blob: de12bbef06ebfdbcd91693c6679fe04a7e20bc29 [file] [log] [blame]
Damien Miller5360dff2011-12-19 10:51:11 +1100120111219
2 - OpenBSD CVS Sync
3 - djm@cvs.openbsd.org 2011/12/02 00:41:56
4 [mux.c]
5 fix bz#1948: ssh -f doesn't fork for multiplexed connection.
6 ok dtucker@
Damien Millerd0e582c2011-12-19 10:51:39 +11007 - djm@cvs.openbsd.org 2011/12/02 00:43:57
8 [mac.c]
9 fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
10 HMAC_init (this change in policy seems insane to me)
11 ok dtucker@
Damien Miller5360dff2011-12-19 10:51:11 +110012
Damien Miller47d81152011-11-25 13:53:48 +11001320111125
14 - OpenBSD CVS Sync
15 - oga@cvs.openbsd.org 2011/11/16 12:24:28
16 [sftp.c]
17 Don't leak list in complete_cmd_parse if there are no commands found.
18 Discovered when I was ``borrowing'' this code for something else.
19 ok djm@
20
Darren Tucker4a725ef2011-11-21 16:38:48 +11002120111121
22 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@
23
Darren Tucker45c66d72011-11-04 10:50:40 +11002420111104
25 - (dtucker) OpenBSD CVS Sync
26 - djm@cvs.openbsd.org 2011/10/18 05:15:28
27 [ssh.c]
28 ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@
Darren Tuckere68cf842011-11-04 10:51:51 +110029 - djm@cvs.openbsd.org 2011/10/18 23:37:42
30 [ssh-add.c]
31 add -k to usage(); reminded by jmc@
Darren Tucker9ee09cf2011-11-04 10:52:43 +110032 - djm@cvs.openbsd.org 2011/10/19 00:06:10
33 [moduli.c]
34 s/tmpfile/tmp/ to make this -Wshadow clean
Darren Tucker8a057952011-11-04 10:53:31 +110035 - djm@cvs.openbsd.org 2011/10/19 10:39:48
36 [umac.c]
37 typo in comment; patch from Michael W. Bombardieri
Darren Tucker2d6665d2011-11-04 10:54:22 +110038 - djm@cvs.openbsd.org 2011/10/24 02:10:46
39 [ssh.c]
40 bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
41 was incorrectly requesting the forward in both the control master and
42 slave. skip requesting it in the master to fix. ok markus@
Darren Tucker9c5d5532011-11-04 10:55:24 +110043 - djm@cvs.openbsd.org 2011/10/24 02:13:13
44 [session.c]
45 bz#1859: send tty break to pty master instead of (probably already
46 closed) slave side; "looks good" markus@
Darren Tuckerbe4032b2011-11-04 11:16:06 +110047 - dtucker@cvs.openbsd.org 011/11/04 00:09:39
48 [moduli]
49 regenerated moduli file; ok deraadt
Darren Tuckeraa3cbd12011-11-04 11:25:24 +110050 - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
51 openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
52 bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
53 which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr)
54 with some rework from myself and djm. ok djm.
Darren Tucker45c66d72011-11-04 10:50:40 +110055
Darren Tucker9f157ab2011-10-25 09:37:57 +11005620111025
57 - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file
58 fails. Patch from Corinna Vinschen.
59
Damien Millerd3e69902011-10-18 16:04:57 +11006020111018
61 - (djm) OpenBSD CVS Sync
62 - djm@cvs.openbsd.org 2011/10/04 14:17:32
63 [sftp-glob.c]
64 silence error spam for "ls */foo" in directory with files; bz#1683
Damien Miller390d0562011-10-18 16:05:19 +110065 - dtucker@cvs.openbsd.org 2011/10/16 11:02:46
66 [moduli.c ssh-keygen.1 ssh-keygen.c]
67 Add optional checkpoints for moduli screening. feedback & ok deraadt
Damien Miller927d82b2011-10-18 16:05:38 +110068 - jmc@cvs.openbsd.org 2011/10/16 15:02:41
69 [ssh-keygen.c]
70 put -K in the right place (usage());
Damien Miller91f3eae2011-10-18 16:05:55 +110071 - stsp@cvs.openbsd.org 2011/10/16 15:51:39
72 [moduli.c]
73 add missing includes to unbreak tree; fix from rpointel
Damien Millerc51a5ab2011-10-18 16:06:14 +110074 - djm@cvs.openbsd.org 2011/10/18 04:58:26
75 [auth-options.c key.c]
76 remove explict search for \0 in packet strings, this job is now done
77 implicitly by buffer_get_cstring; ok markus
Damien Miller8f4279e2011-10-18 16:06:33 +110078 - djm@cvs.openbsd.org 2011/10/18 05:00:48
79 [ssh-add.1 ssh-add.c]
80 new "ssh-add -k" option to load plain keys (skipping certificates);
81 "looks ok" markus@
Damien Millerd3e69902011-10-18 16:04:57 +110082
8320111001
Darren Tucker036876c2011-10-01 18:46:12 +100084 - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning. ok djm
Darren Tucker1338b9e2011-10-02 18:57:35 +110085 - (dtucker) OpenBSD CVS Sync
86 - dtucker@cvs.openbsd.org 2011/09/23 00:22:04
87 [channels.c auth-options.c servconf.c channels.h sshd.8]
88 Add wildcard support to PermitOpen, allowing things like "PermitOpen
89 localhost:*". bz #1857, ok djm markus.
Darren Tucker68afb8c2011-10-02 18:59:03 +110090 - markus@cvs.openbsd.org 2011/09/23 07:45:05
91 [mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c
92 version.h]
93 unbreak remote portforwarding with dynamic allocated listen ports:
94 1) send the actual listen port in the open message (instead of 0).
95 this allows multiple forwardings with a dynamic listen port
96 2) update the matching permit-open entry, so we can identify where
97 to connect to
98 report: den at skbkontur.ru and P. Szczygielski
99 feedback and ok djm@
Darren Tuckeraf1a60e2011-10-02 18:59:59 +1100100 - djm@cvs.openbsd.org 2011/09/25 05:44:47
101 [auth2-pubkey.c]
102 improve the AuthorizedPrincipalsFile debug log message to include
103 file and line number
Darren Tucker95125e52011-10-02 19:09:07 +1100104 - dtucker@cvs.openbsd.org 2011/09/30 00:47:37
105 [sshd.c]
106 don't attempt privsep cleanup when not using privsep; ok markus@
Darren Tucker2e135602011-10-02 19:10:13 +1100107 - djm@cvs.openbsd.org 2011/09/30 21:22:49
108 [sshd.c]
109 fix inverted test that caused logspam; spotted by henning@
Darren Tucker036876c2011-10-01 18:46:12 +1000110
Damien Miller5ffe1c42011-09-29 11:11:51 +100011120110929
112 - (djm) [configure.ac defines.h] No need to detect sizeof(char); patch
113 from des AT des.no
Darren Tuckerb54f50e2011-09-29 23:17:18 +1000114 - (dtucker) [configure.ac openbsd-compat/Makefile.in
115 openbsd-compat/strnlen.c] Add strnlen to the compat library.
Damien Miller5ffe1c42011-09-29 11:11:51 +1000116
Damien Milleradd1e202011-09-23 10:38:01 +100011720110923
Damien Milleracdf3fb2011-09-23 10:40:50 +1000118 - (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no
119 longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
120 want this longhand version)
Damien Millercd927902011-09-23 10:44:03 +1000121 - (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the
122 upstream version is YPified and we don't want this
Damien Miller48886712011-09-23 10:56:29 +1000123 - (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version.
124 The file was totally rewritten between what we had in tree and -current.
Damien Miller64efe962011-09-23 11:13:00 +1000125 - (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
126 marker. The upstream API has changed (function and structure names)
127 enough to put it out of sync with other providers of this interface.
Damien Millerd1a74582011-09-23 11:26:34 +1000128 - (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion
129 of static __findenv() function from upstream setenv.c
Damien Milleradd1e202011-09-23 10:38:01 +1000130 - OpenBSD CVS Sync
131 - millert@cvs.openbsd.org 2006/05/05 15:27:38
Damien Milleracdf3fb2011-09-23 10:40:50 +1000132 [openbsd-compat/strlcpy.c]
Damien Milleradd1e202011-09-23 10:38:01 +1000133 Convert do {} while loop -> while {} for clarity. No binary change
134 on most architectures. From Oliver Smith. OK deraadt@ and henning@
Damien Miller834e8202011-09-23 10:42:02 +1000135 - tobias@cvs.openbsd.org 2007/10/21 11:09:30
Damien Miller3e6fe872011-09-23 11:16:09 +1000136 [openbsd-compat/mktemp.c]
Damien Miller834e8202011-09-23 10:42:02 +1000137 Comment fix about time consumption of _gettemp.
138 FreeBSD did this in revision 1.20.
139 OK deraadt@, krw@
Damien Millerdc0e09b2011-09-23 10:46:48 +1000140 - deraadt@cvs.openbsd.org 2008/07/22 21:47:45
Damien Miller3e6fe872011-09-23 11:16:09 +1000141 [openbsd-compat/mktemp.c]
Damien Millerdc0e09b2011-09-23 10:46:48 +1000142 use arc4random_uniform(); ok djm millert
Damien Miller3a359b32011-09-23 10:47:29 +1000143 - millert@cvs.openbsd.org 2008/08/21 16:54:44
Damien Miller3e6fe872011-09-23 11:16:09 +1000144 [openbsd-compat/mktemp.c]
Damien Miller3a359b32011-09-23 10:47:29 +1000145 Remove useless code, the kernel will set errno appropriately if an
146 element in the path does not exist. OK deraadt@ pvalchev@
Damien Miller3e6fe872011-09-23 11:16:09 +1000147 - otto@cvs.openbsd.org 2008/12/09 19:38:38
148 [openbsd-compat/inet_ntop.c]
149 fix inet_ntop(3) prototype; ok millert@ libc to be bumbed very soon
Damien Milleradd1e202011-09-23 10:38:01 +1000150
Damien Millere01a6272011-09-22 21:20:21 +100015120110922
152 - OpenBSD CVS Sync
153 - pyr@cvs.openbsd.org 2011/05/12 07:15:10
154 [openbsd-compat/glob.c]
155 When the max number of items for a directory has reached GLOB_LIMIT_READDIR
156 an error is returned but closedir() is not called.
157 spotted and fix provided by Frank Denis obsd-tech@pureftpd.org
158 ok otto@, millert@
Damien Millerc4bf7dd2011-09-22 21:21:48 +1000159 - stsp@cvs.openbsd.org 2011/09/20 10:18:46
160 [glob.c]
161 In glob(3), limit recursion during matching attempts. Similar to
162 fnmatch fix. Also collapse consecutive '*' (from NetBSD).
163 ok miod deraadt
Damien Millere128a502011-09-22 21:22:21 +1000164 - djm@cvs.openbsd.org 2011/09/22 06:27:29
165 [glob.c]
166 fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
167 applied only to the gl_pathv vector and not the corresponding gl_statv
168 array. reported in OpenSSH bz#1935; feedback and okay matthew@
Damien Millerefad7272011-09-22 21:33:53 +1000169 - djm@cvs.openbsd.org 2011/08/26 01:45:15
170 [ssh.1]
171 Add some missing ssh_config(5) options that can be used in ssh(1)'s
172 -o argument. Patch from duclare AT guu.fi
Damien Millere5777722011-09-22 21:34:15 +1000173 - djm@cvs.openbsd.org 2011/09/05 05:56:13
174 [scp.1 sftp.1]
175 mention ControlPersist and KbdInteractiveAuthentication in the -o
176 verbiage in these pages too (prompted by jmc@)
Damien Miller2918e032011-09-22 21:34:35 +1000177 - djm@cvs.openbsd.org 2011/09/05 05:59:08
178 [misc.c]
179 fix typo in IPQoS parsing: there is no "AF14" class, but there is
180 an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
Damien Millere0296732011-09-22 21:34:56 +1000181 - jmc@cvs.openbsd.org 2011/09/05 07:01:44
182 [scp.1]
183 knock out a useless Ns;
Damien Miller6232a162011-09-22 21:36:00 +1000184 - deraadt@cvs.openbsd.org 2011/09/07 02:18:31
185 [ssh-keygen.1]
186 typo (they vs the) found by Lawrence Teo
Damien Millerf6e758c2011-09-22 21:37:13 +1000187 - djm@cvs.openbsd.org 2011/09/09 00:43:00
188 [ssh_config.5 sshd_config.5]
189 fix typo in IPQoS parsing: there is no "AF14" class, but there is
190 an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
Damien Miller4cb855b2011-09-22 21:37:38 +1000191 - djm@cvs.openbsd.org 2011/09/09 00:44:07
192 [PROTOCOL.mux]
193 MUX_C_CLOSE_FWD includes forward type in message (though it isn't
194 implemented anyway)
Damien Miller0603d982011-09-22 21:38:00 +1000195 - djm@cvs.openbsd.org 2011/09/09 22:37:01
196 [scp.c]
197 suppress adding '--' to remote commandlines when the first argument
198 does not start with '-'. saves breakage on some difficult-to-upgrade
199 embedded/router platforms; feedback & ok dtucker ok markus
Damien Miller9ee2c602011-09-22 21:38:30 +1000200 - djm@cvs.openbsd.org 2011/09/09 22:38:21
201 [sshd.c]
202 kill the preauth privsep child on fatal errors in the monitor;
203 ok markus@
Damien Millerf6dff7c2011-09-22 21:38:52 +1000204 - djm@cvs.openbsd.org 2011/09/09 22:46:44
205 [channels.c channels.h clientloop.h mux.c ssh.c]
206 support for cancelling local and remote port forwards via the multiplex
207 socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request
208 the cancellation of the specified forwardings; ok markus@
Damien Millerff773642011-09-22 21:39:48 +1000209 - markus@cvs.openbsd.org 2011/09/10 22:26:34
210 [channels.c channels.h clientloop.c ssh.1]
211 support cancellation of local/dynamic forwardings from ~C commandline;
212 ok & feedback djm@
Damien Miller1bcbd0a2011-09-22 21:40:45 +1000213 - okan@cvs.openbsd.org 2011/09/11 06:59:05
214 [ssh.1]
215 document new -O cancel command; ok djm@
Damien Miller3decdba2011-09-22 21:41:05 +1000216 - markus@cvs.openbsd.org 2011/09/11 16:07:26
217 [sftp-client.c]
218 fix leaks in do_hardlink() and do_readlink(); bz#1921
219 from Loganaden Velvindron
Damien Miller57c38ac2011-09-22 21:42:45 +1000220 - markus@cvs.openbsd.org 2011/09/12 08:46:15
221 [sftp-client.c]
222 fix leak in do_lsreaddir(); ok djm
Damien Millerd7be70d2011-09-22 21:43:06 +1000223 - djm@cvs.openbsd.org 2011/09/22 06:29:03
224 [sftp.c]
225 don't let remote_glob() implicitly sort its results in do_globbed_ls() -
226 in all likelihood, they will be resorted anyway
Damien Millere01a6272011-09-22 21:20:21 +1000227
Darren Tuckere8a82c52011-09-09 11:29:40 +100022820110909
229 - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng. From
230 Colin Watson.
231
Damien Millerfb9d8172011-09-07 09:11:53 +100023220110906
233 - (djm) [README version.h] Correct version
Damien Miller022ee242011-09-07 09:15:02 +1000234 - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon
235 - (djm) Respin OpenSSH-5.9p1 release
Damien Millerfb9d8172011-09-07 09:11:53 +1000236
Damien Miller86dcd3e2011-09-05 10:29:04 +100023720110905
238 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
239 [contrib/suse/openssh.spec] Update version numbers.
