The NetBSD Project

CVS log for src/crypto/external/bsd/openssh/dist/sftp-glob.c

[BACK] Up to [cvs.NetBSD.org] / src / crypto / external / bsd / openssh / dist

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.10.14.1 / (download) - annotate - [select for diffs], Mon Dec 25 12:31:06 2023 UTC (3 months ago) by martin
Branch: netbsd-9
Changes since 1.10: +49 -18 lines
Diff to previous 1.10 (colored) next main 1.11 (colored) to selected 1.8 (colored)

Pull up the following, requested by kim in ticket #1780:

	crypto/external/bsd/openssh/Makefile.inc        up to 1.15 (+patch)
	crypto/external/bsd/openssh/bin/Makefile.inc    up to 1.4
	crypto/external/bsd/openssh/bin/scp/Makefile    up to 1.6
	crypto/external/bsd/openssh/bin/sftp/Makefile   up to 1.11
	crypto/external/bsd/openssh/bin/sftp-server/Makefile up to 1.4
	crypto/external/bsd/openssh/bin/ssh/Makefile    up to 1.20
	crypto/external/bsd/openssh/bin/ssh-add/Makefile up to 1.3
	crypto/external/bsd/openssh/bin/ssh-agent/Makefile up to 1.7
	crypto/external/bsd/openssh/bin/ssh-keygen/Makefile up to 1.10
	crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile up to 1.6
	crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile up to 1.4
	crypto/external/bsd/openssh/bin/sshd/Makefile   up to 1.27 (+patch)
	crypto/external/bsd/openssh/dist/PROTOCOL.sshsig up to 1.1.1.2
	crypto/external/bsd/openssh/dist/srclimit.c     up to 1.3
	crypto/external/bsd/openssh/dist/sftp-realpath.c up to 1.3
	crypto/external/bsd/openssh/dist/sntrup761.c    up to 1.3
	crypto/external/bsd/openssh/dist/sntrup761.sh   up to 1.1.1.2
	crypto/external/bsd/openssh/dist/sshsig.c       up to 1.12
	crypto/external/bsd/openssh/dist/sshsig.h       up to 1.1.1.5
	crypto/external/bsd/openssh/dist/addr.c         up to 1.6
	crypto/external/bsd/openssh/dist/PROTOCOL.u2f   up to 1.1.1.3
	crypto/external/bsd/openssh/dist/sk-api.h       up to 1.1.1.6
	crypto/external/bsd/openssh/dist/sk-usbhid.c    up to 1.9
	crypto/external/bsd/openssh/dist/ssh-ecdsa-sk.c up to 1.4
	crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c up to 1.5
	crypto/external/bsd/openssh/dist/ssh-sk-client.c up to 1.6
	crypto/external/bsd/openssh/dist/ssh-sk-helper.8 up to 1.1.1.2
	crypto/external/bsd/openssh/dist/ssh-sk-helper.c up to 1.7
	crypto/external/bsd/openssh/dist/ssh-sk.c       up to 1.8
	crypto/external/bsd/openssh/dist/ssh-sk.h       up to 1.1.1.2
	crypto/external/bsd/openssh/dist/sshbuf-io.c    up to 1.2
	crypto/external/bsd/openssh/dist/addr.h         up to 1.1.1.2
	crypto/external/bsd/openssh/dist/kexsntrup761x25519.c up to 1.3
	crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c up to 1.3
	crypto/external/bsd/openssh/dist/srclimit.h     up to 1.1.1.1
	crypto/external/bsd/openssh/dist/auth2-pubkeyfile.c up to 1.3
	crypto/external/bsd/openssh/dist/sftp-usergroup.c up to 1.3
	crypto/external/bsd/openssh/dist/sftp-usergroup.h up to 1.1.1.1
	crypto/external/bsd/openssh/dist/ed25519.sh     up to 1.1.1.1
	crypto/external/bsd/openssh/dist/crc32.c        delete
	crypto/external/bsd/openssh/dist/crc32.h        delete
	crypto/external/bsd/openssh/dist/fe25519.c      delete
	crypto/external/bsd/openssh/dist/fe25519.h      delete
	crypto/external/bsd/openssh/dist/ge25519.c      delete
	crypto/external/bsd/openssh/dist/ge25519.h      delete
	crypto/external/bsd/openssh/dist/ge25519_base.data delete
	crypto/external/bsd/openssh/dist/kexsntrup4591761x25519.c delete
	crypto/external/bsd/openssh/dist/sc25519.c      delete
	crypto/external/bsd/openssh/dist/sc25519.h      delete
	crypto/external/bsd/openssh/dist/sntrup4591761.c delete
	crypto/external/bsd/openssh/dist/sntrup4591761.sh delete
	crypto/external/bsd/openssh/dist/uuencode.c     delete
	crypto/external/bsd/openssh/dist/uuencode.h     delete
	crypto/external/bsd/openssh/dist/verify.c       delete
	crypto/external/bsd/openssh/dist/LICENCE        up to 1.7
	crypto/external/bsd/openssh/dist/PROTOCOL       up to 1.23
	crypto/external/bsd/openssh/dist/PROTOCOL.agent up to 1.15
	crypto/external/bsd/openssh/dist/PROTOCOL.certkeys up to 1.13
	crypto/external/bsd/openssh/dist/PROTOCOL.chacha20poly1305 up to 1.1.1.4
	crypto/external/bsd/openssh/dist/PROTOCOL.key   up to 1.1.1.3
	crypto/external/bsd/openssh/dist/PROTOCOL.krl   up to 1.1.1.5
	crypto/external/bsd/openssh/dist/PROTOCOL.mux   up to 1.12
	crypto/external/bsd/openssh/dist/addrmatch.c    up to 1.15
	crypto/external/bsd/openssh/dist/auth-krb5.c    up to 1.16
	crypto/external/bsd/openssh/dist/auth-options.c up to 1.29
	crypto/external/bsd/openssh/dist/auth-options.h up to 1.15
	crypto/external/bsd/openssh/dist/auth-pam.c     up to 1.21
	crypto/external/bsd/openssh/dist/auth-passwd.c  up to 1.13
	crypto/external/bsd/openssh/dist/auth-rhosts.c  up to 1.16
	crypto/external/bsd/openssh/dist/auth.c         up to 1.34
	crypto/external/bsd/openssh/dist/auth.h         up to 1.23
	crypto/external/bsd/openssh/dist/auth2-chall.c  up to 1.19
	crypto/external/bsd/openssh/dist/auth2-gss.c    up to 1.17
	crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.23
	crypto/external/bsd/openssh/dist/auth2-kbdint.c up to 1.15
	crypto/external/bsd/openssh/dist/auth2-krb5.c   up to 1.10
	crypto/external/bsd/openssh/dist/auth2-none.c   up to 1.14
	crypto/external/bsd/openssh/dist/auth2-passwd.c up to 1.16
	crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.34
	crypto/external/bsd/openssh/dist/auth2.c        up to 1.29
	crypto/external/bsd/openssh/dist/authfd.c       up to 1.27
	crypto/external/bsd/openssh/dist/authfd.h       up to 1.17
	crypto/external/bsd/openssh/dist/authfile.c     up to 1.28
	crypto/external/bsd/openssh/dist/authfile.h     up to 1.10
	crypto/external/bsd/openssh/dist/canohost.c     up to 1.16
	crypto/external/bsd/openssh/dist/chacha.c       up to 1.6
	crypto/external/bsd/openssh/dist/chacha.h       up to 1.3
	crypto/external/bsd/openssh/dist/channels.c     up to 1.42
	crypto/external/bsd/openssh/dist/channels.h     up to 1.26
	crypto/external/bsd/openssh/dist/cipher-chachapoly.c up to 1.7
	crypto/external/bsd/openssh/dist/cipher-chachapoly.h up to 1.3
	crypto/external/bsd/openssh/dist/cipher.c       up to 1.21
	crypto/external/bsd/openssh/dist/cipher.h       up to 1.17
	crypto/external/bsd/openssh/dist/clientloop.c   up to 1.39
	crypto/external/bsd/openssh/dist/clientloop.h   up to 1.18
	crypto/external/bsd/openssh/dist/compat.c       up to 1.26
	crypto/external/bsd/openssh/dist/compat.h       up to 1.18
	crypto/external/bsd/openssh/dist/crypto_api.h   up to 1.5
	crypto/external/bsd/openssh/dist/dh.c           up to 1.20
	crypto/external/bsd/openssh/dist/dh.h           up to 1.13
	crypto/external/bsd/openssh/dist/digest-libc.c  up to 1.8
	crypto/external/bsd/openssh/dist/digest-openssl.c up to 1.9
	crypto/external/bsd/openssh/dist/dispatch.c     up to 1.11
	crypto/external/bsd/openssh/dist/dns.c          up to 1.23
	crypto/external/bsd/openssh/dist/dns.h          up to 1.13
	crypto/external/bsd/openssh/dist/ed25519.c      up to 1.6
	crypto/external/bsd/openssh/dist/fatal.c        up to 1.7
	crypto/external/bsd/openssh/dist/getrrsetbyname.c up to 1.6
	crypto/external/bsd/openssh/dist/gss-genr.c     up to 1.11
	crypto/external/bsd/openssh/dist/gss-serv.c     up to 1.15
	crypto/external/bsd/openssh/dist/hash.c         up to 1.7
	crypto/external/bsd/openssh/dist/hmac.c         up to 1.8
	crypto/external/bsd/openssh/dist/hostfile.c     up to 1.23
	crypto/external/bsd/openssh/dist/hostfile.h     up to 1.11
	crypto/external/bsd/openssh/dist/includes.h     up to 1.9
	crypto/external/bsd/openssh/dist/kex.c          up to 1.34
	crypto/external/bsd/openssh/dist/kex.h          up to 1.24
	crypto/external/bsd/openssh/dist/kexdh.c        up to 1.10
	crypto/external/bsd/openssh/dist/kexgen.c       up to 1.7
	crypto/external/bsd/openssh/dist/kexgexc.c      up to 1.17
	crypto/external/bsd/openssh/dist/kexgexs.c      up to 1.23
	crypto/external/bsd/openssh/dist/krl.c          up to 1.23
	crypto/external/bsd/openssh/dist/krl.h          up to 1.6
	crypto/external/bsd/openssh/dist/ldapauth.c     up to 1.8
	crypto/external/bsd/openssh/dist/ldapauth.h     up to 1.6
	crypto/external/bsd/openssh/dist/log.c          up to 1.27
	crypto/external/bsd/openssh/dist/log.h          up to 1.17
	crypto/external/bsd/openssh/dist/mac.c          up to 1.16
	crypto/external/bsd/openssh/dist/match.c        up to 1.16
	crypto/external/bsd/openssh/dist/match.h        up to 1.11
	crypto/external/bsd/openssh/dist/misc.c         up to 1.35
	crypto/external/bsd/openssh/dist/misc.h         up to 1.27
	crypto/external/bsd/openssh/dist/moduli         up to 1.10
	crypto/external/bsd/openssh/dist/moduli.c       up to 1.17
	crypto/external/bsd/openssh/dist/monitor.c      up to 1.43
	crypto/external/bsd/openssh/dist/monitor.h      up to 1.13
	crypto/external/bsd/openssh/dist/monitor_fdpass.c up to 1.9
	crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.34
	crypto/external/bsd/openssh/dist/monitor_wrap.h up to 1.23
	crypto/external/bsd/openssh/dist/msg.c          up to 1.11
	crypto/external/bsd/openssh/dist/mux.c          up to 1.35
	crypto/external/bsd/openssh/dist/myproposal.h   up to 1.24
	crypto/external/bsd/openssh/dist/namespace.h    up to 1.10
	crypto/external/bsd/openssh/dist/nchan.c        up to 1.14
	crypto/external/bsd/openssh/dist/packet.c       up to 1.50
	crypto/external/bsd/openssh/dist/packet.h       up to 1.26
	crypto/external/bsd/openssh/dist/pathnames.h    up to 1.15
	crypto/external/bsd/openssh/dist/pfilter.c      up to 1.8 (+patch)
	crypto/external/bsd/openssh/dist/poly1305.c     up to 1.6
	crypto/external/bsd/openssh/dist/progressmeter.c up to 1.15
	crypto/external/bsd/openssh/dist/readconf.c     up to 1.44
	crypto/external/bsd/openssh/dist/readconf.h     up to 1.34
	crypto/external/bsd/openssh/dist/readpass.c     up to 1.18
	crypto/external/bsd/openssh/dist/rijndael.h     up to 1.3
	crypto/external/bsd/openssh/dist/sandbox-pledge.c up to 1.3
	crypto/external/bsd/openssh/dist/sandbox-rlimit.c up to 1.7
	crypto/external/bsd/openssh/dist/scp.1          up to 1.31
	crypto/external/bsd/openssh/dist/scp.c          up to 1.41
	crypto/external/bsd/openssh/dist/servconf.c     up to 1.44
	crypto/external/bsd/openssh/dist/servconf.h     up to 1.30
	crypto/external/bsd/openssh/dist/serverloop.c   up to 1.35
	crypto/external/bsd/openssh/dist/session.c      up to 1.38
	crypto/external/bsd/openssh/dist/session.h      up to 1.10
	crypto/external/bsd/openssh/dist/sftp-client.c  up to 1.35
	crypto/external/bsd/openssh/dist/sftp-client.h  up to 1.18
	crypto/external/bsd/openssh/dist/sftp-common.c  up to 1.14
	crypto/external/bsd/openssh/dist/sftp-common.h  up to 1.8
	crypto/external/bsd/openssh/dist/sftp-glob.c    up to 1.15
	crypto/external/bsd/openssh/dist/sftp-server-main.c up to 1.8
	crypto/external/bsd/openssh/dist/sftp-server.8  up to 1.14
	crypto/external/bsd/openssh/dist/sftp-server.c  up to 1.30
	crypto/external/bsd/openssh/dist/sftp.1         up to 1.30
	crypto/external/bsd/openssh/dist/sftp.c         up to 1.39
	crypto/external/bsd/openssh/dist/ssh-add.1      up to 1.18
	crypto/external/bsd/openssh/dist/ssh-add.c      up to 1.30
	crypto/external/bsd/openssh/dist/ssh-agent.1    up to 1.19
	crypto/external/bsd/openssh/dist/ssh-agent.c    up to 1.37
	crypto/external/bsd/openssh/dist/ssh-dss.c      up to 1.18
	crypto/external/bsd/openssh/dist/ssh-ecdsa.c    up to 1.15
	crypto/external/bsd/openssh/dist/ssh-ed25519.c  up to 1.10
	crypto/external/bsd/openssh/dist/ssh-gss.h      up to 1.10
	crypto/external/bsd/openssh/dist/ssh-keygen.1   up to 1.34
	crypto/external/bsd/openssh/dist/ssh-keygen.c   up to 1.46
	crypto/external/bsd/openssh/dist/ssh-keyscan.1  up to 1.18
	crypto/external/bsd/openssh/dist/ssh-keyscan.c  up to 1.32
	crypto/external/bsd/openssh/dist/ssh-keysign.8  up to 1.14
	crypto/external/bsd/openssh/dist/ssh-keysign.c  up to 1.24
	crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c up to 1.19
	crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 up to 1.12
	crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c up to 1.22
	crypto/external/bsd/openssh/dist/ssh-pkcs11.c   up to 1.26
	crypto/external/bsd/openssh/dist/ssh-pkcs11.h   up to 1.9
	crypto/external/bsd/openssh/dist/ssh-rsa.c      up to 1.19
	crypto/external/bsd/openssh/dist/ssh-xmss.c     up to 1.6
	crypto/external/bsd/openssh/dist/ssh.1          up to 1.39
	crypto/external/bsd/openssh/dist/ssh.c          up to 1.45
	crypto/external/bsd/openssh/dist/ssh.h          up to 1.13
	crypto/external/bsd/openssh/dist/ssh2.h         up to 1.15
	crypto/external/bsd/openssh/dist/ssh_api.c      up to 1.15
	crypto/external/bsd/openssh/dist/ssh_config     up to 1.16
	crypto/external/bsd/openssh/dist/ssh_config.5   up to 1.40
	crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c up to 1.12
	crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c up to 1.11
	crypto/external/bsd/openssh/dist/sshbuf-misc.c  up to 1.14
	crypto/external/bsd/openssh/dist/sshbuf.c       up to 1.14
	crypto/external/bsd/openssh/dist/sshbuf.h       up to 1.19
	crypto/external/bsd/openssh/dist/sshconnect.c   up to 1.37
	crypto/external/bsd/openssh/dist/sshconnect.h   up to 1.17
	crypto/external/bsd/openssh/dist/sshconnect2.c  up to 1.46
	crypto/external/bsd/openssh/dist/sshd.8         up to 1.31
	crypto/external/bsd/openssh/dist/sshd.c         up to 1.50
	crypto/external/bsd/openssh/dist/sshd_config    up to 1.28
	crypto/external/bsd/openssh/dist/sshd_config.5  up to 1.42
	crypto/external/bsd/openssh/dist/ssherr.c       up to 1.10
	crypto/external/bsd/openssh/dist/ssherr.h       up to 1.4
	crypto/external/bsd/openssh/dist/sshkey-xmss.c  up to 1.10
	crypto/external/bsd/openssh/dist/sshkey-xmss.h  up to 1.5
	crypto/external/bsd/openssh/dist/sshkey.c       up to 1.32
	crypto/external/bsd/openssh/dist/sshkey.h       up to 1.19
	crypto/external/bsd/openssh/dist/sshlogin.c     up to 1.13
	crypto/external/bsd/openssh/dist/sshpty.c       up to 1.8
	crypto/external/bsd/openssh/dist/ttymodes.c     up to 1.12
	crypto/external/bsd/openssh/dist/uidswap.c      up to 1.10
	crypto/external/bsd/openssh/dist/umac.c         up to 1.22
	crypto/external/bsd/openssh/dist/umac.h         up to 1.10
	crypto/external/bsd/openssh/dist/utf8.c         up to 1.9
	crypto/external/bsd/openssh/dist/utf8.h         up to 1.5
	crypto/external/bsd/openssh/dist/version.h      up to 1.44
	crypto/external/bsd/openssh/dist/xmalloc.c      up to 1.13
	crypto/external/bsd/openssh/dist/xmalloc.h      up to 1.16
	crypto/external/bsd/openssh/dist/xmss_hash.c    up to 1.3
	crypto/external/bsd/openssh/dist/moduli-gen/Makefile up to 1.3
	crypto/external/bsd/openssh/dist/moduli-gen/moduli-gen.sh up to 1.1.1.3
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.16
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.18
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.18
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.18
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.18
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.18
	crypto/external/bsd/openssh/lib/Makefile        up to 1.38
	crypto/external/bsd/openssh/lib/shlib_version   up to 1.36
	crypto/external/bsd/openssh/openssh2netbsd      up to 1.4
	lib/libpam/modules/pam_ssh/Makefile             up to 1.13
	lib/libpam/modules/pam_ssh/pam_ssh.c            up to 1.30
	distrib/sets/lists/base/shl.mi			(apply patch)
	distrib/sets/lists/debug/shl.mi			(apply patch)
	doc/3RDPARTY					(apply patch)

Update OpenSSH to 9.6.

Revision 1.13.2.2 / (download) - annotate - [select for diffs], Thu Nov 2 22:15:22 2023 UTC (4 months, 3 weeks ago) by sborrill
Branch: netbsd-10
CVS Tags: netbsd-10-0-RELEASE, netbsd-10-0-RC6, netbsd-10-0-RC5, netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1
Changes since 1.13.2.1: +17 -16 lines
Diff to previous 1.13.2.1 (colored) to branchpoint 1.13 (colored) next main 1.14 (colored) to selected 1.8 (colored)

Pull up the following revisions(s) (requested by martin in ticket #443):
	crypto/external/bsd/openssh/dist sync with HEAD
	crypto/external/bsd/openssh/dist/PROTOCOL:       up to 1.22
	crypto/external/bsd/openssh/dist/PROTOCOL.agent: up to 1.14
	crypto/external/bsd/openssh/dist/PROTOCOL.krl:   up to 1.1.1.5
	crypto/external/bsd/openssh/dist/addr.c:         up to 1.6
	crypto/external/bsd/openssh/dist/auth-options.c: up to 1.29
	crypto/external/bsd/openssh/dist/auth-pam.c:     up to 1.21
	crypto/external/bsd/openssh/dist/auth2-gss.c:    up to 1.17
	crypto/external/bsd/openssh/dist/auth2-pubkey.c: up to 1.34
	crypto/external/bsd/openssh/dist/auth2.c:        up to 1.28
	crypto/external/bsd/openssh/dist/canohost.c:     up to 1.16
	crypto/external/bsd/openssh/dist/chacha.c:       up to 1.6
	crypto/external/bsd/openssh/dist/channels.c      up to 1.41
	crypto/external/bsd/openssh/dist/channels.h:     up to 1.25
	crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c: up to 1.3
	crypto/external/bsd/openssh/dist/cipher-chachapoly.c: up to 1.7
	crypto/external/bsd/openssh/dist/clientloop.c:   up to 1.38
	crypto/external/bsd/openssh/dist/kex.c:          up to 1.33
	crypto/external/bsd/openssh/dist/kex.h:          up to 1.23
	crypto/external/bsd/openssh/dist/kexgexs.c:      up to 1.23
	crypto/external/bsd/openssh/dist/krl.c:          up to 1.23
	crypto/external/bsd/openssh/dist/krl.h:          up to 1.6
	crypto/external/bsd/openssh/dist/match.c:        up to 1.16
	crypto/external/bsd/openssh/dist/misc.c;         up to 1.34
	crypto/external/bsd/openssh/dist/misc.h:         up to 1.26
	crypto/external/bsd/openssh/dist/moduli:         up to 1.10
	crypto/external/bsd/openssh/dist/monitor.c:      up to 1.43
	crypto/external/bsd/openssh/dist/monitor_wrap.c: up to 1.33
	crypto/external/bsd/openssh/dist/mux.c:          up to 1.34
	crypto/external/bsd/openssh/dist/packet.c:       up to 1.49
	crypto/external/bsd/openssh/dist/packet.h:       up to 1.25
	crypto/external/bsd/openssh/dist/poly1305.c:     up to 1.6
	crypto/external/bsd/openssh/dist/progressmeter.c: up to 1.15
	crypto/external/bsd/openssh/dist/readconf.c:     up to 1.42
	crypto/external/bsd/openssh/dist/readconf.h:     up to 1.32
	crypto/external/bsd/openssh/dist/scp.c:          up to 1.40
	crypto/external/bsd/openssh/dist/servconf.c:     up to 1.43
	crypto/external/bsd/openssh/dist/servconf.h:     up to 1.30
	crypto/external/bsd/openssh/dist/serverloop.c:   up to 1.35
	crypto/external/bsd/openssh/dist/session.c:      up to 1.38
	crypto/external/bsd/openssh/dist/sftp-client.c:  up to 1.34
	crypto/external/bsd/openssh/dist/sftp-client.h:  up to 1.18
	crypto/external/bsd/openssh/dist/sftp-common.c:  up to 1.14
	crypto/external/bsd/openssh/dist/sftp-glob.c:    up to 1.15
	crypto/external/bsd/openssh/dist/sftp-server.c:  up to 1.30
	crypto/external/bsd/openssh/dist/sftp-usergroup.c: up to 1.3
	crypto/external/bsd/openssh/dist/sftp.c:         up to 1.39
	crypto/external/bsd/openssh/dist/sk-usbhid.c:    up to 1.9
	crypto/external/bsd/openssh/dist/ssh-add.c:      up to 1.29
	crypto/external/bsd/openssh/dist/ssh-agent.1:    up to 1.19
	crypto/external/bsd/openssh/dist/ssh-agent.c:    up to 1.36
	crypto/external/bsd/openssh/dist/ssh-keygen.1:   up to 1.34
	crypto/external/bsd/openssh/dist/ssh-keygen.c:   up to 1.46
	crypto/external/bsd/openssh/dist/ssh-keyscan.c:  up to 1.32
	crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c: up to 1.18
	crypto/external/bsd/openssh/dist/ssh-pkcs11.c:   up to 1.26
	crypto/external/bsd/openssh/dist/ssh-sk.c:       up to 1.8
	crypto/external/bsd/openssh/dist/ssh.1:          up to 1.37
	crypto/external/bsd/openssh/dist/ssh.c:          up to 1.44
	crypto/external/bsd/openssh/dist/ssh2.h:         up to 1.14
	crypto/external/bsd/openssh/dist/ssh_config:     up to 1.16
	crypto/external/bsd/openssh/dist/ssh_config.5:   up to 1.38
	crypto/external/bsd/openssh/dist/sshconnect2.c:  up to 1.45
	crypto/external/bsd/openssh/dist/sshd.8:         up to 1.31
	crypto/external/bsd/openssh/dist/sshd_config.5:  up to 1.42
	crypto/external/bsd/openssh/dist/sshkey.c:       up to 1.31
	crypto/external/bsd/openssh/dist/sshkey.h:       up to 1.19
	crypto/external/bsd/openssh/dist/sshsig.c:       up to 1.11
	crypto/external/bsd/openssh/dist/version.h:      up to 1.43
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048: up to 1.15
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072: up to 1.17
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096: up to 1.17
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144: up to 1.17
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680: up to 1.17
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192: up to 1.17
	crypto/external/bsd/openssh/lib/shlib_version:	1.35
	distrib/sets/lists/base/shl.mi:			1.972 via patch
	distrib/sets/lists/debug/shl.mi:		1.333
	doc/3RDPARTY:					1.1962 via patch

ssh(1): update to OpenSSH 9.5

Revision 1.15 / (download) - annotate - [select for diffs], Wed Oct 25 20:19:57 2023 UTC (5 months ago) by christos
Branch: MAIN
CVS Tags: HEAD
Changes since 1.14: +15 -14 lines
Diff to previous 1.14 (colored) to selected 1.8 (colored)

Merge conflicts between 9.3 and 9.5

Revision 1.1.1.11 / (download) - annotate - [select for diffs] (vendor branch), Wed Oct 25 20:14:32 2023 UTC (5 months ago) by christos
Branch: OPENSSH
CVS Tags: v96-20231218, v95-20231004
Changes since 1.1.1.10: +14 -14 lines
Diff to previous 1.1.1.10 (colored) to selected 1.8 (colored)

Import OpenSSH 9.5 (Last was OpenSSH 9.3)

OpenSSH 9.5/9.5p1 (2023-10-04)
OpenSSH 9.5 was released on 2023-10-04. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
https://www.openssh.com/donations.html

Changes since OpenSSH 9.4
=========================

This release fixes a number of bugs and adds some small features.

Potentially incompatible changes
--------------------------------

 * ssh-keygen(1): generate Ed25519 keys by default. Ed25519 public keys
   are very convenient due to their small size. Ed25519 keys are
   specified in RFC 8709 and OpenSSH has supported them since version 6.5
   (January 2014).

 * sshd(8): the Subsystem directive now accurately preserves quoting of
   subsystem commands and arguments. This may change behaviour for exotic
   configurations, but the most common subsystem configuration
   (sftp-server) is unlikely to be affected.

New features
------------

 * ssh(1): add keystroke timing obfuscation to the client. This attempts
   to hide inter-keystroke timings by sending interactive traffic at
   fixed intervals (default: every 20ms) when there is only a small
   amount of data being sent. It also sends fake "chaff" keystrokes for
   a random interval after the last real keystroke. These are
   controlled by a new ssh_config ObscureKeystrokeTiming keyword.

 * ssh(1), sshd(8): Introduce a transport-level ping facility. This adds
   a pair of SSH transport protocol messages SSH2_MSG_PING/PONG to
   implement a ping capability. These messages use numbers in the "local
   extensions" number space and are advertised using a "ping@openssh.com"
   ext-info message with a string version number of "0".

 * sshd(8): allow override of Subsystem directives in sshd Match blocks.

Bugfixes
--------

 * scp(1): fix scp in SFTP mode recursive upload and download of
   directories that contain symlinks to other directories. In scp mode,
   the links would be followed, but in SFTP mode they were not. bz3611

 * ssh-keygen(1): handle cr+lf (instead of just cr) line endings in
   sshsig signature files.

 * ssh(1): interactive mode for ControlPersist sessions if they
   originally requested a tty.

 * sshd(8): make PerSourceMaxStartups first-match-wins

 * sshd(8): limit artificial login delay to a reasonable maximum (5s)
   and don't delay at all for the "none" authentication mechanism.cw
    bz3602

 * sshd(8): Log errors in kex_exchange_identification() with level
   verbose instead of error to reduce preauth log spam. All of those
   get logged with a more generic error message by sshpkt_fatal().

 * sshd(8): correct math for ClientAliveInterval that caused the probes
    to be sent less frequently than configured.

 * ssh(1): fix regression in OpenSSH 9.4 (mux.c r1.99) that caused
   multiplexed sessions to ignore SIGINT under some circumstances.

Portability
-----------

 * Avoid clang zero-call-used-regs=all bug on Apple compilers, which
   for some reason have version numbers that do not match the upstream
   clang version numbers. bz#3584

 * Fix configure test for zlib 1.3 and later/development versions. bz3604

Checksums:
==========

 - SHA1 (openssh-9.5.tar.gz) = 8a0bd3a91fac338d97d91817af58df731f6509a3
 - SHA256 (openssh-9.5.tar.gz) = sVMxeM3d6g65qBMktJIofxmK4Ipg9dblKif0VnhPeO0=

 - SHA1 (openssh-9.5p1.tar.gz) = 35c16dcc6e7d0a9465faa241476ef24f76b196cc
 - SHA256 (openssh-9.5p1.tar.gz) = 8Cbnt5un+1QPdRgq+W3IqPHbOV+SK7yfbKYDZyaGCGs=

Please note that the SHA256 signatures are base64 encoded and not
hexadecimal (which is the default for most checksum tools). The PGP
key used to sign the releases is available from the mirror sites:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc

Reporting Bugs:
===============

- Please read https://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com
OpenSSH 9.4/9.4p1 (2023-08-10)
OpenSSH 9.4 was released on 2023-08-10. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
https://www.openssh.com/donations.html

Changes since OpenSSH 9.3p2
===========================

This release fixes a number of bugs and adds some small features.

Potentially incompatible changes
--------------------------------

 * This release removes support for older versions of libcrypto.
   OpenSSH now requires LibreSSL >= 3.1.0 or OpenSSL >= 1.1.1.
   Note that these versions are already deprecated by their upstream
   vendors.

 * ssh-agent(1): PKCS#11 modules must now be specified by their full
   paths. Previously dlopen(3) could search for them in system
   library directories.

New features
------------

 * ssh(1): allow forwarding Unix Domain sockets via ssh -W.

 * ssh(1): add support for configuration tags to ssh(1).
   This adds a ssh_config(5) "Tag" directive and corresponding
   "Match tag" predicate that may be used to select blocks of
   configuration similar to the pf.conf(5) keywords of the same
   name.

 * ssh(1): add a "match localnetwork" predicate. This allows matching
   on the addresses of available network interfaces and may be used to
   vary the effective client configuration based on network location.

 * ssh(1), sshd(8), ssh-keygen(1): infrastructure support for KRL
   extensions.  This defines wire formats for optional KRL extensions
   and implements parsing of the new submessages. No actual extensions
   are supported at this point.

 * sshd(8): AuthorizedPrincipalsCommand and AuthorizedKeysCommand now
   accept two additional %-expansion sequences: %D which expands to
   the routing domain of the connected session and %C which expands
   to the addresses and port numbers for the source and destination
   of the connection.

 * ssh-keygen(1): increase the default work factor (rounds) for the
   bcrypt KDF used to derive symmetric encryption keys for passphrase
   protected key files by 50%.

Bugfixes
--------

 * ssh-agent(1): improve isolation between loaded PKCS#11 modules
   by running separate ssh-pkcs11-helpers for each loaded provider.

 * ssh(1): make -f (fork after authentication) work correctly with
   multiplexed connections, including ControlPersist. bz3589 bz3589

 * ssh(1): make ConnectTimeout apply to multiplexing sockets and not
   just to network connections.

 * ssh-agent(1), ssh(1): improve defences against invalid PKCS#11
   modules being loaded by checking that the requested module
   contains the required symbol before loading it.

 * sshd(8): fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand
   appears before it in sshd_config. Since OpenSSH 8.7 the
   AuthorizedPrincipalsCommand directive was incorrectly ignored in
   this situation. bz3574

 * sshd(8), ssh(1), ssh-keygen(1): remove vestigal support for KRL
   signatures When the KRL format was originally defined, it included
   support for signing of KRL objects. However, the code to sign KRLs
   and verify KRL signatues was never completed in OpenSSH. This
   release removes the partially-implemented code to verify KRLs.
   All OpenSSH tools now ignore KRL_SECTION_SIGNATURE sections in
   KRL files.

 * All: fix a number of memory leaks and unreachable/harmless integer
   overflows.

 * ssh-agent(1), ssh(1): don't truncate strings logged from PKCS#11
   modules; GHPR406

 * sshd(8), ssh(1): better validate CASignatureAlgorithms in
   ssh_config and sshd_config. Previously this directive would accept
   certificate algorithm names, but these were unusable in practice as
   OpenSSH does not support CA chains. bz3577

 * ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature
   algorithms that are valid for CA signing. Previous behaviour was
   to list all signing algorithms, including certificate algorithms.

 * ssh-keyscan(1): gracefully handle systems where rlimits or the
   maximum number of open files is larger than INT_MAX; bz3581

 * ssh-keygen(1): fix "no comment" not showing on when running
   `ssh-keygen -l` on multiple keys where one has a comment and other
   following keys do not. bz3580

 * scp(1), sftp(1): adjust ftruncate() logic to handle servers that
   reorder requests. Previously, if the server reordered requests then
   the resultant file would be erroneously truncated.

 * ssh(1): don't incorrectly disable hostname canonicalization when
   CanonicalizeHostname=yes and ProxyJump was expicitly set to
   "none". bz3567

 * scp(1): when copying local->remote, check that the source file
   exists before opening an SFTP connection to the server. Based on
   GHPR#370

Portability
-----------

 * All: a number of build fixes for various platforms and
   configuration combinations.

 * sshd(8): provide a replacement for the SELinux matchpathcon()
   function, which is deprecated.

 * All: relax libcrypto version checks for OpenSSL >=3. Beyond
   OpenSSL 3.0, the ABI compatibility guarantees are wider (only
   the library major must match instead of major and minor in
   earlier versions).  bz#3548.

 * Tests: fix build problems for the sk-dummy.so FIDO provider module
   used in some tests.

Checksums:
==========

 - SHA1 (openssh-9.4.tar.gz) = d88126d8d7b8e5bf4656587ac4a16055560641cc
 - SHA256 (openssh-9.4.tar.gz) = 7eqFjx2hAunw+1Jy7f1JQXq//3AMr9B3dKtASDtq8go=

 - SHA1 (openssh-9.4p1.tar.gz) = 5dea1f3c88f9cfe53a711a3c893ee8b7d3ffecff
 - SHA256 (openssh-9.4p1.tar.gz) = Ngj9kIjbIWPOs+YAyFq3nQ3j0iHlkZLqGSPiMmOGaoU=

Please note that the SHA256 signatures are base64 encoded and not
hexadecimal (which is the default for most checksum tools). The PGP
key used to sign the releases is available from the mirror sites:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc

Reporting Bugs:
===============

- Please read https://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com

Revision 1.13.2.1 / (download) - annotate - [select for diffs], Fri Aug 11 15:36:40 2023 UTC (7 months, 2 weeks ago) by martin
Branch: netbsd-10
Changes since 1.13: +34 -4 lines
Diff to previous 1.13 (colored) to selected 1.8 (colored)

Pull up following revision(s) (requested by maya in ticket #322):

	distrib/sets/lists/base/shl.mi: revision 1.953
	distrib/sets/lists/debug/shl.mi: revision 1.315
	crypto/external/bsd/openssh/dist/ed25519.sh     up to 1.1.1.1
	crypto/external/bsd/openssh/dist/fe25519.c      delete
	crypto/external/bsd/openssh/dist/fe25519.h      delete
	crypto/external/bsd/openssh/dist/ge25519.c      delete
	crypto/external/bsd/openssh/dist/ge25519.h      delete
	crypto/external/bsd/openssh/dist/ge25519_base.data delete
	crypto/external/bsd/openssh/dist/sc25519.c      delete
	crypto/external/bsd/openssh/dist/sc25519.h      delete
	crypto/external/bsd/openssh/dist/verify.c       delete
	crypto/external/bsd/openssh/bin/sftp/Makefile   up to 1.11
	crypto/external/bsd/openssh/bin/ssh/Makefile    up to 1.19
	crypto/external/bsd/openssh/bin/ssh-agent/Makefile up to 1.7
	crypto/external/bsd/openssh/bin/ssh-keygen/Makefile up to 1.10
	crypto/external/bsd/openssh/bin/sshd/Makefile   up to 1.27
	crypto/external/bsd/openssh/dist/LICENCE        up to 1.7
	crypto/external/bsd/openssh/dist/PROTOCOL       up to 1.21
	crypto/external/bsd/openssh/dist/addr.c         up to 1.5
	crypto/external/bsd/openssh/dist/addr.h         up to 1.1.1.2
	crypto/external/bsd/openssh/dist/auth-passwd.c  up to 1.13
	crypto/external/bsd/openssh/dist/auth-rhosts.c  up to 1.16
	crypto/external/bsd/openssh/dist/auth.c         up to 1.34
	crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.23
	crypto/external/bsd/openssh/dist/auth2-none.c   up to 1.14
	crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.33
	crypto/external/bsd/openssh/dist/auth2-pubkeyfile.c up to 1.3
	crypto/external/bsd/openssh/dist/auth2.c        up to 1.27
	crypto/external/bsd/openssh/dist/authfd.c       up to 1.26
	crypto/external/bsd/openssh/dist/authfile.c     up to 1.28
	crypto/external/bsd/openssh/dist/canohost.c     up to 1.15
	crypto/external/bsd/openssh/dist/channels.c     up to 1.40
	crypto/external/bsd/openssh/dist/channels.h     up to 1.24
	crypto/external/bsd/openssh/dist/cipher.h       up to 1.16
	crypto/external/bsd/openssh/dist/clientloop.c   up to 1.37
	crypto/external/bsd/openssh/dist/compat.c       up to 1.26
	crypto/external/bsd/openssh/dist/compat.h       up to 1.18
	crypto/external/bsd/openssh/dist/crypto_api.h   up to 1.5
	crypto/external/bsd/openssh/dist/dispatch.c     up to 1.11
	crypto/external/bsd/openssh/dist/dns.c          up to 1.23
	crypto/external/bsd/openssh/dist/dns.h          up to 1.13
	crypto/external/bsd/openssh/dist/ed25519.c      up to 1.6
	crypto/external/bsd/openssh/dist/hostfile.c     up to 1.23
	crypto/external/bsd/openssh/dist/kex.c          up to 1.32
	crypto/external/bsd/openssh/dist/kex.h          up to 1.22
	crypto/external/bsd/openssh/dist/kexgexs.c      up to 1.22
	crypto/external/bsd/openssh/dist/krl.c          up to 1.22
	crypto/external/bsd/openssh/dist/misc.c         up to 1.33
	crypto/external/bsd/openssh/dist/misc.h         up to 1.25
	crypto/external/bsd/openssh/dist/moduli.c       up to 1.17
	crypto/external/bsd/openssh/dist/monitor.c      up to 1.42
	crypto/external/bsd/openssh/dist/monitor.h      up to 1.13
	crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.32
	crypto/external/bsd/openssh/dist/mux.c          up to 1.33
	crypto/external/bsd/openssh/dist/packet.c       up to 1.48
	crypto/external/bsd/openssh/dist/progressmeter.c up to 1.14
	crypto/external/bsd/openssh/dist/readconf.c     up to 1.41
	crypto/external/bsd/openssh/dist/readconf.h     up to 1.31
	crypto/external/bsd/openssh/dist/scp.1          up to 1.30
	crypto/external/bsd/openssh/dist/scp.c          up to 1.39
	crypto/external/bsd/openssh/dist/servconf.c     up to 1.42
	crypto/external/bsd/openssh/dist/servconf.h     up to 1.29
	crypto/external/bsd/openssh/dist/serverloop.c   up to 1.34
	crypto/external/bsd/openssh/dist/session.c      up to 1.37
	crypto/external/bsd/openssh/dist/session.h      up to 1.10
	crypto/external/bsd/openssh/dist/sftp-client.c  up to 1.33
	crypto/external/bsd/openssh/dist/sftp-glob.c    up to 1.14
	crypto/external/bsd/openssh/dist/sftp-server.c  up to 1.29
	crypto/external/bsd/openssh/dist/sftp.1         up to 1.29
	crypto/external/bsd/openssh/dist/sftp.c         up to 1.38
	crypto/external/bsd/openssh/dist/sntrup761.c    up to 1.3
	crypto/external/bsd/openssh/dist/sntrup761.sh   up to 1.1.1.2
	crypto/external/bsd/openssh/dist/ssh-add.c      up to 1.28
	crypto/external/bsd/openssh/dist/ssh-agent.1    up to 1.18
	crypto/external/bsd/openssh/dist/ssh-agent.c    up to 1.35
	crypto/external/bsd/openssh/dist/ssh-dss.c      up to 1.18
	crypto/external/bsd/openssh/dist/ssh-ecdsa-sk.c up to 1.4
	crypto/external/bsd/openssh/dist/ssh-ecdsa.c    up to 1.15
	crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c up to 1.5
	crypto/external/bsd/openssh/dist/ssh-ed25519.c  up to 1.10
	crypto/external/bsd/openssh/dist/ssh-keygen.1   up to 1.33
	crypto/external/bsd/openssh/dist/ssh-keygen.c   up to 1.45
	crypto/external/bsd/openssh/dist/ssh-keyscan.1  up to 1.18
	crypto/external/bsd/openssh/dist/ssh-keyscan.c  up to 1.31
	crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 up to 1.12
	crypto/external/bsd/openssh/dist/ssh-pkcs11.c   up to 1.25
	crypto/external/bsd/openssh/dist/ssh-rsa.c      up to 1.19
	crypto/external/bsd/openssh/dist/ssh-sk-helper.c up to 1.7
	crypto/external/bsd/openssh/dist/ssh-xmss.c     up to 1.6
	crypto/external/bsd/openssh/dist/ssh.1          up to 1.36
	crypto/external/bsd/openssh/dist/ssh.c          up to 1.43
	crypto/external/bsd/openssh/dist/ssh_api.c      up to 1.15
	crypto/external/bsd/openssh/dist/ssh_config.5   up to 1.37
	crypto/external/bsd/openssh/dist/sshbuf.c       up to 1.14
	crypto/external/bsd/openssh/dist/sshbuf.h       up to 1.19
	crypto/external/bsd/openssh/dist/sshconnect.c   up to 1.35
	crypto/external/bsd/openssh/dist/sshconnect2.c  up to 1.44
	crypto/external/bsd/openssh/dist/sshd.8         up to 1.30
	crypto/external/bsd/openssh/dist/sshd.c         up to 1.49
	crypto/external/bsd/openssh/dist/sshd_config.5  up to 1.41
	crypto/external/bsd/openssh/dist/sshkey-xmss.c  up to 1.10
	crypto/external/bsd/openssh/dist/sshkey-xmss.h  up to 1.5
	crypto/external/bsd/openssh/dist/sshkey.c       up to 1.30
	crypto/external/bsd/openssh/dist/sshkey.h       up to 1.18
	crypto/external/bsd/openssh/dist/umac.c         up to 1.22
	crypto/external/bsd/openssh/dist/version.h      up to 1.42
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.14
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.16
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.16
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.16
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.16
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.16
	crypto/external/bsd/openssh/lib/Makefile        up to 1.37
	crypto/external/bsd/openssh/lib/shlib_version   up to 1.34
	doc/3DPARTY					(apply patch)

Import OpenSSH 9.3p2

Revision 1.14 / (download) - annotate - [select for diffs], Wed Jul 26 17:58:15 2023 UTC (8 months ago) by christos
Branch: MAIN
Changes since 1.13: +32 -2 lines
Diff to previous 1.13 (colored) to selected 1.8 (colored)

Merge changes between OpenSSH-9.1 and OpenSSH-9.3

Revision 1.1.1.10 / (download) - annotate - [select for diffs] (vendor branch), Wed Jul 26 17:31:31 2023 UTC (8 months ago) by christos
Branch: OPENSSH
CVS Tags: v93p2-20230719, v93-20230719
Changes since 1.1.1.9: +32 -2 lines
Diff to previous 1.1.1.9 (colored) to selected 1.8 (colored)

Import OpenSSH 9.3 + the fix from p2 for the PKCS#11 remote provider
The previous version was OpenSSH 9.1

OpenSSH 9.3p2 (2023-07-19)
OpenSSH 9.3p2 was released on 2023-07-19. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
https://www.openssh.com/donations.html

Changes since OpenSSH 9.3
=========================

This release fixes a security bug.

Security
========

Fix CVE-2023-38408 - a condition where specific libaries loaded via
ssh-agent(1)'s PKCS#11 support could be abused to achieve remote
code execution via a forwarded agent socket if the following
conditions are met:

* Exploitation requires the presence of specific libraries on
  the victim system.
* Remote exploitation requires that the agent was forwarded
  to an attacker-controlled system.

Exploitation can also be prevented by starting ssh-agent(1) with an
empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring
an allowlist that contains only specific provider libraries.

This vulnerability was discovered and demonstrated to be exploitable
by the Qualys Security Advisory team.

In addition to removing the main precondition for exploitation,
this release removes the ability for remote ssh-agent(1) clients
to load PKCS#11 modules by default (see below).

Potentially-incompatible changes
--------------------------------

 * ssh-agent(8): the agent will now refuse requests to load PKCS#11
   modules issued by remote clients by default. A flag has been added
   to restore the previous behaviour "-Oallow-remote-pkcs11".

   Note that ssh-agent(8) depends on the SSH client to identify
   requests that are remote. The OpenSSH >=8.9 ssh(1) client does
   this, but forwarding access to an agent socket using other tools
   may circumvent this restriction.

Checksums:
==========

- SHA1 (openssh-9.3p2.tar.gz) = 219cf700c317f400bb20b001c0406056f7188ea4
- SHA256 (openssh-9.3p2.tar.gz) = IA6+FH9ss/EB/QzfngJEKvfdyimN/9n0VoeOfMrGdug=

Please note that the SHA256 signatures are base64 encoded and not
hexadecimal (which is the default for most checksum tools). The PGP
key used to sign the releases is available from the mirror sites:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc

Reporting Bugs:
===============

- Please read https://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com


OpenSSH 9.3/9.3p1 (2023-03-15)
OpenSSH 9.3 was released on 2023-03-15. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
https://www.openssh.com/donations.html

Changes since OpenSSH 9.2
=========================

This release fixes a number of security bugs.

Security
========

This release contains fixes for a security problem and a memory
safety problem. The memory safety problem is not believed to be
exploitable, but we report most network-reachable memory faults as
security bugs.

 * ssh-add(1): when adding smartcard keys to ssh-agent(1) with the
   per-hop destination constraints (ssh-add -h ...) added in OpenSSH
   8.9, a logic error prevented the constraints from being
   communicated to the agent. This resulted in the keys being added
   without constraints. The common cases of non-smartcard keys and
   keys without destination constraints are unaffected. This problem
   was reported by Luci Stanescu.

 * ssh(1): Portable OpenSSH provides an implementation of the
   getrrsetbyname(3) function if the standard library does not
   provide it, for use by the VerifyHostKeyDNS feature. A
   specifically crafted DNS response could cause this function to
   perform an out-of-bounds read of adjacent stack data, but this
   condition does not appear to be exploitable beyond denial-of-
   service to the ssh(1) client.

   The getrrsetbyname(3) replacement is only included if the system's
   standard library lacks this function and portable OpenSSH was not
   compiled with the ldns library (--with-ldns). getrrsetbyname(3) is
   only invoked if using VerifyHostKeyDNS to fetch SSHFP records. This
   problem was found by the Coverity static analyzer.

New features
------------

 * ssh-keygen(1), ssh-keyscan(1): accept -Ohashalg=sha1|sha256 when
   outputting SSHFP fingerprints to allow algorithm selection. bz3493

 * sshd(8): add a `sshd -G` option that parses and prints the
   effective configuration without attempting to load private keys
   and perform other checks. This allows usage of the option before
   keys have been generated and for configuration evaluation and
   verification by unprivileged users.

Bugfixes
--------

 * scp(1), sftp(1): fix progressmeter corruption on wide displays;
   bz3534

 * ssh-add(1), ssh-keygen(1): use RSA/SHA256 when testing usability
   of private keys as some systems are starting to disable RSA/SHA1
   in libcrypto.

 * sftp-server(8): fix a memory leak. GHPR363

 * ssh(1), sshd(8), ssh-keyscan(1): remove vestigal protocol
   compatibility code and simplify what's left.

 * Fix a number of low-impact Coverity static analysis findings.
   These include several reported via bz2687

 * ssh_config(5), sshd_config(5): mention that some options are not
   first-match-wins.

 * Rework logging for the regression tests. Regression tests will now
   capture separate logs for each ssh and sshd invocation in a test.

 * ssh(1): make `ssh -Q CASignatureAlgorithms` work as the manpage
   says it should; bz3532.

 * ssh(1): ensure that there is a terminating newline when adding a
   new entry to known_hosts; bz3529

Portability
-----------

 * sshd(8): harden Linux seccomp sandbox. Move to an allowlist of
   mmap(2), madvise(2) and futex(2) flags, removing some concerning
   kernel attack surface.

 * sshd(8): improve Linux seccomp-bpf sandbox for older systems;
   bz3537

Checksums:
==========

- SHA1 (openssh-9.3.tar.gz) = 5f9d2f73ddfe94f3f0a78bdf46704b6ad7b66ec7
- SHA256 (openssh-9.3.tar.gz) = eRcXkFZByz70DUBUcyIdvU0pVxP2X280FrmV8pyUdrk=

- SHA1 (openssh-9.3p1.tar.gz) = 610959871bf8d6baafc3525811948f85b5dd84ab
- SHA256 (openssh-9.3p1.tar.gz) = 6bq6dwGnalHz2Fpiw4OjydzZf6kAuFm8fbEUwYaK+Kg=

Please note that the SHA256 signatures are base64 encoded and not
hexadecimal (which is the default for most checksum tools). The PGP
key used to sign the releases is available from the mirror sites:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc

Reporting Bugs:
===============

- Please read https://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com


OpenSSH 9.2/9.2p1 (2023-02-02)
OpenSSH 9.2 was released on 2023-02-02. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
https://www.openssh.com/donations.html

Changes since OpenSSH 9.1
=========================

This release fixes a number of security bugs.

Security
========

This release contains fixes for two security problems and a memory
safety problem. The memory safety problem is not believed to be
exploitable, but we report most network-reachable memory faults as
security bugs.

 * sshd(8): fix a pre-authentication double-free memory fault
   introduced in OpenSSH 9.1. This is not believed to be exploitable,
   and it occurs in the unprivileged pre-auth process that is
   subject to chroot(2) and is further sandboxed on most major
   platforms.

 * ssh(8): in OpenSSH releases after 8.7, the PermitRemoteOpen option
   would ignore its first argument unless it was one of the special
   keywords "any" or "none", causing the permission list to fail open
   if only one permission was specified. bz3515

 * ssh(1): if the CanonicalizeHostname and CanonicalizePermittedCNAMEs
   options were enabled, and the system/libc resolver did not check
   that names in DNS responses were valid, then use of these options
   could allow an attacker with control of DNS to include invalid
   characters (possibly including wildcards) in names added to
   known_hosts files when they were updated. These names would still
   have to match the CanonicalizePermittedCNAMEs allow-list, so
   practical exploitation appears unlikely.

Potentially-incompatible changes
--------------------------------

 * ssh(1): add a new EnableEscapeCommandline ssh_config(5) option that
   controls whether the client-side ~C escape sequence that provides a
   command-line is available. Among other things, the ~C command-line
   could be used to add additional port-forwards at runtime.

   This option defaults to "no", disabling the ~C command-line that
   was previously enabled by default. Turning off the command-line
   allows platforms that support sandboxing of the ssh(1) client
   (currently only OpenBSD) to use a stricter default sandbox policy.

New features
------------

 * sshd(8): add support for channel inactivity timeouts via a new
   sshd_config(5) ChannelTimeout directive. This allows channels that
   have not seen traffic in a configurable interval to be
   automatically closed. Different timeouts may be applied to session,
   X11, agent and TCP forwarding channels.

 * sshd(8): add a sshd_config UnusedConnectionTimeout option to
   terminate client connections that have no open channels for a
   length of time. This complements the ChannelTimeout option above.

 * sshd(8): add a -V (version) option to sshd like the ssh client has.

 * ssh(1): add a "Host" line to the output of ssh -G showing the
   original hostname argument. bz3343

 * scp(1), sftp(1): add a -X option to both scp(1) and sftp(1) to
   allow control over some SFTP protocol parameters: the copy buffer
   length and the number of in-flight requests, both of which are used
   during upload/download. Previously these could be controlled in
   sftp(1) only. This makes them available in both SFTP protocol
   clients using the same option character sequence.

 * ssh-keyscan(1): allow scanning of complete CIDR address ranges,
   e.g.  "ssh-keyscan 192.168.0.0/24". If a CIDR range is passed, then
   it will be expanded to all possible addresses in the range
   including the all-0s and all-1s addresses. bz#976

 * ssh(1): support dynamic remote port forwarding in escape
   command-line's -R processing. bz#3499

Bugfixes
--------

 * ssh(1): when restoring non-blocking mode to stdio fds, restore
   exactly the flags that ssh started with and don't just clobber them
   with zero, as this could also remove the append flag from the set.
   bz3523

 * ssh(1): avoid printf("%s", NULL) if using UserKnownHostsFile=none
   and a hostkey in one of the system known hosts file changes.

 * scp(1): switch scp from using pipes to a socket-pair for
   communication with its ssh sub-processes, matching how sftp(1)
   operates.

 * sshd(8): clear signal mask early in main(); sshd may have been
   started with one or more signals masked (sigprocmask(2) is not
   cleared on fork/exec) and this could interfere with various things,
   e.g. the login grace timer. Execution environments that fail to
   clear the signal mask before running sshd are clearly broken, but
   apparently they do exist.

 * ssh(1): warn if no host keys for hostbased auth can be loaded.

 * sshd(8): Add server debugging for hostbased auth that is queued and
   sent to the client after successful authentication, but also logged
   to assist in diagnosis of HostbasedAuthentication problems. bz3507

 * ssh(1): document use of the IdentityFile option as being usable to
   list public keys as well as private keys. GHPR352

 * sshd(8): check for and disallow MaxStartups values less than or
   equal to zero during config parsing, rather than failing later at
   runtime.  bz3489

 * ssh-keygen(1): fix parsing of hex cert expiry times specified on
   the command-line when acting as a CA.

 * scp(1): when scp(1) is using the SFTP protocol for transport (the
   default), better match scp/rcp's handling of globs that don't match
   the globbed characters but do match literally (e.g. trying to
   transfer a file named "foo.[1]"). Previously scp(1) in SFTP mode
   would not match these pathnames but legacy scp/rcp mode would.
   bz3488

 * ssh-agent(1): document the "-O no-restrict-websafe" command-line
   option.

 * ssh(1): honour user's umask(2) if it is more restrictive then the
   ssh default (022).

Portability
-----------

 * sshd(8): allow writev(2) in the Linux seccomp sandbox. This seems
   to be used by recent glibcs at least in some configurations during
   error conditions. bz3512.

 * sshd(8): simply handling of SSH_CONNECTION PAM env var, removing
   global variable and checking the return value from pam_putenv.
   bz3508

 * sshd(8): disable SANDBOX_SECCOMP_FILTER_DEBUG that was mistakenly
   enabled during the OpenSSH 9.1 release cycle.

 * misc: update autotools and regenerate the config files using the
   latest autotools

 * all: use -fzero-call-used-regs=used on clang 15 instead of
   -fzero-call-used-reg=all, as some versions of clang 15 have
   miscompile code when it was enabled. bz3475

 * sshd(8): defer PRNG seeding until after the initial closefrom(2)
   call. PRNG seeding will initialize OpenSSL, and some engine
   providers (e.g. Intel's QAT) will open descriptors for their own
   use that closefrom(2) could clobber. bz3483

 * misc: in the poll(2)/ppoll(2) compatibility code, avoid assuming
   the layout of fd_set.

 * sftp-server(8), ssh-agent(1): fix ptrace(2) disabling on older
   FreeBSD kernels. Some versions do not support using id 0 to refer
   to the current PID for procctl, so try again with getpid()
   explicitly before failing.

 * configure.ac: fix -Wstrict-prototypes in configure test code.
   Clang 16 now warns on this and legacy prototypes will be removed
   in C23. GHPR355

 * configure.ac: fix setres*id checks to work with clang-16. glibc
   has the prototypes for setresuid behind _GNU_SOURCE, and clang 16
   will error out on implicit function definitions. bz3497

Checksums:
==========

- SHA1 (openssh-9.2.tar.gz) = e4b806b7c81b87d6c90afe97b3d016ba6cf3ba1c
- SHA256 (openssh-9.2.tar.gz) = yYe9uaaWSeetXGXOxuaaEiIsLnvITmGW+l5dgMZb9QU=

- SHA1 (openssh-9.2p1.tar.gz) = 3b172b8e971773a7018bbf3231f6589ae539ca4b
- SHA256 (openssh-9.2p1.tar.gz) = P2bb8WVftF9Q4cVtpiqwEhjCKIB7ITONY068351xz0Y=

Please note that the SHA256 signatures are base64 encoded and not
hexadecimal (which is the default for most checksum tools). The PGP
key used to sign the releases is available from the mirror sites:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc

Reporting Bugs:
===============

- Please read https://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com

Revision 1.13 / (download) - annotate - [select for diffs], Fri Apr 15 14:00:06 2022 UTC (23 months, 1 week ago) by christos
Branch: MAIN
CVS Tags: netbsd-10-base
Branch point for: netbsd-10
Changes since 1.12: +1 -1 lines
Diff to previous 1.12 (colored) to selected 1.8 (colored)

merge conflicts between OpenSSH-8.9 and OpenSSH-9.0

Revision 1.1.1.9 / (download) - annotate - [select for diffs] (vendor branch), Fri Apr 15 13:58:18 2022 UTC (23 months, 1 week ago) by christos
Branch: OPENSSH
CVS Tags: v91-20221004, v90-20220408
Changes since 1.1.1.8: +4 -4 lines
Diff to previous 1.1.1.8 (colored) to selected 1.8 (colored)

Import OpenSSH-9.0

Changes since OpenSSH 8.9
=========================

This release is focused on bug fixing.

Potentially-incompatible changes
--------------------------------

This release switches scp(1) from using the legacy scp/rcp protocol
to using the SFTP protocol by default.

Legacy scp/rcp performs wildcard expansion of remote filenames (e.g.
"scp host:* .") through the remote shell. This has the side effect of
requiring double quoting of shell meta-characters in file names
included on scp(1) command-lines, otherwise they could be interpreted
as shell commands on the remote side.

This creates one area of potential incompatibility: scp(1) when using
the SFTP protocol no longer requires this finicky and brittle quoting,
and attempts to use it may cause transfers to fail. We consider the
removal of the need for double-quoting shell characters in file names
to be a benefit and do not intend to introduce bug-compatibility for
legacy scp/rcp in scp(1) when using the SFTP protocol.

Another area of potential incompatibility relates to the use of remote
paths relative to other user's home directories, for example -
"scp host:~user/file /tmp". The SFTP protocol has no native way to
expand a ~user path. However, sftp-server(8) in OpenSSH 8.7 and later
support a protocol extension "expand-path@openssh.com" to support
this.

In case of incompatibility, the scp(1) client may be instructed to use
the legacy scp/rcp using the -O flag.

New features
------------

 * ssh(1), sshd(8): use the hybrid Streamlined NTRU Prime + x25519 key
   exchange method by default ("sntrup761x25519-sha512@openssh.com").
   The NTRU algorithm is believed to resist attacks enabled by future
   quantum computers and is paired with the X25519 ECDH key exchange
   (the previous default) as a backstop against any weaknesses in
   NTRU Prime that may be discovered in the future. The combination
   ensures that the hybrid exchange offers at least as good security
   as the status quo.

   We are making this change now (i.e. ahead of cryptographically-
   relevant quantum computers) to prevent "capture now, decrypt
   later" attacks where an adversary who can record and store SSH
   session ciphertext would be able to decrypt it once a sufficiently
   advanced quantum computer is available.

 * sftp-server(8): support the "copy-data" extension to allow server-
   side copying of files/data, following the design in
   draft-ietf-secsh-filexfer-extensions-00. bz2948

 * sftp(1): add a "cp" command to allow the sftp client to perform
   server-side file copies.

Bugfixes
--------

 * ssh(1), sshd(8): upstream: fix poll(2) spin when a channel's output
   fd closes without data in the channel buffer. bz3405 and bz3411

 * sshd(8): pack pollfd array in server listen/accept loop. Could
   cause the server to hang/spin when MaxStartups > RLIMIT_NOFILE

 * ssh-keygen(1): avoid NULL deref via the find-principals and
   check-novalidate operations. bz3409 and GHPR307 respectively.

 * scp(1): fix a memory leak in argument processing. bz3404

 * sshd(8): don't try to resolve ListenAddress directives in the sshd
   re-exec path. They are unused after re-exec and parsing errors
   (possible for example if the host's network configuration changed)
   could prevent connections from being accepted.

 * sshd(8): when refusing a public key authentication request from a
   client for using an unapproved or unsupported signature algorithm
   include the algorithm name in the log message to make debugging
   easier.

Portability
-----------

 * sshd(8): refactor platform-specific locked account check, fixing
   an incorrect free() on platforms with both libiaf and shadow
   passwords (probably only Unixware) GHPR284,

 * ssh(1), sshd(8): Fix possible integer underflow in scan_scaled(3)
   parsing of K/M/G/etc quantities. bz#3401.

 * sshd(8): provide killpg implementation (mostly for Tandem NonStop)
   GHPR301.

 * Check for missing ftruncate prototype. GHPR301

 * sshd(8): default to not using sandbox when cross compiling. On most
   systems poll(2) does not work when the number of FDs is reduced
   with setrlimit, so assume it doesn't when cross compiling and we
   can't run the test.  bz#3398.

 * sshd(8): allow ppoll_time64 in seccomp sandbox. Should fix sandbox
   violations on some (at least i386 and armhf) 32bit Linux platforms.
   bz#3396.

 * Improve detection of -fzero-call-used-regs=all support in
   configure script.

Revision 1.10.12.1 / (download) - annotate - [select for diffs], Mon Apr 13 07:45:20 2020 UTC (3 years, 11 months ago) by martin
Branch: phil-wifi
Changes since 1.10: +4 -4 lines
Diff to previous 1.10 (colored) next main 1.11 (colored) to selected 1.8 (colored)

Mostly merge changes from HEAD upto 20200411

Revision 1.12 / (download) - annotate - [select for diffs], Thu Feb 27 00:24:40 2020 UTC (4 years, 1 month ago) by christos
Branch: MAIN
CVS Tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, is-mlppp-base, is-mlppp, cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored) to selected 1.8 (colored)

Merge conflicts

Revision 1.1.1.8 / (download) - annotate - [select for diffs] (vendor branch), Thu Feb 27 00:21:36 2020 UTC (4 years, 1 month ago) by christos
Branch: OPENSSH
CVS Tags: v89-20220223, v88-20210926, v87-20210820, v86-20210419, v85_20210303, v84-20200927, v83-20200527, v82-20200214
Changes since 1.1.1.7: +2 -1 lines
Diff to previous 1.1.1.7 (colored) to selected 1.8 (colored)

OpenSSH 8.2/8.2p1 (2020-02-14)
OpenSSH 8.2 was released on 2020-02-14. It is available from the
mirrors listed at https://www.openssh.com/.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
https://www.openssh.com/donations.html

Future deprecation notice
=========================

It is now possible[1] to perform chosen-prefix attacks against the
SHA-1 hash algorithm for less than USD$50K. For this reason, we will
be disabling the "ssh-rsa" public key signature algorithm that depends
on SHA-1 by default in a near-future release.

This algorithm is unfortunately still used widely despite the
existence of better alternatives, being the only remaining public key
signature algorithm specified by the original SSH RFCs.

The better alternatives include:

 * The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These
   algorithms have the advantage of using the same key type as
   "ssh-rsa" but use the safe SHA-2 hash algorithms. These have been
   supported since OpenSSH 7.2 and are already used by default if the
   client and server support them.

 * The ssh-ed25519 signature algorithm. It has been supported in
   OpenSSH since release 6.5.

 * The RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521. These
   have been supported by OpenSSH since release 5.7.

To check whether a server is using the weak ssh-rsa public key
algorithm for host authentication, try to connect to it after
removing the ssh-rsa algorithm from ssh(1)'s allowed list:

    ssh -oHostKeyAlgorithms=-ssh-rsa user@host

If the host key verification fails and no other supported host key
types are available, the server software on that host should be
upgraded.

A future release of OpenSSH will enable UpdateHostKeys by default
to allow the client to automatically migrate to better algorithms.
Users may consider enabling this option manually.

[1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and
    Application to the PGP Web of Trust" Leurent, G and Peyrin, T
    (2020) https://eprint.iacr.org/2020/014.pdf

Security
========

 * ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa"
   (RSA/SHA1) algorithm from those accepted for certificate signatures
   (i.e. the client and server CASignatureAlgorithms option) and will
   use the rsa-sha2-512 signature algorithm by default when the
   ssh-keygen(1) CA signs new certificates.

   Certificates are at special risk to the aforementioned SHA1
   collision vulnerability as an attacker has effectively unlimited
   time in which to craft a collision that yields them a valid
   certificate, far more than the relatively brief LoginGraceTime
   window that they have to forge a host key signature.

   The OpenSSH certificate format includes a CA-specified (typically
   random) nonce value near the start of the certificate that should
   make exploitation of chosen-prefix collisions in this context
   challenging, as the attacker does not have full control over the
   prefix that actually gets signed. Nonetheless, SHA1 is now a
   demonstrably broken algorithm and futher improvements in attacks
   are highly likely.

   OpenSSH releases prior to 7.2 do not support the newer RSA/SHA2
   algorithms and will refuse to accept certificates signed by an
   OpenSSH 8.2+ CA using RSA keys unless the unsafe algorithm is
   explicitly selected during signing ("ssh-keygen -t ssh-rsa").
   Older clients/servers may use another CA key type such as
   ssh-ed25519 (supported since OpenSSH 6.5) or one of the
   ecdsa-sha2-nistp256/384/521 types (supported since OpenSSH 5.7)
   instead if they cannot be upgraded.

Potentially-incompatible changes
================================

This release includes a number of changes that may affect existing
configurations:

 * ssh(1), sshd(8): the above removal of "ssh-rsa" from the accepted
   CASignatureAlgorithms list.

 * ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1
   from the default key exchange proposal for both the client and
   server.

 * ssh-keygen(1): the command-line options related to the generation
   and screening of safe prime numbers used by the
   diffie-hellman-group-exchange-* key exchange algorithms have
   changed. Most options have been folded under the -O flag.

 * sshd(8): the sshd listener process title visible to ps(1) has
   changed to include information about the number of connections that
   are currently attempting authentication and the limits configured
   by MaxStartups.

 * ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F
   support to provide address-space isolation for token middleware
   libraries (including the internal one). It needs to be installed
   in the expected path, typically under /usr/libexec or similar.

Changes since OpenSSH 8.1
=========================

This release contains some significant new features.

FIDO/U2F Support
----------------

This release adds support for FIDO/U2F hardware authenticators to
OpenSSH. U2F/FIDO are open standards for inexpensive two-factor
authentication hardware that are widely used for website
authentication.  In OpenSSH FIDO devices are supported by new public
key types "ecdsa-sk" and "ed25519-sk", along with corresponding
certificate types.

ssh-keygen(1) may be used to generate a FIDO token-backed key, after
which they may be used much like any other key type supported by
OpenSSH, so long as the hardware token is attached when the keys are
used. FIDO tokens also generally require the user explicitly authorise
operations by touching or tapping them.

Generating a FIDO key requires the token be attached, and will usually
require the user tap the token to confirm the operation:

  $ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
  Generating public/private ecdsa-sk key pair.
  You may need to touch your security key to authorize key generation.
  Enter file in which to save the key (/home/djm/.ssh/id_ecdsa_sk):
  Enter passphrase (empty for no passphrase):
  Enter same passphrase again:
  Your identification has been saved in /home/djm/.ssh/id_ecdsa_sk
  Your public key has been saved in /home/djm/.ssh/id_ecdsa_sk.pub

This will yield a public and private key-pair. The private key file
should be useless to an attacker who does not have access to the
physical token. After generation, this key may be used like any other
supported key in OpenSSH and may be listed in authorized_keys, added
to ssh-agent(1), etc. The only additional stipulation is that the FIDO
token that the key belongs to must be attached when the key is used.

FIDO tokens are most commonly connected via USB but may be attached
via other means such as Bluetooth or NFC. In OpenSSH, communication
with the token is managed via a middleware library, specified by the
SecurityKeyProvider directive in ssh/sshd_config(5) or the
$SSH_SK_PROVIDER environment variable for ssh-keygen(1) and
ssh-add(1). The API for this middleware is documented in the sk-api.h
and PROTOCOL.u2f files in the source distribution.

OpenSSH includes a middleware ("SecurityKeyProvider=internal") with
support for USB tokens. It is automatically enabled in OpenBSD and may
be enabled in portable OpenSSH via the configure flag
--with-security-key-builtin. If the internal middleware is enabled
then it is automatically used by default. This internal middleware
requires that libfido2 (https://github.com/Yubico/libfido2) and its
dependencies be installed. We recommend that packagers of portable
OpenSSH enable the built-in middleware, as it provides the
lowest-friction experience for users.

Note: FIDO/U2F tokens are required to implement the ECDSA-P256
"ecdsa-sk" key type, but hardware support for Ed25519 "ed25519-sk" is
less common. Similarly, not all hardware tokens support some of the
optional features such as resident keys.

The protocol-level changes to support FIDO/U2F keys in SSH are
documented in the PROTOCOL.u2f file in the OpenSSH source
distribution.

There are a number of supporting changes to this feature:

 * ssh-keygen(1): add a "no-touch-required" option when generating
   FIDO-hosted keys, that disables their default behaviour of
   requiring a physical touch/tap on the token during authentication.
   Note: not all tokens support disabling the touch requirement.

 * sshd(8): add a sshd_config PubkeyAuthOptions directive that
   collects miscellaneous public key authentication-related options
   for sshd(8). At present it supports only a single option
   "no-touch-required". This causes sshd to skip its default check for
   FIDO/U2F keys that the signature was authorised by a touch or press
   event on the token hardware.

 * ssh(1), sshd(8), ssh-keygen(1): add a "no-touch-required" option
   for authorized_keys and a similar extension for certificates. This
   option disables the default requirement that FIDO key signatures
   attest that the user touched their key to authorize them, mirroring
   the similar PubkeyAuthOptions sshd_config option.

 * ssh-keygen(1): add support for the writing the FIDO attestation
   information that is returned when new keys are generated via the
   "-O write-attestation=/path" option. FIDO attestation certificates
   may be used to verify that a FIDO key is hosted in trusted
   hardware. OpenSSH does not currently make use of this information,
   beyond optionally writing it to disk.

FIDO2 resident keys
-------------------

FIDO/U2F OpenSSH keys consist of two parts: a "key handle" part stored
in the private key file on disk, and a per-device private key that is
unique to each FIDO/U2F token and that cannot be exported from the
token hardware. These are combined by the hardware at authentication
time to derive the real key that is used to sign authentication
challenges.

For tokens that are required to move between computers, it can be
cumbersome to have to move the private key file first. To avoid this
requirement, tokens implementing the newer FIDO2 standard support
"resident keys", where it is possible to effectively retrieve the key
handle part of the key from the hardware.

OpenSSH supports this feature, allowing resident keys to be generated
using the ssh-keygen(1) "-O resident" flag. This will produce a
public/private key pair as usual, but it will be possible to retrieve
the private key part from the token later. This may be done using
"ssh-keygen -K", which will download all available resident keys from
the tokens attached to the host and write public/private key files
for them. It is also possible to download and add resident keys
directly to ssh-agent(1) without writing files to the file-system
using "ssh-add -K".

Resident keys are indexed on the token by the application string and
user ID. By default, OpenSSH uses an application string of "ssh:" and
an empty user ID. If multiple resident keys on a single token are
desired then it may be necessary to override one or both of these
defaults using the ssh-keygen(1) "-O application=" or "-O user="
options. Note: OpenSSH will only download and use resident keys whose
application string begins with "ssh:"

Storing both parts of a key on a FIDO token increases the likelihood
of an attacker being able to use a stolen token device. For this
reason, tokens should enforce PIN authentication before allowing
download of keys, and users should set a PIN on their tokens before
creating any resident keys.

Other New Features
------------------

 * sshd(8): add an Include sshd_config keyword that allows including
   additional configuration files via glob(3) patterns. bz2468

 * ssh(1)/sshd(8): make the LE (low effort) DSCP code point available
   via the IPQoS directive; bz2986,

 * ssh(1): when AddKeysToAgent=yes is set and the key contains no
   comment, add the key to the agent with the key's path as the
   comment. bz2564

 * ssh-keygen(1), ssh-agent(1): expose PKCS#11 key labels and X.509
   subjects as key comments, rather than simply listing the PKCS#11
   provider library path. PR138

 * ssh-keygen(1): allow PEM export of DSA and ECDSA keys; bz3091

 * ssh(1), sshd(8): make zlib compile-time optional, available via the
   Makefile.inc ZLIB flag on OpenBSD or via the --with-zlib configure
   option for OpenSSH portable.

 * sshd(8): when clients get denied by MaxStartups, send a
   notification prior to the SSH2 protocol banner according to
   RFC4253 section 4.2.

 * ssh(1), ssh-agent(1): when invoking the $SSH_ASKPASS prompt
   program, pass a hint to the program to describe the type of
   desired prompt.  The possible values are "confirm" (indicating
   that a yes/no confirmation dialog with no text entry should be
   shown), "none" (to indicate an informational message only), or
   blank for the original ssh-askpass behaviour of requesting a
   password/phrase.

 * ssh(1): allow forwarding a different agent socket to the path
   specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent
   option to accepting an explicit path or the name of an environment
   variable in addition to yes/no.

 * ssh-keygen(1): add a new signature operations "find-principals" to
   look up the principal associated with a signature from an allowed-
   signers file.

 * sshd(8): expose the number of currently-authenticating connections
   along with the MaxStartups limit in the process title visible to
   "ps".

Bugfixes
--------

 * sshd(8): make ClientAliveCountMax=0 have sensible semantics: it
   will now disable connection killing entirely rather than the
   current behaviour of instantly killing the connection after the
   first liveness test regardless of success. bz2627

 * sshd(8): clarify order of AllowUsers / DenyUsers vs AllowGroups /
   DenyGroups in the sshd(8) manual page. bz1690

 * sshd(8): better describe HashKnownHosts in the manual page. bz2560

 * sshd(8): clarify that that permitopen=/PermitOpen do no name or
   address translation in the manual page. bz3099

 * sshd(8): allow the UpdateHostKeys feature to function when
   multiple known_hosts files are in use. When updating host keys,
   ssh will now search subsequent known_hosts files, but will add
   updated host keys to the first specified file only. bz2738

 * All: replace all calls to signal(2) with a wrapper around
   sigaction(2). This wrapper blocks all other signals during the
   handler preventing races between handlers, and sets SA_RESTART
   which should reduce the potential for short read/write operations.

 * sftp(1): fix a race condition in the SIGCHILD handler that could
   turn in to a kill(-1); bz3084

 * sshd(8): fix a case where valid (but extremely large) SSH channel
   IDs were being incorrectly rejected. bz3098

 * ssh(1): when checking host key fingerprints as answers to new
   hostkey prompts, ignore whitespace surrounding the fingerprint
   itself.

 * All: wait for file descriptors to be readable or writeable during
   non-blocking connect, not just readable. Prevents a timeout when
   the server doesn't immediately send a banner (e.g. multiplexers
   like sslh)

 * sshd_config(5): document the sntrup4591761x25519-sha512@tinyssh.org
   key exchange algorithm. PR#151

Revision 1.11 / (download) - annotate - [select for diffs], Sat Oct 12 18:32:22 2019 UTC (4 years, 5 months ago) by christos
Branch: MAIN
CVS Tags: phil-wifi-20191119
Changes since 1.10: +3 -4 lines
Diff to previous 1.10 (colored) to selected 1.8 (colored)

merge openssh-8.1

Revision 1.1.1.7 / (download) - annotate - [select for diffs] (vendor branch), Sat Oct 12 15:14:04 2019 UTC (4 years, 5 months ago) by christos
Branch: OPENSSH
CVS Tags: v81-20191009
Changes since 1.1.1.6: +1 -2 lines
Diff to previous 1.1.1.6 (colored) to selected 1.8 (colored)

OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html

Security
========

 * ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
   overflow bug was found in the private key parsing code for the XMSS
   key type. This key type is still experimental and support for it is
   not compiled by default. No user-facing autoconf option exists in
   portable OpenSSH to enable it. This bug was found by Adam Zabrocki
   and reported via SecuriTeam's SSD program.

 * ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
   rest in RAM against speculation and memory side-channel attacks like
   Spectre, Meltdown and Rambleed. This release encrypts private keys
   when they are not in use with a symmetric key that is derived from a
   relatively large "prekey" consisting of random data (currently 16KB).

Potentially-incompatible changes
================================

This release includes a number of changes that may affect existing
configurations:

 * ssh-keygen(1): when acting as a CA and signing certificates with
   an RSA key, default to using the rsa-sha2-512 signature algorithm.
   Certificates signed by RSA keys will therefore be incompatible
   with OpenSSH versions prior to 7.2 unless the default is
   overridden (using "ssh-keygen -t ssh-rsa -s ...").

Revision 1.4.4.1 / (download) - annotate - [select for diffs], Tue Aug 15 05:27:52 2017 UTC (6 years, 7 months ago) by snj
Branch: netbsd-6
Changes since 1.4: +11 -10 lines
Diff to previous 1.4 (colored) next main 1.5 (colored) to selected 1.8 (colored)

Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.

Revision 1.4.10.1 / (download) - annotate - [select for diffs], Tue Aug 15 04:40:16 2017 UTC (6 years, 7 months ago) by snj
Branch: netbsd-6-1
Changes since 1.4: +11 -10 lines
Diff to previous 1.4 (colored) next main 1.5 (colored) to selected 1.8 (colored)

Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.

Revision 1.4.8.1 / (download) - annotate - [select for diffs], Tue Aug 15 04:39:21 2017 UTC (6 years, 7 months ago) by snj
Branch: netbsd-6-0
Changes since 1.4: +11 -10 lines
Diff to previous 1.4 (colored) next main 1.5 (colored) to selected 1.8 (colored)

Apply patch (requested by mrg in ticket #1468):
Update OpenSSH to 7.5.

Revision 1.8.2.2 / (download) - annotate - [select for diffs], Wed Apr 26 02:52:15 2017 UTC (6 years, 11 months ago) by pgoyette
Branch: pgoyette-localcount
Changes since 1.8.2.1: +2 -2 lines
Diff to previous 1.8.2.1 (colored) to branchpoint 1.8 (colored) next main 1.9 (colored) to selected 1.8 (colored)

Sync with HEAD

Revision 1.9.2.1 / (download) - annotate - [select for diffs], Fri Apr 21 16:50:57 2017 UTC (6 years, 11 months ago) by bouyer
Branch: bouyer-socketcan
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored) next main 1.10 (colored) to selected 1.8 (colored)

Sync with HEAD

Revision 1.10 / (download) - annotate - [select for diffs], Tue Apr 18 18:41:46 2017 UTC (6 years, 11 months ago) by christos
Branch: MAIN
CVS Tags: prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, phil-wifi-base, phil-wifi-20190609, pgoyette-localcount-20170426, pgoyette-compat-merge-20190127, pgoyette-compat-base, pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315, pgoyette-compat, perseant-stdc-iso10646-base, perseant-stdc-iso10646, netbsd-9-base, netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1, netbsd-8-base, netbsd-8-2-RELEASE, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1, netbsd-8, matt-nb8-mediatek-base, matt-nb8-mediatek, bouyer-socketcan-base1
Branch point for: phil-wifi, netbsd-9
Changes since 1.9: +0 -0 lines
Diff to previous 1.9 (colored) to selected 1.8 (colored)

merge conflicts

Revision 1.8.2.1 / (download) - annotate - [select for diffs], Sat Jan 7 08:53:42 2017 UTC (7 years, 2 months ago) by pgoyette
Branch: pgoyette-localcount
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)

Sync with HEAD.  (Note that most of these changes are simply $NetBSD$
tag issues.)

Revision 1.9 / (download) - annotate - [select for diffs], Sun Dec 25 00:07:47 2016 UTC (7 years, 3 months ago) by christos
Branch: MAIN
CVS Tags: pgoyette-localcount-20170320, pgoyette-localcount-20170107, bouyer-socketcan-base
Branch point for: bouyer-socketcan
Changes since 1.8: +0 -0 lines
Diff to previous 1.8 (colored)

merge conflicts

Revision 1.6.4.1 / (download) - annotate - [select for diffs], Thu Apr 30 06:07:30 2015 UTC (8 years, 11 months ago) by riz
Branch: netbsd-7
CVS Tags: netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0
Changes since 1.6: +5 -4 lines
Diff to previous 1.6 (colored) next main 1.7 (colored) to selected 1.8 (colored)

Pull up blacklistd(8), requested by christos in ticket #711:
crypto/external/bsd/openssh/dist/moduli-gen/Makefile up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli-gen.sh up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.1024 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.1536 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.1.1.1
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.1.1.1
crypto/external/bsd/openssh/dist/bcrypt_pbkdf.c up to 1.2
crypto/external/bsd/openssh/dist/kexc25519.c    up to 1.3
crypto/external/bsd/openssh/dist/smult_curve25519_ref.c up to 1.3
crypto/external/bsd/openssh/dist/bitmap.c       up to 1.2 plus patch
crypto/external/bsd/openssh/dist/PROTOCOL.chacha20poly1305 up to 1.1.1.1
crypto/external/bsd/openssh/dist/PROTOCOL.key   up to 1.1.1.1
crypto/external/bsd/openssh/dist/blf.h          up to 1.1
crypto/external/bsd/openssh/dist/blocks.c       up to 1.3
crypto/external/bsd/openssh/dist/blowfish.c     up to 1.2
crypto/external/bsd/openssh/dist/chacha.c       up to 1.3
crypto/external/bsd/openssh/dist/chacha.h       up to 1.1.1.1
crypto/external/bsd/openssh/dist/cipher-aesctr.c up to 1.1.1.2
crypto/external/bsd/openssh/dist/cipher-aesctr.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/cipher-chachapoly.c up to 1.3
crypto/external/bsd/openssh/dist/cipher-chachapoly.h up to 1.1.1.1
crypto/external/bsd/openssh/dist/crypto_api.h   up to 1.1.1.1
crypto/external/bsd/openssh/dist/digest-libc.c  up to 1.3
crypto/external/bsd/openssh/dist/digest-openssl.c up to 1.3
crypto/external/bsd/openssh/dist/digest.h       up to 1.1.1.2
crypto/external/bsd/openssh/dist/ed25519.c      up to 1.3
crypto/external/bsd/openssh/dist/fe25519.c      up to 1.3
crypto/external/bsd/openssh/dist/fe25519.h      up to 1.1.1.1
crypto/external/bsd/openssh/dist/ge25519.c      up to 1.3
crypto/external/bsd/openssh/dist/ge25519.h      up to 1.1.1.2
crypto/external/bsd/openssh/dist/ge25519_base.data up to 1.1.1.1
crypto/external/bsd/openssh/dist/hash.c         up to 1.3
crypto/external/bsd/openssh/dist/hmac.c         up to 1.3
crypto/external/bsd/openssh/dist/hmac.h         up to 1.1.1.1
crypto/external/bsd/openssh/dist/kexc25519c.c   up to 1.3
crypto/external/bsd/openssh/dist/kexc25519s.c   up to 1.3
crypto/external/bsd/openssh/dist/poly1305.c     up to 1.3
crypto/external/bsd/openssh/dist/poly1305.h     up to 1.1.1.1
crypto/external/bsd/openssh/dist/rijndael.c     up to 1.1.1.2
crypto/external/bsd/openssh/dist/rijndael.h     up to 1.1.1.1
crypto/external/bsd/openssh/dist/sc25519.c      up to 1.3
crypto/external/bsd/openssh/dist/sc25519.h      up to 1.1.1.1
crypto/external/bsd/openssh/dist/ssh-ed25519.c  up to 1.3
crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c up to 1.3
crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c up to 1.3
crypto/external/bsd/openssh/dist/sshbuf-misc.c  up to 1.3
crypto/external/bsd/openssh/dist/sshbuf.c       up to 1.3
crypto/external/bsd/openssh/dist/sshbuf.h       up to 1.4
crypto/external/bsd/openssh/dist/ssherr.c       up to 1.3
crypto/external/bsd/openssh/dist/ssherr.h       up to 1.1.1.2
crypto/external/bsd/openssh/dist/sshkey.c       up to 1.3
crypto/external/bsd/openssh/dist/sshkey.h       up to 1.1.1.2
crypto/external/bsd/openssh/dist/verify.c       up to 1.3
crypto/external/bsd/openssh/dist/opacket.c      up to 1.2
crypto/external/bsd/openssh/dist/umac128.c      up to 1.1
crypto/external/bsd/openssh/dist/pfilter.c      up to 1.2
crypto/external/bsd/openssh/dist/pfilter.h      up to 1.1
crypto/external/bsd/openssh/dist/bitmap.h       up to 1.2
crypto/external/bsd/openssh/dist/opacket.h      up to 1.2
crypto/external/bsd/openssh/dist/ssh_api.c      up to 1.2
crypto/external/bsd/openssh/dist/ssh_api.h      up to 1.2
crypto/external/bsd/openssh/dist/auth2-jpake.c  delete
crypto/external/bsd/openssh/dist/compress.c     delete
crypto/external/bsd/openssh/dist/compress.h     delete
crypto/external/bsd/openssh/dist/jpake.c        delete
crypto/external/bsd/openssh/dist/jpake.h        delete
crypto/external/bsd/openssh/dist/schnorr.c      delete
crypto/external/bsd/openssh/dist/schnorr.h      delete
crypto/external/bsd/openssh/dist/strtonum.c     1.1
crypto/external/bsd/openssh/Makefile.inc        up to 1.8
crypto/external/bsd/openssh/bin/Makefile.inc    up to 1.3
crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile up to 1.2
crypto/external/bsd/openssh/bin/sshd/Makefile   up to 1.12
crypto/external/bsd/openssh/dist/PROTOCOL       up to 1.5
crypto/external/bsd/openssh/dist/PROTOCOL.krl   up to 1.1.1.2
crypto/external/bsd/openssh/dist/addrmatch.c    up to 1.8
crypto/external/bsd/openssh/dist/atomicio.c     up to 1.6
crypto/external/bsd/openssh/dist/auth-bsdauth.c up to 1.4
crypto/external/bsd/openssh/dist/auth-chall.c   up to 1.6
crypto/external/bsd/openssh/dist/auth-krb5.c    up to 1.7
crypto/external/bsd/openssh/dist/auth-options.c up to 1.9
crypto/external/bsd/openssh/dist/auth-options.h up to 1.6
crypto/external/bsd/openssh/dist/auth-passwd.c  up to 1.4
crypto/external/bsd/openssh/dist/auth-rh-rsa.c  up to 1.6
crypto/external/bsd/openssh/dist/auth-rhosts.c  up to 1.5
crypto/external/bsd/openssh/dist/auth-rsa.c     up to 1.10
crypto/external/bsd/openssh/dist/auth.c         up to 1.12
crypto/external/bsd/openssh/dist/auth.h         up to 1.10
crypto/external/bsd/openssh/dist/auth1.c        up to 1.11
crypto/external/bsd/openssh/dist/auth2-chall.c  up to 1.7
crypto/external/bsd/openssh/dist/auth2-gss.c    up to 1.8
crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.7
crypto/external/bsd/openssh/dist/auth2-kbdint.c up to 1.5
crypto/external/bsd/openssh/dist/auth2-krb5.c   up to 1.4
crypto/external/bsd/openssh/dist/auth2-none.c   up to 1.5
crypto/external/bsd/openssh/dist/auth2-passwd.c up to 1.5
crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.11
crypto/external/bsd/openssh/dist/auth2.c        up to 1.11
crypto/external/bsd/openssh/dist/authfd.c       up to 1.8
crypto/external/bsd/openssh/dist/authfd.h       up to 1.5
crypto/external/bsd/openssh/dist/authfile.c     up to 1.10
crypto/external/bsd/openssh/dist/authfile.h     up to 1.6
crypto/external/bsd/openssh/dist/bufaux.c       up to 1.7
crypto/external/bsd/openssh/dist/bufbn.c        up to 1.5
crypto/external/bsd/openssh/dist/bufec.c        up to 1.5
crypto/external/bsd/openssh/dist/buffer.c       up to 1.6
crypto/external/bsd/openssh/dist/buffer.h       up to 1.7
crypto/external/bsd/openssh/dist/canohost.c     up to 1.8
crypto/external/bsd/openssh/dist/channels.c     up to 1.13
crypto/external/bsd/openssh/dist/channels.h     up to 1.10
crypto/external/bsd/openssh/dist/cipher-3des1.c up to 1.7
crypto/external/bsd/openssh/dist/cipher-bf1.c   up to 1.6
crypto/external/bsd/openssh/dist/cipher.c       up to 1.7
crypto/external/bsd/openssh/dist/cipher.h       up to 1.7
crypto/external/bsd/openssh/dist/clientloop.c   up to 1.13
crypto/external/bsd/openssh/dist/compat.c       up to 1.9
crypto/external/bsd/openssh/dist/compat.h       up to 1.6
crypto/external/bsd/openssh/dist/deattack.c     up to 1.4
crypto/external/bsd/openssh/dist/deattack.h     up to 1.4
crypto/external/bsd/openssh/dist/dh.c           up to 1.8
crypto/external/bsd/openssh/dist/dh.h           up to 1.4
crypto/external/bsd/openssh/dist/dispatch.c     up to 1.5
crypto/external/bsd/openssh/dist/dispatch.h     up to 1.4
crypto/external/bsd/openssh/dist/dns.c          up to 1.11
crypto/external/bsd/openssh/dist/dns.h          up to 1.6
crypto/external/bsd/openssh/dist/groupaccess.c  up to 1.5
crypto/external/bsd/openssh/dist/gss-genr.c     up to 1.7
crypto/external/bsd/openssh/dist/gss-serv-krb5.c up to 1.8
crypto/external/bsd/openssh/dist/gss-serv.c     up to 1.7
crypto/external/bsd/openssh/dist/hostfile.c     up to 1.7
crypto/external/bsd/openssh/dist/hostfile.h     up to 1.7
crypto/external/bsd/openssh/dist/includes.h     up to 1.4
crypto/external/bsd/openssh/dist/kex.c          up to 1.10
crypto/external/bsd/openssh/dist/kex.h          up to 1.9
crypto/external/bsd/openssh/dist/kexdh.c        up to 1.4
crypto/external/bsd/openssh/dist/kexdhc.c       up to 1.6
crypto/external/bsd/openssh/dist/kexdhs.c       up to 1.8
crypto/external/bsd/openssh/dist/kexecdh.c      up to 1.5
crypto/external/bsd/openssh/dist/kexecdhc.c     up to 1.5
crypto/external/bsd/openssh/dist/kexecdhs.c     up to 1.5
crypto/external/bsd/openssh/dist/kexgex.c       up to 1.4
crypto/external/bsd/openssh/dist/kexgexc.c      up to 1.6
crypto/external/bsd/openssh/dist/kexgexs.c      up to 1.8
crypto/external/bsd/openssh/dist/key.c          up to 1.16
crypto/external/bsd/openssh/dist/key.h          up to 1.9
crypto/external/bsd/openssh/dist/krl.c          up to 1.5
crypto/external/bsd/openssh/dist/krl.h          up to 1.1.1.2
crypto/external/bsd/openssh/dist/mac.c          up to 1.11
crypto/external/bsd/openssh/dist/mac.h          up to 1.5
crypto/external/bsd/openssh/dist/match.c        up to 1.5
crypto/external/bsd/openssh/dist/misc.c         up to 1.10
crypto/external/bsd/openssh/dist/misc.h         up to 1.9 plus patch
crypto/external/bsd/openssh/dist/moduli.c       up to 1.8
crypto/external/bsd/openssh/dist/monitor.c      up to 1.14
crypto/external/bsd/openssh/dist/monitor.h      up to 1.7
crypto/external/bsd/openssh/dist/monitor_fdpass.c up to 1.5
crypto/external/bsd/openssh/dist/monitor_mm.c   up to 1.6
crypto/external/bsd/openssh/dist/monitor_mm.h   up to 1.4
crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.11
crypto/external/bsd/openssh/dist/monitor_wrap.h up to 1.8
crypto/external/bsd/openssh/dist/msg.c          up to 1.4
crypto/external/bsd/openssh/dist/msg.h          up to 1.4
crypto/external/bsd/openssh/dist/mux.c          up to 1.11
crypto/external/bsd/openssh/dist/myproposal.h   up to 1.10
crypto/external/bsd/openssh/dist/namespace.h    up to 1.5
crypto/external/bsd/openssh/dist/packet.c       up to 1.18
crypto/external/bsd/openssh/dist/packet.h       up to 1.11
crypto/external/bsd/openssh/dist/pathnames.h    up to 1.9
crypto/external/bsd/openssh/dist/pkcs11.h       up to 1.4
crypto/external/bsd/openssh/dist/progressmeter.c up to 1.7
crypto/external/bsd/openssh/dist/progressmeter.h up to 1.4
crypto/external/bsd/openssh/dist/reallocarray.c new
crypto/external/bsd/openssh/dist/readconf.c     up to 1.13
crypto/external/bsd/openssh/dist/readconf.h     up to 1.12
crypto/external/bsd/openssh/dist/readpass.c     up to 1.6
crypto/external/bsd/openssh/dist/roaming_client.c up to 1.7
crypto/external/bsd/openssh/dist/roaming_common.c up to 1.9
crypto/external/bsd/openssh/dist/roaming_dummy.c up to 1.4
crypto/external/bsd/openssh/dist/rsa.c          up to 1.5
crypto/external/bsd/openssh/dist/rsa.h          up to 1.4
crypto/external/bsd/openssh/dist/sandbox-systrace.c up to 1.1.1.5
crypto/external/bsd/openssh/dist/scp.1          up to 1.9
crypto/external/bsd/openssh/dist/scp.c          up to 1.11
crypto/external/bsd/openssh/dist/servconf.c     up to 1.17
crypto/external/bsd/openssh/dist/servconf.h     up to 1.11
crypto/external/bsd/openssh/dist/serverloop.c   up to 1.12
crypto/external/bsd/openssh/dist/session.c      up to 1.14
crypto/external/bsd/openssh/dist/session.h      up to 1.4
crypto/external/bsd/openssh/dist/sftp-client.c  up to 1.13
crypto/external/bsd/openssh/dist/sftp-client.h  up to 1.7
crypto/external/bsd/openssh/dist/sftp-common.c  up to 1.7
crypto/external/bsd/openssh/dist/sftp-common.h  up to 1.5
crypto/external/bsd/openssh/dist/sftp-glob.c    up to 1.8
crypto/external/bsd/openssh/dist/sftp-server.8  up to 1.9
crypto/external/bsd/openssh/dist/sftp-server.c  up to 1.11
crypto/external/bsd/openssh/dist/sftp.1         up to 1.11
crypto/external/bsd/openssh/dist/sftp.c         up to 1.15
crypto/external/bsd/openssh/dist/ssh-add.1      up to 1.9
crypto/external/bsd/openssh/dist/ssh-add.c      up to 1.10
crypto/external/bsd/openssh/dist/ssh-agent.1    up to 1.8
crypto/external/bsd/openssh/dist/ssh-agent.c    up to 1.14
crypto/external/bsd/openssh/dist/ssh-dss.c      up to 1.7
crypto/external/bsd/openssh/dist/ssh-ecdsa.c    up to 1.6
crypto/external/bsd/openssh/dist/ssh-gss.h      up to 1.5
crypto/external/bsd/openssh/dist/ssh-keygen.1   up to 1.13
crypto/external/bsd/openssh/dist/ssh-keygen.c   up to 1.16
crypto/external/bsd/openssh/dist/ssh-keyscan.1  up to 1.10
crypto/external/bsd/openssh/dist/ssh-keyscan.c  up to 1.13
crypto/external/bsd/openssh/dist/ssh-keysign.8  up to 1.9
crypto/external/bsd/openssh/dist/ssh-keysign.c  up to 1.8
crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c up to 1.6
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c up to 1.8
crypto/external/bsd/openssh/dist/ssh-pkcs11.c   up to 1.7
crypto/external/bsd/openssh/dist/ssh-pkcs11.h   up to 1.4
crypto/external/bsd/openssh/dist/ssh-rsa.c      up to 1.7
crypto/external/bsd/openssh/dist/ssh.1          up to 1.14
crypto/external/bsd/openssh/dist/ssh.c          up to 1.16
crypto/external/bsd/openssh/dist/ssh2.h         up to 1.6
crypto/external/bsd/openssh/dist/ssh_config     up to 1.8
crypto/external/bsd/openssh/dist/ssh_config.5   up to 1.13
crypto/external/bsd/openssh/dist/sshconnect.c   up to 1.11
crypto/external/bsd/openssh/dist/sshconnect.h   up to 1.6
crypto/external/bsd/openssh/dist/sshconnect1.c  up to 1.6
crypto/external/bsd/openssh/dist/sshconnect2.c  up to 1.19
crypto/external/bsd/openssh/dist/sshd.8         up to 1.13
crypto/external/bsd/openssh/dist/sshd.c         up to 1.18
crypto/external/bsd/openssh/dist/sshd_config    up to 1.13
crypto/external/bsd/openssh/dist/sshd_config.5  up to 1.17
crypto/external/bsd/openssh/dist/sshlogin.c     up to 1.6
crypto/external/bsd/openssh/dist/sshpty.c       up to 1.4
crypto/external/bsd/openssh/dist/uidswap.c      up to 1.4
crypto/external/bsd/openssh/dist/umac.c         up to 1.9
crypto/external/bsd/openssh/dist/version.h      up to 1.14
crypto/external/bsd/openssh/dist/xmalloc.c      up to 1.5
crypto/external/bsd/openssh/lib/Makefile        up to 1.17 plus patch
crypto/external/bsd/openssh/lib/shlib_version   up to 1.13
distrib/sets/lists/base/ad.aarch64		patch
distrib/sets/lists/base/ad.arm			patch
distrib/sets/lists/base/ad.mips			patch
distrib/sets/lists/base/ad.powerpc		patch
distrib/sets/lists/base/md.amd64		patch
distrib/sets/lists/base/md.sparc64		patch
distrib/sets/lists/base/mi			patch
distrib/sets/lists/base/shl.mi			patch
distrib/sets/lists/comp/ad.aarch64		patch
distrib/sets/lists/comp/ad.arm			patch
distrib/sets/lists/comp/ad.mips			patch
distrib/sets/lists/comp/ad.powerpc		patch
distrib/sets/lists/comp/md.amd64		patch
distrib/sets/lists/comp/md.sparc64		patch
distrib/sets/lists/comp/mi			patch
distrib/sets/lists/comp/shl.mi			patch
distrib/sets/lists/debug/ad.aarch64		patch
distrib/sets/lists/debug/ad.arm			patch
distrib/sets/lists/debug/ad.mips		patch
distrib/sets/lists/debug/ad.powerpc		patch
distrib/sets/lists/debug/md.amd64		patch
distrib/sets/lists/debug/md.sparc64		patch
distrib/sets/lists/debug/shl.mi			patch
distrib/sets/lists/etc/mi			patch
distrib/sets/lists/man/mi			patch
etc/defaults/rc.conf				1.130
etc/mtree/NetBSD.dist.base			1.142
external/bsd/Makefile                           up to 1.48
external/bsd/blacklist/bin/Makefile             up to 1.11 plus patch
external/bsd/blacklist/bin/blacklistctl.8       up to 1.6
external/bsd/blacklist/bin/blacklistctl.c       up to 1.17
external/bsd/blacklist/bin/blacklistd.8         up to 1.10
external/bsd/blacklist/bin/blacklistd.c         up to 1.32
external/bsd/blacklist/bin/blacklistd.conf.5    up to 1.2
external/bsd/blacklist/bin/conf.c               up to 1.18
external/bsd/blacklist/bin/conf.h               up to 1.6
external/bsd/blacklist/bin/internal.c           up to 1.5
external/bsd/blacklist/bin/internal.h           up to 1.12
external/bsd/blacklist/bin/run.c                up to 1.12
external/bsd/blacklist/bin/run.h                up to 1.5
external/bsd/blacklist/bin/state.c              up to 1.15
external/bsd/blacklist/bin/state.h              up to 1.5
external/bsd/blacklist/bin/support.c            up to 1.6
external/bsd/blacklist/bin/support.h            up to 1.5
external/bsd/blacklist/etc/rc.d/Makefile        up to 1.1
external/bsd/blacklist/etc/rc.d/blacklistd      up to 1.1
external/bsd/blacklist/etc/Makefile             up to 1.3
external/bsd/blacklist/etc/blacklistd.conf      up to 1.3
external/bsd/blacklist/etc/npf.conf             up to 1.1
external/bsd/blacklist/Makefile                 up to 1.2
external/bsd/blacklist/Makefile.inc             up to 1.3
external/bsd/blacklist/README                   up to 1.7
external/bsd/blacklist/TODO                     up to 1.7
external/bsd/blacklist/diff/ftpd.diff           up to 1.1
external/bsd/blacklist/diff/named.diff          up to 1.6
external/bsd/blacklist/diff/ssh.diff            up to 1.6
external/bsd/blacklist/include/Makefile         up to 1.1
external/bsd/blacklist/include/bl.h             up to 1.12
external/bsd/blacklist/include/blacklist.h      up to 1.3
external/bsd/blacklist/include/config.h		new
external/bsd/blacklist/lib/Makefile             up to 1.3
external/bsd/blacklist/lib/bl.c                 up to 1.24
external/bsd/blacklist/lib/blacklist.c          up to 1.5
external/bsd/blacklist/lib/libblacklist.3       up to 1.3
external/bsd/blacklist/lib/shlib_version        up to 1.1
external/bsd/blacklist/libexec/Makefile         up to 1.1
external/bsd/blacklist/libexec/blacklistd-helper up to 1.4
external/bsd/blacklist/port/m4/.cvsignore       up to 1.1
external/bsd/blacklist/port/Makefile.am         up to 1.4
external/bsd/blacklist/port/_strtoi.h           up to 1.1
external/bsd/blacklist/port/clock_gettime.c     up to 1.2
external/bsd/blacklist/port/configure.ac        up to 1.7
external/bsd/blacklist/port/fgetln.c            up to 1.1
external/bsd/blacklist/port/fparseln.c          up to 1.1
external/bsd/blacklist/port/getprogname.c       up to 1.4
external/bsd/blacklist/port/pidfile.c           up to 1.1
external/bsd/blacklist/port/popenve.c           up to 1.2
external/bsd/blacklist/port/port.h              up to 1.6
external/bsd/blacklist/port/sockaddr_snprintf.c up to 1.9
external/bsd/blacklist/port/strlcat.c           up to 1.2
external/bsd/blacklist/port/strlcpy.c           up to 1.2
external/bsd/blacklist/port/strtoi.c            up to 1.3
external/bsd/blacklist/test/Makefile            up to 1.2
external/bsd/blacklist/test/cltest.c            up to 1.6
external/bsd/blacklist/test/srvtest.c           up to 1.9
lib/libpam/modules/pam_ssh/pam_ssh.c            up to 1.23
libexec/ftpd/pfilter.c                          up to 1.1
libexec/ftpd/pfilter.h                          up to 1.1
libexec/ftpd/Makefile                           up to 1.64
libexec/ftpd/ftpd.c                             up to 1.201

	Add blacklistd(8), a daemon to block and release network ports
	on demand to mitigate abuse, and related changes to system daemons
	to support it.
	[christos, ticket #711]

Revision 1.8 / (download) - annotate - [selected], Fri Apr 3 23:58:19 2015 UTC (8 years, 11 months ago) by christos
Branch: MAIN
CVS Tags: pgoyette-localcount-base, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, localcount-20160914
Branch point for: pgoyette-localcount
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

Merge conflicts

Revision 1.1.1.6 / (download) - annotate - [select for diffs] (vendor branch), Fri Apr 3 23:49:25 2015 UTC (8 years, 11 months ago) by christos
Branch: OPENSSH
CVS Tags: v80-20190417, v78-20180824, v77-20180405, v76-20171003, v75-20170418, v74-20161219, v73-20160802, v72-20160310, v71-20150821, v70-20150812, v69-20150630, v68-20150318
Changes since 1.1.1.5: +2 -2 lines
Diff to previous 1.1.1.5 (colored) to selected 1.8 (colored)

Changes since OpenSSH 6.7
=========================

This is a major release, containing a number of new features as
well as a large internal re-factoring.

Potentially-incompatible changes
--------------------------------

 * sshd(8): UseDNS now defaults to 'no'. Configurations that match
   against the client host name (via sshd_config or authorized_keys)
   may need to re-enable it or convert to matching against addresses.

New Features
------------

 * Much of OpenSSH's internal code has been re-factored to be more
   library-like. These changes are mostly not user-visible, but
   have greatly improved OpenSSH's testability and internal layout.

 * Add FingerprintHash option to ssh(1) and sshd(8), and equivalent
   command-line flags to the other tools to control algorithm used
   for key fingerprints. The default changes from MD5 to SHA256 and
   format from hex to base64.

   Fingerprints now have the hash algorithm prepended. An example of
   the new format: SHA256:mVPwvezndPv/ARoIadVY98vAC0g+P/5633yTC4d/wXE
   Please note that visual host keys will also be different.

 * ssh(1), sshd(8): Experimental host key rotation support. Add a
   protocol extension for a server to inform a client of all its
   available host keys after authentication has completed. The client
   may record the keys in known_hosts, allowing it to upgrade to better
   host key algorithms and a server to gracefully rotate its keys.

   The client side of this is controlled by a UpdateHostkeys config
   option (default off).

 * ssh(1): Add a ssh_config HostbasedKeyType option to control which
   host public key types are tried during host-based authentication.

 * ssh(1), sshd(8): fix connection-killing host key mismatch errors
   when sshd offers multiple ECDSA keys of different lengths.

 * ssh(1): when host name canonicalisation is enabled, try to
   parse host names as addresses before looking them up for
   canonicalisation. fixes bz#2074 and avoiding needless DNS
   lookups in some cases.

 * ssh-keygen(1), sshd(8): Key Revocation Lists (KRLs) no longer
   require OpenSSH to be compiled with OpenSSL support.

 * ssh(1), ssh-keysign(8): Make ed25519 keys work for host based
   authentication.

 * sshd(8): SSH protocol v.1 workaround for the Meyer, et al,
   Bleichenbacher Side Channel Attack. Fake up a bignum key before
   RSA decryption.

 * sshd(8): Remember which public keys have been used for
   authentication and refuse to accept previously-used keys.
   This allows AuthenticationMethods=publickey,publickey to require
   that users authenticate using two _different_ public keys.

 * sshd(8): add sshd_config HostbasedAcceptedKeyTypes and
   PubkeyAcceptedKeyTypes options to allow sshd to control what
   public key types will be accepted. Currently defaults to all.

 * sshd(8): Don't count partial authentication success as a failure
   against MaxAuthTries.

 * ssh(1): Add RevokedHostKeys option for the client to allow
   text-file or KRL-based revocation of host keys.

 * ssh-keygen(1), sshd(8): Permit KRLs that revoke certificates by
   serial number or key ID without scoping to a particular CA.

 * ssh(1): Add a "Match canonical" criteria that allows ssh_config
   Match blocks to trigger only in the second config pass.

 * ssh(1): Add a -G option to ssh that causes it to parse its
   configuration and dump the result to stdout, similar to "sshd -T".

 * ssh(1): Allow Match criteria to be negated. E.g. "Match !host".

 * The regression test suite has been extended to cover more OpenSSH
   features. The unit tests have been expanded and now cover key
   exchange.

Bugfixes

 * ssh-keyscan(1): ssh-keyscan has been made much more robust again
   servers that hang or violate the SSH protocol.

 * ssh(1), ssh-keygen(1): Fix regression bz#2306: Key path names were
   being lost as comment fields.

 * ssh(1): Allow ssh_config Port options set in the second config
   parse phase to be applied (they were being ignored). bz#2286

 * ssh(1): Tweak config re-parsing with host canonicalisation - make
   the second pass through the config files always run when host name
   canonicalisation is enabled (and not whenever the host name
   changes) bz#2267

 * ssh(1): Fix passing of wildcard forward bind addresses when
   connection multiplexing is in use; bz#2324;

 * ssh-keygen(1): Fix broken private key conversion from non-OpenSSH
   formats; bz#2345.

 * ssh-keygen(1): Fix KRL generation bug when multiple CAs are in
   use.

 * Various fixes to manual pages: bz#2288, bz#2316, bz#2273

Portable OpenSSH

 * Support --without-openssl at configure time

   Disables and removes dependency on OpenSSL. Many features,
   including SSH protocol 1 are not supported and the set of crypto
   options is greatly restricted. This will only work on systems
   with native arc4random or /dev/urandom.

   Considered highly experimental for now.

 * Support --without-ssh1 option at configure time

   Allows disabling support for SSH protocol 1.

 * sshd(8): Fix compilation on systems with IPv6 support in utmpx; bz#2296

 * Allow custom service name for sshd on Cygwin. Permits the use of
   multiple sshd running with different service names.

Checksums:
==========

 - SHA1 (openssh-6.8.tar.gz) = 99903c6ca76e0a2c044711017f81127e12459d37
 - SHA256 (openssh-6.8.tar.gz) = N1uzVarFbrm2CzAwuDu3sRoszmqpK+5phAChP/QNyuw=

 - SHA1 (openssh-6.8p1.tar.gz) = cdbc51e46a902b30d263b05fdc71340920e91c92
 - SHA256 (openssh-6.8p1.tar.gz) = P/ZM5z7hJEgLW/dnuYMNfTwDu8tqvnFrePAZLDfOFg4=

Please note that the PGP key used to sign releases was recently rotated.
The new key has been signed by the old key to provide continuity. It is
available from the mirror sites as RELEASE_KEY.asc.

Reporting Bugs:
===============

- Please read http://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
Ben Lindstrom.

Revision 1.7 / (download) - annotate - [select for diffs], Sun Oct 19 16:30:58 2014 UTC (9 years, 5 months ago) by christos
Branch: MAIN
Changes since 1.6: +2 -1 lines
Diff to previous 1.6 (colored) to selected 1.8 (colored)

merge openssh-6.7

Revision 1.1.1.5 / (download) - annotate - [select for diffs] (vendor branch), Sun Oct 19 16:28:37 2014 UTC (9 years, 5 months ago) by christos
Branch: OPENSSH
CVS Tags: v67-20141018
Changes since 1.1.1.4: +2 -1 lines
Diff to previous 1.1.1.4 (colored) to selected 1.8 (colored)

Changes since OpenSSH 6.6
=========================

Potentially-incompatible changes

 * sshd(8): The default set of ciphers and MACs has been altered to
   remove unsafe algorithms. In particular, CBC ciphers and arcfour*
   are disabled by default.

   The full set of algorithms remains available if configured
   explicitly via the Ciphers and MACs sshd_config options.

 * sshd(8): Support for tcpwrappers/libwrap has been removed.

 * OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
   using the curve25519-sha256@libssh.org KEX exchange method to fail
   when connecting with something that implements the specification
   correctly. OpenSSH 6.7 disables this KEX method when speaking to
   one of the affected versions.

New Features

 * Major internal refactoring to begin to make part of OpenSSH usable
   as a library. So far the wire parsing, key handling and KRL code
   has been refactored. Please note that we do not consider the API
   stable yet, nor do we offer the library in separable form.

 * ssh(1), sshd(8): Add support for Unix domain socket forwarding.
   A remote TCP port may be forwarded to a local Unix domain socket
   and vice versa or both ends may be a Unix domain socket.

 * ssh(1), ssh-keygen(1): Add support for SSHFP DNS records for
   ED25519 key types.

 * sftp(1): Allow resumption of interrupted uploads.

 * ssh(1): When rekeying, skip file/DNS lookups of the hostkey if it
   is the same as the one sent during initial key exchange; bz#2154

 * sshd(8): Allow explicit ::1 and 127.0.0.1 forwarding bind
   addresses when GatewayPorts=no; allows client to choose address
   family; bz#2222

 * sshd(8): Add a sshd_config PermitUserRC option to control whether
   ~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys
   option; bz#2160

 * ssh(1): Add a %C escape sequence for LocalCommand and ControlPath
   that expands to a unique identifer based on a hash of the tuple of
   (local host, remote user, hostname, port). Helps avoid exceeding
   miserly pathname limits for Unix domain sockets in multiplexing
   control paths; bz#2220

 * sshd(8): Make the "Too many authentication failures" message
   include the user, source address, port and protocol in a format
   similar to the authentication success / failure messages; bz#2199

 * Added unit and fuzz tests for refactored code. These are run
   automatically in portable OpenSSH via the "make tests" target.

Bugfixes

 * sshd(8): Fix remote forwarding with the same listen port but
   different listen address.

 * ssh(1): Fix inverted test that caused PKCS#11 keys that were
   explicitly listed in ssh_config or on the commandline not to be
   preferred.

 * ssh-keygen(1): Fix bug in KRL generation: multiple consecutive
   revoked certificate serial number ranges could be serialised to an
   invalid format. Readers of a broken KRL caused by this bug will
   fail closed, so no should-have-been-revoked key will be accepted.

 * ssh(1): Reflect stdio-forward ("ssh -W host:port ...") failures in
   exit status. Previously we were always returning 0; bz#2255

 * ssh(1), ssh-keygen(1): Make Ed25519 keys' title fit properly in the
   randomart border; bz#2247

 * ssh-agent(1): Only cleanup agent socket in the main agent process
   and not in any subprocesses it may have started (e.g. forked
   askpass). Fixes agent sockets being zapped when askpass processes
   fatal(); bz#2236

 * ssh-add(1): Make stdout line-buffered; saves partial output getting
   lost when ssh-add fatal()s part-way through (e.g. when listing keys
   from an agent that supports key types that ssh-add doesn't);
   bz#2234

 * ssh-keygen(1): When hashing or removing hosts, don't choke on
   @revoked markers and don't remove @cert-authority markers; bz#2241

 * ssh(1): Don't fatal when hostname canonicalisation fails and a
   ProxyCommand is in use; continue and allow the ProxyCommand to
   connect anyway (e.g. to a host with a name outside the DNS behind
   a bastion)

 * scp(1): When copying local->remote fails during read, don't send
   uninitialised heap to the remote end.

 * sftp(1): Fix fatal "el_insertstr failed" errors when tab-completing
   filenames with  a single quote char somewhere in the string;
   bz#2238

 * ssh-keyscan(1): Scan for Ed25519 keys by default.

 * ssh(1): When using VerifyHostKeyDNS with a DNSSEC resolver, down-
   convert any certificate keys to plain keys and attempt SSHFP
   resolution.  Prevents a server from skipping SSHFP lookup and
   forcing a new-hostkey dialog by offering only certificate keys.

 * sshd(8): Avoid crash at exit via NULL pointer reference; bz#2225

 * Fix some strict-alignment errors.

Portable OpenSSH

 * Portable OpenSSH now supports building against libressl-portable.

 * Portable OpenSSH now requires openssl 0.9.8f or greater. Older
   versions are no longer supported.

 * In the OpenSSL version check, allow fix version upgrades (but not
   downgrades. Debian bug #748150.

 * sshd(8): On Cygwin, determine privilege separation user at runtime,
   since it may need to be a domain account.

 * sshd(8): Don't attempt to use vhangup on Linux. It doesn't work for
   non-root users, and for them it just messes up the tty settings.

 * Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC when it is
   available. It considers time spent suspended, thereby ensuring
   timeouts (e.g. for expiring agent keys) fire correctly.  bz#2228

 * Add support for ed25519 to opensshd.init init script.

 * sftp-server(8): On platforms that support it, use prctl() to
   prevent sftp-server from accessing /proc/self/{mem,maps}

Changes since OpenSSH 6.5
=========================

This is primarily a bugfix release.

Security:

 * sshd(8): when using environment passing with a sshd_config(5)
   AcceptEnv pattern with a wildcard. OpenSSH prior to 6.6 could be
   tricked into accepting any enviornment variable that contains the
   characters before the wildcard character.

New / changed features:

 * ssh(1), sshd(8): this release removes the J-PAKE authentication code.
   This code was experimental, never enabled and had been unmaintained
   for some time.

 * ssh(1): when processing Match blocks, skip 'exec' clauses other clauses
   predicates failed to match.

 * ssh(1): if hostname canonicalisation is enabled and results in the
   destination hostname being changed, then re-parse ssh_config(5) files
   using the new destination hostname. This gives 'Host' and 'Match'
   directives that use the expanded hostname a chance to be applied.

Bugfixes:

 * ssh(1): avoid spurious "getsockname failed: Bad file descriptor" in
   ssh -W. bz#2200, debian#738692

 * sshd(8): allow the shutdown(2) syscall in seccomp-bpf and systrace
   sandbox modes, as it is reachable if the connection is terminated
   during the pre-auth phase.

 * ssh(1), sshd(8): fix unsigned overflow that in SSH protocol 1 bignum
   parsing. Minimum key length checks render this bug unexploitable to
   compromise SSH 1 sessions.

 * sshd_config(5): clarify behaviour of a keyword that appears in
   multiple matching Match blocks. bz#2184

 * ssh(1): avoid unnecessary hostname lookups when canonicalisation is
   disabled. bz#2205

 * sshd(8): avoid sandbox violation crashes in GSSAPI code by caching
   the supported list of GSSAPI mechanism OIDs before entering the
   sandbox. bz#2107

 * ssh(1): fix possible crashes in SOCKS4 parsing caused by assumption
   that the SOCKS username is nul-terminated.

 * ssh(1): fix regression for UsePrivilegedPort=yes when BindAddress is
   not specified.

 * ssh(1), sshd(8): fix memory leak in ECDSA signature verification.

 * ssh(1): fix matching of 'Host' directives in ssh_config(5) files
   to be case-insensitive again (regression in 6.5).

Portable OpenSSH:

 * sshd(8): don't fatal if the FreeBSD Capsicum is offered by the
   system headers and libc but is not supported by the kernel.
 * Fix build using the HP-UX compiler.

Changes since OpenSSH 6.4
=========================

This is a feature-focused release.

New features:

 * ssh(1), sshd(8): Add support for key exchange using elliptic-curve
   Diffie Hellman in Daniel Bernstein's Curve25519. This key exchange
   method is the default when both the client and server support it.

 * ssh(1), sshd(8): Add support for Ed25519 as a public key type.
   Ed25519 is a elliptic curve signature scheme that offers
   better security than ECDSA and DSA and good performance. It may be
   used for both user and host keys.

 * Add a new private key format that uses a bcrypt KDF to better
   protect keys at rest. This format is used unconditionally for
   Ed25519 keys, but may be requested when generating or saving
   existing keys of other types via the -o ssh-keygen(1) option.
   We intend to make the new format the default in the near future.
   Details of the new format are in the PROTOCOL.key file.

 * ssh(1), sshd(8): Add a new transport cipher
   "chacha20-poly1305@openssh.com" that combines Daniel Bernstein's
   ChaCha20 stream cipher and Poly1305 MAC to build an authenticated
   encryption mode. Details are in the PROTOCOL.chacha20poly1305 file.

 * ssh(1), sshd(8): Refuse RSA keys from old proprietary clients and
   servers that use the obsolete RSA+MD5 signature scheme. It will
   still be possible to connect with these clients/servers but only
   DSA keys will be accepted, and OpenSSH will refuse connection
   entirely in a future release.

 * ssh(1), sshd(8): Refuse old proprietary clients and servers that
   use a weaker key exchange hash calculation.

 * ssh(1): Increase the size of the Diffie-Hellman groups requested
   for each symmetric key size. New values from NIST Special
   Publication 800-57 with the upper limit specified by RFC4419.

 * ssh(1), ssh-agent(1): Support PKCS#11 tokens that only provide
   X.509 certs instead of raw public keys (requested as bz#1908).

 * ssh(1): Add a ssh_config(5) "Match" keyword that allows
   conditional configuration to be applied by matching on hostname,
   user and result of arbitrary commands.

 * ssh(1): Add support for client-side hostname canonicalisation
   using a set of DNS suffixes and rules in ssh_config(5). This
   allows unqualified names to be canonicalised to fully-qualified
   domain names to eliminate ambiguity when looking up keys in
   known_hosts or checking host certificate names.

 * sftp-server(8): Add the ability to whitelist and/or blacklist sftp
   protocol requests by name.

 * sftp-server(8): Add a sftp "fsync@openssh.com" to support calling
   fsync(2) on an open file handle.

 * sshd(8): Add a ssh_config(5) PermitTTY to disallow TTY allocation,
   mirroring the longstanding no-pty authorized_keys option.

 * ssh(1): Add a ssh_config ProxyUseFDPass option that supports the
   use of ProxyCommands that establish a connection and then pass a
   connected file descriptor back to ssh(1). This allows the
   ProxyCommand to exit rather than staying around to transfer data.

Bugfixes:

 * ssh(1), sshd(8): Fix potential stack exhaustion caused by nested
   certificates.

 * ssh(1): bz#1211: make BindAddress work with UsePrivilegedPort.

 * sftp(1): bz#2137: fix the progress meter for resumed transfer.

 * ssh-add(1): bz#2187: do not request smartcard PIN when removing
   keys from ssh-agent.

 * sshd(8): bz#2139: fix re-exec fallback when original sshd binary
   cannot be executed.

 * ssh-keygen(1): Make relative-specified certificate expiry times
   relative to current time and not the validity start time.

 * sshd(8): bz#2161: fix AuthorizedKeysCommand inside a Match block.

 * sftp(1): bz#2129: symlinking a file would incorrectly canonicalise
   the target path.

 * ssh-agent(1): bz#2175: fix a use-after-free in the PKCS#11 agent
   helper executable.

 * sshd(8): Improve logging of sessions to include the user name,
   remote host and port, the session type (shell, command, etc.) and
   allocated TTY (if any).

 * sshd(8): bz#1297: tell the client (via a debug message) when
   their preferred listen address has been overridden by the
   server's GatewayPorts setting.

 * sshd(8): bz#2162: include report port in bad protocol banner
   message.

 * sftp(1): bz#2163: fix memory leak in error path in do_readdir().

 * sftp(1): bz#2171: don't leak file descriptor on error.

 * sshd(8): Include the local address and port in "Connection from
   ..." message (only shown at loglevel>=verbose).

Portable OpenSSH:

 * Please note that this is the last version of Portable OpenSSH that
   will support versions of OpenSSL prior to 0.9.6. Support (i.e.
   SSH_OLD_EVP) will be removed following the 6.5p1 release.

 * Portable OpenSSH will attempt compile and link as a Position
   Independent Executable on Linux, OS X and OpenBSD on recent gcc-
   like compilers. Other platforms and older/other compilers may
   request this using the --with-pie configure flag.

 * A number of other toolchain-related hardening options are used
   automatically if available, including -ftrapv to abort on signed
   integer overflow and options to write-protect dynamic linking
   information.  The use of these options may be disabled using the
   --without-hardening configure flag.

 * If the toolchain supports it, one of the -fstack-protector-strong,
   -fstack-protector-all or -fstack-protector compilation flag are
   used to add guards to mitigate attacks based on stack overflows.
   The use of these options may be disabled using the
   --without-stackprotect configure option.

 * sshd(8): Add support for pre-authentication sandboxing using the
   Capsicum API introduced in FreeBSD 10.

 * Switch to a ChaCha20-based arc4random() PRNG for platforms that do
   not provide their own.

 * sshd(8): bz#2156: restore Linux oom_adj setting when handling
   SIGHUP to maintain behaviour over retart.

 * sshd(8): bz#2032: use local username in krb5_kuserok check rather
   than full client name which may be of form user@REALM.

 * ssh(1), sshd(8): Test for both the presence of ECC NID numbers in
   OpenSSL and that they actually work. Fedora (at least) has
   NID_secp521r1 that doesn't work.

 * bz#2173: use pkg-config --libs to include correct -L location for
   libedit.

Revision 1.5.2.1 / (download) - annotate - [select for diffs], Tue Aug 19 23:45:25 2014 UTC (9 years, 7 months ago) by tls
Branch: tls-maxphys
Changes since 1.5: +7 -7 lines
Diff to previous 1.5 (colored) next main 1.6 (colored) to selected 1.8 (colored)

Rebase to HEAD as of a few days ago.

Revision 1.4.2.2 / (download) - annotate - [select for diffs], Thu May 22 13:21:35 2014 UTC (9 years, 10 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.4.2.1: +6 -6 lines
Diff to previous 1.4.2.1 (colored) to branchpoint 1.4 (colored) next main 1.5 (colored) to selected 1.8 (colored)

sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs.  ("Protocol error: too many arguments")

Revision 1.6 / (download) - annotate - [select for diffs], Fri Nov 8 19:18:25 2013 UTC (10 years, 4 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base9, tls-maxphys-base, tls-earlyentropy-base, tls-earlyentropy, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3, netbsd-7-base
Branch point for: netbsd-7
Changes since 1.5: +7 -7 lines
Diff to previous 1.5 (colored) to selected 1.8 (colored)

merge conflicts.

Revision 1.1.1.4 / (download) - annotate - [select for diffs] (vendor branch), Fri Nov 8 17:58:11 2013 UTC (10 years, 4 months ago) by christos
Branch: OPENSSH
CVS Tags: v64-20131107
Changes since 1.1.1.3: +4 -4 lines
Diff to previous 1.1.1.3 (colored) to selected 1.8 (colored)

Import new openssh to address

Changes since OpenSSH 6.3
=========================

This release fixes a security bug:

 * sshd(8): fix a memory corruption problem triggered during rekeying
   when an AES-GCM cipher is selected. Full details of the vulnerability
   are available at: http://www.openssh.com/txt/gcmrekey.adv

Checksums:
==========

 - SHA1 (openssh-6.4.tar.gz) = 4caf1a50eb3a3da821c16298c4aaa576fe24210c
 - SHA1 (openssh-6.4p1.tar.gz) = cf5fe0eb118d7e4f9296fbc5d6884965885fc55d

Reporting Bugs:
===============

- Please read http://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
Ben Lindstrom.

Revision 1.4.2.1 / (download) - annotate - [select for diffs], Wed May 23 10:07:05 2012 UTC (11 years, 10 months ago) by yamt
Branch: yamt-pagecache
CVS Tags: yamt-pagecache-tag8
Changes since 1.4: +5 -5 lines
Diff to previous 1.4 (colored) to selected 1.8 (colored)

sync with head.

Revision 1.5 / (download) - annotate - [select for diffs], Wed May 2 02:41:08 2012 UTC (11 years, 10 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6, yamt-pagecache-base5, riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, khorben-n900, agc-symver-base, agc-symver
Branch point for: tls-maxphys
Changes since 1.4: +5 -5 lines
Diff to previous 1.4 (colored) to selected 1.8 (colored)

merge OpenSSH 6.0

Features:

 * ssh-keygen(1): Add optional checkpoints for moduli screening
 * ssh-add(1): new -k option to load plain keys (skipping certificates)
 * sshd(8): Add wildcard support to PermitOpen, allowing things like
   "PermitOpen localhost:*".  bz #1857
 * ssh(1): support for cancelling local and remote port forwards via the
   multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host"
   to request the cancellation of the specified forwardings
 * support cancellation of local/dynamic forwardings from ~C commandline

Bugfixes:

 * ssh(1): ensure that $DISPLAY contains only valid characters before
   using it to extract xauth data so that it can't be used to play local
   shell metacharacter games.
 * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports
 * scp(1): uppress adding '--' to remote commandlines when the first
   argument does not start with '-'. saves breakage on some
   difficult-to-upgrade embedded/router platforms
 * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class,
   but there is an "AF21" class
 * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during
   rekeying
 * ssh(1): skip attempting to create ~/.ssh when -F is passed
 * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943
 * sshd(1): send tty break to pty master instead of (probably already
   closed) slave side; bz#1859
 * sftp(1): silence error spam for "ls */foo" in directory with files;
   bz#1683
 * Fixed a number of memory and file descriptor leaks

Revision 1.1.1.3 / (download) - annotate - [select for diffs] (vendor branch), Wed May 2 02:13:09 2012 UTC (11 years, 10 months ago) by christos
Branch: OPENSSH
CVS Tags: v62-20130321, v61-20120828, v60-20120421
Changes since 1.1.1.2: +3 -3 lines
Diff to previous 1.1.1.2 (colored) to selected 1.8 (colored)

from ftp.openbsd.org

Revision 1.4 / (download) - annotate - [select for diffs], Mon Jul 25 03:03:11 2011 UTC (12 years, 8 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base4, yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus
Branch point for: yamt-pagecache, netbsd-6-1, netbsd-6-0, netbsd-6
Changes since 1.3: +5 -5 lines
Diff to previous 1.3 (colored) to selected 1.8 (colored)

- Merge conflicts
- WARNS=5

Revision 1.1.1.2 / (download) - annotate - [select for diffs] (vendor branch), Sun Jul 24 15:08:42 2011 UTC (12 years, 8 months ago) by christos
Branch: OPENSSH
CVS Tags: v59-20110906, v58-20110724
Changes since 1.1.1.1: +0 -1 lines
Diff to previous 1.1.1.1 (colored) to selected 1.8 (colored)

from ftp.openbsd.org

Revision 1.3 / (download) - annotate - [select for diffs], Tue Jul 6 15:09:41 2010 UTC (13 years, 8 months ago) by christos
Branch: MAIN
CVS Tags: matt-mips64-premerge-20101231, cherry-xenmp-base, cherry-xenmp, bouyer-quota2-nbase, bouyer-quota2-base, bouyer-quota2
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored) to selected 1.8 (colored)

Add GLOB_LIMIT to the glob calls to prevent DoS attacks.

Revision 1.2 / (download) - annotate - [select for diffs], Sun Jun 7 22:38:47 2009 UTC (14 years, 9 months ago) by christos
Branch: MAIN
CVS Tags: matt-premerge-20091211
Changes since 1.1: +2 -0 lines
Diff to previous 1.1 (colored) to selected 1.8 (colored)

Merge in our changes:
- conditionalize login_cap
- conditionalize bsd_auth
- bring in pam from portable
- restore krb5, krb4, afs, skey
- bring in hpn patches, disable mt aes cipher, keep speedups and cipher none
- add ignore root rhosts option
- fix ctype macro arguments
- umac is broken, disable it
- better ~homedir handling
- netbsd style tunnels
- urandom, xhome, chrootdir, rescuedir NetBSD handling
- utmp/utmpx handling
- handle tty posix_vdisable properly
- handle setuid and unsetuid the posix way instead of setresuid()
- add all missing functions
- add new moduli
- add build glue

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Jun 7 22:19:20 2009 UTC (14 years, 9 months ago) by christos
Branch: OPENSSH
CVS Tags: v56-20101121, v53-20091226, v52-20090607
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored) to selected 1.8 (colored)

import 5.2 from ftp.openbsd.org

Revision 1.1 / (download) - annotate - [select for diffs], Sun Jun 7 22:19:20 2009 UTC (14 years, 9 months ago) by christos
Branch: MAIN
Diff to selected 1.8 (colored)

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>