06/22 21:57:01
1740 [servconf.c servconf.h sshd.c sshd_config.5]
1741 [configure.ac Makefile.in]
1742 introduce sandboxing of the pre-auth privsep child using systrace(4).
1743
1744 This introduces a new "UsePrivilegeSeparation=sandbox" option for
1745 sshd_config that applies mandatory restrictions on the syscalls the
1746 privsep child can perform. This prevents a compromised privsep child
1747 from being used to attack other hosts (by opening sockets and proxying)
1748 or probing local kernel attack surface.
1749
1750 The sandbox is implemented using systrace(4) in unsupervised "fast-path"
1751 mode, where a list of permitted syscalls is supplied. Any syscall not
1752 on the list results in SIGKILL being sent to the privsep child. Note
1753 that this requires a kernel with the new SYSTR_POLICY_KILL option.
1754
1755 UsePrivilegeSeparation=sandbox will become the default in the future
1756 so please start testing it now.
1757
1758 feedback dtucker@; ok markus@
Damien Miller6d7b4372011-06-23 08:31:57 +10001759 - djm@cvs.openbsd.org 2011/06/22 22:08:42
1760 [channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
1761 hook up a channel confirm callback to warn the user then requested X11
1762 forwarding was refused by the server; ok markus@
Damien Millerdcbd41e2011-06-23 19:45:51 +10001763 - djm@cvs.openbsd.org 2011/06/23 09:34:13
1764 [sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
1765 [sandbox-null.c]
1766 rename sandbox.h => ssh-sandbox.h to make things easier for portable
Damien Miller80b62e32011-06-23 19:03:18 +10001767 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
1768 setrlimit(2)
Damien Miller82c55872011-06-23 08:20:30 +10001769
Damien Miller6029e072011-06-20 14:22:49 +1000177020110620
1771 - OpenBSD CVS Sync
1772 - djm@cvs.openbsd.org 2011/06/04 00:10:26
1773 [ssh_config.5]
1774 explain IdentifyFile's semantics a little better, prompted by bz#1898
1775 ok dtucker jmc
Damien Millere7ac2bd2011-06-20 14:23:25 +10001776 - markus@cvs.openbsd.org 2011/06/14 22:49:18
1777 [authfile.c]
1778 make sure key_parse_public/private_rsa1() no longer consumes its input
1779 buffer. fixes ssh-add for passphrase-protected ssh1-keys;
1780 noted by naddy@; ok djm@
Damien Miller8f0bf232011-06-20 14:42:23 +10001781 - djm@cvs.openbsd.org 2011/06/17 21:44:31
1782 [log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
1783 make the pre-auth privsep slave log via a socketpair shared with the
1784 monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
Damien Millerf145a5b2011-06-20 14:42:51 +10001785 - djm@cvs.openbsd.org 2011/06/17 21:46:16
1786 [sftp-server.c]
1787 the protocol version should be unsigned; bz#1913 reported by mb AT
1788 smartftp.com
Damien Miller33322122011-06-20 14:43:11 +10001789 - djm@cvs.openbsd.org 2011/06/17 21:47:35
1790 [servconf.c]
1791 factor out multi-choice option parsing into a parse_multistate label
1792 and some support structures; ok dtucker@
Damien Miller4ac99c32011-06-20 14:43:31 +10001793 - djm@cvs.openbsd.org 2011/06/17 21:57:25
1794 [clientloop.c]
1795 setproctitle for a mux master that has been gracefully stopped;
1796 bz#1911 from Bert.Wesarg AT googlemail.com
Damien Miller6029e072011-06-20 14:22:49 +10001797
Darren Tuckerc412c152011-06-03 10:35:23 +1000179820110603
1799 - (dtucker) [README version.h contrib/caldera/openssh.spec
1800 contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version
1801 bumps from the 5.8p2 branch into HEAD. ok djm.
Tim Rice90f42b02011-06-02 18:17:49 -07001802 - (tim) [configure.ac defines.h] Run test program to detect system mail
1803 directory. Add --with-maildir option to override. Fixed OpenServer 6
1804 getting it wrong. Fixed many systems having MAIL=/var/mail//username
1805 ok dtucker
Darren Tuckerc3c72272011-06-03 11:20:06 +10001806 - (dtucker) [monitor.c] Remove the !HAVE_SOCKETPAIR case. We use socketpair
1807 unconditionally in other places and the survey data we have does not show
1808 any systems that use it. "nuke it" djm@
Damien Millerc09182f2011-06-03 12:11:38 +10001809 - (djm) [configure.ac] enable setproctitle emulation for OS X
1810 - (djm) OpenBSD CVS Sync
Damien Millerea2c1a42011-06-03 12:10:22 +10001811 - djm@cvs.openbsd.org 2011/06/03 00:54:38
1812 [ssh.c]
1813 bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg
1814 AT googlemail.com; ok dtucker@
1815 NB. includes additional portability code to enable setproctitle emulation
1816 on platforms that don't support it.
Darren Tucker3e78a512011-06-03 14:14:16 +10001817 - dtucker@cvs.openbsd.org 2011/06/03 01:37:40
1818 [ssh-agent.c]
1819 Check current parent process ID against saved one to determine if the parent
1820 has exited, rather than attempting to send a zero signal, since the latter
1821 won't work if the parent has changed privs. bz#1905, patch from Daniel Kahn
1822 Gillmor, ok djm@
Darren Tucker260c8fb2011-06-03 14:17:27 +10001823 - dtucker@cvs.openbsd.org 2011/05/31 02:01:58
1824 [regress/dynamic-forward.sh]
1825 back out revs 1.6 and 1.5 since it's not reliable
Darren Tucker75e035c2011-06-03 14:18:17 +10001826 - dtucker@cvs.openbsd.org 2011/05/31 02:03:34
1827 [regress/dynamic-forward.sh]
1828 work around startup and teardown races; caught by deraadt
Darren Tuckerbf4d05a2011-06-03 14:19:02 +10001829 - dtucker@cvs.openbsd.org 2011/06/03 00:29:52
1830 [regress/dynamic-forward.sh]
1831 Retry establishing the port forwarding after a small delay, should make
1832 the tests less flaky when the previous test is slow to shut down and free
1833 up the port.
Tim Ricebc481572011-06-02 22:26:19 -07001834 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix.
Darren Tuckerc412c152011-06-03 10:35:23 +10001835
Damien Millerd8478b62011-05-29 21:39:36 +1000183620110529
1837 - (djm) OpenBSD CVS Sync
1838 - djm@cvs.openbsd.org 2011/05/23 03:30:07
1839 [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c]
1840 [pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
1841 allow AuthorizedKeysFile to specify multiple files, separated by spaces.
1842 Bring back authorized_keys2 as a default search path (to avoid breaking
1843 existing users of this file), but override this in sshd_config so it will
1844 be no longer used on fresh installs. Maybe in 2015 we can remove it
1845 entierly :)
1846
1847 feedback and ok markus@ dtucker@
Damien Miller1dd66e52011-05-29 21:40:42 +10001848 - djm@cvs.openbsd.org 2011/05/23 03:33:38
1849 [auth.c]
1850 make secure_filename() spam debug logs less
Damien Miller201f4252011-05-29 21:41:03 +10001851 - djm@cvs.openbsd.org 2011/05/23 03:52:55
1852 [sshconnect.c]
1853 remove extra newline
Damien Millerb9132fc2011-05-29 21:41:40 +10001854 - jmc@cvs.openbsd.org 2011/05/23 07:10:21
1855 [sshd.8 sshd_config.5]
1856 tweak previous; ok djm
Damien Miller04bb56e2011-05-29 21:42:08 +10001857 - djm@cvs.openbsd.org 2011/05/23 07:24:57
1858 [authfile.c]
1859 read in key comments for v.2 keys (though note that these are not
1860 passed over the agent protocol); bz#439, based on patch from binder
1861 AT arago.de; ok markus@
Damien Miller295ee632011-05-29 21:42:31 +10001862 - djm@cvs.openbsd.org 2011/05/24 07:15:47
1863 [readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c]
1864 Remove undocumented legacy options UserKnownHostsFile2 and
1865 GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile
1866 accept multiple paths per line and making their defaults include
1867 known_hosts2; ok markus
Damien Miller8cb35872011-05-29 21:59:10 +10001868 - djm@cvs.openbsd.org 2011/05/23 03:31:31
1869 [regress/cfgmatch.sh]
1870 include testing of multiple/overridden AuthorizedKeysFiles
1871 refactor to simply daemon start/stop and get rid of racy constructs
Damien Millerd8478b62011-05-29 21:39:36 +10001872
Damien Miller14684a12011-05-20 11:23:07 +1000187320110520
1874 - (djm) [session.c] call setexeccon() before executing passwd for pw
1875 changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@
Damien Miller989bb7f2011-05-20 18:56:30 +10001876 - (djm) [aclocal.m4 configure.ac] since gcc-4.x ignores all -Wno-options
1877 options, we should corresponding -W-option when trying to determine
1878 whether it is accepted. Also includes a warning fix on the program
1879 fragment uses (bad main() return type).
1880 bz#1900 and bz#1901 reported by g.esp AT free.fr; ok dtucker@
Damien Millerec2eaa32011-05-20 18:57:14 +10001881 - (djm) [servconf.c] remove leftover droppings of AuthorizedKeysFile2
Damien Miller814ace02011-05-20 19:02:47 +10001882 - OpenBSD CVS Sync
1883 - djm@cvs.openbsd.org 2011/05/15 08:09:01
1884 [authfd.c monitor.c serverloop.c]
1885 use FD_CLOEXEC consistently; patch from zion AT x96.org
Damien Miller8f639fe2011-05-20 19:03:08 +10001886 - djm@cvs.openbsd.org 2011/05/17 07:13:31
1887 [key.c]
1888 fatal() if asked to generate a legacy ECDSA cert (these don't exist)
1889 and fix the regress test that was trying to generate them :)
Damien Miller5d74e582011-05-20 19:03:31 +10001890 - djm@cvs.openbsd.org 2011/05/20 00:55:02
1891 [servconf.c]
1892 the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile
1893 and AuthorizedPrincipalsFile were not being correctly applied in
1894 Match blocks, despite being overridable there; ok dtucker@
Damien Millerc2411902011-05-20 19:03:49 +10001895 - dtucker@cvs.openbsd.org 2011/05/20 02:00:19
1896 [servconf.c]
1897 Add comment documenting what should be after the preauth check. ok djm
Damien Millerf2e407e2011-05-20 19:04:14 +10001898 - djm@cvs.openbsd.org 2011/05/20 03:25:45
1899 [monitor.c monitor_wrap.c servconf.c servconf.h]
1900 use a macro to define which string options to copy between configs
1901 for Match. This avoids problems caused by forgetting to keep three
1902 code locations in perfect sync and ordering
1903
1904 "this is at once beautiful and horrible" + ok dtucker@
Damien Millerf67188f2011-05-20 19:06:48 +10001905 - djm@cvs.openbsd.org 2011/05/17 07:13:31
1906 [regress/cert-userkey.sh]
1907 fatal() if asked to generate a legacy ECDSA cert (these don't exist)
1908 and fix the regress test that was trying to generate them :)
Damien Miller3045b452011-05-20 19:07:45 +10001909 - djm@cvs.openbsd.org 2011/05/20 02:43:36
1910 [cert-hostkey.sh]
1911 another attempt to generate a v00 ECDSA key that broke the test
1912 ID sync only - portable already had this somehow
Damien Miller7b9451f2011-05-20 19:08:11 +10001913 - dtucker@cvs.openbsd.org 2011/05/20 05:19:50
1914 [dynamic-forward.sh]
1915 Prevent races in dynamic forwarding test; ok djm
Damien Milleracacced2011-05-20 19:08:40 +10001916 - dtucker@cvs.openbsd.org 2011/05/20 06:32:30
1917 [dynamic-forward.sh]
1918 fix dumb error in dynamic-forward test
Damien Miller14684a12011-05-20 11:23:07 +10001919
Damien Miller60432d82011-05-15 08:34:46 +1000192020110515
1921 - (djm) OpenBSD CVS Sync
1922 - djm@cvs.openbsd.org 2011/05/05 05:12:08
1923 [mux.c]
1924 gracefully fall back when ControlPath is too large for a
1925 sockaddr_un. ok markus@ as part of a larger diff
Damien Millerfd53abd2011-05-15 08:36:02 +10001926 - dtucker@cvs.openbsd.org 2011/05/06 01:03:35
1927 [sshd_config]
1928 clarify language about overriding defaults. bz#1892, from Petr Cerny
Damien Miller58a77e22011-05-15 08:36:29 +10001929 - djm@cvs.openbsd.org 2011/05/06 01:09:53
1930 [sftp.1]
1931 mention that IPv6 addresses must be enclosed in square brackets;
1932 bz#1845
Damien Miller78c40c32011-05-15 08:36:59 +10001933 - djm@cvs.openbsd.org 2011/05/06 02:05:41
1934 [sshconnect2.c]
1935 fix memory leak; bz#1849 ok dtucker@
Damien Millerd2ac5d72011-05-15 08:43:13 +10001936 - djm@cvs.openbsd.org 2011/05/06 21:14:05
1937 [packet.c packet.h]
1938 set traffic class for IPv6 traffic as we do for IPv4 TOS;
1939 patch from lionel AT mamane.lu via Colin Watson in bz#1855;
1940 ok markus@
Damien Millerdfc85fa2011-05-15 08:44:02 +10001941 - djm@cvs.openbsd.org 2011/05/06 21:18:02
1942 [ssh.c ssh_config.5]
1943 add a %L expansion (short-form of the local host name) for ControlPath;
1944 sync some more expansions with LocalCommand; ok markus@
Damien Millerfe924212011-05-15 08:44:45 +10001945 - djm@cvs.openbsd.org 2011/05/06 21:31:38
1946 [readconf.c ssh_config.5]
1947 support negated Host matching, e.g.