240
Damien Miller6efd94f2011-09-04 19:04:16 +100024120110904
242 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal
243 regress errors for the sandbox to warnings. ok tim dtucker
Darren Tucker0dd24e02011-09-04 19:59:26 +1000244 - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations
Damien Miller86dcd3e2011-09-05 10:29:04 +1000245 ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen
246 support.
Damien Miller6efd94f2011-09-04 19:04:16 +1000247
Damien Miller58ac11a2011-08-29 16:09:52 +100024820110829
249 - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting
250 to switch SELinux context away from unconfined_t, based on patch from
251 Jan Chadima; bz#1919 ok dtucker@
252
Darren Tucker44383542011-08-28 04:50:16 +100025320110827
254 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey.
255
Tim Ricea6e60612011-08-17 21:48:22 -070025620110818
257 - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze
258
Tim Ricea1226822011-08-16 17:29:01 -070025920110817
260 - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for
261 OpenSSL 0.9.7. ok djm
Damien Miller9c083122011-08-17 11:31:07 +1000262 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
263 binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
Damien Miller1a91c0f2011-08-17 11:59:25 +1000264 - (djm) [configure.ac] error out if the host lacks the necessary bits for
265 an explicitly requested sandbox type
Damien Miller44a6c932011-08-17 12:01:44 +1000266 - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by
267 bisson AT archlinux.org
Damien Miller9231c8b2011-08-17 12:08:15 +1000268 - (djm) OpenBSD CVS Sync
269 - dtucker@cvs.openbsd.org 2011/06/03 05:35:10
270 [regress/cfgmatch.sh]
271 use OBJ to find test configs, patch from Tim Rice
Damien Millerfaf4d802011-08-17 12:09:19 +1000272 - markus@cvs.openbsd.org 2011/06/30 22:44:43
273 [regress/connect-privsep.sh]
274 test with sandbox enabled; ok djm@
Damien Miller062fa302011-08-17 12:10:02 +1000275 - djm@cvs.openbsd.org 2011/08/02 01:23:41
276 [regress/cipher-speed.sh regress/try-ciphers.sh]
277 add SHA256/SHA512 based HMAC modes
Damien Miller2df1bec2011-08-17 12:25:46 +1000278 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2
279 MAC tests for platforms that hack EVP_SHA2 support
Tim Ricea1226822011-08-16 17:29:01 -0700280
Darren Tucker4d47ec92011-08-12 10:12:53 +100028120110812
282 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
283 change error by reporting old and new context names Patch from
284 jchadima at redhat.
Damien Miller2db99772011-08-12 11:02:35 +1000285 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
286 [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
Damien Millerd1eb1dd2011-08-12 11:22:47 +1000287 init scrips from imorgan AT nas.nasa.gov; bz#1920
288 - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
289 identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
290 AT gmail.com; ok dtucker@
Darren Tucker4d47ec92011-08-12 10:12:53 +1000291
Darren Tucker578451d2011-08-07 23:09:20 +100029220110807
293 - (dtucker) OpenBSD CVS Sync
294 - jmc@cvs.openbsd.org 2008/06/26 06:59:39
295 [moduli.5]
296 tweak previous;
Darren Tuckerf2794742011-08-07 23:10:11 +1000297 - sobrado@cvs.openbsd.org 2009/10/28 08:56:54
298 [moduli.5]
299 "Diffie-Hellman" is the usual spelling for the cryptographic protocol
300 first published by Whitfield Diffie and Martin Hellman in 1976.
301 ok jmc@
Darren Tucker91e6b572011-08-07 23:10:56 +1000302 - jmc@cvs.openbsd.org 2010/10/14 20:41:28
303 [moduli.5]
304 probabalistic -> probabilistic; from naddy
Darren Tuckerddccfb42011-08-07 23:12:26 +1000305 - dtucker@cvs.openbsd.org 2011/08/07 12:55:30
306 [sftp.1]
307 typo, fix from Laurent Gautrot
Darren Tucker578451d2011-08-07 23:09:20 +1000308
Damien Miller7741ce82011-08-06 06:15:15 +100030920110805
310 - OpenBSD CVS Sync
311 - djm@cvs.openbsd.org 2011/06/23 23:35:42
312 [monitor.c]
313 ignore EINTR errors from poll()
Damien Miller6ea5e442011-08-06 06:16:00 +1000314 - tedu@cvs.openbsd.org 2011/07/06 18:09:21
315 [authfd.c]
316 bzero the agent address. the kernel was for a while very cranky about
317 these things. evne though that's fixed, always good to initialize
318 memory. ok deraadt djm
Damien Miller35e48192011-08-06 06:16:23 +1000319 - djm@cvs.openbsd.org 2011/07/29 14:42:45
320 [sandbox-systrace.c]
321 fail open(2) with EPERM rather than SIGKILLing the whole process. libc
322 will call open() to do strerror() when NLS is enabled;
323 feedback and ok markus@
Damien Milleradb467f2011-08-06 06:16:46 +1000324 - markus@cvs.openbsd.org 2011/08/01 19:18:15
325 [gss-serv.c]
326 prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
327 report Adam Zabrock; ok djm@, deraadt@
Damien Miller20bd4532011-08-06 06:17:30 +1000328 - djm@cvs.openbsd.org 2011/08/02 01:22:11
329 [mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
330 Add new SHA256 and SHA512 based HMAC modes from
331 http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
332 Patch from mdb AT juniper.net; feedback and ok markus@
Damien Millerc4718602011-08-06 06:17:48 +1000333 - djm@cvs.openbsd.org 2011/08/02 23:13:01
334 [version.h]
335 crank now, release later
Damien Miller765f8c42011-08-06 06:18:16 +1000336 - djm@cvs.openbsd.org 2011/08/02 23:15:03
337 [ssh.c]
338 typo in comment
Damien Miller7741ce82011-08-06 06:15:15 +1000339
Damien Millercd5e52e2011-06-27 07:18:18 +100034020110624
341 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
342 Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
343 markus@
344
Damien Miller82c55872011-06-23 08:20:30 +100034520110623
346 - OpenBSD CVS Sync
347 - djm@cvs.openbsd.org 2011/06/22 21:47:28
348 [servconf.c]
349 reuse the multistate option arrays to pretty-print options for "sshd -T"
Damien Miller69ff1df2011-06-23 08:30:03 +1000350 - djm@cvs.openbsd.org 2011/06/22 21:57:01
351 [servconf.c servconf.h sshd.c sshd_config.5]
352 [configure.ac Makefile.in]
353 introduce sandboxing of the pre-auth privsep child using systrace(4).
354
355 This introduces a new "UsePrivilegeSeparation=sandbox" option for
356 sshd_config that applies mandatory restrictions on the syscalls the
357 privsep child can perform. This prevents a compromised privsep child
358 from being used to attack other hosts (by opening sockets and proxying)
359 or probing local kernel attack surface.
360
361 The sandbox is implemented using systrace(4) in unsupervised "fast-path"
362 mode, where a list of permitted syscalls is supplied. Any syscall not
363 on the list results in SIGKILL being sent to the privsep child. Note
364 that this requires a kernel with the new SYSTR_POLICY_KILL option.
365
366 UsePrivilegeSeparation=sandbox will become the default in the future
367 so please start testing it now.
368
369 feedback dtucker@; ok markus@
Damien Miller6d7b4372011-06-23 08:31:57 +1000370 - djm@cvs.openbsd.org 2011/06/22 22:08:42
371 [channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
372 hook up a channel confirm callback to warn the user then requested X11
373 forwarding was refused by the server; ok markus@
Damien Millerdcbd41e2011-06-23 19:45:51 +1000374 - djm@cvs.openbsd.org 2011/06/23 09:34:13
375 [sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
376 [sandbox-null.c]
377 rename sandbox.h => ssh-sandbox.h to make things easier for portable
Damien Miller80b62e32011-06-23 19:03:18 +1000378 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
379 setrlimit(2)
Damien Miller82c55872011-06-23 08:20:30 +1000380
Damien Miller6029e072011-06-20 14:22:49 +100038120110620
382 - OpenBSD CVS Sync
383 - djm@cvs.openbsd.org 2011/06/04 00:10:26
384 [ssh_config.5]
385 explain IdentifyFile's semantics a little better, prompted by bz#1898
386 ok dtucker jmc
Damien Millere7ac2bd2011-06-20 14:23:25 +1000387 - markus@cvs.openbsd.org 2011/06/14 22:49:18
388 [authfile.c]
389 make sure key_parse_public/private_rsa1() no longer consumes its input
390 buffer. fixes ssh-add for passphrase-protected ssh1-keys;
391 noted by naddy@; ok djm@
Damien Miller8f0bf232011-06-20 14:42:23 +1000392 - djm@cvs.openbsd.org 2011/06/17 21:44:31
393 [log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
394 make the pre-auth privsep slave log via a socketpair shared with the
395 monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
Damien Millerf145a5b2011-06-20 14:42:51 +1000396 - djm@cvs.openbsd.org 2011/06/17 21:46:16
397 [sftp-server.c]
398 the protocol version should be unsigned; bz#1913 reported by mb AT
399 smartftp.com
Damien Miller33322122011-06-20 14:43:11 +1000400 - djm@cvs.openbsd.org 2011/06/17 21:47:35
401 [servconf.c]
402 factor out multi-choice option parsing into a parse_multistate label
403 and some support structures; ok dtucker@
Damien Miller4ac99c32011-06-20 14:43:31 +1000404 - djm@cvs.openbsd.org 2011/06/17 21:57:25
405 [clientloop.c]
406 setproctitle for a mux master that has been gracefully stopped;
407 bz#1911 from Bert.Wesarg AT googlemail.com
Damien Miller6029e072011-06-20 14:22:49 +1000408
Darren Tuckerc412c152011-06-03 10:35:23 +100040920110603
410 - (dtucker) [README version.h contrib/caldera/openssh.spec
411 contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version
412 bumps from the 5.8p2 branch into HEAD. ok djm.
Tim Rice90f42b02011-06-02 18:17:49 -0700413 - (tim) [configure.ac defines.h] Run test program to detect system mail
414 directory. Add --with-maildir option to override. Fixed OpenServer 6
415 getting it wrong. Fixed many systems having MAIL=/var/mail//username
416 ok dtucker
Darren Tuckerc3c72272011-06-03 11:20:06 +1000417 - (dtucker) [monitor.c] Remove the !HAVE_SOCKETPAIR case. We use socketpair
418 unconditionally in other places and the survey data we have does not show
419 any systems that use it. "nuke it" djm@
Damien Millerc09182f2011-06-03 12:11:38 +1000420 - (djm) [configure.ac] enable setproctitle emulation for OS X
421 - (djm) OpenBSD CVS Sync
Damien Millerea2c1a42011-06-03 12:10:22 +1000422 - djm@cvs.openbsd.org 2011/06/03 00:54:38
423 [ssh.c]
424 bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg
425 AT googlemail.com; ok dtucker@
426 NB. includes additional portability code to enable setproctitle emulation
427 on platforms that don't support it.
Darren Tucker3e78a512011-06-03 14:14:16 +1000428 - dtucker@cvs.openbsd.org 2011/06/03 01:37:40
429 [ssh-agent.c]
430 Check current parent process ID against saved one to determine if the parent
431 has exited, rather than attempting to send a zero signal, since the latter
432 won't work if the parent has changed privs. bz#1905, patch from Daniel Kahn
433 Gillmor, ok djm@
Darren Tucker260c8fb2011-06-03 14:17:27 +1000434 - dtucker@cvs.openbsd.org 2011/05/31 02:01:58
435 [regress/dynamic-forward.sh]
436 back out revs 1.6 and 1.5 since it's not reliable
Darren Tucker75e035c2011-06-03 14:18:17 +1000437 - dtucker@cvs.openbsd.org 2011/05/31 02:03:34
438 [regress/dynamic-forward.sh]
439 work around startup and teardown races; caught by deraadt
Darren Tuckerbf4d05a2011-06-03 14:19:02 +1000440 - dtucker@cvs.openbsd.org 2011/06/03 00:29:52
441 [regress/dynamic-forward.sh]
442 Retry establishing the port forwarding after a small delay, should make
443 the tests less flaky when the previous test is slow to shut down and free
444 up the port.
Tim Ricebc481572011-06-02 22:26:19 -0700445 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix.
Darren Tuckerc412c152011-06-03 10:35:23 +1000446
Damien Millerd8478b62011-05-29 21:39:36 +100044720110529
448 - (djm) OpenBSD CVS Sync
449 - djm@cvs.openbsd.org 2011/05/23 03:30:07
450 [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c]
451 [pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
452 allow AuthorizedKeysFile to specify multiple files, separated by spaces.
453 Bring back authorized_keys2 as a default search path (to avoid breaking
454 existing users of this file), but override this in sshd_config so it will
455 be no longer used on fresh installs. Maybe in 2015 we can remove it
456 entierly :)
457
458 feedback and ok markus@ dtucker@
Damien Miller1dd66e52011-05-29 21:40:42 +1000459 - djm@cvs.openbsd.org 2011/05/23 03:33:38
460 [auth.c]
461 make secure_filename() spam debug logs less
Damien Miller201f4252011-05-29 21:41:03 +1000462 - djm@cvs.openbsd.org 2011/05/23 03:52:55
463 [sshconnect.c]
464 remove extra newline
Damien Millerb9132fc2011-05-29 21:41:40 +1000465 - jmc@cvs.openbsd.org 2011/05/23 07:10:21
466 [sshd.8 sshd_config.5]
467 tweak previous; ok djm
Damien Miller04bb56e2011-05-29 21:42:08 +1000468 - djm@cvs.openbsd.org 2011/05/23 07:24:57
469 [authfile.c]
470 read in key comments for v.2 keys (though note that these are not
471 passed over the agent protocol); bz#439, based on patch from binder
472 AT arago.de; ok markus@
Damien Miller295ee632011-05-29 21:42:31 +1000473 - djm@cvs.openbsd.org 2011/05/24 07:15:47
474 [readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c]
475 Remove undocumented legacy options UserKnownHostsFile2 and
476 GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile
477 accept multiple paths per line and making their defaults include
478 known_hosts2; ok markus
Damien Miller8cb35872011-05-29 21:59:10 +1000479 - djm@cvs.openbsd.org 2011/05/23 03:31:31
480 [regress/cfgmatch.sh]
481 include testing of multiple/overridden AuthorizedKeysFiles
482 refactor to simply daemon start/stop and get rid of racy constructs
Damien Millerd8478b62011-05-29 21:39:36 +1000483
Damien Miller14684a12011-05-20 11:23:07 +100048420110520
485 - (djm) [session.c] call setexeccon() before executing passwd for pw
486 changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@
Damien Miller989bb7f2011-05-20 18:56:30 +1000487 - (djm) [aclocal.m4 configure.ac] since gcc-4.x ignores all -Wno-options
488 options, we should corresponding -W-option when trying to determine
489 whether it is accepted. Also includes a warning fix on the program
490 fragment uses (bad main() return type).
491 bz#1900 and bz#1901 reported by g.esp AT free.fr; ok dtucker@
Damien Millerec2eaa32011-05-20 18:57:14 +1000492 - (djm) [servconf.c] remove leftover droppings of AuthorizedKeysFile2
Damien Miller814ace02011-05-20 19:02:47 +1000493 - OpenBSD CVS Sync
494 - djm@cvs.openbsd.org 2011/05/15 08:09:01
495 [authfd.c monitor.c serverloop.c]
496 use FD_CLOEXEC consistently; patch from zion AT x96.org
Damien Miller8f639fe2011-05-20 19:03:08 +1000497 - djm@cvs.openbsd.org 2011/05/17 07:13:31
498 [key.c]
499 fatal() if asked to generate a legacy ECDSA cert (these don't exist)
500 and fix the regress test that was trying to generate them :)
Damien Miller5d74e582011-05-20 19:03:31 +1000501 - djm@cvs.openbsd.org 2011/05/20 00:55:02
502 [servconf.c]
503 the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile
504 and AuthorizedPrincipalsFile were not being correctly applied in
505 Match blocks, despite being overridable there; ok dtucker@
Damien Millerc2411902011-05-20 19:03:49 +1000506 - dtucker@cvs.openbsd.org 2011/05/20 02:00:19
507 [servconf.c]
508 Add comment documenting what should be after the preauth check. ok djm
Damien Millerf2e407e2011-05-20 19:04:14 +1000509 - djm@cvs.openbsd.org 2011/05/20 03:25:45
510 [monitor.c monitor_wrap.c servconf.c servconf.h]
511 use a macro to define which string options to copy between configs
512 for Match. This avoids problems caused by forgetting to keep three
513 code locations in perfect sync and ordering
514
515 "this is at once beautiful and horrible" + ok dtucker@
Damien Millerf67188f2011-05-20 19:06:48 +1000516 - djm@cvs.openbsd.org 2011/05/17 07:13:31
517 [regress/cert-userkey.sh]
518 fatal() if asked to generate a legacy ECDSA cert (these don't exist)
519 and fix the regress test that was trying to generate them :)
Damien Miller3045b452011-05-20 19:07:45 +1000520 - djm@cvs.openbsd.org 2011/05/20 02:43:36
521 [cert-hostkey.sh]
522 another attempt to generate a v00 ECDSA key that broke the test
523 ID sync only - portable already had this somehow
Damien Miller7b9451f2011-05-20 19:08:11 +1000524 - dtucker@cvs.openbsd.org 2011/05/20 05:19:50
525 [dynamic-forward.sh]
526 Prevent races in dynamic forwarding test; ok djm
Damien Milleracacced2011-05-20 19:08:40 +1000527 - dtucker@cvs.openbsd.org 2011/05/20 06:32:30
528 [dynamic-forward.sh]
529 fix dumb error in dynamic-forward test
Damien Miller14684a12011-05-20 11:23:07 +1000530
Damien Miller60432d82011-05-15 08:34:46 +100053120110515
532 - (djm) OpenBSD CVS Sync
533 - djm@cvs.openbsd.org 2011/05/05 05:12:08
534 [mux.c]
535 gracefully fall back when ControlPath is too large for a
536 sockaddr_un. ok markus@ as part of a larger diff
Damien Millerfd53abd2011-05-15 08:36:02 +1000537 - dtucker@cvs.openbsd.org 2011/05/06 01:03:35
538 [sshd_config]
539 clarify language about overriding defaults. bz#1892, from Petr Cerny
Damien Miller58a77e22011-05-15 08:36:29 +1000540 - djm@cvs.openbsd.org 2011/05/06 01:09:53
541 [sftp.1]
542 mention that IPv6 addresses must be enclosed in square brackets;
543 bz#1845
Damien Miller78c40c32011-05-15 08:36:59 +1000544 - djm@cvs.openbsd.org 2011/05/06 02:05:41
545 [sshconnect2.c]
546 fix memory leak; bz#1849 ok dtucker@
Damien Millerd2ac5d72011-05-15 08:43:13 +1000547 - djm@cvs.openbsd.org 2011/05/06 21:14:05
548 [packet.c packet.h]
549 set traffic class for IPv6 traffic as we do for IPv4 TOS;
550 patch from lionel AT mamane.lu via Colin Watson in bz#1855;
551 ok markus@
Damien Millerdfc85fa2011-05-15 08:44:02 +1000552 - djm@cvs.openbsd.org 2011/05/06 21:18:02
553 [ssh.c ssh_config.5]
554 add a %L expansion (short-form of the local host name) for ControlPath;
555 sync some more expansions with LocalCommand; ok markus@
Damien Millerfe924212011-05-15 08:44:45 +1000556 - djm@cvs.openbsd.org 2011/05/06 21:31:38
557 [readconf.c ssh_config.5]
558 support negated Host matching, e.g.
559
560 Host *.example.org !c.example.org
561 User mekmitasdigoat
562
563 Will match "a.example.org", "b.example.org", but not "c.example.org"
564 ok markus@
Damien Miller21771e22011-05-15 08:45:50 +1000565 - djm@cvs.openbsd.org 2011/05/06 21:34:32
566 [clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
567 Add a RequestTTY ssh_config option to allow configuration-based
568 control over tty allocation (like -t/-T); ok markus@
Damien Millera6bbbe42011-05-15 08:46:29 +1000569 - djm@cvs.openbsd.org 2011/05/06 21:38:58
570 [ssh.c]
571 fix dropping from previous diff
Damien Millerc067f622011-05-15 08:46:54 +1000572 - djm@cvs.openbsd.org 2011/05/06 22:20:10
573 [PROTOCOL.mux]
574 fix numbering; from bert.wesarg AT googlemail.com
Damien Miller486dd2e2011-05-15 08:47:18 +1000575 - jmc@cvs.openbsd.org 2011/05/07 23:19:39
576 [ssh_config.5]
577 - tweak previous
578 - come consistency fixes
579 ok djm
Damien Millerf4b32aa2011-05-15 08:47:43 +1000580 - jmc@cvs.openbsd.org 2011/05/07 23:20:25
581 [ssh.1]
582 +.It RequestTTY
Damien Miller555f3b82011-05-15 08:48:05 +1000583 - djm@cvs.openbsd.org 2011/05/08 12:52:01
584 [PROTOCOL.mux clientloop.c clientloop.h mux.c]
585 improve our behaviour when TTY allocation fails: if we are in
586 RequestTTY=auto mode (the default), then do not treat at TTY
587 allocation error as fatal but rather just restore the local TTY
588 to cooked mode and continue. This is more graceful on devices that
589 never allocate TTYs.
590
591 If RequestTTY is set to "yes" or "force", then failure to allocate
592 a TTY is fatal.
593
594 ok markus@
Damien Miller32198242011-05-15 08:50:32 +1000595 - djm@cvs.openbsd.org 2011/05/10 05:46:46
596 [authfile.c]
597 despam debug() logs by detecting that we are trying to load a private key
598 in key_try_load_public() and returning early; ok markus@
Damien Miller7c1b2c42011-05-15 08:51:05 +1000599 - djm@cvs.openbsd.org 2011/05/11 04:47:06
600 [auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h]
601 remove support for authorized_keys2; it is a relic from the early days
602 of protocol v.2 support and has been undocumented for many years;
603 ok markus@
Damien Miller9d276b82011-05-15 08:51:43 +1000604 - djm@cvs.openbsd.org 2011/05/13 00:05:36
605 [authfile.c]
606 warn on unexpected key type in key_parse_private_type()
Damien Miller23f425b2011-05-15 08:58:15 +1000607 - (djm) [packet.c] unbreak portability #endif
Damien Miller60432d82011-05-15 08:34:46 +1000608
Darren Tuckerd6548fe2011-05-10 11:13:36 +100060920110510
610 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fix
611 --with-ssl-engine which was broken with the change from deprecated
612 SSLeay_add_all_algorithms(). ok djm
613
Darren Tucker343f75f2011-05-06 10:43:50 +100061420110506
615 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1875: add prototype
616 for closefrom() in test code. Report from Dan Wallis via Gentoo.
617
Damien Miller68790fe2011-05-05 11:19:13 +100061820110505
619 - (djm) [defines.h] Move up include of netinet/ip.h for IPTOS
620 definitions. From des AT des.no
Damien Millerf22019b2011-05-05 13:48:37 +1000621 - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
622 [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
623 [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
624 [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
625 [regress/README.regress] Remove ssh-rand-helper and all its
626 tentacles. PRNGd seeding has been rolled into entropy.c directly.
627 Thanks to tim@ for testing on affected platforms.
Damien Miller3fcdfd52011-05-05 14:04:11 +1000628 - OpenBSD CVS Sync
629 - djm@cvs.openbsd.org 2011/03/10 02:52:57
Damien Millerb2da7d12011-05-05 14:04:50 +1000630 [auth2-gss.c auth2.c auth.h]
Damien Miller3fcdfd52011-05-05 14:04:11 +1000631 allow GSSAPI authentication to detect when a server-side failure causes
632 authentication failure and don't count such failures against MaxAuthTries;
633 bz#1244 from simon AT sxw.org.uk; ok markus@ before lock
Damien Millerc5219e72011-05-05 14:05:12 +1000634 - okan@cvs.openbsd.org 2011/03/15 10:36:02
635 [ssh-keyscan.c]
636 use timerclear macro
637 ok djm@
Damien Miller58f1baf2011-05-05 14:06:15 +1000638 - stevesk@cvs.openbsd.org 2011/03/23 15:16:22
639 [ssh-keygen.1 ssh-keygen.c]
640 Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa)
641 for which host keys do not exist, generate the host keys with the
642 default key file path, an empty passphrase, default bits for the key
643 type, and default comment. This will be used by /etc/rc to generate
644 new host keys. Idea from deraadt.
645 ok deraadt
Damien Miller4a4d1612011-05-05 14:06:39 +1000646 - stevesk@cvs.openbsd.org 2011/03/23 16:24:56
647 [ssh-keygen.1]
648 -q not used in /etc/rc now so remove statement.
Damien Miller11143192011-05-05 14:13:25 +1000649 - stevesk@cvs.openbsd.org 2011/03/23 16:50:04
650 [ssh-keygen.c]
651 remove -d, documentation removed >10 years ago; ok markus
Damien Miller3ca1eb32011-05-05 14:13:50 +1000652 - jmc@cvs.openbsd.org 2011/03/24 15:29:30
653 [ssh-keygen.1]
654 zap trailing whitespace;
Damien Miller044f4a62011-05-05 14:14:08 +1000655 - stevesk@cvs.openbsd.org 2011/03/24 22:14:54
656 [ssh-keygen.c]
657 use strcasecmp() for "clear" cert permission option also; ok djm
Damien Miller91475862011-05-05 14:14:34 +1000658 - stevesk@cvs.openbsd.org 2011/03/29 18:54:17
659 [misc.c misc.h servconf.c]
660 print ipqos friendly string for sshd -T; ok markus
661 # sshd -Tf sshd_config|grep ipqos
662 ipqos lowdelay throughput
Damien Miller884b63a2011-05-05 14:14:52 +1000663 - djm@cvs.openbsd.org 2011/04/12 04:23:50
664 [ssh-keygen.c]
665 fix -Wshadow
Damien Miller26b57ce2011-05-05 14:15:09 +1000666 - djm@cvs.openbsd.org 2011/04/12 05:32:49
667 [sshd.c]
668 exit with 0 status on SIGTERM; bz#1879
Damien Miller085c90f2011-05-05 14:15:33 +1000669 - djm@cvs.openbsd.org 2011/04/13 04:02:48
670 [ssh-keygen.1]
671 improve wording; bz#1861
Damien Millerad210322011-05-05 14:15:54 +1000672 - djm@cvs.openbsd.org 2011/04/13 04:09:37
673 [ssh-keygen.1]
674 mention valid -b sizes for ECDSA keys; bz#1862
Damien Miller6c3eec72011-05-05 14:16:22 +1000675 - djm@cvs.openbsd.org 2011/04/17 22:42:42
676 [PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
677 allow graceful shutdown of multiplexing: request that a mux server
678 removes its listener socket and refuse future multiplexing requests;
679 ok markus@
Damien Miller8cb1cda2011-05-05 14:16:56 +1000680 - djm@cvs.openbsd.org 2011/04/18 00:46:05
681 [ssh-keygen.c]
682 certificate options are supposed to be packed in lexical order of
683 option name (though we don't actually enforce this at present).
684 Move one up that was out of sequence
Damien Miller2ce12ef2011-05-05 14:17:18 +1000685 - djm@cvs.openbsd.org 2011/05/04 21:15:29
686 [authfile.c authfile.h ssh-add.c]
687 allow "ssh-add - < key"; feedback and ok markus@
Tim Rice19d81812011-05-04 21:44:25 -0700688 - (tim) [configure.ac] Add AC_LANG_SOURCE to OPENSSH_CHECK_CFLAG_COMPILE
689 so autoreconf 2.68 is happy.
Tim Rice9abb6972011-05-04 23:06:59 -0700690 - (tim) [defines.h] Deal with platforms that do not have S_IFSOCK ok djm@
Damien Miller68790fe2011-05-05 11:19:13 +1000691
Darren Tuckere541aaa2011-02-21 21:41:29 +110069220110221
693 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
694 Cygwin-specific service installer script ssh-host-config. The actual
695 functionality is the same, the revisited version is just more
696 exact when it comes to check for problems which disallow to run
697 certain aspects of the script. So, part of this script and the also
698 rearranged service helper script library "csih" is to check if all
699 the tools required to run the script are available on the system.
700 The new script also is more thorough to inform the user why the
701 script failed. Patch from vinschen at redhat com.
702
Damien Miller0588beb2011-02-18 09:18:45 +110070320110218
704 - OpenBSD CVS Sync
705 - djm@cvs.openbsd.org 2011/02/16 00:31:14
706 [ssh-keysign.c]
707 make hostbased auth with ECDSA keys work correctly. Based on patch
708 by harvey.eneman AT oracle.com in bz#1858; ok markus@ (pre-lock)
709
Darren Tucker3b9617e2011-02-06 13:24:35 +110071020110206
711 - (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in
712 selinux code. Patch from Leonardo Chiquitto
Darren Tuckerea676a62011-02-06 13:31:23 +1100713 - (dtucker) [contrib/cygwin/ssh-{host,user}-config] Add ECDSA key
714 generation and simplify. Patch from Corinna Vinschen.
