blob: 56bbe8062793766c7f89e26f8c802bc2244856b4 [file] [log] [blame]
Damien Miller68790fe2011-05-05 11:19:13 +1000120110505
2 - (djm) [defines.h] Move up include of netinet/ip.h for IPTOS
3 definitions. From des AT des.no
Damien Millerf22019b2011-05-05 13:48:37 +10004 - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
5 [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
6 [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
7 [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
8 [regress/README.regress] Remove ssh-rand-helper and all its
9 tentacles. PRNGd seeding has been rolled into entropy.c directly.
10 Thanks to tim@ for testing on affected platforms.
Damien Miller3fcdfd52011-05-05 14:04:11 +100011 - OpenBSD CVS Sync
12 - djm@cvs.openbsd.org 2011/03/10 02:52:57
Damien Millerb2da7d12011-05-05 14:04:50 +100013 [auth2-gss.c auth2.c auth.h]
Damien Miller3fcdfd52011-05-05 14:04:11 +100014 allow GSSAPI authentication to detect when a server-side failure causes
15 authentication failure and don't count such failures against MaxAuthTries;
16 bz#1244 from simon AT sxw.org.uk; ok markus@ before lock
Damien Millerc5219e72011-05-05 14:05:12 +100017 - okan@cvs.openbsd.org 2011/03/15 10:36:02
18 [ssh-keyscan.c]
19 use timerclear macro
20 ok djm@
Damien Miller58f1baf2011-05-05 14:06:15 +100021 - stevesk@cvs.openbsd.org 2011/03/23 15:16:22
22 [ssh-keygen.1 ssh-keygen.c]
23 Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa)
24 for which host keys do not exist, generate the host keys with the
25 default key file path, an empty passphrase, default bits for the key
26 type, and default comment. This will be used by /etc/rc to generate
27 new host keys. Idea from deraadt.
28 ok deraadt
Damien Miller4a4d1612011-05-05 14:06:39 +100029 - stevesk@cvs.openbsd.org 2011/03/23 16:24:56
30 [ssh-keygen.1]
31 -q not used in /etc/rc now so remove statement.
Damien Miller11143192011-05-05 14:13:25 +100032 - stevesk@cvs.openbsd.org 2011/03/23 16:50:04
33 [ssh-keygen.c]
34 remove -d, documentation removed >10 years ago; ok markus
Damien Miller3ca1eb32011-05-05 14:13:50 +100035 - jmc@cvs.openbsd.org 2011/03/24 15:29:30
36 [ssh-keygen.1]
37 zap trailing whitespace;
Damien Miller044f4a62011-05-05 14:14:08 +100038 - stevesk@cvs.openbsd.org 2011/03/24 22:14:54
39 [ssh-keygen.c]
40 use strcasecmp() for "clear" cert permission option also; ok djm
Damien Miller91475862011-05-05 14:14:34 +100041 - stevesk@cvs.openbsd.org 2011/03/29 18:54:17
42 [misc.c misc.h servconf.c]
43 print ipqos friendly string for sshd -T; ok markus
44 # sshd -Tf sshd_config|grep ipqos
45 ipqos lowdelay throughput
Damien Miller884b63a2011-05-05 14:14:52 +100046 - djm@cvs.openbsd.org 2011/04/12 04:23:50
47 [ssh-keygen.c]
48 fix -Wshadow
Damien Miller68790fe2011-05-05 11:19:13 +100049
Darren Tuckere541aaa2011-02-21 21:41:29 +11005020110221
51 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
52 Cygwin-specific service installer script ssh-host-config. The actual
53 functionality is the same, the revisited version is just more
54 exact when it comes to check for problems which disallow to run
55 certain aspects of the script. So, part of this script and the also
56 rearranged service helper script library "csih" is to check if all
57 the tools required to run the script are available on the system.
58 The new script also is more thorough to inform the user why the
59 script failed. Patch from vinschen at redhat com.
60
Damien Miller0588beb2011-02-18 09:18:45 +11006120110218
62 - OpenBSD CVS Sync
63 - djm@cvs.openbsd.org 2011/02/16 00:31:14
64 [ssh-keysign.c]
65 make hostbased auth with ECDSA keys work correctly. Based on patch
66 by harvey.eneman AT oracle.com in bz#1858; ok markus@ (pre-lock)
67
Darren Tucker3b9617e2011-02-06 13:24:35 +11006820110206
69 - (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in
70 selinux code. Patch from Leonardo Chiquitto
Darren Tuckerea676a62011-02-06 13:31:23 +110071 - (dtucker) [contrib/cygwin/ssh-{host,user}-config] Add ECDSA key
72 generation and simplify. Patch from Corinna Vinschen.
Darren Tucker3b9617e2011-02-06 13:24:35 +110073
Damien Millerb407dd82011-02-04 11:46:39 +11007420110204
75 - OpenBSD CVS Sync
76 - djm@cvs.openbsd.org 2011/01/31 21:42:15
77 [PROTOCOL.mux]
78 cut'n'pasto; from bert.wesarg AT googlemail.com
Damien Miller0a5f0122011-02-04 11:47:01 +110079 - djm@cvs.openbsd.org 2011/02/04 00:44:21
80 [key.c]
81 fix uninitialised nonce variable; reported by Mateusz Kocielski
Damien Millera6981272011-02-04 11:47:20 +110082 - djm@cvs.openbsd.org 2011/02/04 00:44:43
83 [version.h]
84 openssh-5.8
Damien Miller0d30b092011-02-04 12:43:36 +110085 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
86 [contrib/suse/openssh.spec] update versions in docs and spec files.
87 - Release OpenSSH 5.8p1
Damien Millerb407dd82011-02-04 11:46:39 +110088
Damien Millerd4a55042011-01-28 10:30:18 +11008920110128
90 - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
91 before attempting setfscreatecon(). Check whether matchpathcon()
92 succeeded before using its result. Patch from cjwatson AT debian.org;
93 bz#1851
94
Tim Riced069c482011-01-26 12:32:12 -08009520110127
96 - (tim) [config.guess config.sub] Sync with upstream.
Tim Rice648f8762011-01-26 12:38:57 -080097 - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete
98 AC_TRY_COMPILE with AC_COMPILE_IFELSE, updated obsolete AC_TRY_LINK with
99 AC_LINK_IFELSE, updated obsolete AC_TRY_RUN with AC_RUN_IFELSE, misc white
100 space changes for consistency/readability. Makes autoconf 2.68 happy.
101 "Nice work" djm
Tim Riced069c482011-01-26 12:32:12 -0800102
Damien Miller71adf122011-01-25 12:16:15 +110010320110125
104 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
105 openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
106 port-linux.c to avoid compilation errors. Add -lselinux to ssh when
107 building with SELinux support to avoid linking failure; report from
108 amk AT spamfence.net; ok dtucker
109
Darren Tucker79241372011-01-22 09:37:01 +110011020110122
111 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
112 RSA_get_default_method() for the benefit of openssl versions that don't
113 have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott,
114 ok djm@.
Damien Millerad4b1ad2011-01-22 20:21:33 +1100115 - OpenBSD CVS Sync
116 - djm@cvs.openbsd.org 2011/01/22 09:18:53
117 [version.h]
118 crank to OpenSSH-5.7
Damien Miller966accc2011-01-22 20:23:10 +1100119 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
120 [contrib/suse/openssh.spec] update versions in docs and spec files.
Damien Miller6f8f04b2011-01-22 20:25:11 +1100121 - (djm) Release 5.7p1
Darren Tucker79241372011-01-22 09:37:01 +1100122
Tim Rice15e1b4d2011-01-18 20:47:04 -080012320110119
124 - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
125 of RPM so build completes. Signatures were changed to .asc since 4.1p1.
Damien Millere323ebc2011-01-19 23:12:27 +1100126 - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to
127 0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre-
128 release testing (random crashes and failure to load ECC keys).
129 ok dtucker@
Tim Rice15e1b4d2011-01-18 20:47:04 -0800130
Damien Miller369c0e82011-01-17 10:51:40 +110013120110117
132 - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in
133 $PATH, fix cleanup of droppings; reported by openssh AT
134 roumenpetrov.info; ok dtucker@
Damien Millerfd3669e2011-01-17 11:20:18 +1100135 - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding
136 its unique snowflake of a gdb error to the ones we look for.
Damien Miller1ccbfa82011-01-17 11:52:40 +1100137 - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running
138 ssh-add to avoid $SUDO failures on Linux
Darren Tucker0c93adc2011-01-17 11:55:59 +1100139 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new
140 Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
141 to the old values. Feedback from vapier at gentoo org and djm, ok djm.
Damien Miller58497782011-01-17 16:17:09 +1100142 - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh]
143 [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
144 disabled on platforms that do not support them; add a "config_defined()"
145 shell function that greps for defines in config.h and use them to decide
146 on feature tests.
147 Convert a couple of existing grep's over config.h to use the new function
148 Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
149 backslash characters in filenames, enable it for Cygwin and use it to turn
150 of tests for quotes backslashes in sftp-glob.sh.
151 based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@
Tim Rice6dfcd342011-01-16 22:53:56 -0800152 - (tim) [regress/agent-getpeereid.sh] shell portability fix.
Darren Tucker263d43d2011-01-17 18:50:22 +1100153 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
154 the tinderbox.
Darren Tuckerea52a822011-01-17 21:15:27 +1100155 - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
156 configure.ac defines.h loginrec.c] Bug #1402: add linux audit subsystem
157 support, based on patches from Tomas Mraz and jchadima at redhat.
Damien Miller369c0e82011-01-17 10:51:40 +1100158
Darren Tucker50c61f82011-01-16 18:28:09 +110015920110116
160 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
161 on configurations that don't have it.