1948
1949 Host *.example.org !c.example.org
1950 User mekmitasdigoat
1951
1952 Will match "a.example.org", "b.example.org", but not "c.example.org"
1953 ok markus@
Damien Miller21771e22011-05-15 08:45:50 +10001954 - djm@cvs.openbsd.org 2011/05/06 21:34:32
1955 [clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
1956 Add a RequestTTY ssh_config option to allow configuration-based
1957 control over tty allocation (like -t/-T); ok markus@
Damien Millera6bbbe42011-05-15 08:46:29 +10001958 - djm@cvs.openbsd.org 2011/05/06 21:38:58
1959 [ssh.c]
1960 fix dropping from previous diff
Damien Millerc067f622011-05-15 08:46:54 +10001961 - djm@cvs.openbsd.org 2011/05/06 22:20:10
1962 [PROTOCOL.mux]
1963 fix numbering; from bert.wesarg AT googlemail.com
Damien Miller486dd2e2011-05-15 08:47:18 +10001964 - jmc@cvs.openbsd.org 2011/05/07 23:19:39
1965 [ssh_config.5]
1966 - tweak previous
1967 - come consistency fixes
1968 ok djm
Damien Millerf4b32aa2011-05-15 08:47:43 +10001969 - jmc@cvs.openbsd.org 2011/05/07 23:20:25
1970 [ssh.1]
1971 +.It RequestTTY
Damien Miller555f3b82011-05-15 08:48:05 +10001972 - djm@cvs.openbsd.org 2011/05/08 12:52:01
1973 [PROTOCOL.mux clientloop.c clientloop.h mux.c]
1974 improve our behaviour when TTY allocation fails: if we are in
1975 RequestTTY=auto mode (the default), then do not treat at TTY
1976 allocation error as fatal but rather just restore the local TTY
1977 to cooked mode and continue. This is more graceful on devices that
1978 never allocate TTYs.
1979
1980 If RequestTTY is set to "yes" or "force", then failure to allocate
1981 a TTY is fatal.
1982
1983 ok markus@
Damien Miller32198242011-05-15 08:50:32 +10001984 - djm@cvs.openbsd.org 2011/05/10 05:46:46
1985 [authfile.c]
1986 despam debug() logs by detecting that we are trying to load a private key
1987 in key_try_load_public() and returning early; ok markus@
Damien Miller7c1b2c42011-05-15 08:51:05 +10001988 - djm@cvs.openbsd.org 2011/05/11 04:47:06
1989 [auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h]
1990 remove support for authorized_keys2; it is a relic from the early days
1991 of protocol v.2 support and has been undocumented for many years;
1992 ok markus@
Damien Miller9d276b82011-05-15 08:51:43 +10001993 - djm@cvs.openbsd.org 2011/05/13 00:05:36
1994 [authfile.c]
1995 warn on unexpected key type in key_parse_private_type()
Damien Miller23f425b2011-05-15 08:58:15 +10001996 - (djm) [packet.c] unbreak portability #endif
Damien Miller60432d82011-05-15 08:34:46 +10001997
Darren Tuckerd6548fe2011-05-10 11:13:36 +1000199820110510
1999 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fix
2000 --with-ssl-engine which was broken with the change from deprecated
2001 SSLeay_add_all_algorithms(). ok djm
2002
Darren Tucker343f75f2011-05-06 10:43:50 +1000200320110506
2004 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1875: add prototype
2005 for closefrom() in test code. Report from Dan Wallis via Gentoo.
2006
Damien Miller68790fe2011-05-05 11:19:13 +1000200720110505
2008 - (djm) [defines.h] Move up include of netinet/ip.h for IPTOS
2009 definitions. From des AT des.no
Damien Millerf22019b2011-05-05 13:48:37 +10002010 - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
2011 [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
2012 [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
2013 [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
2014 [regress/README.regress] Remove ssh-rand-helper and all its
2015 tentacles. PRNGd seeding has been rolled into entropy.c directly.
2016 Thanks to tim@ for testing on affected platforms.
Damien Miller3fcdfd52011-05-05 14:04:11 +10002017 - OpenBSD CVS Sync
2018 - djm@cvs.openbsd.org 2011/03/10 02:52:57
Damien Millerb2da7d12011-05-05 14:04:50 +10002019 [auth2-gss.c auth2.c auth.h]
Damien Miller3fcdfd52011-05-05 14:04:11 +10002020 allow GSSAPI authentication to detect when a server-side failure causes
2021 authentication failure and don't count such failures against MaxAuthTries;
2022 bz#1244 from simon AT sxw.org.uk; ok markus@ before lock
Damien Millerc5219e72011-05-05 14:05:12 +10002023 - okan@cvs.openbsd.org 2011/03/15 10:36:02
2024 [ssh-keyscan.c]
2025 use timerclear macro
2026 ok djm@
Damien Miller58f1baf2011-05-05 14:06:15 +10002027 - stevesk@cvs.openbsd.org 2011/03/23 15:16:22
2028 [ssh-keygen.1 ssh-keygen.c]
2029 Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa)
2030 for which host keys do not exist, generate the host keys with the
2031 default key file path, an empty passphrase, default bits for the key
2032 type, and default comment. This will be used by /etc/rc to generate
2033 new host keys. Idea from deraadt.
2034 ok deraadt
Damien Miller4a4d1612011-05-05 14:06:39 +10002035 - stevesk@cvs.openbsd.org 2011/03/23 16:24:56
2036 [ssh-keygen.1]
2037 -q not used in /etc/rc now so remove statement.
Damien Miller11143192011-05-05 14:13:25 +10002038 - stevesk@cvs.openbsd.org 2011/03/23 16:50:04
2039 [ssh-keygen.c]
2040 remove -d, documentation removed >10 years ago; ok markus
Damien Miller3ca1eb32011-05-05 14:13:50 +10002041 - jmc@cvs.openbsd.org 2011/03/24 15:29:30
2042 [ssh-keygen.1]
2043 zap trailing whitespace;
Damien Miller044f4a62011-05-05 14:14:08 +10002044 - stevesk@cvs.openbsd.org 2011/03/24 22:14:54
2045 [ssh-keygen.c]
2046 use strcasecmp() for "clear" cert permission option also; ok djm
Damien Miller91475862011-05-05 14:14:34 +10002047 - stevesk@cvs.openbsd.org 2011/03/29 18:54:17
2048 [misc.c misc.h servconf.c]
2049 print ipqos friendly string for sshd -T; ok markus
2050 # sshd -Tf sshd_config|grep ipqos
2051 ipqos lowdelay throughput
Damien Miller884b63a2011-05-05 14:14:52 +10002052 - djm@cvs.openbsd.org 2011/04/12 04:23:50
2053 [ssh-keygen.c]
2054 fix -Wshadow
Damien Miller26b57ce2011-05-05 14:15:09 +10002055 - djm@cvs.openbsd.org 2011/04/12 05:32:49
2056 [sshd.c]
2057 exit with 0 status on SIGTERM; bz#1879
Damien Miller085c90f2011-05-05 14:15:33 +10002058 - djm@cvs.openbsd.org 2011/04/13 04:02:48
2059 [ssh-keygen.1]
2060 improve wording; bz#1861
Damien Millerad210322011-05-05 14:15:54 +10002061 - djm@cvs.openbsd.org 2011/04/13 04:09:37
2062 [ssh-keygen.1]
2063 mention valid -b sizes for ECDSA keys; bz#1862
Damien Miller6c3eec72011-05-05 14:16:22 +10002064 - djm@cvs.openbsd.org 2011/04/17 22:42:42
2065 [PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
2066 allow graceful shutdown of multiplexing: request that a mux server
2067 removes its listener socket and refuse future multiplexing requests;
2068 ok markus@
Damien Miller8cb1cda2011-05-05 14:16:56 +10002069 - djm@cvs.openbsd.org 2011/04/18 00:46:05
2070 [ssh-keygen.c]
2071 certificate options are supposed to be packed in lexical order of
2072 option name (though we don't actually enforce this at present).
2073 Move one up that was out of sequence
Damien Miller2ce12ef2011-05-05 14:17:18 +10002074 - djm@cvs.openbsd.org 2011/05/04 21:15:29
2075 [authfile.c authfile.h ssh-add.c]
2076 allow "ssh-add - < key"; feedback and ok markus@
Tim Rice19d81812011-05-04 21:44:25 -07002077 - (tim) [configure.ac] Add AC_LANG_SOURCE to OPENSSH_CHECK_CFLAG_COMPILE
2078 so autoreconf 2.68 is happy.
Tim Rice9abb6972011-05-04 23:06:59 -07002079 - (tim) [defines.h] Deal with platforms that do not have S_IFSOCK ok djm@
Damien Miller68790fe2011-05-05 11:19:13 +10002080
Darren Tuckere541aaa2011-02-21 21:41:29 +1100208120110221
2082 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
2083 Cygwin-specific service installer script ssh-host-config. The actual
2084 functionality is the same, the revisited version is just more
2085 exact when it comes to check for problems which disallow to run
2086 certain aspects of the script. So, part of this script and the also
2087 rearranged service helper script library "csih" is to check if all
2088 the tools required to run the script are available on the system.
2089 The new script also is more thorough to inform the user why the
2090 script failed. Patch from vinschen at redhat com.
2091
Damien Miller0588beb2011-02-18 09:18:45 +1100209220110218
2093 - OpenBSD CVS Sync
2094 - djm@cvs.openbsd.org 2011/02/16 00:31:14
2095 [ssh-keysign.c]
2096 make hostbased auth with ECDSA keys work correctly. Based on patch
2097 by harvey.eneman AT oracle.com in bz#1858; ok markus@ (pre-lock)
2098
Darren Tucker3b9617e2011-02-06 13:24:35 +1100209920110206
2100 - (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in
2101 selinux code. Patch from Leonardo Chiquitto
Darren Tuckerea676a62011-02-06 13:31:23 +11002102 - (dtucker) [contrib/cygwin/ssh-{host,user}-config] Add ECDSA key
2103 generation and simplify. Patch from Corinna Vinschen.
Darren Tucker3b9617e2011-02-06 13:24:35 +11002104
Damien Millerb407dd82011-02-04 11:46:39 +1100210520110204
2106 - OpenBSD CVS Sync
2107 - djm@cvs.openbsd.org 2011/01/31 21:42:15
2108 [PROTOCOL.mux]
2109 cut'n'pasto; from bert.wesarg AT googlemail.com
Damien Miller0a5f0122011-02-04 11:47:01 +11002110 - djm@cvs.openbsd.org 2011/02/04 00:44:21
2111 [key.c]
2112 fix uninitialised nonce variable; reported by Mateusz Kocielski
Damien Millera6981272011-02-04 11:47:20 +11002113 - djm@cvs.openbsd.org 2011/02/04 00:44:43
2114 [version.h]
2115 openssh-5.8
Damien Miller0d30b092011-02-04 12:43:36 +11002116 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
2117 [contrib/suse/openssh.spec] update versions in docs and spec files.