Darren Tucker3b9617e2011-02-06 13:24:35 +1100715
Damien Millerb407dd82011-02-04 11:46:39 +110071620110204
717 - OpenBSD CVS Sync
718 - djm@cvs.openbsd.org 2011/01/31 21:42:15
719 [PROTOCOL.mux]
720 cut'n'pasto; from bert.wesarg AT googlemail.com
Damien Miller0a5f0122011-02-04 11:47:01 +1100721 - djm@cvs.openbsd.org 2011/02/04 00:44:21
722 [key.c]
723 fix uninitialised nonce variable; reported by Mateusz Kocielski
Damien Millera6981272011-02-04 11:47:20 +1100724 - djm@cvs.openbsd.org 2011/02/04 00:44:43
725 [version.h]
726 openssh-5.8
Damien Miller0d30b092011-02-04 12:43:36 +1100727 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
728 [contrib/suse/openssh.spec] update versions in docs and spec files.
729 - Release OpenSSH 5.8p1
Damien Millerb407dd82011-02-04 11:46:39 +1100730
Damien Millerd4a55042011-01-28 10:30:18 +110073120110128
732 - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
733 before attempting setfscreatecon(). Check whether matchpathcon()
734 succeeded before using its result. Patch from cjwatson AT debian.org;
735 bz#1851
736
Tim Riced069c482011-01-26 12:32:12 -080073720110127
738 - (tim) [config.guess config.sub] Sync with upstream.
Tim Rice648f8762011-01-26 12:38:57 -0800739 - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete
740 AC_TRY_COMPILE with AC_COMPILE_IFELSE, updated obsolete AC_TRY_LINK with
741 AC_LINK_IFELSE, updated obsolete AC_TRY_RUN with AC_RUN_IFELSE, misc white
742 space changes for consistency/readability. Makes autoconf 2.68 happy.
743 "Nice work" djm
Tim Riced069c482011-01-26 12:32:12 -0800744
Damien Miller71adf122011-01-25 12:16:15 +110074520110125
746 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
747 openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
748 port-linux.c to avoid compilation errors. Add -lselinux to ssh when
749 building with SELinux support to avoid linking failure; report from
750 amk AT spamfence.net; ok dtucker
751
Darren Tucker79241372011-01-22 09:37:01 +110075220110122
753 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
754 RSA_get_default_method() for the benefit of openssl versions that don't
755 have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott,
756 ok djm@.
Damien Millerad4b1ad2011-01-22 20:21:33 +1100757 - OpenBSD CVS Sync
758 - djm@cvs.openbsd.org 2011/01/22 09:18:53
759 [version.h]
760 crank to OpenSSH-5.7
Damien Miller966accc2011-01-22 20:23:10 +1100761 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
762 [contrib/suse/openssh.spec] update versions in docs and spec files.
Damien Miller6f8f04b2011-01-22 20:25:11 +1100763 - (djm) Release 5.7p1
Darren Tucker79241372011-01-22 09:37:01 +1100764
Tim Rice15e1b4d2011-01-18 20:47:04 -080076520110119
766 - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
767 of RPM so build completes. Signatures were changed to .asc since 4.1p1.
Damien Millere323ebc2011-01-19 23:12:27 +1100768 - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to
769 0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre-
770 release testing (random crashes and failure to load ECC keys).
771 ok dtucker@
Tim Rice15e1b4d2011-01-18 20:47:04 -0800772
Damien Miller369c0e82011-01-17 10:51:40 +110077320110117
774 - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in
775 $PATH, fix cleanup of droppings; reported by openssh AT
776 roumenpetrov.info; ok dtucker@
Damien Millerfd3669e2011-01-17 11:20:18 +1100777 - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding
778 its unique snowflake of a gdb error to the ones we look for.
Damien Miller1ccbfa82011-01-17 11:52:40 +1100779 - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running
780 ssh-add to avoid $SUDO failures on Linux
Darren Tucker0c93adc2011-01-17 11:55:59 +1100781 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new
782 Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
783 to the old values. Feedback from vapier at gentoo org and djm, ok djm.
Damien Miller58497782011-01-17 16:17:09 +1100784 - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh]
785 [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
786 disabled on platforms that do not support them; add a "config_defined()"
787 shell function that greps for defines in config.h and use them to decide
788 on feature tests.
789 Convert a couple of existing grep's over config.h to use the new function
790 Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
791 backslash characters in filenames, enable it for Cygwin and use it to turn
792 of tests for quotes backslashes in sftp-glob.sh.
793 based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@
Tim Rice6dfcd342011-01-16 22:53:56 -0800794 - (tim) [regress/agent-getpeereid.sh] shell portability fix.
Darren Tucker263d43d2011-01-17 18:50:22 +1100795 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
796 the tinderbox.
Darren Tuckerea52a822011-01-17 21:15:27 +1100797 - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
798 configure.ac defines.h loginrec.c] Bug #1402: add linux audit subsystem
799 support, based on patches from Tomas Mraz and jchadima at redhat.
Damien Miller369c0e82011-01-17 10:51:40 +1100800
Darren Tucker50c61f82011-01-16 18:28:09 +110080120110116
802 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
803 on configurations that don't have it.
Damien Miller4791f9d2011-01-16 23:16:53 +1100804 - OpenBSD CVS Sync
805 - djm@cvs.openbsd.org 2011/01/16 11:50:05
806 [clientloop.c]
807 Use atomicio when flushing protocol 1 std{out,err} buffers at
808 session close. This was a latent bug exposed by setting a SIGCHLD
809 handler and spotted by kevin.brott AT gmail.com; ok dtucker@
Damien Miller6fb6fd52011-01-16 23:17:45 +1100810 - djm@cvs.openbsd.org 2011/01/16 11:50:36
811 [sshconnect.c]
812 reset the SIGPIPE handler when forking to execute child processes;
813 ok dtucker@
Damien Millercfd6e4f2011-01-16 23:18:33 +1100814 - djm@cvs.openbsd.org 2011/01/16 12:05:59
815 [clientloop.c]
816 a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
817 now that we use atomicio(), convert them from while loops to if statements
818 add test and cast to compile cleanly with -Wsigned
Darren Tucker50c61f82011-01-16 18:28:09 +1100819
Darren Tucker08f83882011-01-16 18:24:04 +110082020110114
Damien Miller445c9a52011-01-14 12:01:29 +1100821 - OpenBSD CVS Sync
822 - djm@cvs.openbsd.org 2011/01/13 21:54:53
823 [mux.c]
824 correct error messages; patch from bert.wesarg AT googlemail.com
Damien Miller42747df2011-01-14 12:01:50 +1100825 - djm@cvs.openbsd.org 2011/01/13 21:55:25
826 [PROTOCOL.mux]
827 correct protocol names and add a couple of missing protocol number
828 defines; patch from bert.wesarg AT googlemail.com
Damien Millere9b40482011-01-14 14:47:37 +1100829 - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in
830 host-key-force target rather than a substitution that is replaced with a
831 comment so that the Makefile.in is still a syntactically valid Makefile
832 (useful to run the distprep target)
Tim Rice02d99da2011-01-13 22:20:27 -0800833 - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.
Tim Ricec5c346b2011-01-13 22:36:14 -0800834 - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some
835 ecdsa bits.
Damien Miller445c9a52011-01-14 12:01:29 +1100836
Darren Tucker08f83882011-01-16 18:24:04 +110083720110113
Damien Miller1708cb72011-01-13 12:21:34 +1100838 - (djm) [misc.c] include time.h for nanosleep() prototype
Tim Ricecce927c2011-01-12 19:06:31 -0800839 - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm
Tim Rice9b87a5c2011-01-12 22:35:43 -0800840 - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
841 ecdsa keys. ok djm.
Damien Millerff22df52011-01-13 21:05:27 +1100842 - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
843 gcc warning on platforms where it defaults to int
Damien Millercbaf8e62011-01-13 21:08:27 +1100844 - (djm) [regress/Makefile] add a few more generated files to the clean
845 target
Damien Miller9b160862011-01-13 22:00:20 +1100846 - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad
847 #define that was causing diffie-hellman-group-exchange-sha256 to be
848 incorrectly disabled
Damien Miller52788062011-01-13 22:05:14 +1100849 - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
850 should not depend on ECC support
Damien Miller1708cb72011-01-13 12:21:34 +1100851
Darren Tucker08f83882011-01-16 18:24:04 +110085220110112
Damien Millerb66e9172011-01-12 13:30:18 +1100853 - OpenBSD CVS Sync
854 - nicm@cvs.openbsd.org 2010/10/08 21:48:42
855 [openbsd-compat/glob.c]
856 Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
857 from ARG_MAX to 64K.
858 Fixes glob-using programs (notably ftp) able to be triggered to hit
859 resource limits.
860 Idea from a similar NetBSD change, original problem reported by jasper@.
861 ok millert tedu jasper
Damien Miller4927aaf2011-01-12 13:32:03 +1100862 - djm@cvs.openbsd.org 2011/01/12 01:53:14
863 avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
864 and sanity check arguments (these will be unnecessary when we switch
865 struct glob members from being type into to size_t in the future);
866 "looks ok" tedu@ feedback guenther@
Damien Miller945aa0c2011-01-12 13:34:02 +1100867 - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
868 silly warnings on write() calls we don't care succeed or not.
Damien Miller134d02a2011-01-12 16:00:37 +1100869 - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler
870 flag tests that don't depend on gcc version at all; suggested by and
871 ok dtucker@
Damien Millerb66e9172011-01-12 13:30:18 +1100872
Tim Rice076a3b92011-01-10 12:56:26 -080087320110111
874 - (tim) [regress/host-expand.sh] Fix for building outside of read only
875 source tree.
Damien Miller81ad4b12011-01-11 17:02:23 +1100876 - (djm) [platform.c] Some missing includes that show up under -Werror
Damien Millerb73b6fd2011-01-11 17:18:56 +1100877 - OpenBSD CVS Sync
878 - djm@cvs.openbsd.org 2011/01/08 10:51:51
879 [clientloop.c]
880 use host and not options.hostname, as the latter may have unescaped
881 substitution characters
Damien Millera256c8d2011-01-11 17:20:05 +1100882 - djm@cvs.openbsd.org 2011/01/11 06:06:09
883 [sshlogin.c]
884 fd leak on error paths; from zinovik@
885 NB. Id sync only; we use loginrec.c that was also audited and fixed
886 recently
Damien Miller821de0a2011-01-11 17:20:29 +1100887 - djm@cvs.openbsd.org 2011/01/11 06:13:10
888 [clientloop.c ssh-keygen.c sshd.c]
889 some unsigned long long casts that make things a bit easier for
890 portable without resorting to dropping PRIu64 formats everywhere
Tim Rice076a3b92011-01-10 12:56:26 -0800891
Damien Millere63b7f22011-01-09 09:19:50 +110089220110109
893 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by
894 openssh AT roumenpetrov.info
895
Damien Miller996384d2011-01-08 21:58:20 +110089620110108
897 - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress
898 test on OSX and others. Reported by imorgan AT nas.nasa.gov
899
Damien Miller322125b2011-01-07 09:50:08 +110090020110107
901 - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test
902 for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
Damien Miller83f8a402011-01-07 09:51:17 +1100903 - djm@cvs.openbsd.org 2011/01/06 22:23:53
904 [ssh.c]
905 unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
906 googlemail.com; ok markus@
Damien Miller64abf312011-01-07 09:51:52 +1100907 - djm@cvs.openbsd.org 2011/01/06 22:23:02
908 [clientloop.c]
909 when exiting due to ServerAliveTimeout, mention the hostname that caused
910 it (useful with backgrounded controlmaster)
Damien Miller7d06b002011-01-07 09:54:20 +1100911 - djm@cvs.openbsd.org 2011/01/06 22:46:21
912 [regress/Makefile regress/host-expand.sh]
913 regress test for LocalCommand %n expansion from bert.wesarg AT
914 googlemail.com; ok markus@
Damien Millered3a8eb2011-01-07 10:02:52 +1100915 - djm@cvs.openbsd.org 2011/01/06 23:01:35
916 [sshconnect.c]
917 reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
918 ok markus@
Damien Miller322125b2011-01-07 09:50:08 +1100919
Damien Millerf1211432011-01-06 22:40:30 +110092020110106
921 - (djm) OpenBSD CVS Sync
922 - markus@cvs.openbsd.org 2010/12/08 22:46:03
923 [scp.1 scp.c]
924 add a new -3 option to scp: Copies between two remote hosts are
925 transferred through the local host. Without this option the data
926 is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
Damien Miller907998d2011-01-06 22:41:21 +1100927 - jmc@cvs.openbsd.org 2010/12/09 14:13:33
928 [scp.1 scp.c]
929 scp.1: grammer fix
930 scp.c: add -3 to usage()
Damien Miller05c89972011-01-06 22:42:04 +1100931 - markus@cvs.openbsd.org 2010/12/14 11:59:06
932 [sshconnect.c]
933 don't mention key type in key-changed-warning, since we also print
934 this warning if a new key type appears. ok djm@
Damien Miller106079c2011-01-06 22:43:44 +1100935 - djm@cvs.openbsd.org 2010/12/15 00:49:27
936 [readpass.c]
937 fix ControlMaster=ask regression
938 reset SIGCHLD handler before fork (and restore it after) so we don't miss
939 the the askpass child's exit status. Correct test for exit status/signal to
940 account for waitpid() failure; with claudio@ ok claudio@ markus@
Damien Millerde53fd02011-01-06 22:44:18 +1100941 - djm@cvs.openbsd.org 2010/12/24 21:41:48
942 [auth-options.c]
943 don't send the actual forced command in a debug message; ok markus deraadt
Damien Miller8ad960b2011-01-06 22:44:44 +1100944 - otto@cvs.openbsd.org 2011/01/04 20:44:13
945 [ssh-keyscan.c]
946 handle ecdsa-sha2 with various key lengths; hint and ok djm@
Damien Millerf1211432011-01-06 22:40:30 +1100947
Damien Miller30a69e72011-01-04 08:16:27 +110094820110104
949 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
950 formatter if it is present, followed by nroff and groff respectively.
951 Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
952 in favour of mandoc). feedback and ok tim
953
95420110103
Damien Millerd197fd62011-01-03 14:48:14 +1100955 - (djm) [Makefile.in] revert local hack I didn't intend to commit
956
95720110102
Damien Miller4a06f922011-01-02 21:43:59 +1100958 - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker
Damien Miller41bccf72011-01-02 21:53:07 +1100959 - (djm) [configure.ac] Check whether libdes is needed when building
960 with Heimdal krb5 support. On OpenBSD this library no longer exists,
961 so linking it unconditionally causes a build failure; ok dtucker
Damien Miller4a06f922011-01-02 21:43:59 +1100962
Damien Miller928362d2010-12-26 14:26:45 +110096320101226
964 - (dtucker) OpenBSD CVS Sync
965 - djm@cvs.openbsd.org 2010/12/08 04:02:47
966 [ssh_config.5 sshd_config.5]
967 explain that IPQoS arguments are separated by whitespace; iirc requested
968 by jmc@ a while back
969
Darren Tucker37bb7562010-12-05 08:46:05 +110097020101205
971 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from
972 debugging. Spotted by djm.
Darren Tucker7336b902010-12-05 09:00:30 +1100973 - (dtucker) OpenBSD CVS Sync
974 - djm@cvs.openbsd.org 2010/12/03 23:49:26
975 [schnorr.c]
976 check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao
977 (this code is still disabled, but apprently people are treating it as
978 a reference implementation)
Darren Tuckeradab6f12010-12-05 09:01:47 +1100979 - djm@cvs.openbsd.org 2010/12/03 23:55:27
980 [auth-rsa.c]
981 move check for revoked keys to run earlier (in auth_rsa_key_allowed)
982 bz#1829; patch from ldv AT altlinux.org; ok markus@
Darren Tuckeraf1f9092010-12-05 09:02:47 +1100983 - djm@cvs.openbsd.org 2010/12/04 00:18:01
984 [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
985 add a protocol extension to support a hard link operation. It is
986 available through the "ln" command in the client. The old "ln"
987 behaviour of creating a symlink is available using its "-s" option
988 or through the preexisting "symlink" command; based on a patch from
989 miklos AT szeredi.hu in bz#1555; ok markus@
Darren Tucker094f1e92010-12-05 09:03:31 +1100990 - djm@cvs.openbsd.org 2010/12/04 13:31:37
991 [hostfile.c]
992 fix fd leak; spotted and ok dtucker
Darren Tucker4288c532010-12-05 09:45:50 +1100993 - djm@cvs.openbsd.org 2010/12/04 00:21:19
994 [regress/sftp-cmds.sh]
995 adjust for hard-link support
Darren Tucker7e1a5a42010-12-05 09:29:31 +1100996 - (dtucker) [regress/Makefile] Id sync.
Darren Tucker37bb7562010-12-05 08:46:05 +1100997
Damien Millerd89745b2010-12-03 10:50:26 +110099820101204
999 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
1000 instead of (arc4random() % range)
Darren Tuckerebdef762010-12-04 23:20:50 +11001001 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] Add
1002 shims for the new, non-deprecated OpenSSL key generation functions for
1003 platforms that don't have the new interfaces.
Damien Millerd89745b2010-12-03 10:50:26 +11001004
Damien Miller188ea812010-12-01 11:50:14 +1100100520101201
1006 - OpenBSD CVS Sync
1007 - deraadt@cvs.openbsd.org 2010/11/20 05:12:38
1008 [auth2-pubkey.c]
1009 clean up cases of ;;
Damien Miller2cd62932010-12-01 11:50:35 +11001010 - djm@cvs.openbsd.org 2010/11/21 01:01:13
1011 [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
1012 honour $TMPDIR for client xauth and ssh-agent temporary directories;
1013 feedback and ok markus@
Damien Millera2327922010-12-01 12:01:21 +11001014 - djm@cvs.openbsd.org 2010/11/21 10:57:07
1015 [authfile.c]
1016 Refactor internals of private key loading and saving to work on memory
1017 buffers rather than directly on files. This will make a few things
1018 easier to do in the future; ok markus@
Damien Miller6a740e72010-12-01 12:01:51 +11001019 - djm@cvs.openbsd.org 2010/11/23 02:35:50
1020 [auth.c]
1021 use strict_modes already passed as function argument over referencing
1022 global options.strict_modes
Damien Millerd0fdd682010-12-01 12:02:14 +11001023 - djm@cvs.openbsd.org 2010/11/23 23:57:24
1024 [clientloop.c]
1025 avoid NULL deref on receiving a channel request on an unknown or invalid
1026 channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
Damien Millerb7f827a2010-12-01 12:02:35 +11001027 - djm@cvs.openbsd.org 2010/11/24 01:24:14
1028 [channels.c]
1029 remove a debug() that pollutes stderr on client connecting to a server
1030 in debug mode (channel_close_fds is called transitively from the session
1031 code post-fork); bz#1719, ok dtucker
Damien Millerf80c3de2010-12-01 12:02:59 +11001032 - djm@cvs.openbsd.org 2010/11/25 04:10:09
1033 [session.c]
1034 replace close() loop for fds 3->64 with closefrom();
1035 ok markus deraadt dtucker
Damien Miller87dc0a42010-12-01 12:03:19 +11001036 - djm@cvs.openbsd.org 2010/11/26 05:52:49
1037 [scp.c]
1038 Pass through ssh command-line flags and options when doing remote-remote
1039 transfers, e.g. to enable agent forwarding which is particularly useful
1040 in this case; bz#1837 ok dtucker@
Damien Miller03c0e532010-12-01 12:03:39 +11001041 - markus@cvs.openbsd.org 2010/11/29 18:57:04
1042 [authfile.c]
1043 correctly load comment for encrypted rsa1 keys;
1044 report/fix Joachim Schipper; ok djm@
Damien Millerd925dcd2010-12-01 12:21:51 +11001045 - djm@cvs.openbsd.org 2010/11/29 23:45:51
1046 [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c]
1047 [sshconnect.h sshconnect2.c]
1048 automatically order the hostkeys requested by the client based on
1049 which hostkeys are already recorded in known_hosts. This avoids
1050 hostkey warnings when connecting to servers with new ECDSA keys
1051 that are preferred by default; with markus@
Damien Miller188ea812010-12-01 11:50:14 +11001052
Darren Tuckerd9957122010-11-24 10:09:13 +1100105320101124
1054 - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
1055 into the platform-specific code Only affects SCO, tested by and ok tim@.
Damien Miller88e341e2010-11-24 10:36:15 +11001056 - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
1057 group read/write. ok dtucker@
Darren Tucker4b6cbf72010-11-24 10:46:37 +11001058 - (dtucker) [packet.c] Remove redundant local declaration of "int tos".
Damien Miller73de86a2010-11-24 10:50:04 +11001059 - (djm) [defines.h] Add IP DSCP defines
Darren Tuckerd9957122010-11-24 10:09:13 +11001060
Darren Tucker9e0ff7a2010-11-22 17:59:00 +1100106120101122
1062 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
1063 from vapier at gentoo org.
1064
Damien Miller7a221a12010-11-20 15:14:29 +1100106520101120
1066 - OpenBSD CVS Sync
1067 - djm@cvs.openbsd.org 2010/11/05 02:46:47
1068 [packet.c]
1069 whitespace KNF
Damien Miller4499f4c2010-11-20 15:15:49 +11001070 - djm@cvs.openbsd.org 2010/11/10 01:33:07
1071 [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c]
1072 use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED.
1073 these have been around for years by this time. ok markus
Damien Miller0dac6fb2010-11-20 15:19:38 +11001074 - djm@cvs.openbsd.org 2010/11/13 23:27:51
1075 [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
1076 [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
1077 allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
1078 hardcoding lowdelay/throughput.
1079
1080 bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
Damien Miller8e1ea4e2010-11-20 15:20:10 +11001081 - jmc@cvs.openbsd.org 2010/11/15 07:40:14
1082 [ssh_config.5]
1083 libary -> library;
Damien Miller0a184732010-11-20 15:21:03 +11001084 - jmc@cvs.openbsd.org 2010/11/18 15:01:00
1085 [scp.1 sftp.1 ssh.1 sshd_config.5]
1086 add IPQoS to the various -o lists, and zap some trailing whitespace;
Damien Miller7a221a12010-11-20 15:14:29 +11001087
Damien Millerdd190dd2010-11-11 14:17:02 +1100108820101111
1089 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
1090 platforms that don't support ECC. Fixes some spurious warnings reported
1091 by tim@
1092
Tim Ricee426f5e2010-11-08 09:15:14 -0800109320101109
1094 - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
1095 Feedback from dtucker@
Tim Ricec7a8af02010-11-08 14:26:23 -08001096 - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add
1097 support for platforms missing isblank(). ok djm@
Tim Ricee426f5e2010-11-08 09:15:14 -08001098
Tim Rice522262f2010-11-07 13:00:27 -0800109920101108
1100 - (tim) [regress/Makefile] Fixes to allow building/testing outside source
1101 tree.
Tim Ricec10aeaa2010-11-07 13:03:11 -08001102 - (tim) [regress/kextype.sh] Shell portability fix.
Tim Rice522262f2010-11-07 13:00:27 -08001103
Darren Tuckerd1ece6e2010-11-07 18:05:54 +1100110420101107
1105 - (dtucker) [platform.c] includes.h instead of defines.h so that we get
1106 the correct typedefs.
1107
Damien Miller3a0e9f62010-11-05 10:16:34 +1100110820101105
Damien Miller34ee4202010-11-05 10:52:37 +11001109 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of
1110 int. Should fix bz#1817 cleanly; ok dtucker@
Damien Miller3a0e9f62010-11-05 10:16:34 +11001111 - OpenBSD CVS Sync
1112 - djm@cvs.openbsd.org 2010/09/22 12:26:05
1113 [regress/Makefile regress/kextype.sh]
1114 regress test for each of the key exchange algorithms that we support
Damien Millerb472a902010-11-05 10:19:49 +11001115 - djm@cvs.openbsd.org 2010/10/28 11:22:09
1116 [authfile.c key.c key.h ssh-keygen.c]
1117 fix a possible NULL deref on loading a corrupt ECDH key
1118
1119 store ECDH group information in private keys files as "named groups"
1120 rather than as a set of explicit group parameters (by setting
1121 the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
1122 retrieves the group's OpenSSL NID that we need for various things.
Damien Miller55fa5652010-11-05 10:20:14 +11001123 - jmc@cvs.openbsd.org 2010/10/28 18:33:28
1124 [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
1125 knock out some "-*- nroff -*-" lines;
Damien Miller07331212010-11-05 10:20:31 +11001126 - djm@cvs.openbsd.org 2010/11/04 02:45:34
1127 [sftp-server.c]
1128 umask should be parsed as octal. reported by candland AT xmission.com;
1129 ok markus@
Darren Tucker97528352010-11-05 12:03:05 +11001130 - (dtucker) [configure.ac platform.{c,h} session.c
1131 openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
1132 Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
1133 ok djm@
Darren Tucker920612e2010-11-05 12:36:15 +11001134 - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
1135 after the user's groups are established and move the selinux calls into it.
Darren Tucker4db38072010-11-05 12:41:13 +11001136 - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
1137 platform.c
Darren Tucker44a97be2010-11-05 12:45:18 +11001138 - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
Darren Tuckerfd4d8aa2010-11-05 12:50:41 +11001139 - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
1140 retain previous behavior.
Darren Tucker728d8372010-11-05 13:00:05 +11001141 - (dtucker) [platform.c session.c] Move the PAM credential establishment for
1142 the LOGIN_CAP case into platform.c.
Darren Tucker7a8afe32010-11-05 13:07:24 +11001143 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
1144 platform.c
Darren Tucker0b2ee642010-11-05 13:29:25 +11001145 - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c.
1146 - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
1147 platform.c.
Darren Tuckercc124182010-11-05 13:32:52 +11001148 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
1149 non-LOGIN_CAP case into platform.c.
Darren Tuckerb12fe272010-11-05 14:47:01 +11001150 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
1151 check into platform.c
Darren Tuckerb69e0332010-11-05 18:19:15 +11001152 - (dtucker) [regress/keytype.sh] Import new test.
Darren Tuckereab5f0d2010-11-05 18:23:38 +11001153 - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]
1154 Import recent changes to regress/Makefile, pass a flag to enable ECC tests
1155 from configure through to regress/Makefile and use it in the tests.
Darren Tucker345178d2010-11-05 18:35:52 +11001156 - (dtucker) [regress/kextype.sh] Add missing "test".
Darren Tuckerf619d1c2010-11-05 18:41:50 +11001157 - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not
1158 strictly correct since while ECC requires sha256 the reverse is not true
1159 however it does prevent spurious test failures.
Darren Tucker9283d8c2010-11-05 18:56:08 +11001160 - (dtucker) [platform.c] Need servconf.h and extern options.
Damien Miller3a0e9f62010-11-05 10:16:34 +11001161
Tim Ricebdd3e672010-10-24 18:35:55 -0700116220101025
1163 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
1164 1.12 to unbreak Solaris build.
1165 ok djm@
Darren Tucker54b1f312010-10-25 16:54:28 +11001166 - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a
1167 native one.
Tim Ricebdd3e672010-10-24 18:35:55 -07001168
Darren Tuckera5393932010-10-24 10:47:30 +1100116920101024
1170 - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.
Darren Tuckerbfd9b1b2010-10-24 11:19:26 +11001171 - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms
1172 which don't have ECC support in libcrypto.
Darren Tuckerd633fef2010-10-24 11:33:07 +11001173 - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms
1174 which don't have ECC support in libcrypto.
Darren Tucker7bc236d2010-10-24 11:58:43 +11001175 - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't
1176 have it.
Darren Tuckerd78739a2010-10-24 10:56:32 +11001177 - (dtucker) OpenBSD CVS Sync
1178 - sthen@cvs.openbsd.org 2010/10/23 22:06:12
1179 [sftp.c]
1180 escape '[' in filename tab-completion; fix a type while there.
1181 ok djm@
Darren Tuckera5393932010-10-24 10:47:30 +11001182
Damien Miller68512c02010-10-21 15:21:11 +1100118320101021
1184 - OpenBSD CVS Sync
1185 - dtucker@cvs.openbsd.org 2010/10/12 02:22:24
1186 [mux.c]
1187 Typo in confirmation message. bz#1827, patch from imorgan at
1188 nas nasa gov
Damien Miller6fd2d7d2010-10-21 15:27:14 +11001189 - djm@cvs.openbsd.org 2010/08/31 12:24:09
1190 [regress/cert-hostkey.sh regress/cert-userkey.sh]
1191 tests for ECDSA certificates
Damien Miller68512c02010-10-21 15:21:11 +11001192
Damien Miller1f789802010-10-11 22:35:22 +1100119320101011
Damien Miller47e57bf2010-10-12 13:28:12 +11001194 - (djm) [canohost.c] Zero a4 instead of addr to better match type.
1195 bz#1825, reported by foo AT mailinator.com
Damien Miller9c0c31d2010-10-12 13:30:44 +11001196 - (djm) [sshconnect.c] Need signal.h for prototype for kill(2)
Damien Miller47e57bf2010-10-12 13:28:12 +11001197
119820101011
Damien Miller1f789802010-10-11 22:35:22 +11001199 - (djm) [configure.ac] Use = instead of == in shell tests. Patch from
1200 dr AT vasco.com
1201
Damien Milleraa180632010-10-07 21:25:27 +1100120220101007
Damien Miller9a3d0dc2010-10-07 22:06:42 +11001203 - (djm) [ssh-agent.c] Fix type for curve name.
Damien Milleraa180632010-10-07 21:25:27 +11001204 - (djm) OpenBSD CVS Sync
1205 - matthew@cvs.openbsd.org 2010/09/24 13:33:00
1206 [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
1207 [openbsd-compat/timingsafe_bcmp.c]
1208 Add timingsafe_bcmp(3) to libc, mention that it's already in the
1209 kernel in kern(9), and remove it from OpenSSH.
1210 ok deraadt@, djm@
1211 NB. re-added under openbsd-compat/ for portable OpenSSH
Damien Millera6e121a2010-10-07 21:39:17 +11001212 - djm@cvs.openbsd.org 2010/09/25 09:30:16
1213 [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
1214 make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
1215 rountrips to fetch per-file stat(2) information.
1216 NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
1217 match.
Damien Miller68e2e562010-10-07 21:39:55 +11001218 - djm@cvs.openbsd.org 2010/09/26 22:26:33
1219 [sftp.c]
1220 when performing an "ls" in columnated (short) mode, only call
1221 ioctl(TIOCGWINSZ) once to get the window width instead of per-
1222 filename
Damien Millerc54b02c2010-10-07 21:40:17 +11001223 - djm@cvs.openbsd.org 2010/09/30 11:04:51
1224 [servconf.c]
1225 prevent free() of string in .rodata when overriding AuthorizedKeys in
1226 a Match block; patch from rein AT basefarm.no
Damien Miller9a3d0dc2010-10-07 22:06:42 +11001227 - djm@cvs.openbsd.org 2010/10/01 23:05:32
1228 [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
1229 adapt to API changes in openssl-1.0.0a
1230 NB. contains compat code to select correct API for older OpenSSL
Damien Miller38d9a962010-10-07 22:07:11 +11001231 - djm@cvs.openbsd.org 2010/10/05 05:13:18
1232 [sftp.c sshconnect.c]
1233 use default shell /bin/sh if $SHELL is ""; ok markus@
Damien Millera41ccca2010-10-07 22:07:32 +11001234 - djm@cvs.openbsd.org 2010/10/06 06:39:28
1235 [clientloop.c ssh.c sshconnect.c sshconnect.h]
1236 kill proxy command on fatal() (we already kill it on clean exit);
1237 ok markus@
Damien Miller45fcdaa2010-10-07 22:07:58 +11001238 - djm@cvs.openbsd.org 2010/10/06 21:10:21
1239 [sshconnect.c]
1240 swapped args to kill(2)
Damien Miller37f4f182010-10-07 22:10:38 +11001241 - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.
Damien Miller80e99532010-10-07 22:12:08 +11001242 - (djm) [cipher-acss.c] Add missing header.
Damien Miller88b844f2010-10-07 22:19:23 +11001243 - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp
Damien Milleraa180632010-10-07 21:25:27 +11001244
Damien Miller6186bbc2010-09-24 22:00:54 +1000124520100924
1246 - (djm) OpenBSD CVS Sync
1247 - naddy@cvs.openbsd.org 2010/09/10 15:19:29
1248 [ssh-keygen.1]
1249 * mention ECDSA in more places
1250 * less repetition in FILES section
1251 * SSHv1 keys are still encrypted with 3DES
1252 help and ok jmc@
Damien Miller1ca94692010-09-24 22:01:22 +10001253 - djm@cvs.openbsd.org 2010/09/11 21:44:20
1254 [ssh.1]
1255 mention RFC 5656 for ECC stuff
Damien Miller881adf72010-09-24 22:01:54 +10001256 - jmc@cvs.openbsd.org 2010/09/19 21:30:05
1257 [sftp.1]
1258 more wacky macro fixing;
Damien Miller857b02e2010-09-24 22:02:56 +10001259 - djm@cvs.openbsd.org 2010/09/20 04:41:47
1260 [ssh.c]
1261 install a SIGCHLD handler to reap expiried child process; ok markus@
Damien Millerf7540cd2010-09-24 22:03:24 +10001262 - djm@cvs.openbsd.org 2010/09/20 04:50:53
1263 [jpake.c schnorr.c]
1264 check that received values are smaller than the group size in the
1265 disabled and unfinished J-PAKE code.
1266 avoids catastrophic security failure found by Sebastien Martini
Damien Miller18e1cab2010-09-24 22:07:17 +10001267 - djm@cvs.openbsd.org 2010/09/20 04:54:07
1268 [jpake.c]
1269 missing #include
Damien Miller603134e2010-09-24 22:07:55 +10001270 - djm@cvs.openbsd.org 2010/09/20 07:19:27
1271 [mux.c]
1272 "atomically" create the listening mux socket by binding it on a temorary
1273 name and then linking it into position after listen() has succeeded.
1274 this allows the mux clients to determine that the server socket is
1275 either ready or stale without races. stale server sockets are now
1276 automatically removed
1277 ok deraadt
Damien Millerd5f62bf2010-09-24 22:11:14 +10001278 - djm@cvs.openbsd.org 2010/09/22 05:01:30
1279 [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
1280 [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
1281 add a KexAlgorithms knob to the client and server configuration to allow
1282 selection of which key exchange methods are used by ssh(1) and sshd(8)
1283 and their order of preference.
1284 ok markus@
Damien Miller7fe2b1f2010-09-24 22:11:53 +10001285 - jmc@cvs.openbsd.org 2010/09/22 08:30:08
1286 [ssh.1 ssh_config.5]
1287 ssh.1: add kexalgorithms to the -o list
1288 ssh_config.5: format the kexalgorithms in a more consistent
1289 (prettier!) way
1290 ok djm
Damien Miller65e42f82010-09-24 22:15:11 +10001291 - djm@cvs.openbsd.org 2010/09/22 22:58:51
1292 [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
1293 [sftp-client.h sftp.1 sftp.c]
1294 add an option per-read/write callback to atomicio
1295
1296 factor out bandwidth limiting code from scp(1) into a generic bandwidth
1297 limiter that can be attached using the atomicio callback mechanism
1298
1299 add a bandwidth limit option to sftp(1) using the above
1300 "very nice" markus@
Damien Miller56883e12010-09-24 22:15:39 +10001301 - jmc@cvs.openbsd.org 2010/09/23 13:34:43
1302 [sftp.c]
1303 add [-l limit] to usage();
Damien Miller2beb32f2010-09-24 22:16:03 +10001304 - jmc@cvs.openbsd.org 2010/09/23 13:36:46
1305 [scp.1 sftp.1]
1306 add KexAlgorithms to the -o list;
Damien Miller6186bbc2010-09-24 22:00:54 +10001307
Damien Miller4314c2b2010-09-10 11:12:09 +1000130820100910
Darren Tucker50e3bab2010-09-10 10:30:25 +10001309 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact
1310 return code since it can apparently return -1 under some conditions. From
1311 openssh bugs werbittewas de, ok djm@
Damien Miller4314c2b2010-09-10 11:12:09 +10001312 - OpenBSD CVS Sync
1313 - djm@cvs.openbsd.org 2010/08/31 12:33:38
1314 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
1315 reintroduce commit from tedu@, which I pulled out for release
1316 engineering:
1317 OpenSSL_add_all_algorithms is the name of the function we have a
1318 man page for, so use that. ok djm
Damien Millerde735ea2010-09-10 11:12:38 +10001319 - jmc@cvs.openbsd.org 2010/08/31 17:40:54
1320 [ssh-agent.1]
1321 fix some macro abuse;
Damien Millerd4427902010-09-10 11:15:10 +10001322 - jmc@cvs.openbsd.org 2010/08/31 21:14:58
1323 [ssh.1]
1324 small text tweak to accommodate previous;
Damien Millere13cadf2010-09-10 11:15:33 +10001325 - naddy@cvs.openbsd.org 2010/09/01 15:21:35
1326 [servconf.c]
1327 pick up ECDSA host key by default; ok djm@
Damien Miller390f1532010-09-10 11:17:54 +10001328 - markus@cvs.openbsd.org 2010/09/02 16:07:25
Damien Miller57737942010-09-10 11:16:37 +10001329 [ssh-keygen.c]
1330 permit -b 256, 384 or 521 as key size for ECDSA; ok djm@
Damien Miller390f1532010-09-10 11:17:54 +10001331 - markus@cvs.openbsd.org 2010/09/02 16:08:39
Damien Miller5929c522010-09-10 11:17:02 +10001332 [ssh.c]
1333 unbreak ControlPersist=yes for ControlMaster=yes; ok djm@
Damien Miller6e9f6802010-09-10 11:17:38 +10001334 - naddy@cvs.openbsd.org 2010/09/02 17:21:50
1335 [ssh-keygen.c]
1336 Switch ECDSA default key size to 256 bits, which according to RFC5656
1337 should still be better than our current RSA-2048 default.
1338 ok djm@, markus@
Damien Miller390f1532010-09-10 11:17:54 +10001339 - jmc@cvs.openbsd.org 2010/09/03 11:09:29
1340 [scp.1]
1341 add an EXIT STATUS section for /usr/bin;
Damien Millerdaa7b222010-09-10 11:19:33 +10001342 - jmc@cvs.openbsd.org 2010/09/04 09:38:34
1343 [ssh-add.1 ssh.1]
1344 two more EXIT STATUS sections;
Damien Miller80ed82a2010-09-10 11:20:11 +10001345 - naddy@cvs.openbsd.org 2010/09/06 17:10:19
1346 [sshd_config]
1347 add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste
1348 <mattieu.b@gmail.com>
1349 ok deraadt@
Damien Millerbf0423e2010-09-10 11:20:38 +10001350 - djm@cvs.openbsd.org 2010/09/08 03:54:36
1351 [authfile.c]
1352 typo
Damien Miller3796ab42010-09-10 11:20:59 +10001353 - deraadt@cvs.openbsd.org 2010/09/08 04:13:31
1354 [compress.c]
1355 work around name-space collisions some buggy compilers (looking at you
1356 gcc, at least in earlier versions, but this does not forgive your current
1357 transgressions) seen between zlib and openssl
1358 ok djm
Damien Miller041ab7c2010-09-10 11:23:34 +10001359 - djm@cvs.openbsd.org 2010/09/09 10:45:45
1360 [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
1361 ECDH/ECDSA compliance fix: these methods vary the hash function they use
1362 (SHA256/384/512) depending on the length of the curve in use. The previous
1363 code incorrectly used SHA256 in all cases.
1364
1365 This fix will cause authentication failure when using 384 or 521-bit curve
1366 keys if one peer hasn't been upgraded and the other has. (256-bit curve
1367 keys work ok). In particular you may need to specify HostkeyAlgorithms
1368 when connecting to a server that has not been upgraded from an upgraded
1369 client.
1370
1371 ok naddy@
Damien Miller6af914a2010-09-10 11:39:26 +10001372 - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
1373 [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
1374 [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
1375 platforms that don't have the requisite OpenSSL support. ok dtucker@
Darren Tucker8ccb7392010-09-10 12:28:24 +10001376 - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
1377 for missing headers and compiler warnings.
Darren Tucker50e3bab2010-09-10 10:30:25 +10001378
137920100831
Damien Millerafdae612010-08-31 22:31:14 +10001380 - OpenBSD CVS Sync
1381 - jmc@cvs.openbsd.org 2010/08/08 19:36:30
1382 [ssh-keysign.8 ssh.1 sshd.8]
1383 use the same template for all FILES sections; i.e. -compact/.Pp where we
1384 have multiple items, and .Pa for path names;
Damien Miller9b87e792010-08-31 22:31:37 +10001385 - tedu@cvs.openbsd.org 2010/08/12 23:34:39
1386 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
1387 OpenSSL_add_all_algorithms is the name of the function we have a man page
1388 for, so use that. ok djm
Damien Millerd96546f2010-08-31 22:32:12 +10001389 - djm@cvs.openbsd.org 2010/08/16 04:06:06
1390 [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
1391 backout previous temporarily; discussed with deraadt@
Damien Millerda108ec2010-08-31 22:36:39 +10001392 - djm@cvs.openbsd.org 2010/08/31 09:58:37
1393 [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
1394 [packet.h ssh-dss.c ssh-rsa.c]
1395 Add buffer_get_cstring() and related functions that verify that the
1396 string extracted from the buffer contains no embedded \0 characters*
1397 This prevents random (possibly malicious) crap from being appended to
1398 strings where it would not be noticed if the string is used with
1399 a string(3) function.
1400
1401 Use the new API in a few sensitive places.
1402
1403 * actually, we allow a single one at the end of the string for now because
1404 we don't know how many deployed implementations get this wrong, but don't
1405 count on this to remain indefinitely.
Damien Millereb8b60e2010-08-31 22:41:14 +10001406 - djm@cvs.openbsd.org 2010/08/31 11:54:45
1407 [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
1408 [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
1409 [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
1410 [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
1411 [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
1412 [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
1413 [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
1414 Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
1415 host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
1416 better performance than plain DH and DSA at the same equivalent symmetric
1417 key length, as well as much shorter keys.
1418
1419 Only the mandatory sections of RFC5656 are implemented, specifically the
1420 three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
1421 ECDSA. Point compression (optional in RFC5656 is NOT implemented).
1422
1423 Certificate host and user keys using the new ECDSA key types are supported.
1424
1425 Note that this code has not been tested for interoperability and may be
1426 subject to change.
1427
1428 feedback and ok markus@
Damien Millerb5a62d02010-08-31 22:47:15 +10001429 - (djm) [Makefile.in] Add new ECC files
Damien Millerc79ff072010-08-31 22:50:48 +10001430 - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include
1431 includes.h
Damien Millerafdae612010-08-31 22:31:14 +10001432
Darren Tucker6889abd2010-08-27 10:12:54 +1000143320100827
1434 - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,
1435 remove. Patch from martynas at venck us
1436
Damien Millera5362022010-08-23 21:20:20 +1000143720100823
1438 - (djm) Release OpenSSH-5.6p1
1439
Darren Tuckeraa74f672010-08-16 13:15:23 +1000144020100816
1441 - (dtucker) [configure.ac openbsd-compat/Makefile.in
1442 openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to
1443 the compat library which helps on platforms like old IRIX. Based on work
1444 by djm, tested by Tom Christensen.
Damien Miller00d9ae22010-08-17 01:59:31 +10001445 - OpenBSD CVS Sync
1446 - djm@cvs.openbsd.org 2010/08/12 21:49:44
1447 [ssh.c]
1448 close any extra file descriptors inherited from parent at start and
1449 reopen stdin/stdout to /dev/null when forking for ControlPersist.
1450
1451 prevents tools that fork and run a captive ssh for communication from
1452 failing to exit when the ssh completes while they wait for these fds to
1453 close. The inherited fds may persist arbitrarily long if a background
1454 mux master has been started by ControlPersist. cvs and scp were effected
1455 by this.
1456
1457 "please commit" markus@
Damien Miller07ad3892010-08-17 07:04:28 +10001458 - (djm) [regress/README.regress] typo
Darren Tuckeraa74f672010-08-16 13:15:23 +10001459
Tim Rice722b8d12010-08-12 09:43:13 -0700146020100812
1461 - (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.sh
1462 regress/test-exec.sh] Under certain conditions when testing with sudo
1463 tests would fail because the pidfile could not be read by a regular user.
1464 "cat: cannot open ...../regress/pidfile: Permission denied (error 13)"
1465 Make sure cat is run by $SUDO. no objection from me. djm@
Tim Ricead7d5472010-08-12 10:33:01 -07001466 - (tim) [auth.c] add cast to quiet compiler. Change only affects SVR5 systems.