Damien Miller4791f9d2011-01-16 23:16:53 +1100162 - OpenBSD CVS Sync
163 - djm@cvs.openbsd.org 2011/01/16 11:50:05
164 [clientloop.c]
165 Use atomicio when flushing protocol 1 std{out,err} buffers at
166 session close. This was a latent bug exposed by setting a SIGCHLD
167 handler and spotted by kevin.brott AT gmail.com; ok dtucker@
Damien Miller6fb6fd52011-01-16 23:17:45 +1100168 - djm@cvs.openbsd.org 2011/01/16 11:50:36
169 [sshconnect.c]
170 reset the SIGPIPE handler when forking to execute child processes;
171 ok dtucker@
Damien Millercfd6e4f2011-01-16 23:18:33 +1100172 - djm@cvs.openbsd.org 2011/01/16 12:05:59
173 [clientloop.c]
174 a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
175 now that we use atomicio(), convert them from while loops to if statements
176 add test and cast to compile cleanly with -Wsigned
Darren Tucker50c61f82011-01-16 18:28:09 +1100177
Darren Tucker08f83882011-01-16 18:24:04 +110017820110114
Damien Miller445c9a52011-01-14 12:01:29 +1100179 - OpenBSD CVS Sync
180 - djm@cvs.openbsd.org 2011/01/13 21:54:53
181 [mux.c]
182 correct error messages; patch from bert.wesarg AT googlemail.com
Damien Miller42747df2011-01-14 12:01:50 +1100183 - djm@cvs.openbsd.org 2011/01/13 21:55:25
184 [PROTOCOL.mux]
185 correct protocol names and add a couple of missing protocol number
186 defines; patch from bert.wesarg AT googlemail.com
Damien Millere9b40482011-01-14 14:47:37 +1100187 - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in
188 host-key-force target rather than a substitution that is replaced with a
189 comment so that the Makefile.in is still a syntactically valid Makefile
190 (useful to run the distprep target)
Tim Rice02d99da2011-01-13 22:20:27 -0800191 - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.
Tim Ricec5c346b2011-01-13 22:36:14 -0800192 - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some
193 ecdsa bits.
Damien Miller445c9a52011-01-14 12:01:29 +1100194
Darren Tucker08f83882011-01-16 18:24:04 +110019520110113
Damien Miller1708cb72011-01-13 12:21:34 +1100196 - (djm) [misc.c] include time.h for nanosleep() prototype
Tim Ricecce927c2011-01-12 19:06:31 -0800197 - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm
Tim Rice9b87a5c2011-01-12 22:35:43 -0800198 - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
199 ecdsa keys. ok djm.
Damien Millerff22df52011-01-13 21:05:27 +1100200 - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
201 gcc warning on platforms where it defaults to int
Damien Millercbaf8e62011-01-13 21:08:27 +1100202 - (djm) [regress/Makefile] add a few more generated files to the clean
203 target
Damien Miller9b160862011-01-13 22:00:20 +1100204 - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad
205 #define that was causing diffie-hellman-group-exchange-sha256 to be
206 incorrectly disabled
Damien Miller52788062011-01-13 22:05:14 +1100207 - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
208 should not depend on ECC support
Damien Miller1708cb72011-01-13 12:21:34 +1100209
Darren Tucker08f83882011-01-16 18:24:04 +110021020110112
Damien Millerb66e9172011-01-12 13:30:18 +1100211 - OpenBSD CVS Sync
212 - nicm@cvs.openbsd.org 2010/10/08 21:48:42
213 [openbsd-compat/glob.c]
214 Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
215 from ARG_MAX to 64K.
216 Fixes glob-using programs (notably ftp) able to be triggered to hit
217 resource limits.
218 Idea from a similar NetBSD change, original problem reported by jasper@.
219 ok millert tedu jasper
Damien Miller4927aaf2011-01-12 13:32:03 +1100220 - djm@cvs.openbsd.org 2011/01/12 01:53:14
221 avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
222 and sanity check arguments (these will be unnecessary when we switch
223 struct glob members from being type into to size_t in the future);
224 "looks ok" tedu@ feedback guenther@
Damien Miller945aa0c2011-01-12 13:34:02 +1100225 - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
226 silly warnings on write() calls we don't care succeed or not.
Damien Miller134d02a2011-01-12 16:00:37 +1100227 - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler
228 flag tests that don't depend on gcc version at all; suggested by and
229 ok dtucker@
Damien Millerb66e9172011-01-12 13:30:18 +1100230
Tim Rice076a3b92011-01-10 12:56:26 -080023120110111
232 - (tim) [regress/host-expand.sh] Fix for building outside of read only
233 source tree.
Damien Miller81ad4b12011-01-11 17:02:23 +1100234 - (djm) [platform.c] Some missing includes that show up under -Werror
Damien Millerb73b6fd2011-01-11 17:18:56 +1100235 - OpenBSD CVS Sync
236 - djm@cvs.openbsd.org 2011/01/08 10:51:51
237 [clientloop.c]
238 use host and not options.hostname, as the latter may have unescaped
239 substitution characters
Damien Millera256c8d2011-01-11 17:20:05 +1100240 - djm@cvs.openbsd.org 2011/01/11 06:06:09
241 [sshlogin.c]
242 fd leak on error paths; from zinovik@
243 NB. Id sync only; we use loginrec.c that was also audited and fixed
244 recently
Damien Miller821de0a2011-01-11 17:20:29 +1100245 - djm@cvs.openbsd.org 2011/01/11 06:13:10
246 [clientloop.c ssh-keygen.c sshd.c]
247 some unsigned long long casts that make things a bit easier for
248 portable without resorting to dropping PRIu64 formats everywhere
Tim Rice076a3b92011-01-10 12:56:26 -0800249
Damien Millere63b7f22011-01-09 09:19:50 +110025020110109
251 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by
252 openssh AT roumenpetrov.info
253
Damien Miller996384d2011-01-08 21:58:20 +110025420110108
255 - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress
256 test on OSX and others. Reported by imorgan AT nas.nasa.gov
257
Damien Miller322125b2011-01-07 09:50:08 +110025820110107
259 - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test
260 for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
Damien Miller83f8a402011-01-07 09:51:17 +1100261 - djm@cvs.openbsd.org 2011/01/06 22:23:53
262 [ssh.c]
263 unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
264 googlemail.com; ok markus@
Damien Miller64abf312011-01-07 09:51:52 +1100265 - djm@cvs.openbsd.org 2011/01/06 22:23:02
266 [clientloop.c]
267 when exiting due to ServerAliveTimeout, mention the hostname that caused
268 it (useful with backgrounded controlmaster)
Damien Miller7d06b002011-01-07 09:54:20 +1100269 - djm@cvs.openbsd.org 2011/01/06 22:46:21
270 [regress/Makefile regress/host-expand.sh]
271 regress test for LocalCommand %n expansion from bert.wesarg AT
272 googlemail.com; ok markus@
Damien Millered3a8eb2011-01-07 10:02:52 +1100273 - djm@cvs.openbsd.org 2011/01/06 23:01:35
274 [sshconnect.c]
275 reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
276 ok markus@
Damien Miller322125b2011-01-07 09:50:08 +1100277
Damien Millerf1211432011-01-06 22:40:30 +110027820110106
279 - (djm) OpenBSD CVS Sync
280 - markus@cvs.openbsd.org 2010/12/08 22:46:03
281 [scp.1 scp.c]
282 add a new -3 option to scp: Copies between two remote hosts are
283 transferred through the local host. Without this option the data
284 is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
Damien Miller907998d2011-01-06 22:41:21 +1100285 - jmc@cvs.openbsd.org 2010/12/09 14:13:33
286 [scp.1 scp.c]
287 scp.1: grammer fix
288 scp.c: add -3 to usage()
Damien Miller05c89972011-01-06 22:42:04 +1100289 - markus@cvs.openbsd.org 2010/12/14 11:59:06
290 [sshconnect.c]
291 don't mention key type in key-changed-warning, since we also print
292 this warning if a new key type appears. ok djm@
Damien Miller106079c2011-01-06 22:43:44 +1100293 - djm@cvs.openbsd.org 2010/12/15 00:49:27
294 [readpass.c]
295 fix ControlMaster=ask regression
296 reset SIGCHLD handler before fork (and restore it after) so we don't miss
297 the the askpass child's exit status. Correct test for exit status/signal to
298 account for waitpid() failure; with claudio@ ok claudio@ markus@
Damien Millerde53fd02011-01-06 22:44:18 +1100299 - djm@cvs.openbsd.org 2010/12/24 21:41:48
300 [auth-options.c]
301 don't send the actual forced command in a debug message; ok markus deraadt
Damien Miller8ad960b2011-01-06 22:44:44 +1100302 - otto@cvs.openbsd.org 2011/01/04 20:44:13
303 [ssh-keyscan.c]
304 handle ecdsa-sha2 with various key lengths; hint and ok djm@
Damien Millerf1211432011-01-06 22:40:30 +1100305
Damien Miller30a69e72011-01-04 08:16:27 +110030620110104
307 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
308 formatter if it is present, followed by nroff and groff respectively.
309 Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
310 in favour of mandoc). feedback and ok tim
311
31220110103
Damien Millerd197fd62011-01-03 14:48:14 +1100313 - (djm) [Makefile.in] revert local hack I didn't intend to commit
314
31520110102
Damien Miller4a06f922011-01-02 21:43:59 +1100316 - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker
Damien Miller41bccf72011-01-02 21:53:07 +1100317 - (djm) [configure.ac] Check whether libdes is needed when building
318 with Heimdal krb5 support. On OpenBSD this library no longer exists,
319 so linking it unconditionally causes a build failure; ok dtucker
Damien Miller4a06f922011-01-02 21:43:59 +1100320
Damien Miller928362d2010-12-26 14:26:45 +110032120101226
322 - (dtucker) OpenBSD CVS Sync
323 - djm@cvs.openbsd.org 2010/12/08 04:02:47
324 [ssh_config.5 sshd_config.5]
325 explain that IPQoS arguments are separated by whitespace; iirc requested
326 by jmc@ a while back
327
Darren Tucker37bb7562010-12-05 08:46:05 +110032820101205
329 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from
330 debugging. Spotted by djm.