2118 - Release OpenSSH 5.8p1
Damien Millerb407dd82011-02-04 11:46:39 +11002119
Damien Millerd4a55042011-01-28 10:30:18 +1100212020110128
2121 - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
2122 before attempting setfscreatecon(). Check whether matchpathcon()
2123 succeeded before using its result. Patch from cjwatson AT debian.org;
2124 bz#1851
2125
Tim Riced069c482011-01-26 12:32:12 -0800212620110127
2127 - (tim) [config.guess config.sub] Sync with upstream.
Tim Rice648f8762011-01-26 12:38:57 -08002128 - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete
2129 AC_TRY_COMPILE with AC_COMPILE_IFELSE, updated obsolete AC_TRY_LINK with
2130 AC_LINK_IFELSE, updated obsolete AC_TRY_RUN with AC_RUN_IFELSE, misc white
2131 space changes for consistency/readability. Makes autoconf 2.68 happy.
2132 "Nice work" djm
Tim Riced069c482011-01-26 12:32:12 -08002133
Damien Miller71adf122011-01-25 12:16:15 +1100213420110125
2135 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
2136 openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
2137 port-linux.c to avoid compilation errors. Add -lselinux to ssh when
2138 building with SELinux support to avoid linking failure; report from
2139 amk AT spamfence.net; ok dtucker
2140
Darren Tucker79241372011-01-22 09:37:01 +1100214120110122
2142 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
2143 RSA_get_default_method() for the benefit of openssl versions that don't
2144 have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott,
2145 ok djm@.
Damien Millerad4b1ad2011-01-22 20:21:33 +11002146 - OpenBSD CVS Sync
2147 - djm@cvs.openbsd.org 2011/01/22 09:18:53
2148 [version.h]
2149 crank to OpenSSH-5.7
Damien Miller966accc2011-01-22 20:23:10 +11002150 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
2151 [contrib/suse/openssh.spec] update versions in docs and spec files.
Damien Miller6f8f04b2011-01-22 20:25:11 +11002152 - (djm) Release 5.7p1
Darren Tucker79241372011-01-22 09:37:01 +11002153
Tim Rice15e1b4d2011-01-18 20:47:04 -0800215420110119
2155 - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
2156 of RPM so build completes. Signatures were changed to .asc since 4.1p1.
Damien Millere323ebc2011-01-19 23:12:27 +11002157 - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to
2158 0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre-
2159 release testing (random crashes and failure to load ECC keys).
2160 ok dtucker@
Tim Rice15e1b4d2011-01-18 20:47:04 -08002161
Damien Miller369c0e82011-01-17 10:51:40 +1100216220110117
2163 - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in
2164 $PATH, fix cleanup of droppings; reported by openssh AT
2165 roumenpetrov.info; ok dtucker@
Damien Millerfd3669e2011-01-17 11:20:18 +11002166 - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding
2167 its unique snowflake of a gdb error to the ones we look for.
Damien Miller1ccbfa82011-01-17 11:52:40 +11002168 - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running
2169 ssh-add to avoid $SUDO failures on Linux
Darren Tucker0c93adc2011-01-17 11:55:59 +11002170 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new
2171 Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
2172 to the old values. Feedback from vapier at gentoo org and djm, ok djm.
Damien Miller58497782011-01-17 16:17:09 +11002173 - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh]
2174 [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
2175 disabled on platforms that do not support them; add a "config_defined()"
2176 shell function that greps for defines in config.h and use them to decide
2177 on feature tests.
2178 Convert a couple of existing grep's over config.h to use the new function
2179 Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
2180 backslash characters in filenames, enable it for Cygwin and use it to turn
2181 of tests for quotes backslashes in sftp-glob.sh.
2182 based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@
Tim Rice6dfcd342011-01-16 22:53:56 -08002183 - (tim) [regress/agent-getpeereid.sh] shell portability fix.
Darren Tucker263d43d2011-01-17 18:50:22 +11002184 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
2185 the tinderbox.
Darren Tuckerea52a822011-01-17 21:15:27 +11002186 - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
2187 configure.ac defines.h loginrec.c] Bug #1402: add linux audit subsystem
2188 support, based on patches from Tomas Mraz and jchadima at redhat.
Damien Miller369c0e82011-01-17 10:51:40 +11002189
Darren Tucker50c61f82011-01-16 18:28:09 +1100219020110116
2191 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
2192 on configurations that don't have it.
Damien Miller4791f9d2011-01-16 23:16:53 +11002193 - OpenBSD CVS Sync
2194 - djm@cvs.openbsd.org 2011/01/16 11:50:05
2195 [clientloop.c]
2196 Use atomicio when flushing protocol 1 std{out,err} buffers at
2197 session close. This was a latent bug exposed by setting a SIGCHLD
2198 handler and spotted by kevin.brott AT gmail.com; ok dtucker@
Damien Miller6fb6fd52011-01-16 23:17:45 +11002199 - djm@cvs.openbsd.org 2011/01/16 11:50:36
2200 [sshconnect.c]
2201 reset the SIGPIPE handler when forking to execute child processes;
2202 ok dtucker@
Damien Millercfd6e4f2011-01-16 23:18:33 +11002203 - djm@cvs.openbsd.org 2011/01/16 12:05:59
2204 [clientloop.c]
2205 a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
2206 now that we use atomicio(), convert them from while loops to if statements
2207 add test and cast to compile cleanly with -Wsigned
Darren Tucker50c61f82011-01-16 18:28:09 +11002208
Darren Tucker08f83882011-01-16 18:24:04 +1100220920110114
Damien Miller445c9a52011-01-14 12:01:29 +11002210 - OpenBSD CVS Sync
2211 - djm@cvs.openbsd.org 2011/01/13 21:54:53
2212 [mux.c]
2213 correct error messages; patch from bert.wesarg AT googlemail.com
Damien Miller42747df2011-01-14 12:01:50 +11002214 - djm@cvs.openbsd.org 2011/01/13 21:55:25
2215 [PROTOCOL.mux]
2216 correct protocol names and add a couple of missing protocol number
2217 defines; patch from bert.wesarg AT googlemail.com
Damien Millere9b40482011-01-14 14:47:37 +11002218 - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in
2219 host-key-force target rather than a substitution that is replaced with a
2220 comment so that the Makefile.in is still a syntactically valid Makefile
2221 (useful to run the distprep target)
Tim Rice02d99da2011-01-13 22:20:27 -08002222 - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.
Tim Ricec5c346b2011-01-13 22:36:14 -08002223 - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some
2224 ecdsa bits.
Damien Miller445c9a52011-01-14 12:01:29 +11002225
Darren Tucker08f83882011-01-16 18:24:04 +1100222620110113
Damien Miller1708cb72011-01-13 12:21:34 +11002227 - (djm) [misc.c] include time.h for nanosleep() prototype
Tim Ricecce927c2011-01-12 19:06:31 -08002228 - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm
Tim Rice9b87a5c2011-01-12 22:35:43 -08002229 - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
2230 ecdsa keys. ok djm.
Damien Millerff22df52011-01-13 21:05:27 +11002231 - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
2232 gcc warning on platforms where it defaults to int
Damien Millercbaf8e62011-01-13 21:08:27 +11002233 - (djm) [regress/Makefile] add a few more generated files to the clean
2234 target
Damien Miller9b160862011-01-13 22:00:20 +11002235 - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad
2236 #define that was causing diffie-hellman-group-exchange-sha256 to be
2237 incorrectly disabled
Damien Miller52788062011-01-13 22:05:14 +11002238 - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
2239 should not depend on ECC support
Damien Miller1708cb72011-01-13 12:21:34 +11002240
Darren Tucker08f83882011-01-16 18:24:04 +1100224120110112
Damien Millerb66e9172011-01-12 13:30:18 +11002242 - OpenBSD CVS Sync
2243 - nicm@cvs.openbsd.org 2010/10/08 21:48:42
2244 [openbsd-compat/glob.c]
2245 Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
2246 from ARG_MAX to 64K.
2247 Fixes glob-using programs (notably ftp) able to be triggered to hit
2248 resource limits.
2249 Idea from a similar NetBSD change, original problem reported by jasper@.
2250 ok millert tedu jasper
Damien Miller4927aaf2011-01-12 13:32:03 +11002251 - djm@cvs.openbsd.org 2011/01/12 01:53:14
2252 avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
2253 and sanity check arguments (these will be unnecessary when we switch
2254 struct glob members from being type into to size_t in the future);
2255 "looks ok" tedu@ feedback guenther@
Damien Miller945aa0c2011-01-12 13:34:02 +11002256 - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
2257 silly warnings on write() calls we don't care succeed or not.
Damien Miller134d02a2011-01-12 16:00:37 +11002258 - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler
2259 flag tests that don't depend on gcc version at all; suggested by and
2260 ok dtucker@
Damien Millerb66e9172011-01-12 13:30:18 +11002261
Tim Rice076a3b92011-01-10 12:56:26 -0800226220110111
2263 - (tim) [regress/host-expand.sh] Fix for building outside of read only
2264 source tree.
Damien Miller81ad4b12011-01-11 17:02:23 +11002265 - (djm) [platform.c] Some missing includes that show up under -Werror
Damien Millerb73b6fd2011-01-11 17:18:56 +11002266 - OpenBSD CVS Sync
2267 - djm@cvs.openbsd.org 2011/01/08 10:51:51
2268 [clientloop.c]
2269 use host and not options.hostname, as the latter may have unescaped
2270 substitution characters
Damien Millera256c8d2011-01-11 17:20:05 +11002271 - djm@cvs.openbsd.org 2011/01/11 06:06:09
2272 [sshlogin.c]
2273 fd leak on error paths; from zinovik@
2274 NB. Id sync only; we use loginrec.c that was also audited and fixed
2275 recently
Damien Miller821de0a2011-01-11 17:20:29 +11002276 - djm@cvs.openbsd.org 2011/01/11 06:13:10
2277 [clientloop.c ssh-keygen.c sshd.c]
2278 some unsigned long long casts that make things a bit easier for
2279 portable without resorting to dropping PRIu64 formats everywhere
Tim Rice076a3b92011-01-10 12:56:26 -08002280
Damien Millere63b7f22011-01-09 09:19:50 +1100228120110109
2282 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by
2283 openssh AT roumenpetrov.info
2284
Damien Miller996384d2011-01-08 21:58:20 +1100228520110108
2286 - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress
2287 test on OSX and others. Reported by imorgan AT nas.nasa.gov
2288
Damien Miller322125b2011-01-07 09:50:08 +1100228920110107
2290 - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test
2291 for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
Damien Miller83f8a402011-01-07 09:51:17 +11002292 - djm@cvs.openbsd.org 2011/01/06 22:23:53
2293 [ssh.c]
2294 unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
2295 googlemail.com; ok markus@
Damien Miller64abf312011-01-07 09:51:52 +11002296 - djm@cvs.openbsd.org 2011/01/06 22:23:02
2297 [clientloop.c]
2298 when exiting due to ServerAliveTimeout, mention the hostname that caused
2299 it (useful with backgrounded controlmaster)
Damien Miller7d06b002011-01-07 09:54:20 +11002300 - djm@cvs.openbsd.org 2011/01/06 22:46:21
2301 [regress/Makefile regress/host-expand.sh]
2302 regress test for LocalCommand %n expansion from bert.wesarg AT
2303 googlemail.com; ok markus@
Damien Millered3a8eb2011-01-07 10:02:52 +11002304 - djm@cvs.openbsd.org 2011/01/06 23:01:35
2305 [sshconnect.c]
2306 reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
2307 ok markus@
Damien Miller322125b2011-01-07 09:50:08 +11002308
Damien Millerf1211432011-01-06 22:40:30 +1100230920110106
2310 - (djm) OpenBSD CVS Sync
2311 - markus@cvs.openbsd.org 2010/12/08 22:46:03
2312 [scp.1 scp.c]
2313 add a new -3 option to scp: Copies between two remote hosts are
2314 transferred through the local host. Without this option the data
2315 is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
Damien Miller907998d2011-01-06 22:41:21 +11002316 - jmc@cvs.openbsd.org 2010/12/09 14:13:33
2317 [scp.1 scp.c]
2318 scp.1: grammer fix
2319 scp.c: add -3 to usage()
Damien Miller05c89972011-01-06 22:42:04 +11002320 - markus@cvs.openbsd.org 2010/12/14 11:59:06
2321 [sshconnect.c]
2322 don't mention key type in key-changed-warning, since we also print
2323 this warning if a new key type appears. ok djm@
Damien Miller106079c2011-01-06 22:43:44 +11002324 - djm@cvs.openbsd.org 2010/12/15 00:49:27
2325 [readpass.c]
2326 fix ControlMaster=ask regression
2327 reset SIGCHLD handler before fork (and restore it after) so we don't miss
2328 the the askpass child's exit status. Correct test for exit status/signal to
2329 account for waitpid() failure; with claudio@ ok claudio@ markus@
Damien Millerde53fd02011-01-06 22:44:18 +11002330 - djm@cvs.openbsd.org 2010/12/24 21:41:48
2331 [auth-options.c]
2332 don't send the actual forced command in a debug message; ok markus deraadt
Damien Miller8ad960b2011-01-06 22:44:44 +11002333 - otto@cvs.openbsd.org 2011/01/04 20:44:13
2334 [ssh-keyscan.c]
2335 handle ecdsa-sha2 with various key lengths; hint and ok djm@
Damien Millerf1211432011-01-06 22:40:30 +11002336
Damien Miller30a69e72011-01-04 08:16:27 +1100233720110104
2338 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
2339 formatter if it is present, followed by nroff and groff respectively.
