Merge branch 'master' of https://github.com/openssh/openssh-portable into latestw

README

@@ -1,4 +1,4 @@
-See https://www.openssh.com/releasenotes.html#7.4p1 for the release notes.
+See https://www.openssh.com/releasenotes.html#7.5p1 for the release notes.
 
 Please read https://www.openssh.com/report.html for bug reporting
 instructions and note that we do not use Github for bug reporting or

configure.ac

@@ -1486,6 +1486,7 @@ AC_ARG_WITH(ldns,
 		else
 			LIBS="$LIBS `$LDNSCONFIG --libs`"
 			CPPFLAGS="$CPPFLAGS `$LDNSCONFIG --cflags`"
+			ldns=yes
 		fi
 	elif test "x$withval" != "xno" ; then
 			CPPFLAGS="$CPPFLAGS -I${withval}/include"
@@ -1717,6 +1718,7 @@ AC_CHECK_FUNCS([ \
 	inet_ntoa \
 	inet_ntop \
 	innetgr \
+	llabs \
 	login_getcapbool \
 	md5_crypt \
 	memmove \

contrib/redhat/openssh.spec

@@ -1,4 +1,4 @@
-%define ver 7.4p1
+%define ver 7.5p1
 %define rel 1
 
 # OpenSSH privilege separation requires a user & group ID

contrib/suse/openssh.spec

@@ -13,7 +13,7 @@
 
 Summary:	OpenSSH, a free Secure Shell (SSH) protocol implementation
 Name:		openssh
-Version:	7.4p1
+Version:	7.5p1
 URL:		https://www.openssh.com/
 Release:	1
 Source0:	openssh-%{version}.tar.gz

kex.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.130 2017/03/10 04:07:20 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -341,7 +341,6 @@ kex_reset_dispatch(struct ssh *ssh)
 {
 	ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN,
 	    SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error);
-	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 }
 
 static int
@@ -431,6 +430,7 @@ kex_input_newkeys(int type, u_int32_t seq, void *ctxt)
 
 	debug("SSH2_MSG_NEWKEYS received");
 	ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 	if ((r = sshpkt_get_end(ssh)) != 0)
 		return r;
 	if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)
@@ -545,6 +545,7 @@ kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp)
 		goto out;
 	kex->done = 0;
 	kex_reset_dispatch(ssh);
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 	r = 0;
 	*kexp = kex;
  out:

openbsd-compat/bsd-misc.c

@@ -307,3 +307,11 @@ mbtowc(wchar_t *pwc, const char *s, size_t n)
 	return 1;
 }
 #endif
+
+#ifndef HAVE_LLABS
+long long
+llabs(long long j)
+{
+	return (j < 0 ? -j : j);
+}
+#endif

openbsd-compat/bsd-misc.h

@@ -135,4 +135,8 @@ void errx(int, const char *, ...) __attribute__((format(printf, 2, 3)));
 void warn(const char *, ...) __attribute__((format(printf, 1, 2)));
 #endif
 
+#ifndef HAVE_LLABS
+long long llabs(long long);
+#endif
+
 #endif /* _BSD_MISC_H */

regress/forwarding.sh

@@ -10,7 +10,7 @@ start_sshd
 base=33
 last=$PORT
 fwd=""
-CTL=$OBJ/ctl-sock
+CTL=/tmp/openssh.regress.ctl-sock.$$
 
 for j in 0 1 2; do
 	for i in 0 1 2; do

regress/keytype.sh

@@ -1,13 +1,8 @@
-#	$OpenBSD: keytype.sh,v 1.4 2015/07/10 06:23:25 markus Exp $
+#	$OpenBSD: keytype.sh,v 1.5 2017/03/20 22:08:06 djm Exp $
 #	Placed in the Public Domain.
 
 tid="login with different key types"
 
-TIME=`which time 2>/dev/null`
-if test ! -x "$TIME"; then
-	TIME=""
-fi
-
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
 cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
 