Darren Tucker7336b902010-12-05 09:00:30 +1100331 - (dtucker) OpenBSD CVS Sync
332 - djm@cvs.openbsd.org 2010/12/03 23:49:26
333 [schnorr.c]
334 check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao
335 (this code is still disabled, but apprently people are treating it as
336 a reference implementation)
Darren Tuckeradab6f12010-12-05 09:01:47 +1100337 - djm@cvs.openbsd.org 2010/12/03 23:55:27
338 [auth-rsa.c]
339 move check for revoked keys to run earlier (in auth_rsa_key_allowed)
340 bz#1829; patch from ldv AT altlinux.org; ok markus@
Darren Tuckeraf1f9092010-12-05 09:02:47 +1100341 - djm@cvs.openbsd.org 2010/12/04 00:18:01
342 [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
343 add a protocol extension to support a hard link operation. It is
344 available through the "ln" command in the client. The old "ln"
345 behaviour of creating a symlink is available using its "-s" option
346 or through the preexisting "symlink" command; based on a patch from
347 miklos AT szeredi.hu in bz#1555; ok markus@
Darren Tucker094f1e92010-12-05 09:03:31 +1100348 - djm@cvs.openbsd.org 2010/12/04 13:31:37
349 [hostfile.c]
350 fix fd leak; spotted and ok dtucker
Darren Tucker4288c532010-12-05 09:45:50 +1100351 - djm@cvs.openbsd.org 2010/12/04 00:21:19
352 [regress/sftp-cmds.sh]
353 adjust for hard-link support
Darren Tucker7e1a5a42010-12-05 09:29:31 +1100354 - (dtucker) [regress/Makefile] Id sync.
Darren Tucker37bb7562010-12-05 08:46:05 +1100355
Damien Millerd89745b2010-12-03 10:50:26 +110035620101204
357 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
358 instead of (arc4random() % range)
Darren Tuckerebdef762010-12-04 23:20:50 +1100359 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] Add
360 shims for the new, non-deprecated OpenSSL key generation functions for
361 platforms that don't have the new interfaces.
Damien Millerd89745b2010-12-03 10:50:26 +1100362
Damien Miller188ea812010-12-01 11:50:14 +110036320101201
364 - OpenBSD CVS Sync
365 - deraadt@cvs.openbsd.org 2010/11/20 05:12:38
366 [auth2-pubkey.c]
367 clean up cases of ;;
Damien Miller2cd62932010-12-01 11:50:35 +1100368 - djm@cvs.openbsd.org 2010/11/21 01:01:13
369 [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
370 honour $TMPDIR for client xauth and ssh-agent temporary directories;
371 feedback and ok markus@
Damien Millera2327922010-12-01 12:01:21 +1100372 - djm@cvs.openbsd.org 2010/11/21 10:57:07
373 [authfile.c]
374 Refactor internals of private key loading and saving to work on memory
375 buffers rather than directly on files. This will make a few things
376 easier to do in the future; ok markus@
Damien Miller6a740e72010-12-01 12:01:51 +1100377 - djm@cvs.openbsd.org 2010/11/23 02:35:50
378 [auth.c]
379 use strict_modes already passed as function argument over referencing
380 global options.strict_modes
Damien Millerd0fdd682010-12-01 12:02:14 +1100381 - djm@cvs.openbsd.org 2010/11/23 23:57:24
382 [clientloop.c]
383 avoid NULL deref on receiving a channel request on an unknown or invalid
384 channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
Damien Millerb7f827a2010-12-01 12:02:35 +1100385 - djm@cvs.openbsd.org 2010/11/24 01:24:14
386 [channels.c]
387 remove a debug() that pollutes stderr on client connecting to a server
388 in debug mode (channel_close_fds is called transitively from the session
389 code post-fork); bz#1719, ok dtucker
Damien Millerf80c3de2010-12-01 12:02:59 +1100390 - djm@cvs.openbsd.org 2010/11/25 04:10:09
391 [session.c]
392 replace close() loop for fds 3->64 with closefrom();
393 ok markus deraadt dtucker
Damien Miller87dc0a42010-12-01 12:03:19 +1100394 - djm@cvs.openbsd.org 2010/11/26 05:52:49
395 [scp.c]
396 Pass through ssh command-line flags and options when doing remote-remote
397 transfers, e.g. to enable agent forwarding which is particularly useful
398 in this case; bz#1837 ok dtucker@
Damien Miller03c0e532010-12-01 12:03:39 +1100399 - markus@cvs.openbsd.org 2010/11/29 18:57:04
400 [authfile.c]
401 correctly load comment for encrypted rsa1 keys;
402 report/fix Joachim Schipper; ok djm@
Damien Millerd925dcd2010-12-01 12:21:51 +1100403 - djm@cvs.openbsd.org 2010/11/29 23:45:51
404 [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c]
405 [sshconnect.h sshconnect2.c]
406 automatically order the hostkeys requested by the client based on
407 which hostkeys are already recorded in known_hosts. This avoids
408 hostkey warnings when connecting to servers with new ECDSA keys
409 that are preferred by default; with markus@
Damien Miller188ea812010-12-01 11:50:14 +1100410
Darren Tuckerd9957122010-11-24 10:09:13 +110041120101124
412 - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
413 into the platform-specific code Only affects SCO, tested by and ok tim@.
Damien Miller88e341e2010-11-24 10:36:15 +1100414 - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
415 group read/write. ok dtucker@
Darren Tucker4b6cbf72010-11-24 10:46:37 +1100416 - (dtucker) [packet.c] Remove redundant local declaration of "int tos".
Damien Miller73de86a2010-11-24 10:50:04 +1100417 - (djm) [defines.h] Add IP DSCP defines
Darren Tuckerd9957122010-11-24 10:09:13 +1100418
Darren Tucker9e0ff7a2010-11-22 17:59:00 +110041920101122
420 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
421 from vapier at gentoo org.
422
Damien Miller7a221a12010-11-20 15:14:29 +110042320101120
424 - OpenBSD CVS Sync
425 - djm@cvs.openbsd.org 2010/11/05 02:46:47
426 [packet.c]
427 whitespace KNF
Damien Miller4499f4c2010-11-20 15:15:49 +1100428 - djm@cvs.openbsd.org 2010/11/10 01:33:07
429 [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c]
430 use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED.
431 these have been around for years by this time. ok markus
Damien Miller0dac6fb2010-11-20 15:19:38 +1100432 - djm@cvs.openbsd.org 2010/11/13 23:27:51
433 [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
434 [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
435 allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
436 hardcoding lowdelay/throughput.
437
438 bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
Damien Miller8e1ea4e2010-11-20 15:20:10 +1100439 - jmc@cvs.openbsd.org 2010/11/15 07:40:14
440 [ssh_config.5]
441 libary -> library;
Damien Miller0a184732010-11-20 15:21:03 +1100442 - jmc@cvs.openbsd.org 2010/11/18 15:01:00
443 [scp.1 sftp.1 ssh.1 sshd_config.5]
444 add IPQoS to the various -o lists, and zap some trailing whitespace;
Damien Miller7a221a12010-11-20 15:14:29 +1100445
Damien Millerdd190dd2010-11-11 14:17:02 +110044620101111
447 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
448 platforms that don't support ECC. Fixes some spurious warnings reported
449 by tim@
450
Tim Ricee426f5e2010-11-08 09:15:14 -080045120101109
452 - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
453 Feedback from dtucker@
Tim Ricec7a8af02010-11-08 14:26:23 -0800454 - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add
455 support for platforms missing isblank(). ok djm@
Tim Ricee426f5e2010-11-08 09:15:14 -0800456
Tim Rice522262f2010-11-07 13:00:27 -080045720101108
458 - (tim) [regress/Makefile] Fixes to allow building/testing outside source
459 tree.
Tim Ricec10aeaa2010-11-07 13:03:11 -0800460 - (tim) [regress/kextype.sh] Shell portability fix.
Tim Rice522262f2010-11-07 13:00:27 -0800461
Darren Tuckerd1ece6e2010-11-07 18:05:54 +110046220101107
463 - (dtucker) [platform.c] includes.h instead of defines.h so that we get
464 the correct typedefs.
465
Damien Miller3a0e9f62010-11-05 10:16:34 +110046620101105
Damien Miller34ee4202010-11-05 10:52:37 +1100467 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of
468 int. Should fix bz#1817 cleanly; ok dtucker@
Damien Miller3a0e9f62010-11-05 10:16:34 +1100469 - OpenBSD CVS Sync
470 - djm@cvs.openbsd.org 2010/09/22 12:26:05
471 [regress/Makefile regress/kextype.sh]
472 regress test for each of the key exchange algorithms that we support
Damien Millerb472a902010-11-05 10:19:49 +1100473 - djm@cvs.openbsd.org 2010/10/28 11:22:09
474 [authfile.c key.c key.h ssh-keygen.c]
475 fix a possible NULL deref on loading a corrupt ECDH key
476
477 store ECDH group information in private keys files as "named groups"
478 rather than as a set of explicit group parameters (by setting
479 the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
480 retrieves the group's OpenSSL NID that we need for various things.
Damien Miller55fa5652010-11-05 10:20:14 +1100481 - jmc@cvs.openbsd.org 2010/10/28 18:33:28
482 [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
483 knock out some "-*- nroff -*-" lines;
Damien Miller07331212010-11-05 10:20:31 +1100484 - djm@cvs.openbsd.org 2010/11/04 02:45:34
485 [sftp-server.c]
486 umask should be parsed as octal. reported by candland AT xmission.com;
487 ok markus@
Darren Tucker97528352010-11-05 12:03:05 +1100488 - (dtucker) [configure.ac platform.{c,h} session.c
489 openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
490 Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
491 ok djm@
Darren Tucker920612e2010-11-05 12:36:15 +1100492 - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
493 after the user's groups are established and move the selinux calls into it.