2340 Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
2341 in favour of mandoc). feedback and ok tim
2342
234320110103
Damien Millerd197fd62011-01-03 14:48:14 +11002344 - (djm) [Makefile.in] revert local hack I didn't intend to commit
2345
234620110102
Damien Miller4a06f922011-01-02 21:43:59 +11002347 - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker
Damien Miller41bccf72011-01-02 21:53:07 +11002348 - (djm) [configure.ac] Check whether libdes is needed when building
2349 with Heimdal krb5 support. On OpenBSD this library no longer exists,
2350 so linking it unconditionally causes a build failure; ok dtucker
Damien Miller4a06f922011-01-02 21:43:59 +11002351
Damien Miller928362d2010-12-26 14:26:45 +1100235220101226
2353 - (dtucker) OpenBSD CVS Sync
2354 - djm@cvs.openbsd.org 2010/12/08 04:02:47
2355 [ssh_config.5 sshd_config.5]
2356 explain that IPQoS arguments are separated by whitespace; iirc requested
2357 by jmc@ a while back
2358
Darren Tucker37bb7562010-12-05 08:46:05 +1100235920101205
2360 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from
2361 debugging. Spotted by djm.
Darren Tucker7336b902010-12-05 09:00:30 +11002362 - (dtucker) OpenBSD CVS Sync
2363 - djm@cvs.openbsd.org 2010/12/03 23:49:26
2364 [schnorr.c]
2365 check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao
2366 (this code is still disabled, but apprently people are treating it as
2367 a reference implementation)
Darren Tuckeradab6f12010-12-05 09:01:47 +11002368 - djm@cvs.openbsd.org 2010/12/03 23:55:27
2369 [auth-rsa.c]
2370 move check for revoked keys to run earlier (in auth_rsa_key_allowed)
2371 bz#1829; patch from ldv AT altlinux.org; ok markus@
Darren Tuckeraf1f9092010-12-05 09:02:47 +11002372 - djm@cvs.openbsd.org 2010/12/04 00:18:01
2373 [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
2374 add a protocol extension to support a hard link operation. It is
2375 available through the "ln" command in the client. The old "ln"
2376 behaviour of creating a symlink is available using its "-s" option
2377 or through the preexisting "symlink" command; based on a patch from
2378 miklos AT szeredi.hu in bz#1555; ok markus@
Darren Tucker094f1e92010-12-05 09:03:31 +11002379 - djm@cvs.openbsd.org 2010/12/04 13:31:37
2380 [hostfile.c]
2381 fix fd leak; spotted and ok dtucker
Darren Tucker4288c532010-12-05 09:45:50 +11002382 - djm@cvs.openbsd.org 2010/12/04 00:21:19
2383 [regress/sftp-cmds.sh]
2384 adjust for hard-link support
Darren Tucker7e1a5a42010-12-05 09:29:31 +11002385 - (dtucker) [regress/Makefile] Id sync.
Darren Tucker37bb7562010-12-05 08:46:05 +11002386
Damien Millerd89745b2010-12-03 10:50:26 +1100238720101204
2388 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
2389 instead of (arc4random() % range)
Darren Tuckerebdef762010-12-04 23:20:50 +11002390 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] Add
2391 shims for the new, non-deprecated OpenSSL key generation functions for
2392 platforms that don't have the new interfaces.
Damien Millerd89745b2010-12-03 10:50:26 +11002393
Damien Miller188ea812010-12-01 11:50:14 +1100239420101201
2395 - OpenBSD CVS Sync
2396 - deraadt@cvs.openbsd.org 2010/11/20 05:12:38
2397 [auth2-pubkey.c]
2398 clean up cases of ;;
Damien Miller2cd62932010-12-01 11:50:35 +11002399 - djm@cvs.openbsd.org 2010/11/21 01:01:13
2400 [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
2401 honour $TMPDIR for client xauth and ssh-agent temporary directories;
2402 feedback and ok markus@
Damien Millera2327922010-12-01 12:01:21 +11002403 - djm@cvs.openbsd.org 2010/11/21 10:57:07
2404 [authfile.c]
2405 Refactor internals of private key loading and saving to work on memory
2406 buffers rather than directly on files. This will make a few things
2407 easier to do in the future; ok markus@
Damien Miller6a740e72010-12-01 12:01:51 +11002408 - djm@cvs.openbsd.org 2010/11/23 02:35:50
2409 [auth.c]
2410 use strict_modes already passed as function argument over referencing
2411 global options.strict_modes
Damien Millerd0fdd682010-12-01 12:02:14 +11002412 - djm@cvs.openbsd.org 2010/11/23 23:57:24
2413 [clientloop.c]
2414 avoid NULL deref on receiving a channel request on an unknown or invalid
2415 channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
Damien Millerb7f827a2010-12-01 12:02:35 +11002416 - djm@cvs.openbsd.org 2010/11/24 01:24:14
2417 [channels.c]
2418 remove a debug() that pollutes stderr on client connecting to a server
2419 in debug mode (channel_close_fds is called transitively from the session
2420 code post-fork); bz#1719, ok dtucker
Damien Millerf80c3de2010-12-01 12:02:59 +11002421 - djm@cvs.openbsd.org 2010/11/25 04:10:09
2422 [session.c]
2423 replace close() loop for fds 3->64 with closefrom();
2424 ok markus deraadt dtucker
Damien Miller87dc0a42010-12-01 12:03:19 +11002425 - djm@cvs.openbsd.org 2010/11/26 05:52:49
2426 [scp.c]
2427 Pass through ssh command-line flags and options when doing remote-remote
2428 transfers, e.g. to enable agent forwarding which is particularly useful
2429 in this case; bz#1837 ok dtucker@
Damien Miller03c0e532010-12-01 12:03:39 +11002430 - markus@cvs.openbsd.org 2010/11/29 18:57:04
2431 [authfile.c]
2432 correctly load comment for encrypted rsa1 keys;
2433 report/fix Joachim Schipper; ok djm@
Damien Millerd925dcd2010-12-01 12:21:51 +11002434 - djm@cvs.openbsd.org 2010/11/29 23:45:51
2435 [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c]
2436 [sshconnect.h sshconnect2.c]
2437 automatically order the hostkeys requested by the client based on
2438 which hostkeys are already recorded in known_hosts. This avoids
2439 hostkey warnings when connecting to servers with new ECDSA keys
2440 that are preferred by default; with markus@
Damien Miller188ea812010-12-01 11:50:14 +11002441
Darren Tuckerd9957122010-11-24 10:09:13 +1100244220101124
2443 - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
2444 into the platform-specific code Only affects SCO, tested by and ok tim@.
Damien Miller88e341e2010-11-24 10:36:15 +11002445 - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
2446 group read/write. ok dtucker@
Darren Tucker4b6cbf72010-11-24 10:46:37 +11002447 - (dtucker) [packet.c] Remove redundant local declaration of "int tos".
Damien Miller73de86a2010-11-24 10:50:04 +11002448 - (djm) [defines.h] Add IP DSCP defines
Darren Tuckerd9957122010-11-24 10:09:13 +11002449
Darren Tucker9e0ff7a2010-11-22 17:59:00 +1100245020101122
2451 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
2452 from vapier at gentoo org.
2453
Damien Miller7a221a12010-11-20 15:14:29 +1100245420101120
2455 - OpenBSD CVS Sync
2456 - djm@cvs.openbsd.org 2010/11/05 02:46:47
2457 [packet.c]
2458 whitespace KNF
Damien Miller4499f4c2010-11-20 15:15:49 +11002459 - djm@cvs.openbsd.org 2010/11/10 01:33:07
2460 [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c]
2461 use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED.
2462 these have been around for years by this time. ok markus
Damien Miller0dac6fb2010-11-20 15:19:38 +11002463 - djm@cvs.openbsd.org 2010/11/13 23:27:51
2464 [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
2465 [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
2466 allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
2467 hardcoding lowdelay/throughput.
2468
2469 bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
Damien Miller8e1ea4e2010-11-20 15:20:10 +11002470 - jmc@cvs.openbsd.org 2010/11/15 07:40:14
2471 [ssh_config.5]
2472 libary -> library;
Damien Miller0a184732010-11-20 15:21:03 +11002473 - jmc@cvs.openbsd.org 2010/11/18 15:01:00
2474 [scp.1 sftp.1 ssh.1 sshd_config.5]
2475 add IPQoS to the various -o lists, and zap some trailing whitespace;
Damien Miller7a221a12010-11-20 15:14:29 +11002476
Damien Millerdd190dd2010-11-11 14:17:02 +1100247720101111
2478 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
2479 platforms that don't support ECC. Fixes some spurious warnings reported
2480 by tim@
2481
Tim Ricee426f5e2010-11-08 09:15:14 -0800248220101109
2483 - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
2484 Feedback from dtucker@
Tim Ricec7a8af02010-11-08 14:26:23 -08002485 - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add
2486 support for platforms missing isblank(). ok djm@
Tim Ricee426f5e2010-11-08 09:15:14 -08002487
Tim Rice522262f2010-11-07 13:00:27 -0800248820101108
2489 - (tim) [regress/Makefile] Fixes to allow building/testing outside source
2490 tree.
Tim Ricec10aeaa2010-11-07 13:03:11 -08002491 - (tim) [regress/kextype.sh] Shell portability fix.
Tim Rice522262f2010-11-07 13:00:27 -08002492
Darren Tuckerd1ece6e2010-11-07 18:05:54 +1100249320101107
2494 - (dtucker) [platform.c] includes.h instead of defines.h so that we get
2495 the correct typedefs.
2496
Damien Miller3a0e9f62010-11-05 10:16:34 +1100249720101105
Damien Miller34ee4202010-11-05 10:52:37 +11002498 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of
2499 int. Should fix bz#1817 cleanly; ok dtucker@
Damien Miller3a0e9f62010-11-05 10:16:34 +11002500 - OpenBSD CVS Sync
2501 - djm@cvs.openbsd.org 2010/09/22 12:26:05
2502 [regress/Makefile regress/kextype.sh]
2503 regress test for each of the key exchange algorithms that we support
Damien Millerb472a902010-11-05 10:19:49 +11002504 - djm@cvs.openbsd.org 2010/10/28 11:22:09
2505 [authfile.c key.c key.h ssh-keygen.c]
2506 fix a possible NULL deref on loading a corrupt ECDH key
2507
2508 store ECDH group information in private keys files as "named groups"
2509 rather than as a set of explicit group parameters (by setting
2510 the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
2511 retrieves the group's OpenSSL NID that we need for various things.
Damien Miller55fa5652010-11-05 10:20:14 +11002512 - jmc@cvs.openbsd.org 2010/10/28 18:33:28
2513 [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
2514 knock out some "-*- nroff -*-" lines;
Damien Miller07331212010-11-05 10:20:31 +11002515 - djm@cvs.openbsd.org 2010/11/04 02:45:34
2516 [sftp-server.c]
2517 umask should be parsed as octal. reported by candland AT xmission.com;
2518 ok markus@
Darren Tucker97528352010-11-05 12:03:05 +11002519 - (dtucker) [configure.ac platform.{c,h} session.c
2520 openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
2521 Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
2522 ok djm@
Darren Tucker920612e2010-11-05 12:36:15 +11002523 - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
2524 after the user's groups are established and move the selinux calls into it.
Darren Tucker4db38072010-11-05 12:41:13 +11002525 - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
2526 platform.c
Darren Tucker44a97be2010-11-05 12:45:18 +11002527 - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
Darren Tuckerfd4d8aa2010-11-05 12:50:41 +11002528 - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
2529 retain previous behavior.
