when it is available. It takes into account time spent suspended,
thereby ensuring timeouts (e.g. for expiring agent keys) fire
correctly. bz#2228 reported by John Haxby
[regress/unittests/sshbuf/test_sshbuf.c
[regress/unittests/sshbuf/test_sshbuf_fixed.c]
[regress/unittests/sshbuf/test_sshbuf_fuzz.c]
[regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
[regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
[regress/unittests/sshbuf/test_sshbuf_misc.c]
[regress/unittests/sshbuf/tests.c]
[regress/unittests/test_helper/fuzz.c]
[regress/unittests/test_helper/test_helper.c]
Hook new unit tests into the build and "make tests"
[regress/unittests/Makefile.inc]
[regress/unittests/sshbuf/Makefile]
[regress/unittests/sshbuf/test_sshbuf.c]
[regress/unittests/sshbuf/test_sshbuf_fixed.c]
[regress/unittests/sshbuf/test_sshbuf_fuzz.c]
[regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
[regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
[regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
[regress/unittests/sshbuf/test_sshbuf_misc.c]
[regress/unittests/sshbuf/tests.c]
[regress/unittests/test_helper/Makefile]
[regress/unittests/test_helper/fuzz.c]
[regress/unittests/test_helper/test_helper.c]
[regress/unittests/test_helper/test_helper.h]
Import new unit tests from OpenBSD; not yet hooked up to build.
[dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh]
repair regress tests broken by server-side default cipher/kex/mac changes
by ensuring that the option under test is included in the server's
algorithm list
[login-timeout.sh]
this test is a sorry mess of race conditions; add another sleep
to avoid a failure on slow machines (at least until I find a
better way)
[monitor.c packet.c packet.h]
unbreak compression, by re-init-ing the compression code in the
post-auth child. the new buffer code is more strict, and requires
buffer_init() while the old code was happy after a bzero();
originally from djm@
[chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c]
[misc.h poly1305.h ssh-pkcs11.c defines.h]
revert __bounded change; it causes way more problems for portable than
it solves; pointed out by dtucker@
[mac.c myproposal.h umac.c]
UMAC can use our local fallback implementation of AES when OpenSSL isn't
available. Glue code straight from Ted Krovetz's original umac.c.
ok markus@
[bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
[sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
[ssherr.h]
New buffer API; the first installment of the conversion/replacement
of OpenSSH's internals to make them usable as a standalone library.
This includes a set of wrappers to make it compatible with the
existing buffer API so replacement can occur incrementally.
With and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review.
[sftp.c]
Don't attempt to append a nul quote char to the filename. Should prevent
fatal'ing with "el_insertstr failed" when there's a single quote char
somewhere in the string. bz#2238, ok markus@
[clientloop.c serverloop.c]
bz#1818 - don't send channel success/failre replies on channels that
have sent a close already; analysis and patch from Simon Tatham;
ok markus@
[authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
[ssh-keygen.c]
buffer_get_string_ptr's return should be const to remind
callers that futzing with it will futz with the actual buffer
contents
[misc.c misc.h umac.c]
use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
strict-alignment architectures; reported by and ok stsp@
[compat.c compat.h sshconnect2.c sshd.c version.h]
OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
using the curve25519-sha256@libssh.org KEX exchange method to fail
when connecting with something that implements the spec properly.
Disable this KEX method when speaking to one of the affected
versions.
reported by Aris Adamantiadis; ok markus@
[ssh-agent.1]
remove the identity files from this manpage - ssh-agent doesn't deal
with them at all and the same information is duplicated in ssh-add.1
(which does deal with them); prodded by deraadt@
[sshconnect.c]
When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any
certificate keys to plain keys and attempt SSHFP resolution.
Prevents a server from skipping SSHFP lookup and forcing a new-hostkey
dialog by offering only certificate keys.
Reported by mcv21 AT cam.ac.uk
[chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
[misc.h poly1305.h ssh-pkcs11.c]
use __bounded(...) attribute recently added to sys/cdefs.h instead of
longform __attribute__(__bounded(...));
for brevity and a warning free compilation with llvm/clang
repeatedly):
- markus@cvs.openbsd.org 2014/03/25 09:40:03
[myproposal.h]
trimm default proposals.
This commit removes the weaker pre-SHA2 hashes, the broken ciphers
(arcfour), and the broken modes (CBC) from the default configuration
(the patch only changes the default, all the modes are still available
for the config files).
ok djm@, reminded by tedu@ & naddy@ and discussed with many
- deraadt@cvs.openbsd.org 2014/03/26 17:16:26
[myproposal.h]
The current sharing of myproposal[] between both client and server code
makes the previous diff highly unpallatable. We want to go in that
direction for the server, but not for the client. Sigh.