Darren Tucker4db38072010-11-05 12:41:13 +1100494 - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
495 platform.c
Darren Tucker44a97be2010-11-05 12:45:18 +1100496 - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
Darren Tuckerfd4d8aa2010-11-05 12:50:41 +1100497 - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
498 retain previous behavior.
Darren Tucker728d8372010-11-05 13:00:05 +1100499 - (dtucker) [platform.c session.c] Move the PAM credential establishment for
500 the LOGIN_CAP case into platform.c.
Darren Tucker7a8afe32010-11-05 13:07:24 +1100501 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
502 platform.c
Darren Tucker0b2ee642010-11-05 13:29:25 +1100503 - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c.
504 - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
505 platform.c.
Darren Tuckercc124182010-11-05 13:32:52 +1100506 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
507 non-LOGIN_CAP case into platform.c.
Darren Tuckerb12fe272010-11-05 14:47:01 +1100508 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
509 check into platform.c
Darren Tuckerb69e0332010-11-05 18:19:15 +1100510 - (dtucker) [regress/keytype.sh] Import new test.
Darren Tuckereab5f0d2010-11-05 18:23:38 +1100511 - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]
512 Import recent changes to regress/Makefile, pass a flag to enable ECC tests
513 from configure through to regress/Makefile and use it in the tests.
Darren Tucker345178d2010-11-05 18:35:52 +1100514 - (dtucker) [regress/kextype.sh] Add missing "test".
Darren Tuckerf619d1c2010-11-05 18:41:50 +1100515 - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not
516 strictly correct since while ECC requires sha256 the reverse is not true
517 however it does prevent spurious test failures.
Darren Tucker9283d8c2010-11-05 18:56:08 +1100518 - (dtucker) [platform.c] Need servconf.h and extern options.
Damien Miller3a0e9f62010-11-05 10:16:34 +1100519
Tim Ricebdd3e672010-10-24 18:35:55 -070052020101025
521 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
522 1.12 to unbreak Solaris build.
523 ok djm@
Darren Tucker54b1f312010-10-25 16:54:28 +1100524 - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a
525 native one.
Tim Ricebdd3e672010-10-24 18:35:55 -0700526
Darren Tuckera5393932010-10-24 10:47:30 +110052720101024
528 - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.
Darren Tuckerbfd9b1b2010-10-24 11:19:26 +1100529 - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms
530 which don't have ECC support in libcrypto.
Darren Tuckerd633fef2010-10-24 11:33:07 +1100531 - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms
532 which don't have ECC support in libcrypto.
Darren Tucker7bc236d2010-10-24 11:58:43 +1100533 - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't
534 have it.
Darren Tuckerd78739a2010-10-24 10:56:32 +1100535 - (dtucker) OpenBSD CVS Sync
536 - sthen@cvs.openbsd.org 2010/10/23 22:06:12
537 [sftp.c]
538 escape '[' in filename tab-completion; fix a type while there.
539 ok djm@
Darren Tuckera5393932010-10-24 10:47:30 +1100540
Damien Miller68512c02010-10-21 15:21:11 +110054120101021
542 - OpenBSD CVS Sync
543 - dtucker@cvs.openbsd.org 2010/10/12 02:22:24
544 [mux.c]
545 Typo in confirmation message. bz#1827, patch from imorgan at
546 nas nasa gov
Damien Miller6fd2d7d2010-10-21 15:27:14 +1100547 - djm@cvs.openbsd.org 2010/08/31 12:24:09
548 [regress/cert-hostkey.sh regress/cert-userkey.sh]
549 tests for ECDSA certificates
Damien Miller68512c02010-10-21 15:21:11 +1100550
Damien Miller1f789802010-10-11 22:35:22 +110055120101011
Damien Miller47e57bf2010-10-12 13:28:12 +1100552 - (djm) [canohost.c] Zero a4 instead of addr to better match type.
553 bz#1825, reported by foo AT mailinator.com
Damien Miller9c0c31d2010-10-12 13:30:44 +1100554 - (djm) [sshconnect.c] Need signal.h for prototype for kill(2)
Damien Miller47e57bf2010-10-12 13:28:12 +1100555
55620101011
Damien Miller1f789802010-10-11 22:35:22 +1100557 - (djm) [configure.ac] Use = instead of == in shell tests. Patch from
558 dr AT vasco.com
559
Damien Milleraa180632010-10-07 21:25:27 +110056020101007
Damien Miller9a3d0dc2010-10-07 22:06:42 +1100561 - (djm) [ssh-agent.c] Fix type for curve name.
Damien Milleraa180632010-10-07 21:25:27 +1100562 - (djm) OpenBSD CVS Sync
563 - matthew@cvs.openbsd.org 2010/09/24 13:33:00
564 [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
565 [openbsd-compat/timingsafe_bcmp.c]
566 Add timingsafe_bcmp(3) to libc, mention that it's already in the
567 kernel in kern(9), and remove it from OpenSSH.
568 ok deraadt@, djm@
569 NB. re-added under openbsd-compat/ for portable OpenSSH
Damien Millera6e121a2010-10-07 21:39:17 +1100570 - djm@cvs.openbsd.org 2010/09/25 09:30:16
571 [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
572 make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
573 rountrips to fetch per-file stat(2) information.
574 NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
575 match.
Damien Miller68e2e562010-10-07 21:39:55 +1100576 - djm@cvs.openbsd.org 2010/09/26 22:26:33
577 [sftp.c]
578 when performing an "ls" in columnated (short) mode, only call
579 ioctl(TIOCGWINSZ) once to get the window width instead of per-
580 filename
Damien Millerc54b02c2010-10-07 21:40:17 +1100581 - djm@cvs.openbsd.org 2010/09/30 11:04:51
582 [servconf.c]
583 prevent free() of string in .rodata when overriding AuthorizedKeys in
584 a Match block; patch from rein AT basefarm.no
Damien Miller9a3d0dc2010-10-07 22:06:42 +1100585 - djm@cvs.openbsd.org 2010/10/01 23:05:32
586 [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
587 adapt to API changes in openssl-1.0.0a
588 NB. contains compat code to select correct API for older OpenSSL
Damien Miller38d9a962010-10-07 22:07:11 +1100589 - djm@cvs.openbsd.org 2010/10/05 05:13:18
590 [sftp.c sshconnect.c]
591 use default shell /bin/sh if $SHELL is ""; ok markus@
Damien Millera41ccca2010-10-07 22:07:32 +1100592 - djm@cvs.openbsd.org 2010/10/06 06:39:28
593 [clientloop.c ssh.c sshconnect.c sshconnect.h]
594 kill proxy command on fatal() (we already kill it on clean exit);
595 ok markus@
Damien Miller45fcdaa2010-10-07 22:07:58 +1100596 - djm@cvs.openbsd.org 2010/10/06 21:10:21
597 [sshconnect.c]
598 swapped args to kill(2)
Damien Miller37f4f182010-10-07 22:10:38 +1100599 - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.
Damien Miller80e99532010-10-07 22:12:08 +1100600 - (djm) [cipher-acss.c] Add missing header.
Damien Miller88b844f2010-10-07 22:19:23 +1100601 - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp
Damien Milleraa180632010-10-07 21:25:27 +1100602
Damien Miller6186bbc2010-09-24 22:00:54 +100060320100924
604 - (djm) OpenBSD CVS Sync
605 - naddy@cvs.openbsd.org 2010/09/10 15:19:29
606 [ssh-keygen.1]
607 * mention ECDSA in more places
608 * less repetition in FILES section
609 * SSHv1 keys are still encrypted with 3DES
610 help and ok jmc@
Damien Miller1ca94692010-09-24 22:01:22 +1000611 - djm@cvs.openbsd.org 2010/09/11 21:44:20
612 [ssh.1]
613 mention RFC 5656 for ECC stuff
Damien Miller881adf72010-09-24 22:01:54 +1000614 - jmc@cvs.openbsd.org 2010/09/19 21:30:05
615 [sftp.1]
616 more wacky macro fixing;
Damien Miller857b02e2010-09-24 22:02:56 +1000617 - djm@cvs.openbsd.org 2010/09/20 04:41:47
618 [ssh.c]
619 install a SIGCHLD handler to reap expiried child process; ok markus@
Damien Millerf7540cd2010-09-24 22:03:24 +1000620 - djm@cvs.openbsd.org 2010/09/20 04:50:53
621 [jpake.c schnorr.c]
622 check that received values are smaller than the group size in the
623 disabled and unfinished J-PAKE code.
624 avoids catastrophic security failure found by Sebastien Martini
Damien Miller18e1cab2010-09-24 22:07:17 +1000625 - djm@cvs.openbsd.org 2010/09/20 04:54:07
626 [jpake.c]
627 missing #include
Damien Miller603134e2010-09-24 22:07:55 +1000628 - djm@cvs.openbsd.org 2010/09/20 07:19:27
629 [mux.c]
630 "atomically" create the listening mux socket by binding it on a temorary
631 name and then linking it into position after listen() has succeeded.
632 this allows the mux clients to determine that the server socket is
633 either ready or stale without races. stale server sockets are now
634 automatically removed
635 ok deraadt
Damien Millerd5f62bf2010-09-24 22:11:14 +1000636 - djm@cvs.openbsd.org 2010/09/22 05:01:30
637 [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
638 [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
639 add a KexAlgorithms knob to the client and server configuration to allow
640 selection of which key exchange methods are used by ssh(1) and sshd(8)
641 and their order of preference.