Darren Tucker728d8372010-11-05 13:00:05 +11002530 - (dtucker) [platform.c session.c] Move the PAM credential establishment for
2531 the LOGIN_CAP case into platform.c.
Darren Tucker7a8afe32010-11-05 13:07:24 +11002532 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
2533 platform.c
Darren Tucker0b2ee642010-11-05 13:29:25 +11002534 - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c.
2535 - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
2536 platform.c.
Darren Tuckercc124182010-11-05 13:32:52 +11002537 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
2538 non-LOGIN_CAP case into platform.c.
Darren Tuckerb12fe272010-11-05 14:47:01 +11002539 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
2540 check into platform.c
Darren Tuckerb69e0332010-11-05 18:19:15 +11002541 - (dtucker) [regress/keytype.sh] Import new test.
Darren Tuckereab5f0d2010-11-05 18:23:38 +11002542 - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]
2543 Import recent changes to regress/Makefile, pass a flag to enable ECC tests
2544 from configure through to regress/Makefile and use it in the tests.
Darren Tucker345178d2010-11-05 18:35:52 +11002545 - (dtucker) [regress/kextype.sh] Add missing "test".
Darren Tuckerf619d1c2010-11-05 18:41:50 +11002546 - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not
2547 strictly correct since while ECC requires sha256 the reverse is not true
2548 however it does prevent spurious test failures.
Darren Tucker9283d8c2010-11-05 18:56:08 +11002549 - (dtucker) [platform.c] Need servconf.h and extern options.
Damien Miller3a0e9f62010-11-05 10:16:34 +11002550
Tim Ricebdd3e672010-10-24 18:35:55 -0700255120101025
2552 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
2553 1.12 to unbreak Solaris build.
2554 ok djm@
Darren Tucker54b1f312010-10-25 16:54:28 +11002555 - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a
2556 native one.
Tim Ricebdd3e672010-10-24 18:35:55 -07002557
Darren Tuckera5393932010-10-24 10:47:30 +1100255820101024
2559 - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.
Darren Tuckerbfd9b1b2010-10-24 11:19:26 +11002560 - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms
2561 which don't have ECC support in libcrypto.
Darren Tuckerd633fef2010-10-24 11:33:07 +11002562 - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms
2563 which don't have ECC support in libcrypto.
Darren Tucker7bc236d2010-10-24 11:58:43 +11002564 - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't
2565 have it.
Darren Tuckerd78739a2010-10-24 10:56:32 +11002566 - (dtucker) OpenBSD CVS Sync
2567 - sthen@cvs.openbsd.org 2010/10/23 22:06:12
2568 [sftp.c]
2569 escape '[' in filename tab-completion; fix a type while there.
2570 ok djm@
Darren Tuckera5393932010-10-24 10:47:30 +11002571
Damien Miller68512c02010-10-21 15:21:11 +1100257220101021
2573 - OpenBSD CVS Sync
2574 - dtucker@cvs.openbsd.org 2010/10/12 02:22:24
2575 [mux.c]
2576 Typo in confirmation message. bz#1827, patch from imorgan at
2577 nas nasa gov
Damien Miller6fd2d7d2010-10-21 15:27:14 +11002578 - djm@cvs.openbsd.org 2010/08/31 12:24:09
2579 [regress/cert-hostkey.sh regress/cert-userkey.sh]
2580 tests for ECDSA certificates
Damien Miller68512c02010-10-21 15:21:11 +11002581
Damien Miller1f789802010-10-11 22:35:22 +1100258220101011
Damien Miller47e57bf2010-10-12 13:28:12 +11002583 - (djm) [canohost.c] Zero a4 instead of addr to better match type.
2584 bz#1825, reported by foo AT mailinator.com
Damien Miller9c0c31d2010-10-12 13:30:44 +11002585 - (djm) [sshconnect.c] Need signal.h for prototype for kill(2)
Damien Miller47e57bf2010-10-12 13:28:12 +11002586
258720101011
Damien Miller1f789802010-10-11 22:35:22 +11002588 - (djm) [configure.ac] Use = instead of == in shell tests. Patch from
2589 dr AT vasco.com
2590
Damien Milleraa180632010-10-07 21:25:27 +1100259120101007
Damien Miller9a3d0dc2010-10-07 22:06:42 +11002592 - (djm) [ssh-agent.c] Fix type for curve name.
Damien Milleraa180632010-10-07 21:25:27 +11002593 - (djm) OpenBSD CVS Sync
2594 - matthew@cvs.openbsd.org 2010/09/24 13:33:00
2595 [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
2596 [openbsd-compat/timingsafe_bcmp.c]
2597 Add timingsafe_bcmp(3) to libc, mention that it's already in the
2598 kernel in kern(9), and remove it from OpenSSH.
2599 ok deraadt@, djm@
2600 NB. re-added under openbsd-compat/ for portable OpenSSH
Damien Millera6e121a2010-10-07 21:39:17 +11002601 - djm@cvs.openbsd.org 2010/09/25 09:30:16
2602 [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
2603 make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
2604 rountrips to fetch per-file stat(2) information.
2605 NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
2606 match.
Damien Miller68e2e562010-10-07 21:39:55 +11002607 - djm@cvs.openbsd.org 2010/09/26 22:26:33
2608 [sftp.c]
2609 when performing an "ls" in columnated (short) mode, only call
2610 ioctl(TIOCGWINSZ) once to get the window width instead of per-
2611 filename
Damien Millerc54b02c2010-10-07 21:40:17 +11002612 - djm@cvs.openbsd.org 2010/09/30 11:04:51
2613 [servconf.c]
2614 prevent free() of string in .rodata when overriding AuthorizedKeys in
2615 a Match block; patch from rein AT basefarm.no
Damien Miller9a3d0dc2010-10-07 22:06:42 +11002616 - djm@cvs.openbsd.org 2010/10/01 23:05:32
2617 [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
2618 adapt to API changes in openssl-1.0.0a
2619 NB. contains compat code to select correct API for older OpenSSL
Damien Miller38d9a962010-10-07 22:07:11 +11002620 - djm@cvs.openbsd.org 2010/10/05 05:13:18
2621 [sftp.c sshconnect.c]
2622 use default shell /bin/sh if $SHELL is ""; ok markus@
Damien Millera41ccca2010-10-07 22:07:32 +11002623 - djm@cvs.openbsd.org 2010/10/06 06:39:28
2624 [clientloop.c ssh.c sshconnect.c sshconnect.h]
2625 kill proxy command on fatal() (we already kill it on clean exit);
2626 ok markus@
Damien Miller45fcdaa2010-10-07 22:07:58 +11002627 - djm@cvs.openbsd.org 2010/10/06 21:10:21
2628 [sshconnect.c]
2629 swapped args to kill(2)
Damien Miller37f4f182010-10-07 22:10:38 +11002630 - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.
Damien Miller80e99532010-10-07 22:12:08 +11002631 - (djm) [cipher-acss.c] Add missing header.
Damien Miller88b844f2010-10-07 22:19:23 +11002632 - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp
Damien Milleraa180632010-10-07 21:25:27 +11002633
Damien Miller6186bbc2010-09-24 22:00:54 +1000263420100924
2635 - (djm) OpenBSD CVS Sync
2636 - naddy@cvs.openbsd.org 2010/09/10 15:19:29
2637 [ssh-keygen.1]
2638 * mention ECDSA in more places
2639 * less repetition in FILES section
2640 * SSHv1 keys are still encrypted with 3DES
2641 help and ok jmc@
Damien Miller1ca94692010-09-24 22:01:22 +10002642 - djm@cvs.openbsd.org 2010/09/11 21:44:20
2643 [ssh.1]
2644 mention RFC 5656 for ECC stuff
Damien Miller881adf72010-09-24 22:01:54 +10002645 - jmc@cvs.openbsd.org 2010/09/19 21:30:05
2646 [sftp.1]
2647 more wacky macro fixing;
Damien Miller857b02e2010-09-24 22:02:56 +10002648 - djm@cvs.openbsd.org 2010/09/20 04:41:47
2649 [ssh.c]
2650 install a SIGCHLD handler to reap expiried child process; ok markus@
Damien Millerf7540cd2010-09-24 22:03:24 +10002651 - djm@cvs.openbsd.org 2010/09/20 04:50:53
2652 [jpake.c schnorr.c]
2653 check that received values are smaller than the group size in the
2654 disabled and unfinished J-PAKE code.
2655 avoids catastrophic security failure found by Sebastien Martini
Damien Miller18e1cab2010-09-24 22:07:17 +10002656 - djm@cvs.openbsd.org 2010/09/20 04:54:07
2657 [jpake.c]
2658 missing #include
Damien Miller603134e2010-09-24 22:07:55 +10002659 - djm@cvs.openbsd.org 2010/09/20 07:19:27
2660 [mux.c]
2661 "atomically" create the listening mux socket by binding it on a temorary
2662 name and then linking it into position after listen() has succeeded.
2663 this allows the mux clients to determine that the server socket is
2664 either ready or stale without races. stale server sockets are now
2665 automatically removed
2666 ok deraadt
Damien Millerd5f62bf2010-09-24 22:11:14 +10002667 - djm@cvs.openbsd.org 2010/09/22 05:01:30
2668 [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
2669 [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
2670 add a KexAlgorithms knob to the client and server configuration to allow
2671 selection of which key exchange methods are used by ssh(1) and sshd(8)
2672 and their order of preference.
2673 ok markus@
Damien Miller7fe2b1f2010-09-24 22:11:53 +10002674 - jmc@cvs.openbsd.org 2010/09/22 08:30:08
2675 [ssh.1 ssh_config.5]
2676 ssh.1: add kexalgorithms to the -o list
2677 ssh_config.5: format the kexalgorithms in a more consistent
2678 (prettier!) way
2679 ok djm
Damien Miller65e42f82010-09-24 22:15:11 +10002680 - djm@cvs.openbsd.org 2010/09/22 22:58:51
2681 [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
2682 [sftp-client.h sftp.1 sftp.c]
2683 add an option per-read/write callback to atomicio
2684
2685 factor out bandwidth limiting code from scp(1) into a generic bandwidth
2686 limiter that can be attached using the atomicio callback mechanism
2687
2688 add a bandwidth limit option to sftp(1) using the above
2689 "very nice" markus@
Damien Miller56883e12010-09-24 22:15:39 +10002690 - jmc@cvs.openbsd.org 2010/09/23 13:34:43
2691 [sftp.c]
2692 add [-l limit] to usage();
Damien Miller2beb32f2010-09-24 22:16:03 +10002693 - jmc@cvs.openbsd.org 2010/09/23 13:36:46
2694 [scp.1 sftp.1]
2695 add KexAlgorithms to the -o list;
Damien Miller6186bbc2010-09-24 22:00:54 +10002696
Damien Miller4314c2b2010-09-10 11:12:09 +1000269720100910
Darren Tucker50e3bab2010-09-10 10:30:25 +10002698 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact
2699 return code since it can apparently return -1 under some conditions. From
2700 openssh bugs werbittewas de, ok djm@
Damien Miller4314c2b2010-09-10 11:12:09 +10002701 - OpenBSD CVS Sync
2702 - djm@cvs.openbsd.org 2010/08/31 12:33:38
2703 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
2704 reintroduce commit from tedu@, which I pulled out for release
2705 engineering:
2706 OpenSSL_add_all_algorithms is the name of the function we have a
2707 man page for, so use that. ok djm
Damien Millerde735ea2010-09-10 11:12:38 +10002708 - jmc@cvs.openbsd.org 2010/08/31 17:40:54
2709 [ssh-agent.1]
2710 fix some macro abuse;
Damien Millerd4427902010-09-10 11:15:10 +10002711 - jmc@cvs.openbsd.org 2010/08/31 21:14:58
2712 [ssh.1]
2713 small text tweak to accommodate previous;
Damien Millere13cadf2010-09-10 11:15:33 +10002714 - naddy@cvs.openbsd.org 2010/09/01 15:21:35
2715 [servconf.c]
2716 pick up ECDSA host key by default; ok djm@
Damien Miller390f1532010-09-10 11:17:54 +10002717 - markus@cvs.openbsd.org 2010/09/02 16:07:25
Damien Miller57737942010-09-10 11:16:37 +10002718 [ssh-keygen.c]
2719 permit -b 256, 384 or 521 as key size for ECDSA; ok djm@
Damien Miller390f1532010-09-10 11:17:54 +10002720 - markus@cvs.openbsd.org 2010/09/02 16:08:39
Damien Miller5929c522010-09-10 11:17:02 +10002721 [ssh.c]
2722 unbreak ControlPersist=yes for ControlMaster=yes; ok djm@
Damien Miller6e9f6802010-09-10 11:17:38 +10002723 - naddy@cvs.openbsd.org 2010/09/02 17:21:50
2724 [ssh-keygen.c]
2725 Switch ECDSA default key size to 256 bits, which according to RFC5656
2726 should still be better than our current RSA-2048 default.