Tim Rice722b8d12010-08-12 09:43:13 -07001467
Damien Miller7e569b82010-08-09 02:28:37 +1000146820100809
Damien Miller2c4b13a2010-08-10 12:47:40 +10001469 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it is
1470 already set. Makes FreeBSD user openable tunnels useful; patch from
1471 richard.burakowski+ossh AT mrburak.net, ok dtucker@
Darren Tucker02c47342010-08-10 13:36:09 +10001472 - (dtucker) bug #1530: strip trailing ":" from hostname in ssh-copy-id.
1473 based in part on a patch from Colin Watson, ok djm@
Damien Miller2c4b13a2010-08-10 12:47:40 +10001474
147520100809
Damien Miller7e569b82010-08-09 02:28:37 +10001476 - OpenBSD CVS Sync
1477 - djm@cvs.openbsd.org 2010/08/08 16:26:42
1478 [version.h]
1479 crank to 5.6
Damien Miller792010b2010-08-09 02:32:05 +10001480 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
1481 [contrib/suse/openssh.spec] Crank version numbers
Damien Miller7e569b82010-08-09 02:28:37 +10001482
Damien Miller8e604ac2010-08-09 02:28:10 +1000148320100805
Damien Miller7fa96602010-08-05 13:03:13 +10001484 - OpenBSD CVS Sync
1485 - djm@cvs.openbsd.org 2010/08/04 05:37:01
1486 [ssh.1 ssh_config.5 sshd.8]
1487 Remove mentions of weird "addr/port" alternate address format for IPv6
1488 addresses combinations. It hasn't worked for ages and we have supported
1489 the more commen "[addr]:port" format for a long time. ok jmc@ markus@
Damien Miller1da63882010-08-05 13:03:51 +10001490 - djm@cvs.openbsd.org 2010/08/04 05:40:39
1491 [PROTOCOL.certkeys ssh-keygen.c]
1492 tighten the rules for certificate encoding by requiring that options
1493 appear in lexical order and make our ssh-keygen comply. ok markus@
Damien Millerc1583312010-08-05 13:04:50 +10001494 - djm@cvs.openbsd.org 2010/08/04 05:42:47
1495 [auth.c auth2-hostbased.c authfile.c authfile.h ssh-keysign.8]
1496 [ssh-keysign.c ssh.c]
1497 enable certificates for hostbased authentication, from Iain Morgan;
1498 "looks ok" markus@
Damien Miller5458c4d2010-08-05 13:05:15 +10001499 - djm@cvs.openbsd.org 2010/08/04 05:49:22
1500 [authfile.c]
1501 commited the wrong version of the hostbased certificate diff; this
1502 version replaces some strlc{py,at} verbosity with xasprintf() at
1503 the request of markus@
Damien Miller757f34e2010-08-05 13:05:31 +10001504 - djm@cvs.openbsd.org 2010/08/04 06:07:11
1505 [ssh-keygen.1 ssh-keygen.c]
1506 Support CA keys in PKCS#11 tokens; feedback and ok markus@
Damien Millerb89e6b72010-08-05 13:06:20 +10001507 - djm@cvs.openbsd.org 2010/08/04 06:08:40
1508 [ssh-keysign.c]
1509 clean for -Wuninitialized (Id sync only; portable had this change)
Damien Miller7d457182010-08-05 23:09:48 +10001510 - djm@cvs.openbsd.org 2010/08/05 13:08:42
1511 [channels.c]
1512 Fix a trio of bugs in the local/remote window calculation for datagram
1513 data channels (i.e. TunnelForward):
1514
1515 Calculate local_consumed correctly in channel_handle_wfd() by measuring
1516 the delta to buffer_len(c->output) from when we start to when we finish.
1517 The proximal problem here is that the output_filter we use in portable
1518 modified the length of the dequeued datagram (to futz with the headers
1519 for !OpenBSD).
1520
1521 In channel_output_poll(), don't enqueue datagrams that won't fit in the
1522 peer's advertised packet size (highly unlikely to ever occur) or which
1523 won't fit in the peer's remaining window (more likely).
1524
1525 In channel_input_data(), account for the 4-byte string header in
1526 datagram packets that we accept from the peer and enqueue in c->output.
1527
1528 report, analysis and testing 2/3 cases from wierbows AT us.ibm.com;
1529 "looks good" markus@
Damien Miller7fa96602010-08-05 13:03:13 +10001530
Damien Miller8e604ac2010-08-09 02:28:10 +1000153120100803
Darren Tucker8b7a0552010-08-03 15:50:16 +10001532 - (dtucker) [monitor.c] Bug #1795: Initialize the values to be returned from
1533 PAM to sane values in case the PAM method doesn't write to them. Spotted by
1534 Bitman Zhou, ok djm@.
Damien Miller844cccf2010-08-03 16:03:29 +10001535 - OpenBSD CVS Sync
1536 - djm@cvs.openbsd.org 2010/07/16 04:45:30
1537 [ssh-keygen.c]
1538 avoid bogus compiler warning
Damien Miller4e8285e2010-08-03 16:04:03 +10001539 - djm@cvs.openbsd.org 2010/07/16 14:07:35
1540 [ssh-rsa.c]
1541 more timing paranoia - compare all parts of the expected decrypted
1542 data before returning. AFAIK not exploitable in the SSH protocol.
1543 "groovy" deraadt@
Damien Millerc4bb91c2010-08-03 16:04:22 +10001544 - djm@cvs.openbsd.org 2010/07/19 03:16:33
1545 [sftp-client.c]
1546 bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
1547 upload depth checks and causing verbose printing of transfers to always
1548 be turned on; patch from imorgan AT nas.nasa.gov
Damien Millere11e1ea2010-08-03 16:04:46 +10001549 - djm@cvs.openbsd.org 2010/07/19 09:15:12
1550 [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
1551 add a "ControlPersist" option that automatically starts a background
1552 ssh(1) multiplex master when connecting. This connection can stay alive
1553 indefinitely, or can be set to automatically close after a user-specified
1554 duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but
1555 further hacked on by wmertens AT cisco.com, apb AT cequrux.com,
1556 martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@
Damien Miller8c1eb112010-08-03 16:05:05 +10001557 - djm@cvs.openbsd.org 2010/07/21 02:10:58
1558 [misc.c]
1559 sync timingsafe_bcmp() with the one dempsky@ committed to sys/lib/libkern
Damien Miller081f3c72010-08-03 16:05:25 +10001560 - dtucker@cvs.openbsd.org 2010/07/23 08:49:25
1561 [ssh.1]
1562 Ciphers is documented in ssh_config(5) these days
Darren Tucker8b7a0552010-08-03 15:50:16 +10001563
156420100819
Darren Tucker12b29db2010-07-19 21:24:13 +10001565 - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with more
1566 details about its behaviour WRT existing directories. Patch from
1567 asguthrie at gmail com, ok djm.
1568
Damien Miller9308fc72010-07-16 13:56:01 +1000156920100716
1570 - (djm) OpenBSD CVS Sync
1571 - djm@cvs.openbsd.org 2010/07/02 04:32:44
1572 [misc.c]
1573 unbreak strdelim() skipping past quoted strings, e.g.
1574 AllowUsers "blah blah" blah
1575 was broken; report and fix in bz#1757 from bitman.zhou AT centrify.com
1576 ok dtucker;
Damien Miller1f25ab42010-07-16 13:56:23 +10001577 - djm@cvs.openbsd.org 2010/07/12 22:38:52
1578 [ssh.c]
1579 Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f")
1580 for protocol 2. ok markus@
Damien Millerd0244d42010-07-16 13:56:43 +10001581 - djm@cvs.openbsd.org 2010/07/12 22:41:13
1582 [ssh.c ssh_config.5]
1583 expand %h to the hostname in ssh_config Hostname options. While this
1584 sounds useless, it is actually handy for working with unqualified
1585 hostnames:
1586
1587 Host *.*
1588 Hostname %h
1589 Host *
1590 Hostname %h.example.org
1591
1592 "I like it" markus@
Damien Miller8a0268f2010-07-16 13:57:51 +10001593 - djm@cvs.openbsd.org 2010/07/13 11:52:06
1594 [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c]
1595 [packet.c ssh-rsa.c]
1596 implement a timing_safe_cmp() function to compare memory without leaking
1597 timing information by short-circuiting like memcmp() and use it for
1598 some of the more sensitive comparisons (though nothing high-value was
1599 readily attackable anyway); "looks ok" markus@
Damien Millerea1651c2010-07-16 13:58:37 +10001600 - djm@cvs.openbsd.org 2010/07/13 23:13:16
1601 [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c]
1602 [ssh-rsa.c]
1603 s/timing_safe_cmp/timingsafe_bcmp/g
Damien Millerbcfbc482010-07-16 13:59:11 +10001604 - jmc@cvs.openbsd.org 2010/07/14 17:06:58
1605 [ssh.1]
1606 finally ssh synopsis looks nice again! this commit just removes a ton of
1607 hacks we had in place to make it work with old groff;
Damien Millerbad5e032010-07-16 13:59:59 +10001608 - schwarze@cvs.openbsd.org 2010/07/15 21:20:38
1609 [ssh-keygen.1]
1610 repair incorrect block nesting, which screwed up indentation;
1611 problem reported and fix OK by jmc@
Damien Miller9308fc72010-07-16 13:56:01 +10001612
Tim Ricecfbdc282010-07-14 13:42:28 -0700161320100714
1614 - (tim) [contrib/redhat/openssh.spec] Bug 1796: Test for skip_x11_askpass
1615 (line 77) should have been for no_x11_askpass.
1616
Damien Millercede1db2010-07-02 13:33:48 +1000161720100702
1618 - (djm) OpenBSD CVS Sync
1619 - jmc@cvs.openbsd.org 2010/06/26 00:57:07
1620 [ssh_config.5]
1621 tweak previous;
Damien Millerb96c4412010-07-02 13:34:24 +10001622 - djm@cvs.openbsd.org 2010/06/26 23:04:04
1623 [ssh.c]
1624 oops, forgot to #include <canohost.h>; spotted and patch from chl@
Damien Miller44b25042010-07-02 13:35:01 +10001625 - djm@cvs.openbsd.org 2010/06/29 23:15:30
1626 [ssh-keygen.1 ssh-keygen.c]
1627 allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
1628 bz#1749; ok markus@
Damien Miller6018a362010-07-02 13:35:19 +10001629 - djm@cvs.openbsd.org 2010/06/29 23:16:46
1630 [auth2-pubkey.c sshd_config.5]
1631 allow key options (command="..." and friends) in AuthorizedPrincipals;
1632 ok markus@
Damien Millerea727282010-07-02 13:35:34 +10001633 - jmc@cvs.openbsd.org 2010/06/30 07:24:25
1634 [ssh-keygen.1]
1635 tweak previous;
Damien Miller6022f582010-07-02 13:37:01 +10001636 - jmc@cvs.openbsd.org 2010/06/30 07:26:03
1637 [ssh-keygen.c]
1638 sort usage();
Damien Millerd59dab82010-07-02 13:37:17 +10001639 - jmc@cvs.openbsd.org 2010/06/30 07:28:34
1640 [sshd_config.5]
1641 tweak previous;
Damien Miller0979b402010-07-02 13:37:33 +10001642 - millert@cvs.openbsd.org 2010/07/01 13:06:59
1643 [scp.c]
1644 Fix a longstanding problem where if you suspend scp at the
1645 password/passphrase prompt the terminal mode is not restored.
1646 OK djm@
Damien Miller527ded72010-07-02 13:40:16 +10001647 - phessler@cvs.openbsd.org 2010/06/27 19:19:56
1648 [regress/Makefile]
1649 fix how we run the tests so we can successfully use SUDO='sudo -E'
1650 in our env
Damien Millerab139cd2010-07-02 13:42:18 +10001651 - djm@cvs.openbsd.org 2010/06/29 23:59:54
1652 [cert-userkey.sh]
1653 regress tests for key options in AuthorizedPrincipals
Damien Millercede1db2010-07-02 13:33:48 +10001654
Tim Rice3fd307d2010-06-26 16:45:15 -0700165520100627
1656 - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs
1657 key.h.
1658
Damien Miller2e774462010-06-26 09:30:47 +1000165920100626
1660 - (djm) OpenBSD CVS Sync
1661 - djm@cvs.openbsd.org 2010/05/21 05:00:36
1662 [misc.c]
1663 colon() returns char*, so s/return (0)/return NULL/
Damien Miller4fe686d2010-06-26 09:36:10 +10001664 - markus@cvs.openbsd.org 2010/06/08 21:32:19
1665 [ssh-pkcs11.c]
1666 check length of value returned C_GetAttributValue for != 0
1667 from mdrtbugzilla@codefive.co.uk; bugzilla #1773; ok dtucker@
Damien Millerc094d1e2010-06-26 09:36:34 +10001668 - djm@cvs.openbsd.org 2010/06/17 07:07:30
1669 [mux.c]
1670 Correct sizing of object to be allocated by calloc(), replacing
1671 sizeof(state) with sizeof(*state). This worked by accident since
1672 the struct contained a single int at present, but could have broken
1673 in the future. patch from hyc AT symas.com
Damien Miller99ac4e92010-06-26 09:36:58 +10001674 - djm@cvs.openbsd.org 2010/06/18 00:58:39
1675 [sftp.c]
1676 unbreak ls in working directories that contains globbing characters in
1677 their pathnames. bz#1655 reported by vgiffin AT apple.com
Damien Miller7aa46ec2010-06-26 09:37:57 +10001678 - djm@cvs.openbsd.org 2010/06/18 03:16:03
1679 [session.c]
1680 Missing check for chroot_director == "none" (we already checked against
1681 NULL); bz#1564 from Jan.Pechanec AT Sun.COM
Damien Miller49566312010-06-26 09:38:23 +10001682 - djm@cvs.openbsd.org 2010/06/18 04:43:08
1683 [sftp-client.c]
1684 fix memory leak in do_realpath() error path; bz#1771, patch from
1685 anicka AT suse.cz
Damien Millerab6de352010-06-26 09:38:45 +10001686 - djm@cvs.openbsd.org 2010/06/22 04:22:59
1687 [servconf.c sshd_config.5]
1688 expose some more sshd_config options inside Match blocks:
1689 AuthorizedKeysFile AuthorizedPrincipalsFile
1690 HostbasedUsesNameFromPacketOnly PermitTunnel
1691 bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@
Damien Millerba3420a2010-06-26 09:39:07 +10001692 - djm@cvs.openbsd.org 2010/06/22 04:32:06
1693 [ssh-keygen.c]
1694 standardise error messages when attempting to open private key
1695 files to include "progname: filename: error reason"
1696 bz#1783; ok dtucker@
Damien Miller48147d62010-06-26 09:39:25 +10001697 - djm@cvs.openbsd.org 2010/06/22 04:49:47
1698 [auth.c]
1699 queue auth debug messages for bad ownership or permissions on the user's
1700 keyfiles. These messages will be sent after the user has successfully
1701 authenticated (where our client will display them with LogLevel=debug).