642 ok markus@
Damien Miller7fe2b1f2010-09-24 22:11:53 +1000643 - jmc@cvs.openbsd.org 2010/09/22 08:30:08
644 [ssh.1 ssh_config.5]
645 ssh.1: add kexalgorithms to the -o list
646 ssh_config.5: format the kexalgorithms in a more consistent
647 (prettier!) way
648 ok djm
Damien Miller65e42f82010-09-24 22:15:11 +1000649 - djm@cvs.openbsd.org 2010/09/22 22:58:51
650 [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
651 [sftp-client.h sftp.1 sftp.c]
652 add an option per-read/write callback to atomicio
653
654 factor out bandwidth limiting code from scp(1) into a generic bandwidth
655 limiter that can be attached using the atomicio callback mechanism
656
657 add a bandwidth limit option to sftp(1) using the above
658 "very nice" markus@
Damien Miller56883e12010-09-24 22:15:39 +1000659 - jmc@cvs.openbsd.org 2010/09/23 13:34:43
660 [sftp.c]
661 add [-l limit] to usage();
Damien Miller2beb32f2010-09-24 22:16:03 +1000662 - jmc@cvs.openbsd.org 2010/09/23 13:36:46
663 [scp.1 sftp.1]
664 add KexAlgorithms to the -o list;
Damien Miller6186bbc2010-09-24 22:00:54 +1000665
Damien Miller4314c2b2010-09-10 11:12:09 +100066620100910
Darren Tucker50e3bab2010-09-10 10:30:25 +1000667 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact
668 return code since it can apparently return -1 under some conditions. From
669 openssh bugs werbittewas de, ok djm@
Damien Miller4314c2b2010-09-10 11:12:09 +1000670 - OpenBSD CVS Sync
671 - djm@cvs.openbsd.org 2010/08/31 12:33:38
672 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
673 reintroduce commit from tedu@, which I pulled out for release
674 engineering:
675 OpenSSL_add_all_algorithms is the name of the function we have a
676 man page for, so use that. ok djm
Damien Millerde735ea2010-09-10 11:12:38 +1000677 - jmc@cvs.openbsd.org 2010/08/31 17:40:54
678 [ssh-agent.1]
679 fix some macro abuse;
Damien Millerd4427902010-09-10 11:15:10 +1000680 - jmc@cvs.openbsd.org 2010/08/31 21:14:58
681 [ssh.1]
682 small text tweak to accommodate previous;
Damien Millere13cadf2010-09-10 11:15:33 +1000683 - naddy@cvs.openbsd.org 2010/09/01 15:21:35
684 [servconf.c]
685 pick up ECDSA host key by default; ok djm@
Damien Miller390f1532010-09-10 11:17:54 +1000686 - markus@cvs.openbsd.org 2010/09/02 16:07:25
Damien Miller57737942010-09-10 11:16:37 +1000687 [ssh-keygen.c]
688 permit -b 256, 384 or 521 as key size for ECDSA; ok djm@
Damien Miller390f1532010-09-10 11:17:54 +1000689 - markus@cvs.openbsd.org 2010/09/02 16:08:39
Damien Miller5929c522010-09-10 11:17:02 +1000690 [ssh.c]
691 unbreak ControlPersist=yes for ControlMaster=yes; ok djm@
Damien Miller6e9f6802010-09-10 11:17:38 +1000692 - naddy@cvs.openbsd.org 2010/09/02 17:21:50
693 [ssh-keygen.c]
694 Switch ECDSA default key size to 256 bits, which according to RFC5656
695 should still be better than our current RSA-2048 default.
696 ok djm@, markus@
Damien Miller390f1532010-09-10 11:17:54 +1000697 - jmc@cvs.openbsd.org 2010/09/03 11:09:29
698 [scp.1]
699 add an EXIT STATUS section for /usr/bin;
Damien Millerdaa7b222010-09-10 11:19:33 +1000700 - jmc@cvs.openbsd.org 2010/09/04 09:38:34
701 [ssh-add.1 ssh.1]
702 two more EXIT STATUS sections;
Damien Miller80ed82a2010-09-10 11:20:11 +1000703 - naddy@cvs.openbsd.org 2010/09/06 17:10:19
704 [sshd_config]
705 add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste
706 <mattieu.b@gmail.com>
707 ok deraadt@
Damien Millerbf0423e2010-09-10 11:20:38 +1000708 - djm@cvs.openbsd.org 2010/09/08 03:54:36
709 [authfile.c]
710 typo
Damien Miller3796ab42010-09-10 11:20:59 +1000711 - deraadt@cvs.openbsd.org 2010/09/08 04:13:31
712 [compress.c]
713 work around name-space collisions some buggy compilers (looking at you
714 gcc, at least in earlier versions, but this does not forgive your current
715 transgressions) seen between zlib and openssl
716 ok djm
Damien Miller041ab7c2010-09-10 11:23:34 +1000717 - djm@cvs.openbsd.org 2010/09/09 10:45:45
718 [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
719 ECDH/ECDSA compliance fix: these methods vary the hash function they use
720 (SHA256/384/512) depending on the length of the curve in use. The previous
721 code incorrectly used SHA256 in all cases.
722
723 This fix will cause authentication failure when using 384 or 521-bit curve
724 keys if one peer hasn't been upgraded and the other has. (256-bit curve
725 keys work ok). In particular you may need to specify HostkeyAlgorithms
726 when connecting to a server that has not been upgraded from an upgraded
727 client.
728
729 ok naddy@
Damien Miller6af914a2010-09-10 11:39:26 +1000730 - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
731 [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
732 [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
733 platforms that don't have the requisite OpenSSL support. ok dtucker@
Darren Tucker8ccb7392010-09-10 12:28:24 +1000734 - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
735 for missing headers and compiler warnings.
Darren Tucker50e3bab2010-09-10 10:30:25 +1000736
73720100831
Damien Millerafdae612010-08-31 22:31:14 +1000738 - OpenBSD CVS Sync
739 - jmc@cvs.openbsd.org 2010/08/08 19:36:30
740 [ssh-keysign.8 ssh.1 sshd.8]
741 use the same template for all FILES sections; i.e. -compact/.Pp where we
742 have multiple items, and .Pa for path names;
Damien Miller9b87e792010-08-31 22:31:37 +1000743 - tedu@cvs.openbsd.org 2010/08/12 23:34:39
744 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
745 OpenSSL_add_all_algorithms is the name of the function we have a man page
746 for, so use that. ok djm
Damien Millerd96546f2010-08-31 22:32:12 +1000747 - djm@cvs.openbsd.org 2010/08/16 04:06:06
748 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
749 backout previous temporarily; discussed with deraadt@
Damien Millerda108ec2010-08-31 22:36:39 +1000750 - djm@cvs.openbsd.org 2010/08/31 09:58:37
751 [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
752 [packet.h ssh-dss.c ssh-rsa.c]
753 Add buffer_get_cstring() and related functions that verify that the
754 string extracted from the buffer contains no embedded \0 characters*
755 This prevents random (possibly malicious) crap from being appended to
756 strings where it would not be noticed if the string is used with
757 a string(3) function.
758
759 Use the new API in a few sensitive places.
760
761 * actually, we allow a single one at the end of the string for now because
762 we don't know how many deployed implementations get this wrong, but don't
763 count on this to remain indefinitely.
Damien Millereb8b60e2010-08-31 22:41:14 +1000764 - djm@cvs.openbsd.org 2010/08/31 11:54:45
765 [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
766 [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
767 [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
768 [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
769 [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
770 [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
771 [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
772 Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
773 host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
774 better performance than plain DH and DSA at the same equivalent symmetric
775 key length, as well as much shorter keys.
776
777 Only the mandatory sections of RFC5656 are implemented, specifically the
778 three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
779 ECDSA. Point compression (optional in RFC5656 is NOT implemented).
780
781 Certificate host and user keys using the new ECDSA key types are supported.
782
783 Note that this code has not been tested for interoperability and may be
784 subject to change.
785
786 feedback and ok markus@
Damien Millerb5a62d02010-08-31 22:47:15 +1000787 - (djm) [Makefile.in] Add new ECC files
Damien Millerc79ff072010-08-31 22:50:48 +1000788 - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include
789 includes.h
Damien Millerafdae612010-08-31 22:31:14 +1000790
Darren Tucker6889abd2010-08-27 10:12:54 +100079120100827
792 - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,
793 remove. Patch from martynas at venck us
794
Damien Millera5362022010-08-23 21:20:20 +100079520100823
796 - (djm) Release OpenSSH-5.6p1
797
Darren Tuckeraa74f672010-08-16 13:15:23 +100079820100816
799 - (dtucker) [configure.ac openbsd-compat/Makefile.in
800 openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to
801 the compat library which helps on platforms like old IRIX. Based on work
802 by djm, tested by Tom Christensen.
Damien Miller00d9ae22010-08-17 01:59:31 +1000803 - OpenBSD CVS Sync
804 - djm@cvs.openbsd.org 2010/08/12 21:49:44
805 [ssh.c]
806 close any extra file descriptors inherited from parent at start and
807 reopen stdin/stdout to /dev/null when forking for ControlPersist.
808
809 prevents tools that fork and run a captive ssh for communication from
810 failing to exit when the ssh completes while they wait for these fds to
811 close. The inherited fds may persist arbitrarily long if a background
812 mux master has been started by ControlPersist. cvs and scp were effected
813 by this.
814
815 "please commit" markus@
Damien Miller07ad3892010-08-17 07:04:28 +1000816 - (djm) [regress/README.regress] typo
Darren Tuckeraa74f672010-08-16 13:15:23 +1000817
Tim Rice722b8d12010-08-12 09:43:13 -070081820100812
819 - (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.sh
820 regress/test-exec.sh] Under certain conditions when testing with sudo
821 tests would fail because the pidfile could not be read by a regular user.
822 "cat: cannot open ...../regress/pidfile: Permission denied (error 13)"
823 Make sure cat is run by $SUDO. no objection from me. djm@
Tim Ricead7d5472010-08-12 10:33:01 -0700824 - (tim) [auth.c] add cast to quiet compiler. Change only affects SVR5 systems.
Tim Rice722b8d12010-08-12 09:43:13 -0700825
Damien Miller7e569b82010-08-09 02:28:37 +100082620100809
Damien Miller2c4b13a2010-08-10 12:47:40 +1000827 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it is
828 already set. Makes FreeBSD user openable tunnels useful; patch from
829 richard.burakowski+ossh AT mrburak.net, ok dtucker@
Darren Tucker02c47342010-08-10 13:36:09 +1000830 - (dtucker) bug #1530: strip trailing ":" from hostname in ssh-copy-id.