2727 ok djm@, markus@
Damien Miller390f1532010-09-10 11:17:54 +10002728 - jmc@cvs.openbsd.org 2010/09/03 11:09:29
2729 [scp.1]
2730 add an EXIT STATUS section for /usr/bin;
Damien Millerdaa7b222010-09-10 11:19:33 +10002731 - jmc@cvs.openbsd.org 2010/09/04 09:38:34
2732 [ssh-add.1 ssh.1]
2733 two more EXIT STATUS sections;
Damien Miller80ed82a2010-09-10 11:20:11 +10002734 - naddy@cvs.openbsd.org 2010/09/06 17:10:19
2735 [sshd_config]
2736 add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste
2737 <mattieu.b@gmail.com>
2738 ok deraadt@
Damien Millerbf0423e2010-09-10 11:20:38 +10002739 - djm@cvs.openbsd.org 2010/09/08 03:54:36
2740 [authfile.c]
2741 typo
Damien Miller3796ab42010-09-10 11:20:59 +10002742 - deraadt@cvs.openbsd.org 2010/09/08 04:13:31
2743 [compress.c]
2744 work around name-space collisions some buggy compilers (looking at you
2745 gcc, at least in earlier versions, but this does not forgive your current
2746 transgressions) seen between zlib and openssl
2747 ok djm
Damien Miller041ab7c2010-09-10 11:23:34 +10002748 - djm@cvs.openbsd.org 2010/09/09 10:45:45
2749 [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
2750 ECDH/ECDSA compliance fix: these methods vary the hash function they use
2751 (SHA256/384/512) depending on the length of the curve in use. The previous
2752 code incorrectly used SHA256 in all cases.
2753
2754 This fix will cause authentication failure when using 384 or 521-bit curve
2755 keys if one peer hasn't been upgraded and the other has. (256-bit curve
2756 keys work ok). In particular you may need to specify HostkeyAlgorithms
2757 when connecting to a server that has not been upgraded from an upgraded
2758 client.
2759
2760 ok naddy@
Damien Miller6af914a2010-09-10 11:39:26 +10002761 - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
2762 [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
2763 [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
2764 platforms that don't have the requisite OpenSSL support. ok dtucker@
Darren Tucker8ccb7392010-09-10 12:28:24 +10002765 - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
2766 for missing headers and compiler warnings.
Darren Tucker50e3bab2010-09-10 10:30:25 +10002767
276820100831
Damien Millerafdae612010-08-31 22:31:14 +10002769 - OpenBSD CVS Sync
2770 - jmc@cvs.openbsd.org 2010/08/08 19:36:30
2771 [ssh-keysign.8 ssh.1 sshd.8]
2772 use the same template for all FILES sections; i.e. -compact/.Pp where we
2773 have multiple items, and .Pa for path names;
Damien Miller9b87e792010-08-31 22:31:37 +10002774 - tedu@cvs.openbsd.org 2010/08/12 23:34:39
2775 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
2776 OpenSSL_add_all_algorithms is the name of the function we have a man page
2777 for, so use that. ok djm
Damien Millerd96546f2010-08-31 22:32:12 +10002778 - djm@cvs.openbsd.org 2010/08/16 04:06:06
2779 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
2780 backout previous temporarily; discussed with deraadt@
Damien Millerda108ec2010-08-31 22:36:39 +10002781 - djm@cvs.openbsd.org 2010/08/31 09:58:37
2782 [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
2783 [packet.h ssh-dss.c ssh-rsa.c]
2784 Add buffer_get_cstring() and related functions that verify that the
2785 string extracted from the buffer contains no embedded \0 characters*
2786 This prevents random (possibly malicious) crap from being appended to
2787 strings where it would not be noticed if the string is used with
2788 a string(3) function.
2789
2790 Use the new API in a few sensitive places.
2791
2792 * actually, we allow a single one at the end of the string for now because
2793 we don't know how many deployed implementations get this wrong, but don't
2794 count on this to remain indefinitely.
Damien Millereb8b60e2010-08-31 22:41:14 +10002795 - djm@cvs.openbsd.org 2010/08/31 11:54:45
2796 [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
2797 [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
2798 [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
2799 [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
2800 [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
2801 [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
2802 [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
2803 Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
2804 host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
2805 better performance than plain DH and DSA at the same equivalent symmetric
2806 key length, as well as much shorter keys.
2807
2808 Only the mandatory sections of RFC5656 are implemented, specifically the
2809 three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
2810 ECDSA. Point compression (optional in RFC5656 is NOT implemented).
2811
2812 Certificate host and user keys using the new ECDSA key types are supported.
2813
2814 Note that this code has not been tested for interoperability and may be
2815 subject to change.
2816
2817 feedback and ok markus@
Damien Millerb5a62d02010-08-31 22:47:15 +10002818 - (djm) [Makefile.in] Add new ECC files
Damien Millerc79ff072010-08-31 22:50:48 +10002819 - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include
2820 includes.h
Damien Millerafdae612010-08-31 22:31:14 +10002821
Darren Tucker6889abd2010-08-27 10:12:54 +1000282220100827
2823 - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,
2824 remove. Patch from martynas at venck us
2825
Damien Millera5362022010-08-23 21:20:20 +1000282620100823
2827 - (djm) Release OpenSSH-5.6p1
2828
Darren Tuckeraa74f672010-08-16 13:15:23 +1000282920100816
2830 - (dtucker) [configure.ac openbsd-compat/Makefile.in
2831 openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to
2832 the compat library which helps on platforms like old IRIX. Based on work
2833 by djm, tested by Tom Christensen.
Damien Miller00d9ae22010-08-17 01:59:31 +10002834 - OpenBSD CVS Sync
2835 - djm@cvs.openbsd.org 2010/08/12 21:49:44
2836 [ssh.c]
2837 close any extra file descriptors inherited from parent at start and
2838 reopen stdin/stdout to /dev/null when forking for ControlPersist.
2839
2840 prevents tools that fork and run a captive ssh for communication from
2841 failing to exit when the ssh completes while they wait for these fds to
2842 close. The inherited fds may persist arbitrarily long if a background
2843 mux master has been started by ControlPersist. cvs and scp were effected
2844 by this.
2845
2846 "please commit" markus@
Damien Miller07ad3892010-08-17 07:04:28 +10002847 - (djm) [regress/README.regress] typo
Darren Tuckeraa74f672010-08-16 13:15:23 +10002848
Tim Rice722b8d12010-08-12 09:43:13 -0700284920100812
2850 - (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.sh
2851 regress/test-exec.sh] Under certain conditions when testing with sudo
2852 tests would fail because the pidfile could not be read by a regular user.
2853 "cat: cannot open ...../regress/pidfile: Permission denied (error 13)"
2854 Make sure cat is run by $SUDO. no objection from me. djm@
Tim Ricead7d5472010-08-12 10:33:01 -07002855 - (tim) [auth.c] add cast to quiet compiler. Change only affects SVR5 systems.
Tim Rice722b8d12010-08-12 09:43:13 -07002856
Damien Miller7e569b82010-08-09 02:28:37 +1000285720100809
Damien Miller2c4b13a2010-08-10 12:47:40 +10002858 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it is
2859 already set. Makes FreeBSD user openable tunnels useful; patch from
2860 richard.burakowski+ossh AT mrburak.net, ok dtucker@
Darren Tucker02c47342010-08-10 13:36:09 +10002861 - (dtucker) bug #1530: strip trailing ":" from hostname in ssh-copy-id.
2862 based in part on a patch from Colin Watson, ok djm@
Damien Miller2c4b13a2010-08-10 12:47:40 +10002863
286420100809
Damien Miller7e569b82010-08-09 02:28:37 +10002865 - OpenBSD CVS Sync
2866 - djm@cvs.openbsd.org 2010/08/08 16:26:42
2867 [version.h]
2868 crank to 5.6
Damien Miller792010b2010-08-09 02:32:05 +10002869 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
2870 [contrib/suse/openssh.spec] Crank version numbers
Damien Miller7e569b82010-08-09 02:28:37 +10002871
Damien Miller8e604ac2010-08-09 02:28:10 +1000287220100805
Damien Miller7fa96602010-08-05 13:03:13 +10002873 - OpenBSD CVS Sync
2874 - djm@cvs.openbsd.org 2010/08/04 05:37:01
2875 [ssh.1 ssh_config.5 sshd.8]
2876 Remove mentions of weird "addr/port" alternate address format for IPv6
2877 addresses combinations. It hasn't worked for ages and we have supported
2878 the more commen "[addr]:port" format for a long time. ok jmc@ markus@
Damien Miller1da63882010-08-05 13:03:51 +10002879 - djm@cvs.openbsd.org 2010/08/04 05:40:39
2880 [PROTOCOL.certkeys ssh-keygen.c]
2881 tighten the rules for certificate encoding by requiring that options
2882 appear in lexical order and make our ssh-keygen comply. ok markus@
Damien Millerc1583312010-08-05 13:04:50 +10002883 - djm@cvs.openbsd.org 2010/08/04 05:42:47
2884 [auth.c auth2-hostbased.c authfile.c authfile.h ssh-keysign.8]
2885 [ssh-keysign.c ssh.c]
2886 enable certificates for hostbased authentication, from Iain Morgan;
2887 "looks ok" markus@
Damien Miller5458c4d2010-08-05 13:05:15 +10002888 - djm@cvs.openbsd.org 2010/08/04 05:49:22
2889 [authfile.c]
2890 commited the wrong version of the hostbased certificate diff; this
2891 version replaces some strlc{py,at} verbosity with xasprintf() at
2892 the request of markus@
Damien Miller757f34e2010-08-05 13:05:31 +10002893 - djm@cvs.openbsd.org 2010/08/04 06:07:11
2894 [ssh-keygen.1 ssh-keygen.c]
2895 Support CA keys in PKCS#11 tokens; feedback and ok markus@
Damien Millerb89e6b72010-08-05 13:06:20 +10002896 - djm@cvs.openbsd.org 2010/08/04 06:08:40
2897 [ssh-keysign.c]
2898 clean for -Wuninitialized (Id sync only; portable had this change)
Damien Miller7d457182010-08-05 23:09:48 +10002899 - djm@cvs.openbsd.org 2010/08/05 13:08:42
2900 [channels.c]
2901 Fix a trio of bugs in the local/remote window calculation for datagram
2902 data channels (i.e. TunnelForward):
2903
2904 Calculate local_consumed correctly in channel_handle_wfd() by measuring
2905 the delta to buffer_len(c->output) from when we start to when we finish.
2906 The proximal problem here is that the output_filter we use in portable
2907 modified the length of the dequeued datagram (to futz with the headers
2908 for !OpenBSD).
2909
2910 In channel_output_poll(), don't enqueue datagrams that won't fit in the
2911 peer's advertised packet size (highly unlikely to ever occur) or which
2912 won't fit in the peer's remaining window (more likely).
2913
2914 In channel_input_data(), account for the 4-byte string header in
2915 datagram packets that we accept from the peer and enqueue in c->output.
2916
2917 report, analysis and testing 2/3 cases from wierbows AT us.ibm.com;
2918 "looks good" markus@
Damien Miller7fa96602010-08-05 13:03:13 +10002919
Damien Miller8e604ac2010-08-09 02:28:10 +1000292020100803
Darren Tucker8b7a0552010-08-03 15:50:16 +10002921 - (dtucker) [monitor.c] Bug #1795: Initialize the values to be returned from
2922 PAM to sane values in case the PAM method doesn't write to them. Spotted by
2923 Bitman Zhou, ok djm@.
Damien Miller844cccf2010-08-03 16:03:29 +10002924 - OpenBSD CVS Sync
2925 - djm@cvs.openbsd.org 2010/07/16 04:45:30
2926 [ssh-keygen.c]
2927 avoid bogus compiler warning
Damien Miller4e8285e2010-08-03 16:04:03 +10002928 - djm@cvs.openbsd.org 2010/07/16 14:07:35
2929 [ssh-rsa.c]
2930 more timing paranoia - compare all parts of the expected decrypted
2931 data before returning. AFAIK not exploitable in the SSH protocol.