Brought up by naddy.
- markus@cvs.openbsd.org 2014/03/27 23:01:27
[myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
disable weak proposals in sshd, but keep them in ssh; ok djm@
[ssh-agent.c ssh-keygen.1 ssh-keygen.c]
Improve usage() and documentation towards the standard form.
In particular, this line saves a lot of man page reading time.
usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
[-N new_passphrase] [-C comment] [-f output_keyfile]
ok schwarze jmc
[auth-bsdauth.c ssh-keygen.c]
don't count on things that accept arguments by reference to clear
things for us on error; most things do, but it's unsafe form.
[session.c]
ignore enviornment variables with embedded '=' or '\0' characters;
spotted by Jann Horn; ok deraadt@
Id sync only - portable already has this.
[auth2-gss.c gss-serv.c ssh-gss.h sshd.c]
bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep
sandboxing, as running this code in the sandbox can cause violations;
ok markus@
[readconf.c readconf.h ssh.c ssh_config.5]
reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes
the hostname. This allows users to write configurations that always
refer to canonical hostnames, e.g.
CanonicalizeHostname yes
CanonicalDomains int.example.org example.org
CanonicalizeFallbackLocal no
Host *.int.example.org
Compression off
Host *.example.org
User djm
ok markus@
[sshconnect.c]
in ssh_create_socket(), only do the getaddrinfo for BindAddress when
BindAddress is actually specified. Fixes regression in 6.5 for
UsePrivilegedPort=yes; patch from Corinna Vinschen
[ssh-keygen.1 ssh-keygen.c]
tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@
while here, fix ordering in usage(); requested by jmc@
[ssh.c]
delay lowercasing of hostname until right before hostname
canonicalisation to unbreak case-sensitive matching of ssh_config;
reported by Ike Devolder; ok markus@
[sandbox-systrace.c]
allow shutdown(2) syscall in sandbox - it may be called by packet_close()
from portable
(Id sync only; change is already in portable)
[sshd.c]
use kill(0, ...) instead of killpg(0, ...); on most operating systems
they are equivalent, but SUSv2 describes the latter as having undefined
behaviour; from portable; ok dtucker
(Id sync only; change is already in portable)
[Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h]
replace openssl HMAC with an implementation based on our ssh_digest_*
ok and feedback djm@
different symbols for 'read' when various compiler flags are
in use, causing atomicio.c comparisons against it to break and
read/write operations to hang; ok dtucker
RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
libc will attempt to open additional file descriptors for crypto
offload and crash if they cannot be opened.
[cipher.c cipher.h kex.c kex.h kexgexc.c]
Add a special case for the DH group size for 3des-cbc, which has an
effective strength much lower than the key size. This causes problems
with some cryptlib implementations, which don't support group sizes larger
than 4k but also don't use the largest group size it does support as
specified in the RFC. Based on a patch from Petr Lautrbach at Redhat,
reduced by me with input from Markus. ok djm@ markus@
platform hardening options: include some long long int arithmatic
to detect missing support functions for -ftrapv in libgcc and
equivalents, actually test linking when -ftrapv is supplied and
set either both -pie/-fPIE or neither. feedback and ok dtucker@
to on platforms where it's known to be reliably detected and off elsewhere.
Works around platforms such as FreeBSD 9.1 where it does not interop with
-ftrapv (it seems to work but fails when trying to link ssh). ok djm@
[canohost.c addrmatch.c]
Cast socklen_t when comparing to size_t and use socklen_t to iterate over
the ip options, both to prevent signed/unsigned comparison warnings.
Patch from vinschen at redhat via portable openssh, begrudging ok deraadt.
[session.c]
explicitly define USE_PIPES to 1 to prevent redefinition warnings in
portable on platforms that use pipes for everything. From redhat @
redhat.
optind) are defined in getopt.h already. Unfortunately they are defined as
"declspec(dllimport)" for historical reasons, because the GNU linker didn't
allow auto-import on PE/COFF targets way back when. The problem is the
dllexport attributes collide with the definitions in the various source
files in OpenSSH, which obviousy define the variables without
declspec(dllimport). The least intrusive way to get rid of these warnings
is to disable warnings for GCC compiler attributes when building on Cygwin.
Patch from vinschen at redhat.com.
declarations that stopped being included when we stopped including
<windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at
redhat.com.
Damien Miller
Darren Tucker
Tim Rice