831 based in part on a patch from Colin Watson, ok djm@
Damien Miller2c4b13a2010-08-10 12:47:40 +1000832
83320100809
Damien Miller7e569b82010-08-09 02:28:37 +1000834 - OpenBSD CVS Sync
835 - djm@cvs.openbsd.org 2010/08/08 16:26:42
836 [version.h]
837 crank to 5.6
Damien Miller792010b2010-08-09 02:32:05 +1000838 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
839 [contrib/suse/openssh.spec] Crank version numbers
Damien Miller7e569b82010-08-09 02:28:37 +1000840
Damien Miller8e604ac2010-08-09 02:28:10 +100084120100805
Damien Miller7fa96602010-08-05 13:03:13 +1000842 - OpenBSD CVS Sync
843 - djm@cvs.openbsd.org 2010/08/04 05:37:01
844 [ssh.1 ssh_config.5 sshd.8]
845 Remove mentions of weird "addr/port" alternate address format for IPv6
846 addresses combinations. It hasn't worked for ages and we have supported
847 the more commen "[addr]:port" format for a long time. ok jmc@ markus@
Damien Miller1da63882010-08-05 13:03:51 +1000848 - djm@cvs.openbsd.org 2010/08/04 05:40:39
849 [PROTOCOL.certkeys ssh-keygen.c]
850 tighten the rules for certificate encoding by requiring that options
851 appear in lexical order and make our ssh-keygen comply. ok markus@
Damien Millerc1583312010-08-05 13:04:50 +1000852 - djm@cvs.openbsd.org 2010/08/04 05:42:47
853 [auth.c auth2-hostbased.c authfile.c authfile.h ssh-keysign.8]
854 [ssh-keysign.c ssh.c]
855 enable certificates for hostbased authentication, from Iain Morgan;
856 "looks ok" markus@
Damien Miller5458c4d2010-08-05 13:05:15 +1000857 - djm@cvs.openbsd.org 2010/08/04 05:49:22
858 [authfile.c]
859 commited the wrong version of the hostbased certificate diff; this
860 version replaces some strlc{py,at} verbosity with xasprintf() at
861 the request of markus@
Damien Miller757f34e2010-08-05 13:05:31 +1000862 - djm@cvs.openbsd.org 2010/08/04 06:07:11
863 [ssh-keygen.1 ssh-keygen.c]
864 Support CA keys in PKCS#11 tokens; feedback and ok markus@
Damien Millerb89e6b72010-08-05 13:06:20 +1000865 - djm@cvs.openbsd.org 2010/08/04 06:08:40
866 [ssh-keysign.c]
867 clean for -Wuninitialized (Id sync only; portable had this change)
Damien Miller7d457182010-08-05 23:09:48 +1000868 - djm@cvs.openbsd.org 2010/08/05 13:08:42
869 [channels.c]
870 Fix a trio of bugs in the local/remote window calculation for datagram
871 data channels (i.e. TunnelForward):
872
873 Calculate local_consumed correctly in channel_handle_wfd() by measuring
874 the delta to buffer_len(c->output) from when we start to when we finish.
875 The proximal problem here is that the output_filter we use in portable
876 modified the length of the dequeued datagram (to futz with the headers
877 for !OpenBSD).
878
879 In channel_output_poll(), don't enqueue datagrams that won't fit in the
880 peer's advertised packet size (highly unlikely to ever occur) or which
881 won't fit in the peer's remaining window (more likely).
882
883 In channel_input_data(), account for the 4-byte string header in
884 datagram packets that we accept from the peer and enqueue in c->output.
885
886 report, analysis and testing 2/3 cases from wierbows AT us.ibm.com;
887 "looks good" markus@
Damien Miller7fa96602010-08-05 13:03:13 +1000888
Damien Miller8e604ac2010-08-09 02:28:10 +100088920100803
Darren Tucker8b7a0552010-08-03 15:50:16 +1000890 - (dtucker) [monitor.c] Bug #1795: Initialize the values to be returned from
891 PAM to sane values in case the PAM method doesn't write to them. Spotted by
892 Bitman Zhou, ok djm@.
Damien Miller844cccf2010-08-03 16:03:29 +1000893 - OpenBSD CVS Sync
894 - djm@cvs.openbsd.org 2010/07/16 04:45:30
895 [ssh-keygen.c]
896 avoid bogus compiler warning
Damien Miller4e8285e2010-08-03 16:04:03 +1000897 - djm@cvs.openbsd.org 2010/07/16 14:07:35
898 [ssh-rsa.c]
899 more timing paranoia - compare all parts of the expected decrypted
900 data before returning. AFAIK not exploitable in the SSH protocol.
901 "groovy" deraadt@
Damien Millerc4bb91c2010-08-03 16:04:22 +1000902 - djm@cvs.openbsd.org 2010/07/19 03:16:33
903 [sftp-client.c]
904 bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
905 upload depth checks and causing verbose printing of transfers to always
906 be turned on; patch from imorgan AT nas.nasa.gov
Damien Millere11e1ea2010-08-03 16:04:46 +1000907 - djm@cvs.openbsd.org 2010/07/19 09:15:12
908 [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
909 add a "ControlPersist" option that automatically starts a background
910 ssh(1) multiplex master when connecting. This connection can stay alive
911 indefinitely, or can be set to automatically close after a user-specified
912 duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but
913 further hacked on by wmertens AT cisco.com, apb AT cequrux.com,
914 martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@
Damien Miller8c1eb112010-08-03 16:05:05 +1000915 - djm@cvs.openbsd.org 2010/07/21 02:10:58
916 [misc.c]
917 sync timingsafe_bcmp() with the one dempsky@ committed to sys/lib/libkern
Damien Miller081f3c72010-08-03 16:05:25 +1000918 - dtucker@cvs.openbsd.org 2010/07/23 08:49:25
919 [ssh.1]
920 Ciphers is documented in ssh_config(5) these days
Darren Tucker8b7a0552010-08-03 15:50:16 +1000921
92220100819
Darren Tucker12b29db2010-07-19 21:24:13 +1000923 - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with more
924 details about its behaviour WRT existing directories. Patch from
925 asguthrie at gmail com, ok djm.
926
Damien Miller9308fc72010-07-16 13:56:01 +100092720100716
928 - (djm) OpenBSD CVS Sync
929 - djm@cvs.openbsd.org 2010/07/02 04:32:44
930 [misc.c]
931 unbreak strdelim() skipping past quoted strings, e.g.
932 AllowUsers "blah blah" blah
933 was broken; report and fix in bz#1757 from bitman.zhou AT centrify.com
934 ok dtucker;
Damien Miller1f25ab42010-07-16 13:56:23 +1000935 - djm@cvs.openbsd.org 2010/07/12 22:38:52
936 [ssh.c]
937 Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f")
938 for protocol 2. ok markus@
Damien Millerd0244d42010-07-16 13:56:43 +1000939 - djm@cvs.openbsd.org 2010/07/12 22:41:13
940 [ssh.c ssh_config.5]
941 expand %h to the hostname in ssh_config Hostname options. While this
942 sounds useless, it is actually handy for working with unqualified
943 hostnames:
944
945 Host *.*
946 Hostname %h
947 Host *
948 Hostname %h.example.org
949
950 "I like it" markus@
Damien Miller8a0268f2010-07-16 13:57:51 +1000951 - djm@cvs.openbsd.org 2010/07/13 11:52:06
952 [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c]
953 [packet.c ssh-rsa.c]
954 implement a timing_safe_cmp() function to compare memory without leaking
955 timing information by short-circuiting like memcmp() and use it for
956 some of the more sensitive comparisons (though nothing high-value was
957 readily attackable anyway); "looks ok" markus@
Damien Millerea1651c2010-07-16 13:58:37 +1000958 - djm@cvs.openbsd.org 2010/07/13 23:13:16
959 [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c]
960 [ssh-rsa.c]
961 s/timing_safe_cmp/timingsafe_bcmp/g
Damien Millerbcfbc482010-07-16 13:59:11 +1000962 - jmc@cvs.openbsd.org 2010/07/14 17:06:58
963 [ssh.1]
964 finally ssh synopsis looks nice again! this commit just removes a ton of
965 hacks we had in place to make it work with old groff;
Damien Millerbad5e032010-07-16 13:59:59 +1000966 - schwarze@cvs.openbsd.org 2010/07/15 21:20:38
967 [ssh-keygen.1]
968 repair incorrect block nesting, which screwed up indentation;
969 problem reported and fix OK by jmc@
Damien Miller9308fc72010-07-16 13:56:01 +1000970
Tim Ricecfbdc282010-07-14 13:42:28 -070097120100714
972 - (tim) [contrib/redhat/openssh.spec] Bug 1796: Test for skip_x11_askpass
973 (line 77) should have been for no_x11_askpass.
974
Damien Millercede1db2010-07-02 13:33:48 +100097520100702
976 - (djm) OpenBSD CVS Sync
977 - jmc@cvs.openbsd.org 2010/06/26 00:57:07
978 [ssh_config.5]
979 tweak previous;
Damien Millerb96c4412010-07-02 13:34:24 +1000980 - djm@cvs.openbsd.org 2010/06/26 23:04:04
981 [ssh.c]
982 oops, forgot to #include <canohost.h>; spotted and patch from chl@
Damien Miller44b25042010-07-02 13:35:01 +1000983 - djm@cvs.openbsd.org 2010/06/29 23:15:30
984 [ssh-keygen.1 ssh-keygen.c]
985 allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
986 bz#1749; ok markus@
Damien Miller6018a362010-07-02 13:35:19 +1000987 - djm@cvs.openbsd.org 2010/06/29 23:16:46
988 [auth2-pubkey.c sshd_config.5]
989 allow key options (command="..." and friends) in AuthorizedPrincipals;
990 ok markus@
Damien Millerea727282010-07-02 13:35:34 +1000991 - jmc@cvs.openbsd.org 2010/06/30 07:24:25
992 [ssh-keygen.1]
993 tweak previous;
Damien Miller6022f582010-07-02 13:37:01 +1000994 - jmc@cvs.openbsd.org 2010/06/30 07:26:03
995 [ssh-keygen.c]
996 sort usage();
Damien Millerd59dab82010-07-02 13:37:17 +1000997 - jmc@cvs.openbsd.org 2010/06/30 07:28:34
998 [sshd_config.5]
999 tweak previous;
Damien Miller0979b402010-07-02 13:37:33 +10001000 - millert@cvs.openbsd.org 2010/07/01 13:06:59
1001 [scp.c]
1002 Fix a longstanding problem where if you suspend scp at the
1003 password/passphrase prompt the terminal mode is not restored.
1004 OK djm@
Damien Miller527ded72010-07-02 13:40:16 +10001005 - phessler@cvs.openbsd.org 2010/06/27 19:19:56
1006 [regress/Makefile]
1007 fix how we run the tests so we can successfully use SUDO='sudo -E'
1008 in our env
Damien Millerab139cd2010-07-02 13:42:18 +10001009 - djm@cvs.openbsd.org 2010/06/29 23:59:54
1010 [cert-userkey.sh]
1011 regress tests for key options in AuthorizedPrincipals
Damien Millercede1db2010-07-02 13:33:48 +10001012
Tim Rice3fd307d2010-06-26 16:45:15 -0700101320100627
1014 - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs
1015 key.h.
1016
Damien Miller2e774462010-06-26 09:30:47 +1000101720100626
1018 - (djm) OpenBSD CVS Sync
1019 - djm@cvs.openbsd.org 2010/05/21 05:00:36
1020 [misc.c]
1021 colon() returns char*, so s/return (0)/return NULL/
Damien Miller4fe686d2010-06-26 09:36:10 +10001022 - markus@cvs.openbsd.org 2010/06/08 21:32:19
1023 [ssh-pkcs11.c]
1024 check length of value returned C_GetAttributValue for != 0
1025 from mdrtbugzilla@codefive.co.uk; bugzilla #1773; ok dtucker@
Damien Millerc094d1e2010-06-26 09:36:34 +10001026 - djm@cvs.openbsd.org 2010/06/17 07:07:30
1027 [mux.c]
1028 Correct sizing of object to be allocated by calloc(), replacing
1029 sizeof(state) with sizeof(*state). This worked by accident since
1030 the struct contained a single int at present, but could have broken
1031 in the future. patch from hyc AT symas.com
Damien Miller99ac4e92010-06-26 09:36:58 +10001032 - djm@cvs.openbsd.org 2010/06/18 00:58:39
1033 [sftp.c]
1034 unbreak ls in working directories that contains globbing characters in
1035 their pathnames. bz#1655 reported by vgiffin AT apple.com
Damien Miller7aa46ec2010-06-26 09:37:57 +10001036 - djm@cvs.openbsd.org 2010/06/18 03:16:03
1037 [session.c]
1038 Missing check for chroot_director == "none" (we already checked against
1039 NULL); bz#1564 from Jan.Pechanec AT Sun.COM
Damien Miller49566312010-06-26 09:38:23 +10001040 - djm@cvs.openbsd.org 2010/06/18 04:43:08
1041 [sftp-client.c]
1042 fix memory leak in do_realpath() error path; bz#1771, patch from
1043 anicka AT suse.cz
Damien Millerab6de352010-06-26 09:38:45 +10001044 - djm@cvs.openbsd.org 2010/06/22 04:22:59
1045 [servconf.c sshd_config.5]
1046 expose some more sshd_config options inside Match blocks:
1047 AuthorizedKeysFile AuthorizedPrincipalsFile
1048 HostbasedUsesNameFromPacketOnly PermitTunnel
1049 bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@
Damien Millerba3420a2010-06-26 09:39:07 +10001050 - djm@cvs.openbsd.org 2010/06/22 04:32:06
1051 [ssh-keygen.c]
1052 standardise error messages when attempting to open private key
1053 files to include "progname: filename: error reason"
1054 bz#1783; ok dtucker@
Damien Miller48147d62010-06-26 09:39:25 +10001055 - djm@cvs.openbsd.org 2010/06/22 04:49:47
1056 [auth.c]
1057 queue auth debug messages for bad ownership or permissions on the user's
1058 keyfiles. These messages will be sent after the user has successfully
1059 authenticated (where our client will display them with LogLevel=debug).
Damien Miller0e76c5e2010-06-26 09:39:59 +10001060 bz#1554; ok dtucker@
1061 - djm@cvs.openbsd.org 2010/06/22 04:54:30
1062 [ssh-keyscan.c]
1063 replace verbose and overflow-prone Linebuf code with read_keyfile_line()
1064 based on patch from joachim AT joachimschipper.nl; bz#1565; ok dtucker@
Damien Miller1b2b61e2010-06-26 09:47:43 +10001065 - djm@cvs.openbsd.org 2010/06/22 04:59:12
1066 [session.c]
1067 include the user name on "subsystem request for ..." log messages;
1068 bz#1571; ok dtucker@
Damien Millerd834d352010-06-26 09:48:02 +10001069 - djm@cvs.openbsd.org 2010/06/23 02:59:02
1070 [ssh-keygen.c]
1071 fix printing of extensions in v01 certificates that I broke in r1.190
Damien Miller232cfb12010-06-26 09:50:30 +10001072 - djm@cvs.openbsd.org 2010/06/25 07:14:46
1073 [channels.c mux.c readconf.c readconf.h ssh.h]
1074 bz#1327: remove hardcoded limit of 100 permitopen clauses and port
1075 forwards per direction; ok markus@ stevesk@
Damien Miller8853ca52010-06-26 10:00:14 +10001076 - djm@cvs.openbsd.org 2010/06/25 07:20:04
1077 [channels.c session.c]
1078 bz#1750: fix requirement for /dev/null inside ChrootDirectory for
1079 internal-sftp accidentally introduced in r1.253 by removing the code
1080 that opens and dup /dev/null to stderr and modifying the channels code
1081 to read stderr but discard it instead; ok markus@
Damien Millerbda3eca2010-06-26 10:01:33 +10001082 - djm@cvs.openbsd.org 2010/06/25 08:46:17
1083 [auth1.c auth2-none.c]
1084 skip the initial check for access with an empty password when
1085 PermitEmptyPasswords=no; bz#1638; ok markus@
Damien Miller383ffe62010-06-26 10:02:03 +10001086 - djm@cvs.openbsd.org 2010/06/25 23:10:30
1087 [ssh.c]
1088 log the hostname and address that we connected to at LogLevel=verbose
1089 after authentication is successful to mitigate "phishing" attacks by
1090 servers with trusted keys that accept authentication silently and
1091 automatically before presenting fake password/passphrase prompts;
1092 "nice!" markus@
Damien Miller1ab6a512010-06-26 10:02:24 +10001093 - djm@cvs.openbsd.org 2010/06/25 23:10:30
1094 [ssh.c]
1095 log the hostname and address that we connected to at LogLevel=verbose
1096 after authentication is successful to mitigate "phishing" attacks by
1097 servers with trusted keys that accept authentication silently and
1098 automatically before presenting fake password/passphrase prompts;
1099 "nice!" markus@
Damien Miller2e774462010-06-26 09:30:47 +10001100
Damien Millerd82a2602010-06-22 15:02:39 +1000110120100622
1102 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512
1103 bz#1579; ok dtucker
1104
Damien Millerea909792010-06-18 11:09:24 +1000110520100618
1106 - (djm) [contrib/ssh-copy-id] Update key file explicitly under ~
1107 rather than assuming that $CWD == $HOME. bz#1500, patch from
1108 timothy AT gelter.com
1109
Tim Riceb9ae4ec2010-06-17 11:11:44 -0700111020100617
1111 - (tim) [contrib/cygwin/README] Remove a reference to the obsolete
1112 minires-devel package, and to add the reference to the libedit-devel
1113 package since CYgwin now provides libedit. Patch from Corinna Vinschen.
1114
Damien Miller3bcce802010-05-21 14:48:16 +1000111520100521
1116 - (djm) OpenBSD CVS Sync
1117 - djm@cvs.openbsd.org 2010/05/07 11:31:26
1118 [regress/Makefile regress/cert-userkey.sh]
1119 regress tests for AuthorizedPrincipalsFile and "principals=" key option.
1120 feedback and ok markus@
Damien Miller3b903822010-05-21 14:56:25 +10001121 - djm@cvs.openbsd.org 2010/05/11 02:58:04
1122 [auth-rsa.c]
1123 don't accept certificates marked as "cert-authority" here; ok markus@
Damien Millerc6afb5f2010-05-21 14:56:47 +10001124 - djm@cvs.openbsd.org 2010/05/14 00:47:22
1125 [ssh-add.c]
1126 check that the certificate matches the corresponding private key before
1127 grafting it on
Damien Millerd530f5f2010-05-21 14:57:10 +10001128 - djm@cvs.openbsd.org 2010/05/14 23:29:23
1129 [channels.c channels.h mux.c ssh.c]
1130 Pause the mux channel while waiting for reply from aynch callbacks.
1131 Prevents misordering of replies if new requests arrive while waiting.
1132
1133 Extend channel open confirm callback to allow signalling failure
1134 conditions as well as success. Use this to 1) fix a memory leak, 2)
1135 start using the above pause mechanism and 3) delay sending a success/
1136 failure message on mux slave session open until we receive a reply from
1137 the server.