2932 "groovy" deraadt@
Damien Millerc4bb91c2010-08-03 16:04:22 +10002933 - djm@cvs.openbsd.org 2010/07/19 03:16:33
2934 [sftp-client.c]
2935 bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
2936 upload depth checks and causing verbose printing of transfers to always
2937 be turned on; patch from imorgan AT nas.nasa.gov
Damien Millere11e1ea2010-08-03 16:04:46 +10002938 - djm@cvs.openbsd.org 2010/07/19 09:15:12
2939 [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
2940 add a "ControlPersist" option that automatically starts a background
2941 ssh(1) multiplex master when connecting. This connection can stay alive
2942 indefinitely, or can be set to automatically close after a user-specified
2943 duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but
2944 further hacked on by wmertens AT cisco.com, apb AT cequrux.com,
2945 martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@
Damien Miller8c1eb112010-08-03 16:05:05 +10002946 - djm@cvs.openbsd.org 2010/07/21 02:10:58
2947 [misc.c]
2948 sync timingsafe_bcmp() with the one dempsky@ committed to sys/lib/libkern
Damien Miller081f3c72010-08-03 16:05:25 +10002949 - dtucker@cvs.openbsd.org 2010/07/23 08:49:25
2950 [ssh.1]
2951 Ciphers is documented in ssh_config(5) these days
Darren Tucker8b7a0552010-08-03 15:50:16 +10002952
295320100819
Darren Tucker12b29db2010-07-19 21:24:13 +10002954 - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with more
2955 details about its behaviour WRT existing directories. Patch from
2956 asguthrie at gmail com, ok djm.
2957
Damien Miller9308fc72010-07-16 13:56:01 +1000295820100716
2959 - (djm) OpenBSD CVS Sync
2960 - djm@cvs.openbsd.org 2010/07/02 04:32:44
2961 [misc.c]
2962 unbreak strdelim() skipping past quoted strings, e.g.
2963 AllowUsers "blah blah" blah
2964 was broken; report and fix in bz#1757 from bitman.zhou AT centrify.com
2965 ok dtucker;
Damien Miller1f25ab42010-07-16 13:56:23 +10002966 - djm@cvs.openbsd.org 2010/07/12 22:38:52
2967 [ssh.c]
2968 Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f")
2969 for protocol 2. ok markus@
Damien Millerd0244d42010-07-16 13:56:43 +10002970 - djm@cvs.openbsd.org 2010/07/12 22:41:13
2971 [ssh.c ssh_config.5]
2972 expand %h to the hostname in ssh_config Hostname options. While this
2973 sounds useless, it is actually handy for working with unqualified
2974 hostnames:
2975
2976 Host *.*
2977 Hostname %h
2978 Host *
2979 Hostname %h.example.org
2980
2981 "I like it" markus@
Damien Miller8a0268f2010-07-16 13:57:51 +10002982 - djm@cvs.openbsd.org 2010/07/13 11:52:06
2983 [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c]
2984 [packet.c ssh-rsa.c]
2985 implement a timing_safe_cmp() function to compare memory without leaking
2986 timing information by short-circuiting like memcmp() and use it for
2987 some of the more sensitive comparisons (though nothing high-value was
2988 readily attackable anyway); "looks ok" markus@
Damien Millerea1651c2010-07-16 13:58:37 +10002989 - djm@cvs.openbsd.org 2010/07/13 23:13:16
2990 [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c]
2991 [ssh-rsa.c]
2992 s/timing_safe_cmp/timingsafe_bcmp/g
Damien Millerbcfbc482010-07-16 13:59:11 +10002993 - jmc@cvs.openbsd.org 2010/07/14 17:06:58
2994 [ssh.1]
2995 finally ssh synopsis looks nice again! this commit just removes a ton of
2996 hacks we had in place to make it work with old groff;
Damien Millerbad5e032010-07-16 13:59:59 +10002997 - schwarze@cvs.openbsd.org 2010/07/15 21:20:38
2998 [ssh-keygen.1]
2999 repair incorrect block nesting, which screwed up indentation;
3000 problem reported and fix OK by jmc@
Damien Miller9308fc72010-07-16 13:56:01 +10003001
Tim Ricecfbdc282010-07-14 13:42:28 -0700300220100714
3003 - (tim) [contrib/redhat/openssh.spec] Bug 1796: Test for skip_x11_askpass
3004 (line 77) should have been for no_x11_askpass.
3005
Damien Millercede1db2010-07-02 13:33:48 +1000300620100702
3007 - (djm) OpenBSD CVS Sync
3008 - jmc@cvs.openbsd.org 2010/06/26 00:57:07
3009 [ssh_config.5]
3010 tweak previous;
Damien Millerb96c4412010-07-02 13:34:24 +10003011 - djm@cvs.openbsd.org 2010/06/26 23:04:04
3012 [ssh.c]
3013 oops, forgot to #include <canohost.h>; spotted and patch from chl@
Damien Miller44b25042010-07-02 13:35:01 +10003014 - djm@cvs.openbsd.org 2010/06/29 23:15:30
3015 [ssh-keygen.1 ssh-keygen.c]
3016 allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
3017 bz#1749; ok markus@
Damien Miller6018a362010-07-02 13:35:19 +10003018 - djm@cvs.openbsd.org 2010/06/29 23:16:46
3019 [auth2-pubkey.c sshd_config.5]
3020 allow key options (command="..." and friends) in AuthorizedPrincipals;
3021 ok markus@
Damien Millerea727282010-07-02 13:35:34 +10003022 - jmc@cvs.openbsd.org 2010/06/30 07:24:25
3023 [ssh-keygen.1]
3024 tweak previous;
Damien Miller6022f582010-07-02 13:37:01 +10003025 - jmc@cvs.openbsd.org 2010/06/30 07:26:03
3026 [ssh-keygen.c]
3027 sort usage();
Damien Millerd59dab82010-07-02 13:37:17 +10003028 - jmc@cvs.openbsd.org 2010/06/30 07:28:34
3029 [sshd_config.5]
3030 tweak previous;
Damien Miller0979b402010-07-02 13:37:33 +10003031 - millert@cvs.openbsd.org 2010/07/01 13:06:59
3032 [scp.c]
3033 Fix a longstanding problem where if you suspend scp at the
3034 password/passphrase prompt the terminal mode is not restored.
3035 OK djm@
Damien Miller527ded72010-07-02 13:40:16 +10003036 - phessler@cvs.openbsd.org 2010/06/27 19:19:56
3037 [regress/Makefile]
3038 fix how we run the tests so we can successfully use SUDO='sudo -E'
3039 in our env
Damien Millerab139cd2010-07-02 13:42:18 +10003040 - djm@cvs.openbsd.org 2010/06/29 23:59:54
3041 [cert-userkey.sh]
3042 regress tests for key options in AuthorizedPrincipals
Damien Millercede1db2010-07-02 13:33:48 +10003043
Tim Rice3fd307d2010-06-26 16:45:15 -0700304420100627
3045 - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs
3046 key.h.
3047
Damien Miller2e774462010-06-26 09:30:47 +1000304820100626
3049 - (djm) OpenBSD CVS Sync
3050 - djm@cvs.openbsd.org 2010/05/21 05:00:36
3051 [misc.c]
3052 colon() returns char*, so s/return (0)/return NULL/
Damien Miller4fe686d2010-06-26 09:36:10 +10003053 - markus@cvs.openbsd.org 2010/06/08 21:32:19
3054 [ssh-pkcs11.c]
3055 check length of value returned C_GetAttributValue for != 0
3056 from mdrtbugzilla@codefive.co.uk; bugzilla #1773; ok dtucker@
Damien Millerc094d1e2010-06-26 09:36:34 +10003057 - djm@cvs.openbsd.org 2010/06/17 07:07:30
3058 [mux.c]
3059 Correct sizing of object to be allocated by calloc(), replacing
3060 sizeof(state) with sizeof(*state). This worked by accident since
3061 the struct contained a single int at present, but could have broken
3062 in the future. patch from hyc AT symas.com
Damien Miller99ac4e92010-06-26 09:36:58 +10003063 - djm@cvs.openbsd.org 2010/06/18 00:58:39
3064 [sftp.c]
3065 unbreak ls in working directories that contains globbing characters in
3066 their pathnames. bz#1655 reported by vgiffin AT apple.com
Damien Miller7aa46ec2010-06-26 09:37:57 +10003067 - djm@cvs.openbsd.org 2010/06/18 03:16:03
3068 [session.c]
3069 Missing check for chroot_director == "none" (we already checked against
3070 NULL); bz#1564 from Jan.Pechanec AT Sun.COM
Damien Miller49566312010-06-26 09:38:23 +10003071 - djm@cvs.openbsd.org 2010/06/18 04:43:08
3072 [sftp-client.c]
3073 fix memory leak in do_realpath() error path; bz#1771, patch from
3074 anicka AT suse.cz
Damien Millerab6de352010-06-26 09:38:45 +10003075 - djm@cvs.openbsd.org 2010/06/22 04:22:59
3076 [servconf.c sshd_config.5]
3077 expose some more sshd_config options inside Match blocks:
3078 AuthorizedKeysFile AuthorizedPrincipalsFile
3079 HostbasedUsesNameFromPacketOnly PermitTunnel
3080 bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@
Damien Millerba3420a2010-06-26 09:39:07 +10003081 - djm@cvs.openbsd.org 2010/06/22 04:32:06
3082 [ssh-keygen.c]
3083 standardise error messages when attempting to open private key
3084 files to include "progname: filename: error reason"
3085 bz#1783; ok dtucker@
Damien Miller48147d62010-06-26 09:39:25 +10003086 - djm@cvs.openbsd.org 2010/06/22 04:49:47
3087 [auth.c]
3088 queue auth debug messages for bad ownership or permissions on the user's
3089 keyfiles. These messages will be sent after the user has successfully
3090 authenticated (where our client will display them with LogLevel=debug).
Damien Miller0e76c5e2010-06-26 09:39:59 +10003091 bz#1554; ok dtucker@
3092 - djm@cvs.openbsd.org 2010/06/22 04:54:30
3093 [ssh-keyscan.c]
3094 replace verbose and overflow-prone Linebuf code with read_keyfile_line()
3095 based on patch from joachim AT joachimschipper.nl; bz#1565; ok dtucker@
Damien Miller1b2b61e2010-06-26 09:47:43 +10003096 - djm@cvs.openbsd.org 2010/06/22 04:59:12
3097 [session.c]
3098 include the user name on "subsystem request for ..." log messages;
3099 bz#1571; ok dtucker@
Damien Millerd834d352010-06-26 09:48:02 +10003100 - djm@cvs.openbsd.org 2010/06/23 02:59:02
3101 [ssh-keygen.c]
3102 fix printing of extensions in v01 certificates that I broke in r1.190
Damien Miller232cfb12010-06-26 09:50:30 +10003103 - djm@cvs.openbsd.org 2010/06/25 07:14:46
3104 [channels.c mux.c readconf.c readconf.h ssh.h]
3105 bz#1327: remove hardcoded limit of 100 permitopen clauses and port
3106 forwards per direction; ok markus@ stevesk@
Damien Miller8853ca52010-06-26 10:00:14 +10003107 - djm@cvs.openbsd.org 2010/06/25 07:20:04
3108 [channels.c session.c]
3109 bz#1750: fix requirement for /dev/null inside ChrootDirectory for
3110 internal-sftp accidentally introduced in r1.253 by removing the code
3111 that opens and dup /dev/null to stderr and modifying the channels code
3112 to read stderr but discard it instead; ok markus@
Damien Millerbda3eca2010-06-26 10:01:33 +10003113 - djm@cvs.openbsd.org 2010/06/25 08:46:17
3114 [auth1.c auth2-none.c]
3115 skip the initial check for access with an empty password when
3116 PermitEmptyPasswords=no; bz#1638; ok markus@
Damien Miller383ffe62010-06-26 10:02:03 +10003117 - djm@cvs.openbsd.org 2010/06/25 23:10:30
3118 [ssh.c]
3119 log the hostname and address that we connected to at LogLevel=verbose
3120 after authentication is successful to mitigate "phishing" attacks by
3121 servers with trusted keys that accept authentication silently and
3122 automatically before presenting fake password/passphrase prompts;
3123 "nice!" markus@
Damien Miller1ab6a512010-06-26 10:02:24 +10003124 - djm@cvs.openbsd.org 2010/06/25 23:10:30
3125 [ssh.c]
3126 log the hostname and address that we connected to at LogLevel=verbose
3127 after authentication is successful to mitigate "phishing" attacks by
3128 servers with trusted keys that accept authentication silently and
3129 automatically before presenting fake password/passphrase prompts;
3130 "nice!" markus@
Damien Miller2e774462010-06-26 09:30:47 +10003131
Damien Millerd82a2602010-06-22 15:02:39 +1000313220100622
3133 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512
3134 bz#1579; ok dtucker
3135
Damien Millerea909792010-06-18 11:09:24 +1000313620100618
3137 - (djm) [contrib/ssh-copy-id] Update key file explicitly under ~
3138 rather than assuming that $CWD == $HOME. bz#1500, patch from
3139 timothy AT gelter.com
3140
Tim Riceb9ae4ec2010-06-17 11:11:44 -0700314120100617
3142 - (tim) [contrib/cygwin/README] Remove a reference to the obsolete
3143 minires-devel package, and to add the reference to the libedit-devel
3144 package since CYgwin now provides libedit. Patch from Corinna Vinschen.
3145
Damien Miller3bcce802010-05-21 14:48:16 +1000314620100521
3147 - (djm) OpenBSD CVS Sync
3148 - djm@cvs.openbsd.org 2010/05/07 11:31:26
3149 [regress/Makefile regress/cert-userkey.sh]
3150 regress tests for AuthorizedPrincipalsFile and "principals=" key option.
3151 feedback and ok markus@
Damien Miller3b903822010-05-21 14:56:25 +10003152 - djm@cvs.openbsd.org 2010/05/11 02:58:04
3153 [auth-rsa.c]
3154 don't accept certificates marked as "cert-authority" here; ok markus@
Damien Millerc6afb5f2010-05-21 14:56:47 +10003155 - djm@cvs.openbsd.org 2010/05/14 00:47:22
3156 [ssh-add.c]
3157 check that the certificate matches the corresponding private key before
3158 grafting it on
Damien Millerd530f5f2010-05-21 14:57:10 +10003159 - djm@cvs.openbsd.org 2010/05/14 23:29:23
3160 [channels.c channels.h mux.c ssh.c]
3161 Pause the mux channel while waiting for reply from aynch callbacks.
3162 Prevents misordering of replies if new requests arrive while waiting.
3163
3164 Extend channel open confirm callback to allow signalling failure
3165 conditions as well as success. Use this to 1) fix a memory leak, 2)
3166 start using the above pause mechanism and 3) delay sending a success/
3167 failure message on mux slave session open until we receive a reply from
3168 the server.
3169
3170 motivated by and with feedback from markus@
Damien Miller388f6fc2010-05-21 14:57:35 +10003171 - markus@cvs.openbsd.org 2010/05/16 12:55:51
3172 [PROTOCOL.mux clientloop.h mux.c readconf.c readconf.h ssh.1 ssh.c]
3173 mux support for remote forwarding with dynamic port allocation,
3174 use with
3175 LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
3176 feedback and ok djm@
Damien Miller84399552010-05-21 14:58:12 +10003177 - djm@cvs.openbsd.org 2010/05/20 11:25:26
3178 [auth2-pubkey.c]
3179 fix logspam when key options (from="..." especially) deny non-matching
3180 keys; reported by henning@ also bz#1765; ok markus@ dtucker@
Damien Millerd0e4a8e2010-05-21 14:58:32 +10003181 - djm@cvs.openbsd.org 2010/05/20 23:46:02
3182 [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
3183 Move the permit-* options to the non-critical "extensions" field for v01
3184 certificates. The logic is that if another implementation fails to
3185 implement them then the connection just loses features rather than fails
3186 outright.
3187
3188 ok markus@
Damien Miller3bcce802010-05-21 14:48:16 +10003189
Darren Tucker5b6d0d02010-05-12 16:51:38 +1000319020100511
3191 - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
3192 circular dependency problem on old or odd platforms. From Tom Lane, ok
3193 djm@.
Damien Miller4b1ec832010-05-12 17:49:59 +10003194 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on older
3195 libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't
3196 already. ok dtucker@
Darren Tucker5b6d0d02010-05-12 16:51:38 +10003197
Damien Miller50af79b2010-05-10 11:52:00 +1000319820100510
3199 - OpenBSD CVS Sync
3200 - djm@cvs.openbsd.org 2010/04/23 01:47:41
3201 [ssh-keygen.c]
3202 bz#1740: display a more helpful error message when $HOME is
3203 inaccessible while trying to create .ssh directory. Based on patch
3204 from jchadima AT redhat.com; ok dtucker@
Damien Miller85c50d72010-05-10 11:53:02 +10003205 - djm@cvs.openbsd.org 2010/04/23 22:27:38
3206 [mux.c]
3207 set "detach_close" flag when registering channel cleanup callbacks.
3208 This causes the channel to close normally when its fds close and
3209 hangs when terminating a mux slave using ~. bz#1758; ok markus@
Damien Miller22a29882010-05-10 11:53:54 +10003210 - djm@cvs.openbsd.org 2010/04/23 22:42:05
3211 [session.c]
3212 set stderr to /dev/null for subsystems rather than just closing it.
3213 avoids hangs if a subsystem or shell initialisation writes to stderr.
3214 bz#1750; ok markus@
Damien Millerbebbb7e2010-05-10 11:54:38 +10003215 - djm@cvs.openbsd.org 2010/04/23 22:48:31
3216 [ssh-keygen.c]
3217 refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
3218 since we would refuse to use them anyway. bz#1516; ok dtucker@
Damien Miller79442c02010-05-10 11:55:38 +10003219 - djm@cvs.openbsd.org 2010/04/26 22:28:24
3220 [sshconnect2.c]
3221 bz#1502: authctxt.success is declared as an int, but passed by
3222 reference to function that accepts sig_atomic_t*. Convert it to
3223 the latter; ok markus@ dtucker@
Damien Miller2725c212010-05-10 11:56:14 +10003224 - djm@cvs.openbsd.org 2010/05/01 02:50:50
3225 [PROTOCOL.certkeys]
3226 typo; jmeltzer@
Damien Miller099fc162010-05-10 11:56:50 +10003227 - dtucker@cvs.openbsd.org 2010/05/05 04:22:09
3228 [sftp.c]
3229 restore mput and mget which got lost in the tab-completion changes.
3230 found by Kenneth Whitaker, ok djm@
Damien Miller30da3442010-05-10 11:58:03 +10003231 - djm@cvs.openbsd.org 2010/05/07 11:30:30
3232 [auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c]
3233 [key.c servconf.c servconf.h sshd.8 sshd_config.5]
3234 add some optional indirection to matching of principal names listed
3235 in certificates. Currently, a certificate must include the a user's name
3236 to be accepted for authentication. This change adds the ability to
3237 specify a list of certificate principal names that are acceptable.
3238
3239 When authenticating using a CA trusted through ~/.ssh/authorized_keys,
3240 this adds a new principals="name1[,name2,...]" key option.
3241
3242 For CAs listed through sshd_config's TrustedCAKeys option, a new config
3243 option "AuthorizedPrincipalsFile" specifies a per-user file containing
3244 the list of acceptable names.
3245
3246 If either option is absent, the current behaviour of requiring the
3247 username to appear in principals continues to apply.
3248
3249 These options are useful for role accounts, disjoint account namespaces
3250 and "user@realm"-style naming policies in certificates.
3251
3252 feedback and ok markus@
Damien Miller81d3fc52010-05-10 11:58:45 +10003253 - jmc@cvs.openbsd.org 2010/05/07 12:49:17
3254 [sshd_config.5]
3255 tweak previous;
Damien Miller50af79b2010-05-10 11:52:00 +10003256
Darren Tucker9f8703b2010-04-23 11:12:06 +1000325720100423
3258 - (dtucker) [configure.ac] Bug #1756: Check for the existence of a lib64 dir
3259 in the openssl install directory (some newer openssl versions do this on at
3260 least some amd64 platforms).
3261
Damien Millerc4eddee2010-04-18 08:07:43 +1000326220100418
3263 - OpenBSD CVS Sync
3264 - jmc@cvs.openbsd.org 2010/04/16 06:45:01
3265 [ssh_config.5]
3266 tweak previous; ok djm
Damien Miller1f181422010-04-18 08:08:03 +10003267 - jmc@cvs.openbsd.org 2010/04/16 06:47:04
3268 [ssh-keygen.1 ssh-keygen.c]
3269 tweak previous; ok djm
Damien Millerc617aa92010-04-18 08:08:20 +10003270 - djm@cvs.openbsd.org 2010/04/16 21:14:27
3271 [sshconnect.c]
3272 oops, %r => remote username, not %u
Damien Miller53f4bb62010-04-18 08:15:14 +10003273 - djm@cvs.openbsd.org 2010/04/16 01:58:45
3274 [regress/cert-hostkey.sh regress/cert-userkey.sh]
3275 regression tests for v01 certificate format
3276 includes interop tests for v00 certs
Darren Tuckere25a9bd2010-04-18 13:35:00 +10003277 - (dtucker) [contrib/aix/buildbff.sh] Fix creation of ssh_prng_cmds.default
3278 file.
Damien Millerc4eddee2010-04-18 08:07:43 +10003279
Damien Millera45f1c02010-04-16 15:51:34 +1000328020100416
3281 - (djm) Release openssh-5.5p1
Damien Millerd6fc3062010-04-16 15:51:45 +10003282 - OpenBSD CVS Sync
3283 - djm@cvs.openbsd.org 2010/03/26 03:13:17
3284 [bufaux.c]
3285 allow buffer_get_int_ret/buffer_get_int64_ret to take a NULL pointer
3286 argument to allow skipping past values in a buffer
Damien Miller67f30d72010-04-16 15:52:03 +10003287 - jmc@cvs.openbsd.org 2010/03/26 06:54:36
3288 [ssh.1]
3289 tweak previous;
Damien Miller544378d2010-04-16 15:52:24 +10003290 - jmc@cvs.openbsd.org 2010/03/27 14:26:55
3291 [ssh_config.5]
3292 tweak previous; ok dtucker
Damien Millerdeb5a142010-04-16 15:52:43 +10003293 - djm@cvs.openbsd.org 2010/04/10 00:00:16
3294 [ssh.c]
3295 bz#1746 - suppress spurious tty warning when using -O and stdin
3296 is not a tty; ok dtucker@ markus@
Damien Miller67283992010-04-16 15:53:02 +10003297 - djm@cvs.openbsd.org 2010/04/10 00:04:30
3298 [sshconnect.c]
3299 fix terminology: we didn't find a certificate in known_hosts, we found
3300 a CA key
Damien Miller22c97f12010-04-16 15:53:23 +10003301 - djm@cvs.openbsd.org 2010/04/10 02:08:44
3302 [clientloop.c]
3303 bz#1698: kill channel when pty allocation requests fail. Fixed
3304 stuck client if the server refuses pty allocation.
3305 ok dtucker@ "think so" markus@
Damien Miller88680652010-04-16 15:53:43 +10003306 - djm@cvs.openbsd.org 2010/04/10 02:10:56
3307 [sshconnect2.c]
3308 show the key type that we are offering in debug(), helps distinguish
3309 between certs and plain keys as the path to the private key is usually
3310 the same.
Damien Miller601a23c2010-04-16 15:54:01 +10003311 - djm@cvs.openbsd.org 2010/04/10 05:48:16
3312 [mux.c]
3313 fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.au
Damien Millerb1b17042010-04-16 15:54:19 +10003314 - djm@cvs.openbsd.org 2010/04/14 22:27:42
3315 [ssh_config.5 sshconnect.c]
3316 expand %r => remote username in ssh_config:ProxyCommand;
3317 ok deraadt markus
Damien Miller031c9102010-04-16 15:54:44 +10003318 - markus@cvs.openbsd.org 2010/04/15 20:32:55
3319 [ssh-pkcs11.c]
3320 retry lookup for private key if there's no matching key with CKA_SIGN
3321 attribute enabled; this fixes fixes MuscleCard support (bugzilla #1736)
3322 ok djm@
Damien Miller4e270b02010-04-16 15:56:21 +10003323 - djm@cvs.openbsd.org 2010/04/16 01:47:26
3324 [PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
3325 [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
3326 [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
3327 [sshconnect.c sshconnect2.c sshd.c]
3328 revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
3329 following changes:
3330
3331 move the nonce field to the beginning of the certificate where it can
3332 better protect against chosen-prefix attacks on the signature hash
3333
3334 Rename "constraints" field to "critical options"
3335
3336 Add a new non-critical "extensions" field
3337
3338 Add a serial number
3339
3340 The older format is still support for authentication and cert generation
3341 (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
3342
3343 ok markus@