Damien Miller0e76c5e2010-06-26 09:39:59 +10001702 bz#1554; ok dtucker@
1703 - djm@cvs.openbsd.org 2010/06/22 04:54:30
1704 [ssh-keyscan.c]
1705 replace verbose and overflow-prone Linebuf code with read_keyfile_line()
1706 based on patch from joachim AT joachimschipper.nl; bz#1565; ok dtucker@
Damien Miller1b2b61e2010-06-26 09:47:43 +10001707 - djm@cvs.openbsd.org 2010/06/22 04:59:12
1708 [session.c]
1709 include the user name on "subsystem request for ..." log messages;
1710 bz#1571; ok dtucker@
Damien Millerd834d352010-06-26 09:48:02 +10001711 - djm@cvs.openbsd.org 2010/06/23 02:59:02
1712 [ssh-keygen.c]
1713 fix printing of extensions in v01 certificates that I broke in r1.190
Damien Miller232cfb12010-06-26 09:50:30 +10001714 - djm@cvs.openbsd.org 2010/06/25 07:14:46
1715 [channels.c mux.c readconf.c readconf.h ssh.h]
1716 bz#1327: remove hardcoded limit of 100 permitopen clauses and port
1717 forwards per direction; ok markus@ stevesk@
Damien Miller8853ca52010-06-26 10:00:14 +10001718 - djm@cvs.openbsd.org 2010/06/25 07:20:04
1719 [channels.c session.c]
1720 bz#1750: fix requirement for /dev/null inside ChrootDirectory for
1721 internal-sftp accidentally introduced in r1.253 by removing the code
1722 that opens and dup /dev/null to stderr and modifying the channels code
1723 to read stderr but discard it instead; ok markus@
Damien Millerbda3eca2010-06-26 10:01:33 +10001724 - djm@cvs.openbsd.org 2010/06/25 08:46:17
1725 [auth1.c auth2-none.c]
1726 skip the initial check for access with an empty password when
1727 PermitEmptyPasswords=no; bz#1638; ok markus@
Damien Miller383ffe62010-06-26 10:02:03 +10001728 - djm@cvs.openbsd.org 2010/06/25 23:10:30
1729 [ssh.c]
1730 log the hostname and address that we connected to at LogLevel=verbose
1731 after authentication is successful to mitigate "phishing" attacks by
1732 servers with trusted keys that accept authentication silently and
1733 automatically before presenting fake password/passphrase prompts;
1734 "nice!" markus@
Damien Miller1ab6a512010-06-26 10:02:24 +10001735 - djm@cvs.openbsd.org 2010/06/25 23:10:30
1736 [ssh.c]
1737 log the hostname and address that we connected to at LogLevel=verbose
1738 after authentication is successful to mitigate "phishing" attacks by
1739 servers with trusted keys that accept authentication silently and
1740 automatically before presenting fake password/passphrase prompts;
1741 "nice!" markus@
Damien Miller2e774462010-06-26 09:30:47 +10001742
Damien Millerd82a2602010-06-22 15:02:39 +1000174320100622
1744 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512
1745 bz#1579; ok dtucker
1746
Damien Millerea909792010-06-18 11:09:24 +1000174720100618
1748 - (djm) [contrib/ssh-copy-id] Update key file explicitly under ~
1749 rather than assuming that $CWD == $HOME. bz#1500, patch from
1750 timothy AT gelter.com
1751
Tim Riceb9ae4ec2010-06-17 11:11:44 -0700175220100617
1753 - (tim) [contrib/cygwin/README] Remove a reference to the obsolete
1754 minires-devel package, and to add the reference to the libedit-devel
1755 package since CYgwin now provides libedit. Patch from Corinna Vinschen.
1756
Damien Miller3bcce802010-05-21 14:48:16 +1000175720100521
1758 - (djm) OpenBSD CVS Sync
1759 - djm@cvs.openbsd.org 2010/05/07 11:31:26
1760 [regress/Makefile regress/cert-userkey.sh]
1761 regress tests for AuthorizedPrincipalsFile and "principals=" key option.
1762 feedback and ok markus@
Damien Miller3b903822010-05-21 14:56:25 +10001763 - djm@cvs.openbsd.org 2010/05/11 02:58:04
1764 [auth-rsa.c]
1765 don't accept certificates marked as "cert-authority" here; ok markus@
Damien Millerc6afb5f2010-05-21 14:56:47 +10001766 - djm@cvs.openbsd.org 2010/05/14 00:47:22
1767 [ssh-add.c]
1768 check that the certificate matches the corresponding private key before
1769 grafting it on
Damien Millerd530f5f2010-05-21 14:57:10 +10001770 - djm@cvs.openbsd.org 2010/05/14 23:29:23
1771 [channels.c channels.h mux.c ssh.c]
1772 Pause the mux channel while waiting for reply from aynch callbacks.
1773 Prevents misordering of replies if new requests arrive while waiting.
1774
1775 Extend channel open confirm callback to allow signalling failure
1776 conditions as well as success. Use this to 1) fix a memory leak, 2)
1777 start using the above pause mechanism and 3) delay sending a success/
1778 failure message on mux slave session open until we receive a reply from
1779 the server.
1780
1781 motivated by and with feedback from markus@
Damien Miller388f6fc2010-05-21 14:57:35 +10001782 - markus@cvs.openbsd.org 2010/05/16 12:55:51
1783 [PROTOCOL.mux clientloop.h mux.c readconf.c readconf.h ssh.1 ssh.c]
1784 mux support for remote forwarding with dynamic port allocation,
1785 use with
1786 LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
1787 feedback and ok djm@
Damien Miller84399552010-05-21 14:58:12 +10001788 - djm@cvs.openbsd.org 2010/05/20 11:25:26
1789 [auth2-pubkey.c]
1790 fix logspam when key options (from="..." especially) deny non-matching
1791 keys; reported by henning@ also bz#1765; ok markus@ dtucker@
Damien Millerd0e4a8e2010-05-21 14:58:32 +10001792 - djm@cvs.openbsd.org 2010/05/20 23:46:02
1793 [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
1794 Move the permit-* options to the non-critical "extensions" field for v01
1795 certificates. The logic is that if another implementation fails to
1796 implement them then the connection just loses features rather than fails
1797 outright.
1798
1799 ok markus@
Damien Miller3bcce802010-05-21 14:48:16 +10001800
Darren Tucker5b6d0d02010-05-12 16:51:38 +1000180120100511
1802 - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
1803 circular dependency problem on old or odd platforms. From Tom Lane, ok
1804 djm@.
Damien Miller4b1ec832010-05-12 17:49:59 +10001805 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on older
1806 libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't
1807 already. ok dtucker@
Darren Tucker5b6d0d02010-05-12 16:51:38 +10001808
Damien Miller50af79b2010-05-10 11:52:00 +1000180920100510
1810 - OpenBSD CVS Sync
1811 - djm@cvs.openbsd.org 2010/04/23 01:47:41
1812 [ssh-keygen.c]
1813 bz#1740: display a more helpful error message when $HOME is
1814 inaccessible while trying to create .ssh directory. Based on patch
1815 from jchadima AT redhat.com; ok dtucker@
Damien Miller85c50d72010-05-10 11:53:02 +10001816 - djm@cvs.openbsd.org 2010/04/23 22:27:38
1817 [mux.c]
1818 set "detach_close" flag when registering channel cleanup callbacks.
1819 This causes the channel to close normally when its fds close and
1820 hangs when terminating a mux slave using ~. bz#1758; ok markus@
Damien Miller22a29882010-05-10 11:53:54 +10001821 - djm@cvs.openbsd.org 2010/04/23 22:42:05
1822 [session.c]
1823 set stderr to /dev/null for subsystems rather than just closing it.
1824 avoids hangs if a subsystem or shell initialisation writes to stderr.
1825 bz#1750; ok markus@
Damien Millerbebbb7e2010-05-10 11:54:38 +10001826 - djm@cvs.openbsd.org 2010/04/23 22:48:31
1827 [ssh-keygen.c]
1828 refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
1829 since we would refuse to use them anyway. bz#1516; ok dtucker@
Damien Miller79442c02010-05-10 11:55:38 +10001830 - djm@cvs.openbsd.org 2010/04/26 22:28:24
1831 [sshconnect2.c]
1832 bz#1502: authctxt.success is declared as an int, but passed by
1833 reference to function that accepts sig_atomic_t*. Convert it to
1834 the latter; ok markus@ dtucker@
Damien Miller2725c212010-05-10 11:56:14 +10001835 - djm@cvs.openbsd.org 2010/05/01 02:50:50
1836 [PROTOCOL.certkeys]
1837 typo; jmeltzer@
Damien Miller099fc162010-05-10 11:56:50 +10001838 - dtucker@cvs.openbsd.org 2010/05/05 04:22:09
1839 [sftp.c]
1840 restore mput and mget which got lost in the tab-completion changes.
1841 found by Kenneth Whitaker, ok djm@
Damien Miller30da3442010-05-10 11:58:03 +10001842 - djm@cvs.openbsd.org 2010/05/07 11:30:30
1843 [auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c]
1844 [key.c servconf.c servconf.h sshd.8 sshd_config.5]
1845 add some optional indirection to matching of principal names listed
1846 in certificates. Currently, a certificate must include the a user's name
1847 to be accepted for authentication. This change adds the ability to
1848 specify a list of certificate principal names that are acceptable.
1849
1850 When authenticating using a CA trusted through ~/.ssh/authorized_keys,
1851 this adds a new principals="name1[,name2,...]" key option.
1852
1853 For CAs listed through sshd_config's TrustedCAKeys option, a new config
1854 option "AuthorizedPrincipalsFile" specifies a per-user file containing
1855 the list of acceptable names.
1856
1857 If either option is absent, the current behaviour of requiring the
1858 username to appear in principals continues to apply.
1859
1860 These options are useful for role accounts, disjoint account namespaces
1861 and "user@realm"-style naming policies in certificates.
1862
1863 feedback and ok markus@
Damien Miller81d3fc52010-05-10 11:58:45 +10001864 - jmc@cvs.openbsd.org 2010/05/07 12:49:17
1865 [sshd_config.5]
1866 tweak previous;
Damien Miller50af79b2010-05-10 11:52:00 +10001867
Darren Tucker9f8703b2010-04-23 11:12:06 +1000186820100423
1869 - (dtucker) [configure.ac] Bug #1756: Check for the existence of a lib64 dir
1870 in the openssl install directory (some newer openssl versions do this on at
1871 least some amd64 platforms).
1872
Damien Millerc4eddee2010-04-18 08:07:43 +1000187320100418
1874 - OpenBSD CVS Sync
1875 - jmc@cvs.openbsd.org 2010/04/16 06:45:01
1876 [ssh_config.5]
1877 tweak previous; ok djm
Damien Miller1f181422010-04-18 08:08:03 +10001878 - jmc@cvs.openbsd.org 2010/04/16 06:47:04
1879 [ssh-keygen.1 ssh-keygen.c]
1880 tweak previous; ok djm
Damien Millerc617aa92010-04-18 08:08:20 +10001881 - djm@cvs.openbsd.org 2010/04/16 21:14:27
1882 [sshconnect.c]
1883 oops, %r => remote username, not %u
Damien Miller53f4bb62010-04-18 08:15:14 +10001884 - djm@cvs.openbsd.org 2010/04/16 01:58:45
1885 [regress/cert-hostkey.sh regress/cert-userkey.sh]
1886 regression tests for v01 certificate format
1887 includes interop tests for v00 certs
Darren Tuckere25a9bd2010-04-18 13:35:00 +10001888 - (dtucker) [contrib/aix/buildbff.sh] Fix creation of ssh_prng_cmds.default
1889 file.
Damien Millerc4eddee2010-04-18 08:07:43 +10001890
Damien Millera45f1c02010-04-16 15:51:34 +1000189120100416
1892 - (djm) Release openssh-5.5p1
Damien Millerd6fc3062010-04-16 15:51:45 +10001893 - OpenBSD CVS Sync
1894 - djm@cvs.openbsd.org 2010/03/26 03:13:17
1895 [bufaux.c]
1896 allow buffer_get_int_ret/buffer_get_int64_ret to take a NULL pointer
1897 argument to allow skipping past values in a buffer
Damien Miller67f30d72010-04-16 15:52:03 +10001898 - jmc@cvs.openbsd.org 2010/03/26 06:54:36
1899 [ssh.1]
1900 tweak previous;
Damien Miller544378d2010-04-16 15:52:24 +10001901 - jmc@cvs.openbsd.org 2010/03/27 14:26:55
1902 [ssh_config.5]
1903 tweak previous; ok dtucker
Damien Millerdeb5a142010-04-16 15:52:43 +10001904 - djm@cvs.openbsd.org 2010/04/10 00:00:16
1905 [ssh.c]
1906 bz#1746 - suppress spurious tty warning when using -O and stdin
1907 is not a tty; ok dtucker@ markus@
Damien Miller67283992010-04-16 15:53:02 +10001908 - djm@cvs.openbsd.org 2010/04/10 00:04:30
1909 [sshconnect.c]
1910 fix terminology: we didn't find a certificate in known_hosts, we found
1911 a CA key
Damien Miller22c97f12010-04-16 15:53:23 +10001912 - djm@cvs.openbsd.org 2010/04/10 02:08:44
1913 [clientloop.c]
1914 bz#1698: kill channel when pty allocation requests fail. Fixed
1915 stuck client if the server refuses pty allocation.
1916 ok dtucker@ "think so" markus@
Damien Miller88680652010-04-16 15:53:43 +10001917 - djm@cvs.openbsd.org 2010/04/10 02:10:56
1918 [sshconnect2.c]
1919 show the key type that we are offering in debug(), helps distinguish
1920 between certs and plain keys as the path to the private key is usually
1921 the same.
Damien Miller601a23c2010-04-16 15:54:01 +10001922 - djm@cvs.openbsd.org 2010/04/10 05:48:16
1923 [mux.c]
1924 fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.au
Damien Millerb1b17042010-04-16 15:54:19 +10001925 - djm@cvs.openbsd.org 2010/04/14 22:27:42
1926 [ssh_config.5 sshconnect.c]
1927 expand %r => remote username in ssh_config:ProxyCommand;
1928 ok deraadt markus
Damien Miller031c9102010-04-16 15:54:44 +10001929 - markus@cvs.openbsd.org 2010/04/15 20:32:55
1930 [ssh-pkcs11.c]
1931 retry lookup for private key if there's no matching key with CKA_SIGN
1932 attribute enabled; this fixes fixes MuscleCard support (bugzilla #1736)
1933 ok djm@
Damien Miller4e270b02010-04-16 15:56:21 +10001934 - djm@cvs.openbsd.org 2010/04/16 01:47:26
1935 [PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
1936 [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
1937 [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
1938 [sshconnect.c sshconnect2.c sshd.c]
1939 revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
1940 following changes:
1941
1942 move the nonce field to the beginning of the certificate where it can
1943 better protect against chosen-prefix attacks on the signature hash
1944
1945 Rename "constraints" field to "critical options"
1946
1947 Add a new non-critical "extensions" field
1948
1949 Add a serial number
1950
1951 The older format is still support for authentication and cert generation
1952 (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
1953
1954 ok markus@