1138
1139 motivated by and with feedback from markus@
Damien Miller388f6fc2010-05-21 14:57:35 +10001140 - markus@cvs.openbsd.org 2010/05/16 12:55:51
1141 [PROTOCOL.mux clientloop.h mux.c readconf.c readconf.h ssh.1 ssh.c]
1142 mux support for remote forwarding with dynamic port allocation,
1143 use with
1144 LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
1145 feedback and ok djm@
Damien Miller84399552010-05-21 14:58:12 +10001146 - djm@cvs.openbsd.org 2010/05/20 11:25:26
1147 [auth2-pubkey.c]
1148 fix logspam when key options (from="..." especially) deny non-matching
1149 keys; reported by henning@ also bz#1765; ok markus@ dtucker@
Damien Millerd0e4a8e2010-05-21 14:58:32 +10001150 - djm@cvs.openbsd.org 2010/05/20 23:46:02
1151 [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
1152 Move the permit-* options to the non-critical "extensions" field for v01
1153 certificates. The logic is that if another implementation fails to
1154 implement them then the connection just loses features rather than fails
1155 outright.
1156
1157 ok markus@
Damien Miller3bcce802010-05-21 14:48:16 +10001158
Darren Tucker5b6d0d02010-05-12 16:51:38 +1000115920100511
1160 - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
1161 circular dependency problem on old or odd platforms. From Tom Lane, ok
1162 djm@.
Damien Miller4b1ec832010-05-12 17:49:59 +10001163 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on older
1164 libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't
1165 already. ok dtucker@
Darren Tucker5b6d0d02010-05-12 16:51:38 +10001166
Damien Miller50af79b2010-05-10 11:52:00 +1000116720100510
1168 - OpenBSD CVS Sync
1169 - djm@cvs.openbsd.org 2010/04/23 01:47:41
1170 [ssh-keygen.c]
1171 bz#1740: display a more helpful error message when $HOME is
1172 inaccessible while trying to create .ssh directory. Based on patch
1173 from jchadima AT redhat.com; ok dtucker@
Damien Miller85c50d72010-05-10 11:53:02 +10001174 - djm@cvs.openbsd.org 2010/04/23 22:27:38
1175 [mux.c]
1176 set "detach_close" flag when registering channel cleanup callbacks.
1177 This causes the channel to close normally when its fds close and
1178 hangs when terminating a mux slave using ~. bz#1758; ok markus@
Damien Miller22a29882010-05-10 11:53:54 +10001179 - djm@cvs.openbsd.org 2010/04/23 22:42:05
1180 [session.c]
1181 set stderr to /dev/null for subsystems rather than just closing it.
1182 avoids hangs if a subsystem or shell initialisation writes to stderr.
1183 bz#1750; ok markus@
Damien Millerbebbb7e2010-05-10 11:54:38 +10001184 - djm@cvs.openbsd.org 2010/04/23 22:48:31
1185 [ssh-keygen.c]
1186 refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
1187 since we would refuse to use them anyway. bz#1516; ok dtucker@
Damien Miller79442c02010-05-10 11:55:38 +10001188 - djm@cvs.openbsd.org 2010/04/26 22:28:24
1189 [sshconnect2.c]
1190 bz#1502: authctxt.success is declared as an int, but passed by
1191 reference to function that accepts sig_atomic_t*. Convert it to
1192 the latter; ok markus@ dtucker@
Damien Miller2725c212010-05-10 11:56:14 +10001193 - djm@cvs.openbsd.org 2010/05/01 02:50:50
1194 [PROTOCOL.certkeys]
1195 typo; jmeltzer@
Damien Miller099fc162010-05-10 11:56:50 +10001196 - dtucker@cvs.openbsd.org 2010/05/05 04:22:09
1197 [sftp.c]
1198 restore mput and mget which got lost in the tab-completion changes.
1199 found by Kenneth Whitaker, ok djm@
Damien Miller30da3442010-05-10 11:58:03 +10001200 - djm@cvs.openbsd.org 2010/05/07 11:30:30
1201 [auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c]
1202 [key.c servconf.c servconf.h sshd.8 sshd_config.5]
1203 add some optional indirection to matching of principal names listed
1204 in certificates. Currently, a certificate must include the a user's name
1205 to be accepted for authentication. This change adds the ability to
1206 specify a list of certificate principal names that are acceptable.
1207
1208 When authenticating using a CA trusted through ~/.ssh/authorized_keys,
1209 this adds a new principals="name1[,name2,...]" key option.
1210
1211 For CAs listed through sshd_config's TrustedCAKeys option, a new config
1212 option "AuthorizedPrincipalsFile" specifies a per-user file containing
1213 the list of acceptable names.
1214
1215 If either option is absent, the current behaviour of requiring the
1216 username to appear in principals continues to apply.
1217
1218 These options are useful for role accounts, disjoint account namespaces
1219 and "user@realm"-style naming policies in certificates.
1220
1221 feedback and ok markus@
Damien Miller81d3fc52010-05-10 11:58:45 +10001222 - jmc@cvs.openbsd.org 2010/05/07 12:49:17
1223 [sshd_config.5]
1224 tweak previous;
Damien Miller50af79b2010-05-10 11:52:00 +10001225
Darren Tucker9f8703b2010-04-23 11:12:06 +1000122620100423
1227 - (dtucker) [configure.ac] Bug #1756: Check for the existence of a lib64 dir
1228 in the openssl install directory (some newer openssl versions do this on at
1229 least some amd64 platforms).
1230
Damien Millerc4eddee2010-04-18 08:07:43 +1000123120100418
1232 - OpenBSD CVS Sync
1233 - jmc@cvs.openbsd.org 2010/04/16 06:45:01
1234 [ssh_config.5]
1235 tweak previous; ok djm
Damien Miller1f181422010-04-18 08:08:03 +10001236 - jmc@cvs.openbsd.org 2010/04/16 06:47:04
1237 [ssh-keygen.1 ssh-keygen.c]
1238 tweak previous; ok djm
Damien Millerc617aa92010-04-18 08:08:20 +10001239 - djm@cvs.openbsd.org 2010/04/16 21:14:27
1240 [sshconnect.c]
1241 oops, %r => remote username, not %u
Damien Miller53f4bb62010-04-18 08:15:14 +10001242 - djm@cvs.openbsd.org 2010/04/16 01:58:45
1243 [regress/cert-hostkey.sh regress/cert-userkey.sh]
1244 regression tests for v01 certificate format
1245 includes interop tests for v00 certs
Darren Tuckere25a9bd2010-04-18 13:35:00 +10001246 - (dtucker) [contrib/aix/buildbff.sh] Fix creation of ssh_prng_cmds.default
1247 file.
Damien Millerc4eddee2010-04-18 08:07:43 +10001248
Damien Millera45f1c02010-04-16 15:51:34 +1000124920100416
1250 - (djm) Release openssh-5.5p1
Damien Millerd6fc3062010-04-16 15:51:45 +10001251 - OpenBSD CVS Sync
1252 - djm@cvs.openbsd.org 2010/03/26 03:13:17
1253 [bufaux.c]
1254 allow buffer_get_int_ret/buffer_get_int64_ret to take a NULL pointer
1255 argument to allow skipping past values in a buffer
Damien Miller67f30d72010-04-16 15:52:03 +10001256 - jmc@cvs.openbsd.org 2010/03/26 06:54:36
1257 [ssh.1]
1258 tweak previous;
Damien Miller544378d2010-04-16 15:52:24 +10001259 - jmc@cvs.openbsd.org 2010/03/27 14:26:55
1260 [ssh_config.5]
1261 tweak previous; ok dtucker
Damien Millerdeb5a142010-04-16 15:52:43 +10001262 - djm@cvs.openbsd.org 2010/04/10 00:00:16
1263 [ssh.c]
1264 bz#1746 - suppress spurious tty warning when using -O and stdin
1265 is not a tty; ok dtucker@ markus@
Damien Miller67283992010-04-16 15:53:02 +10001266 - djm@cvs.openbsd.org 2010/04/10 00:04:30
1267 [sshconnect.c]
1268 fix terminology: we didn't find a certificate in known_hosts, we found
1269 a CA key
Damien Miller22c97f12010-04-16 15:53:23 +10001270 - djm@cvs.openbsd.org 2010/04/10 02:08:44
1271 [clientloop.c]
1272 bz#1698: kill channel when pty allocation requests fail. Fixed
1273 stuck client if the server refuses pty allocation.
1274 ok dtucker@ "think so" markus@
Damien Miller88680652010-04-16 15:53:43 +10001275 - djm@cvs.openbsd.org 2010/04/10 02:10:56
1276 [sshconnect2.c]
1277 show the key type that we are offering in debug(), helps distinguish
1278 between certs and plain keys as the path to the private key is usually
1279 the same.
Damien Miller601a23c2010-04-16 15:54:01 +10001280 - djm@cvs.openbsd.org 2010/04/10 05:48:16
1281 [mux.c]
1282 fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.au
Damien Millerb1b17042010-04-16 15:54:19 +10001283 - djm@cvs.openbsd.org 2010/04/14 22:27:42
1284 [ssh_config.5 sshconnect.c]
1285 expand %r => remote username in ssh_config:ProxyCommand;
1286 ok deraadt markus
Damien Miller031c9102010-04-16 15:54:44 +10001287 - markus@cvs.openbsd.org 2010/04/15 20:32:55
1288 [ssh-pkcs11.c]
1289 retry lookup for private key if there's no matching key with CKA_SIGN
1290 attribute enabled; this fixes fixes MuscleCard support (bugzilla #1736)
1291 ok djm@
Damien Miller4e270b02010-04-16 15:56:21 +10001292 - djm@cvs.openbsd.org 2010/04/16 01:47:26
1293 [PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
1294 [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
1295 [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
1296 [sshconnect.c sshconnect2.c sshd.c]
1297 revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
1298 following changes:
1299
1300 move the nonce field to the beginning of the certificate where it can
1301 better protect against chosen-prefix attacks on the signature hash
1302
1303 Rename "constraints" field to "critical options"
1304
1305 Add a new non-critical "extensions" field
1306
1307 Add a serial number
1308
1309 The older format is still support for authentication and cert generation
1310 (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
1311
1312 ok markus@