@@ -26,8 +21,8 @@ for kt in $ktypes; do
 	rm -f $OBJ/key.$kt
 	bits=`echo ${kt} | awk -F- '{print $2}'`
 	type=`echo ${kt}  | awk -F- '{print $1}'`
-	printf "keygen $type, $bits bits:\t"
+	verbose "keygen $type, $bits bits"
-	${TIME} ${SSHKEYGEN} -b $bits -q -N '' -t $type  -f $OBJ/key.$kt ||\
+	${SSHKEYGEN} -b $bits -q -N '' -t $type  -f $OBJ/key.$kt ||\
 		fail "ssh-keygen for type $type, $bits bits failed"
 done
 
@@ -63,8 +58,8 @@ for ut in $ktypes; do
 		) > $OBJ/known_hosts
 		cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER
 		for i in $tries; do
-			printf "userkey $ut, hostkey ${ht}:\t"
+			verbose "userkey $ut, hostkey ${ht}"
-			${TIME} ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
+			${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
 			if [ $? -ne 0 ]; then
 				fail "ssh userkey $ut, hostkey $ht failed"
 			fi

sandbox-seccomp-filter.c

@@ -50,6 +50,9 @@
 #include <elf.h>
 
 #include <asm/unistd.h>
+#ifdef __s390__
+#include <asm/zcrypt.h>
+#endif
 
 #include <errno.h>
 #include <signal.h>
@@ -235,7 +238,7 @@ static const struct sock_filter preauth_insns[] = {
 	 * x86-64 syscall under some circumstances, e.g.
 	 * https://bugs.debian.org/849923
 	 */
-	SC_ALLOW(__NR_clock_gettime & ~__X32_SYSCALL_BIT);
+	SC_ALLOW(__NR_clock_gettime & ~__X32_SYSCALL_BIT),
 #endif
 
 	/* Default deny */

sftp-client.c

@@ -67,6 +67,13 @@ extern int showprogress;
 /* Maximum depth to descend in directory trees */
 #define MAX_DIR_DEPTH 64
 
+/* Directory separator characters */
+#ifdef HAVE_CYGWIN
+# define SFTP_DIRECTORY_CHARS      "/\\"
+#else /* HAVE_CYGWIN */
+# define SFTP_DIRECTORY_CHARS      "/"
+#endif /* HAVE_CYGWIN */
+
 struct sftp_conn {
 	int fd_in;
 	int fd_out;
@@ -619,7 +626,7 @@ do_lsreaddir(struct sftp_conn *conn, const char *path, int print_flag,
 			 * These can be used to attack recursive ops
 			 * (e.g. send '../../../../etc/passwd')
 			 */
-			if (strchr(filename, '/') != NULL) {
+			if (strpbrk(filename, SFTP_DIRECTORY_CHARS) != NULL) {
 				error("Server sent suspect path \"%s\" "
 				    "during readdir of \"%s\"", filename, path);
 			} else if (dir) {

utf8.c

@@ -61,7 +61,7 @@ dangerous_locale(void) {
 
 	loc = nl_langinfo(CODESET);
 	return strcmp(loc, "US-ASCII") != 0 && strcmp(loc, "UTF-8") != 0 &&
-	    strcmp(loc, "ANSI_X3.4-1968") != 0;
+	    strcmp(loc, "ANSI_X3.4-1968") != 0 && strcmp(loc, "646") != 0;
 }
 
 static int

version.h

@@ -1,6 +1,6 @@
-/* $OpenBSD: version.h,v 1.78 2016/12/19 04:55:51 djm Exp $ */
+/* $OpenBSD: version.h,v 1.79 2017/03/20 01:18:59 djm Exp $ */
 
-#define SSH_VERSION	"OpenSSH_7.4"
+#define SSH_VERSION	"OpenSSH_7.5"
 
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE