diff --git a/crypto/openssh/.github/setup_ci.sh b/crypto/openssh/.github/setup_ci.sh index 70a444e4eff..107c049c417 100755 --- a/crypto/openssh/.github/setup_ci.sh +++ b/crypto/openssh/.github/setup_ci.sh @@ -11,6 +11,7 @@ TARGETS=$@ PACKAGES="" INSTALL_FIDO_PPA="no" +export DEBIAN_FRONTEND=noninteractive #echo "Setting up for '$TARGETS'" @@ -54,6 +55,7 @@ for TARGET in $TARGETS; do openssl-*) INSTALL_OPENSSL=$(echo ${TARGET} | cut -f2 -d-) case ${INSTALL_OPENSSL} in + 1.1.1_stable) INSTALL_OPENSSL="OpenSSL_1_1_1-stable" ;; 1.*) INSTALL_OPENSSL="OpenSSL_$(echo ${INSTALL_OPENSSL} | tr . _)" ;; 3.*) INSTALL_OPENSSL="openssl-${INSTALL_OPENSSL}" ;; esac @@ -78,8 +80,8 @@ done if [ "yes" = "$INSTALL_FIDO_PPA" ]; then sudo apt update -qq - sudo apt install software-properties-common - sudo apt-add-repository ppa:yubico/stable + sudo apt install -qy software-properties-common + sudo apt-add-repository -y ppa:yubico/stable fi if [ "x" != "x$PACKAGES" ]; then diff --git a/crypto/openssh/.github/workflows/c-cpp.yml b/crypto/openssh/.github/workflows/c-cpp.yml index 289b18b7f62..152ddaa4fba 100644 --- a/crypto/openssh/.github/workflows/c-cpp.yml +++ b/crypto/openssh/.github/workflows/c-cpp.yml @@ -31,7 +31,9 @@ jobs: - { os: ubuntu-latest, configs: libressl-2.2.9 } - { os: ubuntu-latest, configs: libressl-2.8.3 } - { os: ubuntu-latest, configs: libressl-3.0.2 } - - { os: ubuntu-latest, configs: libressl-3.2.5 } + - { os: ubuntu-latest, configs: libressl-3.2.6 } + - { os: ubuntu-latest, configs: libressl-3.3.4 } + - { os: ubuntu-latest, configs: libressl-3.4.0 } - { os: ubuntu-latest, configs: openssl-master } - { os: ubuntu-latest, configs: openssl-noec } - { os: ubuntu-latest, configs: openssl-1.0.1 } @@ -40,6 +42,9 @@ jobs: - { os: ubuntu-latest, configs: openssl-1.1.0h } - { os: ubuntu-latest, configs: openssl-1.1.1 } - { os: ubuntu-latest, configs: openssl-1.1.1k } + - { os: ubuntu-latest, configs: openssl-3.0.0 } + - { os: ubuntu-latest, configs: openssl-1.1.1_stable } # stable branch + - { os: ubuntu-latest, configs: openssl-3.0 } # stable branch - { os: ubuntu-18.04, configs: pam } - { os: ubuntu-18.04, configs: kerberos5 } - { os: ubuntu-18.04, configs: libedit } diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog index 288e90bbfe5..9e660ec37ef 100644 --- a/crypto/openssh/ChangeLog +++ b/crypto/openssh/ChangeLog @@ -1,3 +1,538 @@ +commit bf944e3794eff5413f2df1ef37cddf96918c6bde +Author: Damien Miller +Date: Mon Sep 27 00:03:19 2021 +1000 + + initgroups needs grp.h + +commit 8c5b5655149bd76ea21026d7fe73ab387dbc3bc7 +Author: djm@openbsd.org +Date: Sun Sep 26 14:01:11 2021 +0000 + + upstream: openssh-8.8 + + OpenBSD-Commit-ID: 12357794602ac979eb7312a1fb190c453f492ec4 + +commit f3cbe43e28fe71427d41cfe3a17125b972710455 +Author: djm@openbsd.org +Date: Sun Sep 26 14:01:03 2021 +0000 + + upstream: need initgroups() before setresgid(); reported by anton@, + + ok deraadt@ + + OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce + +commit 8acaff41f7518be40774c626334157b1b1c5583c +Author: Damien Miller +Date: Sun Sep 26 22:16:36 2021 +1000 + + update version numbers for release + +commit d39039ddc0010baa91c70a0fa0753a2699bbf435 +Author: kn@openbsd.org +Date: Sat Sep 25 09:40:33 2021 +0000 + + upstream: RSA/SHA-1 is not used by default anymore + + OK dtucker deraadt djm + + OpenBSD-Commit-ID: 055c51a221c3f099dd75c95362f902da1b8678c6 + +commit 9b2ee74e3aa8c461eb5552a6ebf260449bb06f7e +Author: Darren Tucker +Date: Fri Sep 24 11:08:03 2021 +1000 + + Move the fgrep replacement to hostkey-rotate.sh. + + The fgrep replacement for buggy greps doesn't work in the sftp-glob test + so move it to just where we know it's needed. + +commit f7039541570d4b66d76e6f574544db176d8d5c02 +Author: Darren Tucker +Date: Fri Sep 24 08:04:14 2021 +1000 + + Replacement function for buggy fgrep. + + GNU (f)grep <=2.18, as shipped by FreeBSD<=12 and NetBSD<=9 will + occasionally fail to find ssh host keys in the hostkey-rotate test. + If we have those versions, use awk instead. + +commit f6a660e5bf28a01962af87568e118a2d2e79eaa0 +Author: David Manouchehri +Date: Thu Sep 23 17:03:18 2021 -0400 + + Don't prompt for yes/no questions. + +commit 7ed1a3117c09f8c3f1add35aad77d3ebe1b85b4d +Author: djm@openbsd.org +Date: Mon Sep 20 06:53:56 2021 +0000 + + upstream: fix missing -s in SYNOPSYS and usage() as well as a + + capitalisation mistake; spotted by jmc@ + + OpenBSD-Commit-ID: 0ed8ee085c7503c60578941d8b45f3a61d4c9710 + +commit 8c07170135dde82a26886b600a8bf6fb290b633d +Author: dtucker@openbsd.org +Date: Mon Sep 20 04:02:13 2021 +0000 + + upstream: Fix "Allocated port" debug message + + for unix domain sockets. From peder.stray at gmail.com via github PR#272, + ok deraadt@ + + OpenBSD-Commit-ID: 8d5ef3fbdcdd29ebb0792b5022a4942db03f017e + +commit 277d3c6adfb128b4129db08e3d65195d94b55fe7 +Author: djm@openbsd.org +Date: Mon Sep 20 01:55:42 2021 +0000 + + upstream: Switch scp back to use the old protocol by default, ahead of + + release. We'll wait a little longer for people to pick up sftp-server(8) that + supports the extension that scp needs for ~user paths to continue working in + SFTP protocol mode. Discussed with deraadt@ + + OpenBSD-Commit-ID: f281f603a705fba317ff076e7b11bcf2df941871 + +commit ace19b34cc15bea3482be90450c1ed0cd0dd0669 +Author: djm@openbsd.org +Date: Sat Sep 18 02:03:25 2021 +0000 + + upstream: better error message for ~user failures when the + + sftp-server lacks the expand-path extension; ok deraadt@ + + OpenBSD-Commit-ID: 9c1d965d389411f7e86f0a445158bf09b8f9e4bc + +commit 6b1238ba971ee722a310d95037b498ede5539c03 +Author: djm@openbsd.org +Date: Thu Sep 16 15:22:22 2021 +0000 + + upstream: make some more scp-in-SFTP mode better match Unix idioms + + suggested by deraadt@ + + OpenBSD-Commit-ID: 0f2439404ed4cf0b0be8bf49a1ee734836e1ac87 + +commit e694f8ac4409931e67d08ac44ed251b20b10a957 +Author: djm@openbsd.org +Date: Thu Sep 16 15:11:19 2021 +0000 + + upstream: allow log_stderr==2 to prefix log messages with argv[0] + + use this to make scp's SFTP mode error messages more scp-like + + prompted by and ok deraadt@ + + OpenBSD-Commit-ID: 0e821dbde423fc2280e47414bdc22aaa5b4e0733 + +commit 8a7a06ee505cb833e613f74a07392e9296286c30 +Author: Darren Tucker +Date: Fri Sep 17 13:03:31 2021 +1000 + + Test against LibreSSL 3.2.6, 3.3.4, 3.4.0. + +commit c25c84074a47f700dd6534995b4af4b456927150 +Author: djm@openbsd.org +Date: Thu Sep 16 05:36:03 2021 +0000 + + upstream: missing space character in ssh -G output broke the + + t-sshcfgparse regression test; spotted by anton@ + + OpenBSD-Commit-ID: bcc36fae2f233caac4baa8e58482da4aa350eed0 + +commit a4bee1934bf5e5575fea486628f4123d6a29dff8 +Author: djm@openbsd.org +Date: Wed Sep 15 06:56:01 2021 +0000 + + upstream: allow CanonicalizePermittedCNAMEs=none in ssh_config; ok + + markus@ + + OpenBSD-Commit-ID: 668a82ba8e56d731b26ffc5703213bfe071df623 + +commit d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd +Author: mbuhl@openbsd.org +Date: Tue Sep 14 11:04:21 2021 +0000 + + upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENT + + OK mfriedl@ + + OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798 + +commit 19b3d846f06697c85957ab79a63454f57f8e22d6 +Author: schwarze@openbsd.org +Date: Sat Sep 11 09:05:50 2021 +0000 + + upstream: Do not ignore SIGINT while waiting for input if editline(3) + + is not used. Instead, in non-interactive mode, exit sftp(1), like for other + serious errors. As pointed out by dtucker@, when compiled without editline(3) + support in portable OpenSSH, the el == NULL branch is also used for + interactive mode. In that case, discard the input line and provide a fresh + prompt to the user just like in the case where editline(3) is used. OK djm@ + + OpenBSD-Commit-ID: 7d06f4d3ebba62115527fafacf38370d09dfb393 + +commit ba61123eef9c6356d438c90c1199a57a0d7bcb0a +Author: djm@openbsd.org +Date: Sat Sep 11 00:40:24 2021 +0000 + + upstream: when using SFTP protocol, continue transferring files after a + + transfer error occurs. This matches original scp/rcp behaviour. ok dtucker@ + + OpenBSD-Commit-ID: dfe4558d71dd09707e9b5d6e7d2e53b793da69fa + +commit b0ec59a708b493c6f3940336b1a537bcb64dd2a7 +Author: dtucker@openbsd.org +Date: Fri Sep 10 11:38:38 2021 +0000 + + upstream: Document that non-interactive commands are run via the user's + + shell using the -c flag. ok jmc@ + + OpenBSD-Commit-ID: 4f0d912077732eead10423afd1acf4fc0ceec477 + +commit 66a658b5d9e009ea11f8a0ca6e69c7feb2d851ea +Author: dtucker@openbsd.org +Date: Fri Sep 10 10:26:02 2021 +0000 + + upstream: Document behaviour of arguments following non-interactive + + commands. Prompted by github PR#139 from EvanTheB, feedback & ok djm@ jmc@ + + OpenBSD-Commit-ID: fc758d1fe0471dfab4304fcad6cd4ecc3d79162a + +commit 1d47e28e407d1f95fdf8f799be23f48dcfa5206b +Author: dtucker@openbsd.org +Date: Fri Sep 10 07:11:11 2021 +0000 + + upstream: Clarify which file's attributes -p preserves, and that + + it's specifically the file mode bits. bz#3340 from calestyo at scientia.net, + ok djm@ jmc@ + + OpenBSD-Commit-ID: f09e6098ed1c4be00c730873049825f8ee7cb884 + +commit b344db7a413478e4c21e4cadba4a970ad3e6128a +Author: djm@openbsd.org +Date: Fri Sep 10 05:46:09 2021 +0000 + + upstream: openssh-7.4 was incorrectly listed twice; spotted by + + Dmitry Belyavskiy, ok dtucker@ + + OpenBSD-Commit-ID: 4b823ae448f6e899927ce7b04225ac9e489f58ef + +commit 9136d6239ad7a4a293e0418a49b69e70c76d58b8 +Author: jmc@openbsd.org +Date: Thu Sep 9 06:17:39 2021 +0000 + + upstream: - move CAVEATS to its correct order - use the term + + "legacy" protocol rather than "original", as the latter made the text + misleading - uppercase SCP + + ok djm + + OpenBSD-Commit-ID: 8479255746d5fa76a358ee59e7340fecf4245ff0 + +commit 2d678c5e3bdc2f5c99f7af5122e9d054925d560d +Author: David Carlier +Date: Wed Sep 8 19:49:54 2021 +0100 + + Disable tracing on FreeBSD using procctl. + + Placed at the start of platform_disable_tracing() to prevent declaration + after code errors from strict C89 compilers (in the unlikely event that + more than one method is enabled). + +commit 73050fa38fb36ae3326d768b574806352b97002d +Author: djm@openbsd.org +Date: Wed Sep 8 23:31:39 2021 +0000 + + upstream: Use the SFTP protocol by default. The original scp/rcp + + protocol remains available via the -O flag. + + Note that ~user/ prefixed paths in SFTP mode require a protocol extension + that was first shipped in OpenSSH 8.7. + + ok deraadt, after baking in snaps for a while without incident + + OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c + +commit c4565e69ffa2485cff715aa842ea7a350296bfb6 +Author: Darren Tucker +Date: Wed Sep 8 21:09:49 2021 +1000 + + Really fix test on OpenSSL 1.1.1 stable. + +commit 79f1bb5f56cef3ae9276207316345b8309248478 +Author: Darren Tucker +Date: Wed Sep 8 18:51:39 2021 +1000 + + Correct OpenSSL 1.1.1 stable identifier. + +commit b6255593ed5ccbe5e7d3d4b26b2ad31ad4afc232 +Author: Darren Tucker +Date: Wed Sep 8 18:39:44 2021 +1000 + + Increment nfds when coming from startup_pipe. + + If we have to increase nfds because startup_pipe[0] is above any of the + descriptors passed in the fd_sets, we also need to add 1 to nfds since + select takes highest FD number plus one. bz#3345 from yaroslav.kuzmin + at vmssoftware.com. + +commit a3e92a6794817df6012ac8546aea19652cc91b61 +Author: Darren Tucker +Date: Wed Sep 8 13:45:10 2021 +1000 + + Tests for OpenSSL 3.0.0 release & 1.1.1 branch. + +commit 4afe431da98ec1cf6a2933fe5658f4fd68dee9e2 +Author: djm@openbsd.org +Date: Wed Sep 8 03:23:44 2021 +0000 + + upstream: correct my mistake in previous fix; spotted by halex + + OpenBSD-Commit-ID: 3cc62d92e3f70006bf02468fc146bfc36fffa183 + +commit ca0e455b9331213ff9505a21b94c38e34faa2bba +Author: djm@openbsd.org +Date: Tue Sep 7 06:03:51 2021 +0000 + + upstream: avoid NULL deref in -Y find-principals. Report and fix + + from Carlo Marcelo Arenas Belón + MIME-Version: 1.0 + Content-Type: text/plain; charset=UTF-8 + Content-Transfer-Encoding: 8bit + + OpenBSD-Commit-ID: 6238486f8ecc888d6ccafcd9ad99e621bb41f1e0 + +commit 37616807f150fb46610bbd5031c31af4857ad1e9 +Author: millert@openbsd.org +Date: Mon Sep 6 00:36:01 2021 +0000 + + upstream: revision 1.381 neglected to remove + + sChallengeResponseAuthentication from the enum. Noticed by + christos@zoulas.com. OK dtucker@ + + OpenBSD-Commit-ID: b533283a4dd6d04a867da411a4c7a8fbc90e34ff + +commit 7acb3578cdfec0b3d34501408071f7a96c1684ea +Author: Darren Tucker +Date: Sun Sep 5 20:45:42 2021 +1000 + + Correct version_num for OpenSSL dev branch. + +commit 65bb01111320dfd0d25e21e1fd4d3f2b77532669 +Author: Darren Tucker +Date: Sun Sep 5 19:37:39 2021 +1000 + + Test against OpenSSL 3 branch as well as dev. + + Now that OpenSSL development has moved to 3.1, test against the most + recent version of the openssl-3.0 branch too. + +commit 864ed0d5e04a503b97202c776b7cf3f163f3eeaa +Author: Darren Tucker +Date: Sun Sep 5 19:33:22 2021 +1000 + + OpenSSL development is now 3.1.* + +commit a60209a586a928f92ab323bf23bd07f57093342e +Author: dtucker@openbsd.org +Date: Fri Sep 3 07:43:23 2021 +0000 + + upstream: Use .Cm instead of .Dq in StrictHostKeyChecking list for + + consistency. Patch from scop via github PR#257, ok jmc@ + + OpenBSD-Commit-ID: 3652a91564570779431802c31224fb4a9cf39872 + +commit 8d1d9eb6de37331e872700e9e399a3190cca1242 +Author: dtucker@openbsd.org +Date: Fri Sep 3 07:27:03 2021 +0000 + + upstream: Mention using ssh -i for specifying the public key file + + in the case where the private key is loaded into ssh-agent but is not present + locally. Based on patch from rafork via github PR#215, ok jmc@ + + OpenBSD-Commit-ID: 2282e83b0ff78d2efbe705883b67240745fa5bb2 + +commit eb4362e5e3aa7ac26138b11e44d8c191910aff64 +Author: dtucker@openbsd.org +Date: Fri Sep 3 05:25:50 2021 +0000 + + upstream: Refer to KEX "algorithms" instead of "methods" to match + + other references and improve consistency. Patch from scop via github PR#241, + ok djm@ + + OpenBSD-Commit-ID: 840bc94ff6861b28d8603c8e8c16499bfb65e32c + +commit b3318946ce5725da43c4bf7eeea1b73129c47d2a +Author: dtucker@openbsd.org +Date: Fri Sep 3 05:12:25 2021 +0000 + + upstream: Remove redundant attrib_clear in upload_dir_internal. + + The subsequent call to stat_to_attrib clears the struct as its first step + anyway. From pmeinhardt via github PR#220, ok djm@ + + OpenBSD-Commit-ID: f5234fc6d7425b607e179acb3383f21716f3029e + +commit 7cc3fe28896e653956a6a2eed0a25d551b83a029 +Author: dtucker@openbsd.org +Date: Fri Sep 3 04:11:13 2021 +0000 + + upstream: Add test for client termination status on signal. + + Based on patch from Alexxz via github PR#235 with some tweaks, to + match patch in bz#3281. + + OpenBSD-Regress-ID: d87c7446fb8b5f8b45894fbbd6875df326e729e2 + +commit 5428b0d239f6b516c81d1dd15aa9fe9e60af75d4 +Author: deraadt@openbsd.org +Date: Thu Sep 2 21:03:54 2021 +0000 + + upstream: sys/param.h is not needed for any visible reason + + OpenBSD-Commit-ID: 8bdea2d0c75692e4c5777670ac039d4b01c1f368 + +commit 1ff38f34b4c4545eb28106629cafa1e0496bc726 +Author: Shchelkunov Artem +Date: Wed Aug 11 18:07:58 2021 +0500 + + Fix memory leak in error path. + + *info is allocated via xstrdup but was leaked in the PAM_AUTH_ERR path. + From github PR#266. + +commit cb37e2f0c0ca4fef844ed7edc5d0e3b7d0e83f6a +Author: dtucker@openbsd.org +Date: Wed Sep 1 03:16:06 2021 +0000 + + upstream: Fix ssh-rsa fallback for old PuTTY interop tests. + + OpenBSD-Regress-ID: a19ac929da604843a5b5f0f48d2c0eb6e0773d37 + +commit 8b02ef0f28dc24cda8cbcd8b7eb02bda8f8bbe59 +Author: dtucker@openbsd.org +Date: Wed Sep 1 00:50:27 2021 +0000 + + upstream: Add a function to skip remaining tests. + + Many tests skip tests for various reasons but not in a consistent way and + don't always clean up, so add that and switch the tests that do that over. + + OpenBSD-Regress-ID: 72d2ec90a3ee8849486956a808811734281af735 + +commit d486845c07324c04240f1674ac513985bd356f66 +Author: dtucker@openbsd.org +Date: Tue Aug 31 07:13:59 2021 +0000 + + upstream: Specify path to PuTTY keys. + + Portable needs this and it makes no difference on OpenBSD, so resync + them. (Id sync only, Portable already had this.) + + OpenBSD-Regress-ID: 33f6f66744455886d148527af8368811e4264162 + +commit d22b299115e27606e846b23490746f69fdd4fb38 +Author: dtucker@openbsd.org +Date: Tue Aug 31 06:13:23 2021 +0000 + + upstream: Better compat tests with old PuTTY. + + When running PuTTY interop tests and using a PuTTY version older than + 0.76, re-enable the ssh-rsa host key algorithm (the 256 and 512 variants + of RSA were added some time between 0.73 and 0.76). + + OpenBSD-Regress-ID: e6138d6987aa705fa1e4f216db0bb386e1ff38e1 + +commit 87ad70d605c3e39c9b8aa275db27120d7cc09b77 +Author: Darren Tucker +Date: Tue Aug 31 17:04:50 2021 +1000 + + Resync PuTTY interop tests. + + Resync behaviour when REGRESS_INTEROP_PUTTY is not set with OpenBSD. + +commit e47b82a7bf51021afac218bf59a3be121827653d +Author: dtucker@openbsd.org +Date: Tue Aug 31 01:25:27 2021 +0000 + + upstream: Specify hostkeyalgorithms in SSHFP test. + + Specify host key algorithms in sshd's default set for the SSHFP test, + from djm@. Make the reason for when the test is skipped a bit clearer. + + OpenBSD-Regress-ID: 4f923dfc761480d5411de17ea6f0b30de3e32cea + +commit 7db3e0a9e8477c018757b59ee955f7372c0b55fb +Author: djm@openbsd.org +Date: Mon Aug 30 01:15:45 2021 +0000 + + upstream: adapt to RSA/SHA1 deprectation + + OpenBSD-Regress-ID: 952397c39a22722880e4de9d1c50bb1a14f907bb + +commit 2344750250247111a6c3c6a4fe84ed583a61cc11 +Author: djm@openbsd.org +Date: Sun Aug 29 23:53:10 2021 +0000 + + upstream: After years of forewarning, disable the RSA/SHA-1 + + signature algorithm by default. It is feasible to create colliding SHA1 + hashes, so we need to deprecate its use. + + RSA/SHA-256/512 remains available and will be transparently selected + instead of RSA/SHA1 for most SSH servers released in the last five+ + years. There is no need to regenerate RSA keys. + + The use of RSA/SHA1 can be re-enabled by adding "ssh-rsa" to the + PubkeyAcceptedAlgorithms directives on the client and server. + + ok dtucker deraadt + + OpenBSD-Commit-ID: 189bcc4789c7254e09e23734bdd5def8354ff1d5 + +commit 56c4455d3b54b7d481c77c82115c830b9c8ce328 +Author: djm@openbsd.org +Date: Sun Aug 29 23:44:07 2021 +0000 + + upstream: wrap at 80 columns + + OpenBSD-Commit-ID: 47ca2286d6b52a9747f34da16d742879e1a37bf0 + +commit 95401eea8503943449f712e5f3de52fc0bc612c5 +Author: Darren Tucker +Date: Fri Aug 20 18:14:13 2021 +1000 + + Replace shell function with ssh-keygen -A. + + Prevents the init script in the SysV package from trying (and failing) + to generate unsupported key types. Remove now-unused COMMENT_OUT_ECC. + ok tim@ + +commit d83ec9ed995a76ed1d5c65cf10b447222ec86131 +Author: Darren Tucker +Date: Fri Aug 20 15:39:05 2021 +1000 + + Remove obsolete Redhat PAM config and init script. + commit e1a596186c81e65a34ce13076449712d3bf97eb4 Author: Damien Miller Date: Fri Aug 20 14:03:49 2021 +1000 @@ -13074,630 +13609,3 @@ Date: Fri Sep 27 15:26:22 2019 +1000 Since we've added larger fallback groups to dh.c this test will pass even if there is no moduli file installed on the system. - -commit c1e0a32fa852de6d1c82ece4f76add0ab0ca0eae -Author: Darren Tucker -Date: Tue Sep 24 21:17:20 2019 +1000 - - Add more ToS bits, currently only used by netcat. - -commit 5a273a33ca1410351cb484af7db7c13e8b4e8e4e -Author: Darren Tucker -Date: Thu Sep 19 15:41:23 2019 +1000 - - Privsep is now required. - -commit 8aa2aa3cd4d27d14e74b247c773696349472ef20 -Author: djm@openbsd.org -Date: Mon Sep 16 03:23:02 2019 +0000 - - upstream: Allow testing signature syntax and validity without verifying - - that a signature came from a trusted signer. To discourage accidental or - unintentional use, this is invoked by the deliberately ugly option name - "check-novalidate" - - from Sebastian Kinne - - OpenBSD-Commit-ID: cea42c36ab7d6b70890e2d8635c1b5b943adcc0b - -commit 7047d5afe3103f0f07966c05b810682d92add359 -Author: djm@openbsd.org -Date: Fri Sep 13 04:52:34 2019 +0000 - - upstream: clarify that IdentitiesOnly also applies to the default - - ~/.ssh/id_* keys; bz#3062 - - OpenBSD-Commit-ID: 604be570e04646f0f4a17026f8b2aada6a585dfa - -commit b36ee3fcb2f1601693b1b7fd60dd6bd96006ea75 -Author: dtucker@openbsd.org -Date: Fri Sep 13 04:36:43 2019 +0000 - - upstream: Plug mem leaks on error paths, based in part on github - - pr#120 from David Carlier. ok djm@. - - OpenBSD-Commit-ID: c57adeb1022a8148fc86e5a88837b3b156dbdb7e - -commit 2aefdf1aef906cf7548a2e5927d35aacb55948d4 -Author: djm@openbsd.org -Date: Fri Sep 13 04:31:19 2019 +0000 - - upstream: whitespace - - OpenBSD-Commit-ID: 57a71dd5f4cae8d61e0ac631a862589fb2bfd700 - -commit fbe24b142915331ceb2a3a76be3dc5b6d204fddf -Author: djm@openbsd.org -Date: Fri Sep 13 04:27:35 2019 +0000 - - upstream: allow %n to be expanded in ProxyCommand strings - - From Zachary Harmany via github.com/openssh/openssh-portable/pull/118 - ok dtucker@ - - OpenBSD-Commit-ID: 7eebf1b7695f50c66d42053d352a4db9e8fb84b6 - -commit 2ce1d11600e13bee0667d6b717ffcc18a057b821 -Author: djm@openbsd.org -Date: Fri Sep 13 04:07:42 2019 +0000 - - upstream: clarify that ConnectTimeout applies both to the TCP - - connection and to the protocol handshake/KEX. From Jean-Charles Longuet via - Github PR140 - - OpenBSD-Commit-ID: ce1766abc6da080f0d88c09c2c5585a32b2256bf - -commit df780114278f406ef7cb2278802a2660092fff09 -Author: dtucker@openbsd.org -Date: Mon Sep 9 02:31:19 2019 +0000 - - upstream: Fix potential truncation warning. ok deraadt. - - OpenBSD-Commit-ID: d87b7e3a94ec935e8194e7fce41815e22804c3ff - -commit ec0e6243660bf2df30c620a6a0d83eded376c9c6 -Author: Damien Miller -Date: Fri Sep 13 13:14:39 2019 +1000 - - memleak of buffer in sshpam_query - - coverity report via Ed Maste; ok dtucker@ - -commit c17e4638e5592688264fc0349f61bfc7b4425aa5 -Author: Damien Miller -Date: Fri Sep 13 13:12:42 2019 +1000 - - explicitly test set[ug]id() return values - - Legacy !_POSIX_SAVED_IDS path only; coverity report via Ed Maste - ok dtucker@ - -commit 91a2135f32acdd6378476c5bae475a6e7811a6a2 -Author: naddy@openbsd.org -Date: Fri Sep 6 14:45:34 2019 +0000 - - upstream: Allow prepending a list of algorithms to the default set - - by starting the list with the '^' character, e.g. - - HostKeyAlgorithms ^ssh-ed25519 - Ciphers ^aes128-gcm@openssh.com,aes256-gcm@openssh.com - - ok djm@ dtucker@ - - OpenBSD-Commit-ID: 1e1996fac0dc8a4b0d0ff58395135848287f6f97 - -commit c8bdd2db77ac2369d5cdee237656f266c8f41552 -Author: djm@openbsd.org -Date: Fri Sep 6 07:53:40 2019 +0000 - - upstream: key conversion should fail for !openssl builds, not fall - - through to the key generation code - - OpenBSD-Commit-ID: b957436adc43c4941e61d61958a193a708bc83c9 - -commit 823f6c37eb2d8191d45539f7b6fa877a4cb4ed3d -Author: djm@openbsd.org -Date: Fri Sep 6 06:08:11 2019 +0000 - - upstream: typo in previous - - OpenBSD-Commit-ID: 7c3b94110864771a6b80a0d8acaca34037c3c96e - -commit 6a710d3e06fd375e2c2ae02546b9541c488a2cdb -Author: Damien Miller -Date: Sun Sep 8 14:48:11 2019 +1000 - - needs time.h for --without-openssl - -commit f61f29afda6c71eda26effa54d3c2e5306fd0833 -Author: Damien Miller -Date: Sat Sep 7 19:25:00 2019 +1000 - - make unittests pass for no-openssl case - -commit 105e1c9218940eb53473f55a9177652d889ddbad -Author: djm@openbsd.org -Date: Fri Sep 6 05:59:41 2019 +0000 - - upstream: avoid compiling certain files that deeply depend on - - libcrypto when WITH_OPENSSL isn't set - - OpenBSD-Commit-ID: 569f08445c27124ec7c7f6c0268d844ec56ac061 - -commit 670104b923dd97b1c06c0659aef7c3e52af571b2 -Author: djm@openbsd.org -Date: Fri Sep 6 05:23:55 2019 +0000 - - upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@ - - OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f - -commit be02d7cbde3d211ec2ed2320a1f7d86b2339d758 -Author: djm@openbsd.org -Date: Fri Sep 6 04:53:27 2019 +0000 - - upstream: lots of things were relying on libcrypto headers to - - transitively include various system headers (mostly stdlib.h); include them - explicitly - - OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080 - -commit d05aaaaadcad592abfaa44540928e0c61ef72ebb -Author: djm@openbsd.org -Date: Fri Sep 6 03:30:42 2019 +0000 - - upstream: remove leakmalloc reference; we used this early when - - refactoring but not since - - OpenBSD-Commit-ID: bb28ebda8f7c490b87b37954044a6cdd43a7eb2c - -commit 1268f0bcd8fc844ac6c27167888443c8350005eb -Author: dtucker@openbsd.org -Date: Fri Sep 6 04:24:06 2019 +0000 - - upstream: Check for RSA support before using it for the user key, - - otherwise use ed25519 which is supported when built without OpenSSL. - - OpenBSD-Regress-ID: 3d23ddfe83c5062f00ac845d463f19a2ec78c0f7 - -commit fd7a2dec652b9efc8e97f03f118f935dce732c60 -Author: Darren Tucker -Date: Fri Sep 6 14:07:10 2019 +1000 - - Provide explicit path to configure-check. - - On some platforms (at least OpenBSD) make won't search VPATH for target - files, so building out-of-tree will fail at configure-check. Provide - explicit path. ok djm@ - -commit 00865c29690003b4523cc09a0e104724b9f911a4 -Author: djm@openbsd.org -Date: Fri Sep 6 01:58:50 2019 +0000 - - upstream: better error code for bad arguments; inspired by - - OpenBSD-Commit-ID: dfc263b6041de7f0ed921a1de0b81ddebfab1e0a - -commit afdf27f5aceb4973b9f5308f4310c6e3fd8db1fb -Author: Damien Miller -Date: Thu Sep 5 21:38:40 2019 +1000 - - revert config.h/config.h.in freshness checks - - turns out autoreconf and configure don't touch some files if their content - doesn't change, so the mtime can't be relied upon in a makefile rule - -commit a97609e850c57bd2cc2fe7e175fc35cb865bc834 -Author: Damien Miller -Date: Thu Sep 5 20:54:39 2019 +1000 - - extend autoconf freshness test - - make it cover config.h.in and config.h separately - -commit 182297c10edb21c4856c6a38326fd04d81de41a5 -Author: Damien Miller -Date: Thu Sep 5 20:34:54 2019 +1000 - - check that configure/config.h is up to date - - Ensure they are newer than the configure.ac / aclocal.m4 source - -commit 7d6034bd020248e9fc0f8c39c71c858debd0d0c1 -Author: djm@openbsd.org -Date: Thu Sep 5 10:05:51 2019 +0000 - - upstream: if a PKCS#11 token returns no keys then try to login and - - refetch them. Based on patch from Jakub Jelen; bz#2430 ok markus@ - - OpenBSD-Commit-ID: ab53bd6ddd54dd09e54a8bfbed1a984496f08b43 - -commit 76f09bd95917862101b740afb19f4db5ccc752bf -Author: djm@openbsd.org -Date: Thu Sep 5 09:35:19 2019 +0000 - - upstream: sprinkle in some explicit errors here, otherwise the - - percolate all the way up to dispatch_run_fatal() and lose all meaninful - context - - to help with bz#3063; ok dtucker@ - - OpenBSD-Commit-ID: 5b2da83bb1c4a3471444b7910b2120ae36438a0a - -commit 0ea332497b2b2fc3995f72f6bafe9d664c0195b3 -Author: djm@openbsd.org -Date: Thu Sep 5 09:25:13 2019 +0000 - - upstream: only send ext_info for KEX_INITIAL; bz#2929 ok dtucker - - OpenBSD-Commit-ID: 00f5c6062f6863769f5447c6346f78c05d2e4a63 - -commit f23d91f9fa7f6f42e70404e000fac88aebfe3076 -Author: jmc@openbsd.org -Date: Thu Sep 5 05:47:23 2019 +0000 - - upstream: macro fix; ok djm - - OpenBSD-Commit-ID: e891dd6c7996114cb32f0924cb7898ab55efde6e - -commit 8b57337c1c1506df2bb9f039d0628a6de618566b -Author: Damien Miller -Date: Thu Sep 5 15:46:39 2019 +1000 - - update fuzzing makefile to more recent clang - -commit ae631ad77daf8fd39723d15a687cd4b1482cbae8 -Author: Damien Miller -Date: Thu Sep 5 15:45:32 2019 +1000 - - fuzzer for sshsig allowed_signers option parsing - -commit 69159afe24120c97e5ebaf81016c85968afb903e -Author: djm@openbsd.org -Date: Thu Sep 5 05:42:59 2019 +0000 - - upstream: memleak on error path; found by libfuzzer - - OpenBSD-Commit-ID: 34d44cb0fb5bdb5fcbc6b02b804e71b20a7a5fc7 - -commit bab6feb01f9924758ca7129dba708298a53dde5f -Author: djm@openbsd.org -Date: Thu Sep 5 04:55:32 2019 +0000 - - upstream: expose allowed_signers options parsing code in header for - - fuzzing - - rename to make more consistent with philosophically-similar auth - options parsing API. - - OpenBSD-Commit-ID: 0c67600ef04187f98e2912ca57b60c22a8025b7c - -commit 4f9d75fbafde83d428e291516f8ce98e6b3a7c4b -Author: naddy@openbsd.org -Date: Wed Sep 4 20:31:15 2019 +0000 - - upstream: Call comma-separated lists as such to clarify semantics. - - Options such as Ciphers take values that may be a list of ciphers; the - complete list, not indiviual elements, may be prefixed with a dash or plus - character to remove from or append to the default list, respectively. - - Users might read the current text as if each elment took an optional prefix, - so tweak the wording from "values" to "list" to prevent such ambiguity for - all options supporting these semantics. - - Fix instances missed in first commit. ok jmc@ kn@ - - OpenBSD-Commit-ID: 7112522430a54fb9f15a7a26d26190ed84d5e417 - -commit db1e6f60f03641b2d17e0ab062242609f4ed4598 -Author: jmc@openbsd.org -Date: Wed Sep 4 05:56:54 2019 +0000 - - upstream: tweak previous; - - OpenBSD-Commit-ID: 0abd728aef6b5b35f6db43176aa83b7e3bf3ce27 - -commit 0f44e5956c7c816f6600f2a47be4d7bb5a8d711d -Author: naddy@openbsd.org -Date: Tue Sep 3 20:51:49 2019 +0000 - - upstream: repair typo and editing mishap - - OpenBSD-Commit-ID: d125ab720ca71ccf9baf83e08ddc8c12a328597e - -commit f4846dfc6a79f84bbc6356ae3184f142bacedc24 -Author: Damien Miller -Date: Thu Sep 5 11:09:28 2019 +1000 - - Fuzzer harness for sshsig - -commit b08a6bc1cc7750c6f8a425d1cdbd86552fffc637 -Author: Damien Miller -Date: Tue Sep 3 18:45:42 2019 +1000 - - oops; missed including the actual file - -commit 1a72c0dd89f09754df443c9576dde624a17d7dd0 -Author: Damien Miller -Date: Tue Sep 3 18:44:10 2019 +1000 - - portability fixes for sshsig - -commit 6d6427d01304d967e58544cf1c71d2b4394c0522 -Author: djm@openbsd.org -Date: Tue Sep 3 08:37:45 2019 +0000 - - upstream: regress test for sshsig; feedback and ok markus@ - - OpenBSD-Regress-ID: 74c0974f2cdae8d9599b9d76a09680bae55d8a8b - -commit 59650f0eaf65115afe04c39abfb93a4fc994ec55 -Author: djm@openbsd.org -Date: Tue Sep 3 08:37:06 2019 +0000 - - upstream: only add plain keys to prevent any certs laying around - - from confusing the test. - - OpenBSD-Regress-ID: b8f1508f822bc560b98dea910e61ecd76f34100f - -commit d637c4aee6f9b5280c13c020d7653444ac1fcaa5 -Author: djm@openbsd.org -Date: Tue Sep 3 08:35:27 2019 +0000 - - upstream: sshsig tweaks and improvements from and suggested by - - Markus - - ok markus/me - - OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9 - -commit 2a9c9f7272c1e8665155118fe6536bebdafb6166 -Author: djm@openbsd.org -Date: Tue Sep 3 08:34:19 2019 +0000 - - upstream: sshsig: lightweight signature and verification ability - - for OpenSSH - - This adds a simple manual signature scheme to OpenSSH. - Signatures can be made and verified using ssh-keygen -Y sign|verify - - Signatures embed the key used to make them. At verification time, this - is matched via principal name against an authorized_keys-like list - of allowed signers. - - Mostly by Sebastian Kinne w/ some tweaks by me - - ok markus@ - - OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb - -commit 5485f8d50a5bc46aeed829075ebf5d9c617027ea -Author: djm@openbsd.org -Date: Tue Sep 3 08:32:11 2019 +0000 - - upstream: move authorized_keys option parsing helpsers to misc.c - - and make them public; ok markus@ - - OpenBSD-Commit-ID: c18bcb2a687227b3478377c981c2d56af2638ea2 - -commit f8df0413f0a057b6a3d3dd7bd8bc7c5d80911d3a -Author: djm@openbsd.org -Date: Tue Sep 3 08:31:20 2019 +0000 - - upstream: make get_sigtype public as sshkey_get_sigtype(); ok - - markus@ - - OpenBSD-Commit-ID: 01f8cdbec63350490d2249f41112c5780d1cfbb8 - -commit dd8002fbe63d903ffea5be7b7f5fc2714acab4a0 -Author: djm@openbsd.org -Date: Tue Sep 3 08:30:47 2019 +0000 - - upstream: move advance_past_options to authfile.c and make it - - public; ok markus@ - - OpenBSD-Commit-ID: edda2fbba2c5b1f48e60f857a2010479e80c5f3c - -commit c72d78ccbe642e08591a626e5de18381489716e0 -Author: djm@openbsd.org -Date: Tue Sep 3 08:29:58 2019 +0000 - - upstream: move skip_space() to misc.c and make it public; ok - - markus@ - - OpenBSD-Commit-ID: caa77e8a3b210948e29ad3e28c5db00852961eae - -commit 06af3583f46e2c327fdd44d8a95b8b4e8dfd8db5 -Author: djm@openbsd.org -Date: Tue Sep 3 08:29:15 2019 +0000 - - upstream: authfd: add function to check if key is in agent - - This commit adds a helper function which allows the caller to - check if a given public key is present in ssh-agent. - - work by Sebastian Kinne; ok markus@ - - OpenBSD-Commit-ID: d43c5826353e1fdc1af71eb42961b30782c7bd13 - -commit 2ab5a8464870cc4b29ddbe849bbbc255729437bf -Author: djm@openbsd.org -Date: Tue Sep 3 08:28:30 2019 +0000 - - upstream: fix memleak in ssh_free_identitylist(); ok markus@ - - OpenBSD-Commit-ID: aa51f77ae2c5330a1f61b2d22933f24a443f9abf - -commit 85443f165b4169b2a448b3e24bc1d4dc5b3156a4 -Author: djm@openbsd.org -Date: Tue Sep 3 08:27:52 2019 +0000 - - upstream: factor out confirm_overwrite(); ok markus@ - - OpenBSD-Commit-ID: 304e95381b39c774c8fced7e5328b106a3ff0400 - -commit 9a396e33685633581c67d5ad9664570ef95281f2 -Author: djm@openbsd.org -Date: Mon Sep 2 23:46:46 2019 +0000 - - upstream: constify an argument - - OpenBSD-Commit-ID: 724bafc9f993746ad4303e95bede2c030de6233b - -commit b52c0c2e64988277a35a955a474d944967059aeb -Author: djm@openbsd.org -Date: Mon Sep 2 00:19:25 2019 +0000 - - upstream: downgrade PKCS#11 "provider returned no slots" warning - - from log level error to debug. This is common when attempting to enumerate - keys on smartcard readers with no cards plugged in. bz#3058 ok dtucker@ - - OpenBSD-Commit-ID: bb8839ddeb77c271390488af1b771041d43e49c6 - -commit 0713322e18162463c5ab5ddfb9f935055ca775d8 -Author: djm@openbsd.org -Date: Sun Sep 1 23:47:32 2019 +0000 - - upstream: print comment when printing pubkey from private - - bz#3052; ok dtucker - - OpenBSD-Commit-ID: a91b2a8d5f1053d34d7fce44523c53fb534ba914 - -commit 368f1cc2fbd6ad10c66bc1b67c2c04aebf8a04a8 -Author: Damien Miller -Date: Mon Sep 2 10:28:42 2019 +1000 - - fixed test in OSX closefrom() replacement - - from likan_999.student AT sina.com - -commit 6b7c53498def19a14dd9587bf521ab6dbee8988f -Author: Damien Miller -Date: Mon Sep 2 10:22:02 2019 +1000 - - retain Solaris PRIV_FILE_LINK_ANY in sftp-server - - Dropping this privilege removes the ability to create hard links to - files owned by other users. This is required for the legacy sftp rename - operation. - - bz#3036; approach ok Alex Wilson (the original author of the Solaris - sandbox/pledge replacement code) - -commit e50f808712393e86d69e42e9847cdf8d473412d7 -Author: dtucker@openbsd.org -Date: Fri Aug 30 05:08:28 2019 +0000 - - upstream: Use ed25519 for most hostkey rotation tests since it's - - supported even when built without OpenSSL. Use RSA for the secondary type - test if supported, otherwise skip it. Fixes this test for !OpenSSL builds. - - OpenBSD-Regress-ID: 101cb34a84fd974c623bdb2e496f25a6e91be109 - -commit 5e4796c47dd8d6c38fb2ff0b3e817525fed6040d -Author: bluhm@openbsd.org -Date: Thu Aug 22 21:47:27 2019 +0000 - - upstream: Test did not compile due to missing symbols. Add source - - sshbuf-misc.c to regress as it was done in ssh make file. from Moritz Buhl - - OpenBSD-Regress-ID: 9e1c23476bb845f3cf3d15d9032da3ed0cb2fcf5 - -commit e0e7e3d0e26f2c30697e6d0cfc293414908963c7 -Author: Damien Miller -Date: Fri Aug 30 14:26:19 2019 +1000 - - tweak warning flags - - Enable -Wextra if compiler supports it - - Set -Wno-error=format-truncation if available to prevent expected - string truncations in openbsd-compat from breaking -Werror builds - -commit 28744182cf90e0073b76a9e98de58a47e688b2c4 -Author: Damien Miller -Date: Fri Aug 30 13:21:38 2019 +1000 - - proc_pidinfo()-based closefrom() for OS X - - Refactor closefrom() to use a single brute-force close() loop fallback. - - Based on patch from likan_999.student@sina.com in bz#3049. ok dtucker@ - -commit dc2ca588144f088a54febebfde3414568dc73d5f -Author: kn@openbsd.org -Date: Fri Aug 16 11:16:32 2019 +0000 - - upstream: Call comma-separated lists as such to clarify semantics - - Options such as Ciphers take values that may be a list of ciphers; the - complete list, not indiviual elements, may be prefixed with a dash or plus - character to remove from or append to the default list respectively. - - Users might read the current text as if each elment took an optional prefix, - so tweak the wording from "values" to "list" to prevent such ambiguity for - all options supporting this semantics (those that provide a list of - available elements via "ssh -Q ..."). - - Input and OK jmc - - OpenBSD-Commit-ID: 4fdd175b0e5f5cb10ab3f26ccc38a93bb6515d57 - -commit c4736f39e66729ce2bf5b06ee6b391e092b48f47 -Author: djm@openbsd.org -Date: Fri Aug 16 06:35:27 2019 +0000 - - upstream: include sshbuf-misc.c in SRCS_BASE - - OpenBSD-Commit-ID: 99dd10e72c04e93849981d43d64c946619efa474 - -commit d0e51810f332fe44ebdba41113aacf319d35f5a5 -Author: Darren Tucker -Date: Sat Aug 24 15:12:11 2019 +1000 - - Fix pasto in fallback code. - - There is no parameter called "pathname", it should simply be "path". - bz#3059, patch from samuel at cendio.se. - -commit e83c989bfd9fc9838b7dfb711d1dc6da81814045 -Author: Damien Miller -Date: Fri Aug 23 10:19:30 2019 +1000 - - use SC_ALLOW_ARG_MASK to limit mmap protections - - Restrict to PROT_(READ|WRITE|NONE), i.e. exclude PROT_EXEC - -commit f6906f9bf12c968debec3671bbf19926ff8a235b -Author: Damien Miller -Date: Fri Aug 23 10:08:48 2019 +1000 - - allow mprotect(2) with PROT_(READ|WRITE|NONE) only - - Used by some hardened heap allocators. Requested by Yegor - Timoshenko in https://github.com/openssh/openssh-portable/pull/142 diff --git a/crypto/openssh/README b/crypto/openssh/README index 5c7f8647dc8..329aaeda2ea 100644 --- a/crypto/openssh/README +++ b/crypto/openssh/README @@ -1,4 +1,4 @@ -See https://www.openssh.com/releasenotes.html#8.7p1 for the release notes. +See https://www.openssh.com/releasenotes.html#8.8p1 for the release notes. Please read https://www.openssh.com/report.html for bug reporting instructions and note that we do not use Github for bug reporting or diff --git a/crypto/openssh/auth-pam.c b/crypto/openssh/auth-pam.c index 7e6f972681e..81c19fb7c45 100644 --- a/crypto/openssh/auth-pam.c +++ b/crypto/openssh/auth-pam.c @@ -887,6 +887,7 @@ sshpam_query(void *ctx, char **name, char **info, case PAM_AUTH_ERR: debug3("PAM: %s", pam_strerror(sshpam_handle, type)); if (**prompts != NULL && strlen(**prompts) != 0) { + free(*info); *info = **prompts; **prompts = NULL; *num = 0; diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index fd72f371df9..1c714c845e1 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.407 2021/05/19 01:24:05 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.408 2021/09/14 11:04:21 mbuhl Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -629,9 +629,11 @@ channel_free(struct ssh *ssh, Channel *c) debug("channel %d: free: %s, nchannels %u", c->self, c->remote_name ? c->remote_name : "???", n); - if (c->type == SSH_CHANNEL_MUX_CLIENT) + if (c->type == SSH_CHANNEL_MUX_CLIENT) { mux_remove_remote_forwardings(ssh, c); - else if (c->type == SSH_CHANNEL_MUX_LISTENER) { + free(c->mux_ctx); + c->mux_ctx = NULL; + } else if (c->type == SSH_CHANNEL_MUX_LISTENER) { free(c->mux_ctx); c->mux_ctx = NULL; } diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c index bfcd50c263f..da14d150791 100644 --- a/crypto/openssh/clientloop.c +++ b/crypto/openssh/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.369 2021/07/23 04:04:52 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.370 2021/08/29 23:44:07 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1405,7 +1405,8 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, * exit status to be returned. In that case, clear error code if the * connection was deliberately terminated at this end. */ - if (options.session_type == SESSION_TYPE_NONE && received_signal == SIGTERM) { + if (options.session_type == SESSION_TYPE_NONE && + received_signal == SIGTERM) { received_signal = 0; exit_status = 0; } diff --git a/crypto/openssh/compat.c b/crypto/openssh/compat.c index 3f153bd424f..0dbea68c625 100644 --- a/crypto/openssh/compat.c +++ b/crypto/openssh/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.118 2021/06/06 03:40:39 djm Exp $ */ +/* $OpenBSD: compat.c,v 1.119 2021/09/10 05:46:09 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -69,7 +69,6 @@ compat_banner(struct ssh *ssh, const char *version) "OpenSSH_7.1*," "OpenSSH_7.2*," "OpenSSH_7.3*," - "OpenSSH_7.4*," "OpenSSH_7.5*," "OpenSSH_7.6*," "OpenSSH_7.7*", SSH_NEW_OPENSSH|SSH_BUG_SIGTYPE}, diff --git a/crypto/openssh/config.h b/crypto/openssh/config.h index 966e2679bd1..646745bb758 100644 --- a/crypto/openssh/config.h +++ b/crypto/openssh/config.h @@ -1068,6 +1068,9 @@ /* Define to 1 if you have the header file. */ /* #undef HAVE_PRIV_H */ +/* Define to 1 if you have the `procctl' function. */ +#define HAVE_PROCCTL 1 + /* Define if you have /proc/$pid/fd */ /* #undef HAVE_PROC_PID */ @@ -1492,6 +1495,9 @@ /* Define to 1 if you have the header file. */ /* #undef HAVE_SYS_PRCTL_H */ +/* Define to 1 if you have the header file. */ +#define HAVE_SYS_PROCCTL_H 1 + /* Define to 1 if you have the header file. */ /* #undef HAVE_SYS_PSTAT_H */ diff --git a/crypto/openssh/configure.ac b/crypto/openssh/configure.ac index dfcef796a3f..428f3ff55a8 100644 --- a/crypto/openssh/configure.ac +++ b/crypto/openssh/configure.ac @@ -454,6 +454,7 @@ AC_CHECK_HEADERS([ \ sys/ndir.h \ sys/poll.h \ sys/prctl.h \ + sys/procctl.h \ sys/pstat.h \ sys/ptrace.h \ sys/random.h \ @@ -1925,6 +1926,7 @@ AC_CHECK_FUNCS([ \ pledge \ poll \ prctl \ + procctl \ pselect \ pstat \ raise \ @@ -2818,7 +2820,8 @@ if test "x$openssl" = "xyes" ; then ;; 101*) ;; # 1.1.x 200*) ;; # LibreSSL - 300*) ;; # OpenSSL development branch. + 300*) ;; # OpenSSL 3 + 301*) ;; # OpenSSL development branch. *) AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_library_ver")]) ;; @@ -3157,7 +3160,6 @@ if test "x$openssl" = "xyes" ; then AC_MSG_RESULT([no]) ) - COMMENT_OUT_ECC="#no ecc#" TEST_SSH_ECC=no if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \ @@ -3172,7 +3174,6 @@ if test "x$openssl" = "xyes" ; then AC_DEFINE([OPENSSL_HAS_NISTP256], [1], [libcrypto has NID_X9_62_prime256v1]) TEST_SSH_ECC=yes - COMMENT_OUT_ECC="" else unsupported_algorithms="$unsupported_algorithms \ ecdsa-sha2-nistp256 \ @@ -3182,7 +3183,6 @@ if test "x$openssl" = "xyes" ; then if test x$enable_nistp384 = x1; then AC_DEFINE([OPENSSL_HAS_NISTP384], [1], [libcrypto has NID_secp384r1]) TEST_SSH_ECC=yes - COMMENT_OUT_ECC="" else unsupported_algorithms="$unsupported_algorithms \ ecdsa-sha2-nistp384 \ @@ -3192,7 +3192,6 @@ if test "x$openssl" = "xyes" ; then if test x$enable_nistp521 = x1; then AC_DEFINE([OPENSSL_HAS_NISTP521], [1], [libcrypto has NID_secp521r1]) TEST_SSH_ECC=yes - COMMENT_OUT_ECC="" else unsupported_algorithms="$unsupported_algorithms \ ecdh-sha2-nistp521 \ @@ -3201,7 +3200,6 @@ if test "x$openssl" = "xyes" ; then fi AC_SUBST([TEST_SSH_ECC]) - AC_SUBST([COMMENT_OUT_ECC]) else AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"]) AC_CHECK_FUNCS([crypt]) diff --git a/crypto/openssh/contrib/redhat/openssh.spec b/crypto/openssh/contrib/redhat/openssh.spec index 5fb81ce3149..2905db0e8c3 100644 --- a/crypto/openssh/contrib/redhat/openssh.spec +++ b/crypto/openssh/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%global ver 8.7p1 +%global ver 8.8p1 %global rel 1%{?dist} # OpenSSH privilege separation requires a user & group ID diff --git a/crypto/openssh/contrib/redhat/sshd.init.old b/crypto/openssh/contrib/redhat/sshd.init.old deleted file mode 100755 index 8a30f7da4a4..00000000000 --- a/crypto/openssh/contrib/redhat/sshd.init.old +++ /dev/null @@ -1,155 +0,0 @@ -#!/bin/bash -# -# Init file for OpenSSH server daemon -# -# chkconfig: 2345 55 25 -# description: OpenSSH server daemon -# -# processname: sshd -# config: /etc/ssh/ssh_host_key -# config: /etc/ssh/ssh_host_key.pub -# config: /etc/ssh/ssh_random_seed -# config: /etc/ssh/sshd_config -# pidfile: /var/run/sshd.pid - -# source function library -. /etc/rc.d/init.d/functions - -# pull in sysconfig settings -[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd - -RETVAL=0 -prog="sshd" - -# Some functions to make the below more readable -KEYGEN=/usr/bin/ssh-keygen -SSHD=/usr/sbin/sshd -RSA_KEY=/etc/ssh/ssh_host_rsa_key -DSA_KEY=/etc/ssh/ssh_host_dsa_key -PID_FILE=/var/run/sshd.pid - -my_success() { - local msg - if [ $# -gt 1 ]; then - msg="$2" - else - msg="done" - fi - case "`type -type success`" in - function) - success "$1" - ;; - *) - echo -n "${msg}" - ;; - esac -} -my_failure() { - local msg - if [ $# -gt 1 ]; then - msg="$2" - else - msg="FAILED" - fi - case "`type -type failure`" in - function) - failure "$1" - ;; - *) - echo -n "${msg}" - ;; - esac -} -do_rsa_keygen() { - if [ ! -s $RSA_KEY ]; then - echo -n "Generating SSH2 RSA host key: " - if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then - chmod 600 $RSA_KEY - chmod 644 $RSA_KEY.pub - my_success "RSA key generation" - echo - else - my_failure "RSA key generation" - echo - exit 1 - fi - fi -} -do_dsa_keygen() { - if [ ! -s $DSA_KEY ]; then - echo -n "Generating SSH2 DSA host key: " - if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then - chmod 600 $DSA_KEY - chmod 644 $DSA_KEY.pub - my_success "DSA key generation" - echo - else - my_failure "DSA key generation" - echo - exit 1 - fi - fi -} -do_restart_sanity_check() { - $SSHD -t - RETVAL=$? - if [ ! "$RETVAL" = 0 ]; then - my_failure "Configuration file or keys" - echo - fi -} - - -case "$1" in - start) - # Create keys if necessary - do_rsa_keygen; - do_dsa_keygen; - - echo -n "Starting sshd: " - if [ ! -f $PID_FILE ] ; then - sshd $OPTIONS - RETVAL=$? - if [ "$RETVAL" = "0" ] ; then - my_success "sshd startup" "sshd" - touch /var/lock/subsys/sshd - else - my_failure "sshd startup" "" - fi - fi - echo - ;; - stop) - echo -n "Shutting down sshd: " - if [ -f $PID_FILE ] ; then - killproc sshd - RETVAL=$? - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd - fi - echo - ;; - restart) - do_restart_sanity_check - $0 stop - $0 start - RETVAL=$? - ;; - condrestart) - if [ -f /var/lock/subsys/sshd ] ; then - do_restart_sanity_check - $0 stop - $0 start - RETVAL=$? - fi - ;; - status) - status sshd - RETVAL=$? - ;; - *) - echo "Usage: sshd {start|stop|restart|status|condrestart}" - exit 1 - ;; -esac - -exit $RETVAL diff --git a/crypto/openssh/contrib/redhat/sshd.pam.old b/crypto/openssh/contrib/redhat/sshd.pam.old deleted file mode 100644 index 26dcb34d9e9..00000000000 --- a/crypto/openssh/contrib/redhat/sshd.pam.old +++ /dev/null @@ -1,8 +0,0 @@ -#%PAM-1.0 -auth required /lib/security/pam_pwdb.so shadow nodelay -auth required /lib/security/pam_nologin.so -account required /lib/security/pam_pwdb.so -password required /lib/security/pam_cracklib.so -password required /lib/security/pam_pwdb.so shadow nullok use_authtok -session required /lib/security/pam_pwdb.so -session required /lib/security/pam_limits.so diff --git a/crypto/openssh/contrib/suse/openssh.spec b/crypto/openssh/contrib/suse/openssh.spec index 6cd222e5a42..ee320c76d8d 100644 --- a/crypto/openssh/contrib/suse/openssh.spec +++ b/crypto/openssh/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 8.7p1 +Version: 8.8p1 URL: https://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c index 42c6f9a60d3..99bf046a792 100644 --- a/crypto/openssh/log.c +++ b/crypto/openssh/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.59 2021/05/07 04:11:51 djm Exp $ */ +/* $OpenBSD: log.c,v 1.60 2021/09/16 15:11:19 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -346,6 +346,7 @@ do_log(LogLevel level, int force, const char *suffix, const char *fmt, int pri = LOG_INFO; int saved_errno = errno; log_handler_fn *tmp_handler; + const char *progname = argv0 != NULL ? argv0 : __progname; if (!force && level > log_level) return; @@ -403,16 +404,18 @@ do_log(LogLevel level, int force, const char *suffix, const char *fmt, tmp_handler(level, force, fmtbuf, log_handler_ctx); log_handler = tmp_handler; } else if (log_on_stderr) { - snprintf(msgbuf, sizeof msgbuf, "%.*s\r\n", + snprintf(msgbuf, sizeof msgbuf, "%s%s%.*s\r\n", + (log_on_stderr > 1) ? progname : "", + (log_on_stderr > 1) ? ": " : "", (int)sizeof msgbuf - 3, fmtbuf); (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); } else { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) - openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); + openlog_r(progname, LOG_PID, log_facility, &sdata); syslog_r(pri, &sdata, "%.500s", fmtbuf); closelog_r(&sdata); #else - openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); + openlog(progname, LOG_PID, log_facility); syslog(pri, "%.500s", fmtbuf); closelog(); #endif diff --git a/crypto/openssh/openbsd-compat/bsd-pselect.c b/crypto/openssh/openbsd-compat/bsd-pselect.c index fff1bf54f72..b3632086368 100644 --- a/crypto/openssh/openbsd-compat/bsd-pselect.c +++ b/crypto/openssh/openbsd-compat/bsd-pselect.c @@ -188,7 +188,7 @@ pselect(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, if (unmasked) { pselect_notify_setup(); pselect_notify_prepare(readfds); - nfds = MAX(nfds, notify_pipe[0]); + nfds = MAX(nfds, notify_pipe[0] + 1); } /* Unmask signals, call select then restore signal mask. */ diff --git a/crypto/openssh/opensshd.init.in b/crypto/openssh/opensshd.init.in index 99e5a51ab8b..251724805f7 100755 --- a/crypto/openssh/opensshd.init.in +++ b/crypto/openssh/opensshd.init.in @@ -17,26 +17,6 @@ PIDFILE=$piddir/sshd.pid PidFile=`grep "^PidFile" ${sysconfdir}/sshd_config | tr "=" " " | awk '{print $2}'` [ X$PidFile = X ] || PIDFILE=$PidFile SSH_KEYGEN=$prefix/bin/ssh-keygen -HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key -HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key -@COMMENT_OUT_ECC@HOST_KEY_ECDSA=$sysconfdir/ssh_host_ecdsa_key -HOST_KEY_ED25519=$sysconfdir/ssh_host_ed25519_key - - -checkkeys() { - if [ ! -f $HOST_KEY_DSA ]; then - ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" - fi - if [ ! -f $HOST_KEY_RSA ]; then - ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" - fi -@COMMENT_OUT_ECC@ if [ ! -f $HOST_KEY_ECDSA ]; then -@COMMENT_OUT_ECC@ ${SSH_KEYGEN} -t ecdsa -f ${HOST_KEY_ECDSA} -N "" -@COMMENT_OUT_ECC@ fi - if [ ! -f $HOST_KEY_ED25519 ]; then - ${SSH_KEYGEN} -t ed25519 -f ${HOST_KEY_ED25519} -N "" - fi -} stop_service() { if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then @@ -54,7 +34,7 @@ start_service() { # XXX we will opt out at this time. - Bal # Check to see if we have keys that need to be made - checkkeys + ${SSH_KEYGEN} -A # Start SSHD echo "starting $SSHD... \c" ; $SSHD diff --git a/crypto/openssh/platform-tracing.c b/crypto/openssh/platform-tracing.c index 4c80a282c49..740a266b943 100644 --- a/crypto/openssh/platform-tracing.c +++ b/crypto/openssh/platform-tracing.c @@ -17,6 +17,9 @@ #include "includes.h" #include +#ifdef HAVE_SYS_PROCCTL_H +#include +#endif #if defined(HAVE_SYS_PRCTL_H) #include /* For prctl() and PR_SET_DUMPABLE */ #endif @@ -27,12 +30,20 @@ #include /* For setpflags() and __PROC_PROTECT */ #endif #include +#include #include "log.h" void platform_disable_tracing(int strict) { +#if defined(HAVE_PROCCTL) && defined(PROC_TRACE_CTL) + /* On FreeBSD, we should make this process untraceable */ + int disable_trace = PROC_TRACE_CTL_DISABLE; + + if (procctl(P_PID, getpid(), PROC_TRACE_CTL, &disable_trace) && strict) + fatal("unable to make the process untraceable"); +#endif #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) /* Disable ptrace on Linux without sgid bit */ if (prctl(PR_SET_DUMPABLE, 0) != 0 && strict) diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index 7abefb6f562..980388f03e1 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.361 2021/07/23 04:04:52 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.363 2021/09/16 05:36:03 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2038,11 +2038,23 @@ parse_pubkey_algos: case oCanonicalizePermittedCNAMEs: value = options->num_permitted_cnames != 0; + i = 0; while ((arg = argv_next(&ac, &av)) != NULL) { - /* Either '*' for everything or 'list:list' */ - if (strcmp(arg, "*") == 0) + /* + * Either 'none' (only in first position), '*' for + * everything or 'list:list' + */ + if (strcasecmp(arg, "none") == 0) { + if (i > 0 || ac > 0) { + error("%s line %d: keyword %s \"none\" " + "argument must appear alone.", + filename, linenum, keyword); + goto out; + } + arg2 = ""; + } else if (strcmp(arg, "*") == 0) { arg2 = arg; - else { + } else { lowercase(arg); if ((arg2 = strchr(arg, ':')) == NULL || arg2[1] == '\0') { @@ -2054,6 +2066,7 @@ parse_pubkey_algos: *arg2 = '\0'; arg2++; } + i++; if (!*activep || value) continue; if (options->num_permitted_cnames >= @@ -2307,6 +2320,20 @@ option_clear_or_none(const char *o) return o == NULL || strcasecmp(o, "none") == 0; } +/* + * Returns 1 if CanonicalizePermittedCNAMEs have been specified, 0 otherwise. + * Allowed to be called on non-final configuration. + */ +int +config_has_permitted_cnames(Options *options) +{ + if (options->num_permitted_cnames == 1 && + strcasecmp(options->permitted_cnames[0].source_list, "none") == 0 && + strcmp(options->permitted_cnames[0].target_list, "") == 0) + return 0; + return options->num_permitted_cnames > 0; +} + /* * Initializes options to special values that indicate that they have not yet * been set. Read_config_file will only set options with this value. Options @@ -2682,6 +2709,15 @@ fill_default_options(Options * options) free(options->jump_host); options->jump_host = NULL; } + if (options->num_permitted_cnames == 1 && + !config_has_permitted_cnames(options)) { + /* clean up CanonicalizePermittedCNAMEs=none */ + free(options->permitted_cnames[0].source_list); + free(options->permitted_cnames[0].target_list); + memset(options->permitted_cnames, '\0', + sizeof(*options->permitted_cnames)); + options->num_permitted_cnames = 0; + } /* options->identity_agent distinguishes NULL from 'none' */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ @@ -3399,14 +3435,14 @@ dump_client_config(Options *o, const char *host) printf("\n"); /* oCanonicalizePermittedCNAMEs */ - if ( o->num_permitted_cnames > 0) { - printf("canonicalizePermittedcnames"); - for (i = 0; i < o->num_permitted_cnames; i++) { - printf(" %s:%s", o->permitted_cnames[i].source_list, - o->permitted_cnames[i].target_list); - } - printf("\n"); + printf("canonicalizePermittedcnames"); + if (o->num_permitted_cnames == 0) + printf(" none"); + for (i = 0; i < o->num_permitted_cnames; i++) { + printf(" %s:%s", o->permitted_cnames[i].source_list, + o->permitted_cnames[i].target_list); } + printf("\n"); /* oControlPersist */ if (o->control_persist == 0 || o->control_persist_timeout == 0) diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index f3ac60bd71e..89f6ec84af1 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.144 2021/07/23 04:04:52 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.145 2021/09/15 06:56:01 djm Exp $ */ /* $FreeBSD$ */ /* @@ -231,6 +231,7 @@ int parse_jump(const char *, Options *, int); int parse_ssh_uri(const char *, char **, char **, int *); int default_ssh_port(void); int option_clear_or_none(const char *); +int config_has_permitted_cnames(Options *); void dump_client_config(Options *o, const char *host); void add_local_forward(Options *, const struct Forward *); diff --git a/crypto/openssh/regress/Makefile b/crypto/openssh/regress/Makefile index 810d74ce599..0b5ad45d753 100644 --- a/crypto/openssh/regress/Makefile +++ b/crypto/openssh/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.116 2021/08/04 21:28:00 djm Exp $ +# $OpenBSD: Makefile,v 1.117 2021/09/03 04:11:13 dtucker Exp $ tests: prep file-tests t-exec unit @@ -27,6 +27,7 @@ LTESTS= connect \ proto-version \ proto-mismatch \ exit-status \ + exit-status-signal \ envpass \ transfer \ banner \ diff --git a/crypto/openssh/regress/agent-getpeereid.sh b/crypto/openssh/regress/agent-getpeereid.sh index ddeef01f1b7..2874100fa0f 100644 --- a/crypto/openssh/regress/agent-getpeereid.sh +++ b/crypto/openssh/regress/agent-getpeereid.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-getpeereid.sh,v 1.11 2019/11/26 23:43:10 djm Exp $ +# $OpenBSD: agent-getpeereid.sh,v 1.13 2021/09/01 00:50:27 dtucker Exp $ # Placed in the Public Domain. tid="disallow agent attach from other uid" @@ -10,19 +10,15 @@ SSH_AUTH_SOCK=/nonexistent if config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then : else - echo "skipped (not supported on this platform)" - exit 0 + skip "skipped (not supported on this platform)" fi case "x$SUDO" in xsudo) sudo=1;; xdoas|xdoas\ *) ;; x) - echo "need SUDO to switch to uid $UNPRIV" - echo SKIPPED - exit 0 ;; + skip "need SUDO to switch to uid $UNPRIV" ;; *) - echo "unsupported $SUDO - "doas" and "sudo" are allowed" - exit 0 ;; + skip "unsupported $SUDO - "doas" and "sudo" are allowed" ;; esac trace "start agent" diff --git a/crypto/openssh/regress/exit-status-signal.sh b/crypto/openssh/regress/exit-status-signal.sh new file mode 100644 index 00000000000..1b3af0d84dd --- /dev/null +++ b/crypto/openssh/regress/exit-status-signal.sh @@ -0,0 +1,24 @@ +# This test performs validation that ssh client is not successive on being terminated + +tid="exit status on signal" + +# spawn client in background +rm -f $OBJ/remote_pid +${SSH} -F $OBJ/ssh_proxy somehost 'echo $$ >'$OBJ'/remote_pid; sleep 444' & +ssh_pid=$! + +# wait for it to start +n=20 +while [ ! -f $OBJ/remote_pid ] && [ $n -gt 0 ]; do + n=$(($n - 1)) + sleep 1 +done + +kill $ssh_pid +wait $ssh_pid +exit_code=$? + +if [ $exit_code -eq 0 ]; then + fail "ssh client should fail on signal" +fi + diff --git a/crypto/openssh/regress/hostkey-rotate.sh b/crypto/openssh/regress/hostkey-rotate.sh index 2852c457c25..0ae0c3dfcb4 100644 --- a/crypto/openssh/regress/hostkey-rotate.sh +++ b/crypto/openssh/regress/hostkey-rotate.sh @@ -3,6 +3,25 @@ tid="hostkey rotate" +# +# GNU (f)grep <=2.18, as shipped by FreeBSD<=12 and NetBSD<=9 will occasionally +# fail to find ssh host keys in the hostkey-rotate test. If we have those +# versions, use awk instead. +# See # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258616 +# +case `grep --version 2>&1 | awk '/GNU grep/{print $4}'` in +2.19) fgrep=good ;; +1.*|2.?|2.?.?|2.1?) fgrep=bad ;; # stock GNU grep +2.5.1*) fgrep=bad ;; # FreeBSD and NetBSD +*) fgrep=good ;; +esac +if test "x$fgrep" = "xbad"; then + fgrep() +{ + awk 'BEGIN{e=1} {if (index($0,"'$1'")>0){e=0;print}} END{exit e}' $2 +} +fi + rm -f $OBJ/hkr.* $OBJ/ssh_proxy.orig $OBJ/ssh_proxy.orig grep -vi 'hostkey' $OBJ/sshd_proxy > $OBJ/sshd_proxy.orig diff --git a/crypto/openssh/regress/keys-command.sh b/crypto/openssh/regress/keys-command.sh index 33b6e7b423d..a3acf5e4d90 100644 --- a/crypto/openssh/regress/keys-command.sh +++ b/crypto/openssh/regress/keys-command.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keys-command.sh,v 1.6 2019/07/25 08:48:11 dtucker Exp $ +# $OpenBSD: keys-command.sh,v 1.7 2021/09/01 00:50:27 dtucker Exp $ # Placed in the Public Domain. tid="authorized keys from command" @@ -77,5 +77,5 @@ if [ -x $KEY_COMMAND ]; then fail "connect failed" fi else - echo "SKIPPED: $KEY_COMMAND not executable (/var/run mounted noexec?)" + skip "$KEY_COMMAND not executable (/var/run mounted noexec?)" fi diff --git a/crypto/openssh/regress/putty-ciphers.sh b/crypto/openssh/regress/putty-ciphers.sh index 708c288d73a..5b8e25a2719 100644 --- a/crypto/openssh/regress/putty-ciphers.sh +++ b/crypto/openssh/regress/putty-ciphers.sh @@ -1,11 +1,17 @@ -# $OpenBSD: putty-ciphers.sh,v 1.7 2020/01/23 03:35:07 dtucker Exp $ +# $OpenBSD: putty-ciphers.sh,v 1.11 2021/09/01 03:16:06 dtucker Exp $ # Placed in the Public Domain. tid="putty ciphers" if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then - echo "putty interop tests not enabled" - exit 0 + skip "putty interop tests not enabled" +fi + +# Re-enable ssh-rsa on older PuTTY versions. +oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`" +if [ "x$oldver" = "xyes" ]; then + echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy + echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy fi for c in aes 3des aes128-ctr aes192-ctr aes256-ctr chacha20 ; do diff --git a/crypto/openssh/regress/putty-kex.sh b/crypto/openssh/regress/putty-kex.sh index 686d0e1af2e..c75802a0610 100644 --- a/crypto/openssh/regress/putty-kex.sh +++ b/crypto/openssh/regress/putty-kex.sh @@ -1,11 +1,17 @@ -# $OpenBSD: putty-kex.sh,v 1.5 2020/01/23 03:24:38 dtucker Exp $ +# $OpenBSD: putty-kex.sh,v 1.9 2021/09/01 03:16:06 dtucker Exp $ # Placed in the Public Domain. tid="putty KEX" if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then - echo "putty interop tests not enabled" - exit 0 + skip "putty interop tests not enabled" +fi + +# Re-enable ssh-rsa on older PuTTY versions. +oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`" +if [ "x$oldver" = "xyes" ]; then + echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy + echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy fi for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ecdh ; do diff --git a/crypto/openssh/regress/putty-transfer.sh b/crypto/openssh/regress/putty-transfer.sh index 14b41022f8a..a6864f9515a 100644 --- a/crypto/openssh/regress/putty-transfer.sh +++ b/crypto/openssh/regress/putty-transfer.sh @@ -1,11 +1,17 @@ -# $OpenBSD: putty-transfer.sh,v 1.7 2020/01/23 11:19:12 dtucker Exp $ +# $OpenBSD: putty-transfer.sh,v 1.11 2021/09/01 03:16:06 dtucker Exp $ # Placed in the Public Domain. tid="putty transfer data" if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then - echo "putty interop tests not enabled" - exit 0 + skip "putty interop tests not enabled" +fi + +# Re-enable ssh-rsa on older PuTTY versions. +oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`" +if [ "x$oldver" = "xyes" ]; then + echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy + echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy fi if [ "`${SSH} -Q compression`" = "none" ]; then diff --git a/crypto/openssh/regress/sftp-chroot.sh b/crypto/openssh/regress/sftp-chroot.sh index 5acc4d2de4a..a7766fe63a2 100644 --- a/crypto/openssh/regress/sftp-chroot.sh +++ b/crypto/openssh/regress/sftp-chroot.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sftp-chroot.sh,v 1.7 2018/11/22 08:48:32 dtucker Exp $ +# $OpenBSD: sftp-chroot.sh,v 1.8 2021/09/01 00:50:27 dtucker Exp $ # Placed in the Public Domain. tid="sftp in chroot" @@ -9,14 +9,11 @@ PRIVDATA=${CHROOT}/${FILENAME} trap "${SUDO} rm -f ${PRIVDATA}" 0 if [ -z "$SUDO" -a ! -w /var/run ]; then - echo "need SUDO to create file in /var/run, test won't work without" - echo SKIPPED - exit 0 + skip "need SUDO to create file in /var/run, test won't work without" fi if ! $OBJ/check-perm -m chroot "$CHROOT" ; then - echo "skipped: $CHROOT is unsuitable as ChrootDirectory" - exit 0 + skip "$CHROOT is unsuitable as ChrootDirectory" fi $SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ diff --git a/crypto/openssh/regress/sshfp-connect.sh b/crypto/openssh/regress/sshfp-connect.sh index 06e91cdbb85..f78646922ef 100644 --- a/crypto/openssh/regress/sshfp-connect.sh +++ b/crypto/openssh/regress/sshfp-connect.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sshfp-connect.sh,v 1.2 2021/07/19 08:48:33 dtucker Exp $ +# $OpenBSD: sshfp-connect.sh,v 1.4 2021/09/01 00:50:27 dtucker Exp $ # Placed in the Public Domain. # This test requires external setup and thus is skipped unless @@ -24,9 +24,11 @@ tid="sshfp connect" -if [ ! -z "${TEST_SSH_SSHFP_DOMAIN}" ] && \ - $SSH -Q key-plain | grep ssh-rsa >/dev/null; then - +if ! $SSH -Q key-plain | grep ssh-rsa >/dev/null; then + skip "RSA keys not supported." +elif [ -z "${TEST_SSH_SSHFP_DOMAIN}" ]; then + skip "TEST_SSH_SSHFP_DOMAIN not set." +else # Set RSA host key to match fingerprints above. mv $OBJ/sshd_proxy $OBJ/sshd_proxy.orig $SUDO cp $SRC/rsa_openssh.prv $OBJ/host.ssh-rsa @@ -45,7 +47,7 @@ if [ ! -z "${TEST_SSH_SSHFP_DOMAIN}" ] && \ trace "sshfp connect $n good fingerprint" host="${n}.dtucker.net" opts="-F $OBJ/ssh_proxy -o VerifyHostKeyDNS=yes " - opts="$opts -o HostKeyAlgorithms=ssh-rsa" + opts="$opts -o HostKeyAlgorithms=rsa-sha2-512,rsa-sha2-256" host="${n}.${TEST_SSH_SSHFP_DOMAIN}" SSH_CONNECTION=`${SSH} $opts $host 'echo $SSH_CONNECTION'` if [ $? -ne 0 ]; then @@ -61,6 +63,4 @@ if [ ! -z "${TEST_SSH_SSHFP_DOMAIN}" ] && \ fail "sshfp-connect succeeded with bad SSHFP record" fi done -else - echo SKIPPED: TEST_SSH_SSHFP_DOMAIN not set. fi diff --git a/crypto/openssh/regress/test-exec.sh b/crypto/openssh/regress/test-exec.sh index db6d6161aa2..415422ef557 100644 --- a/crypto/openssh/regress/test-exec.sh +++ b/crypto/openssh/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.86 2021/08/08 08:27:28 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.87 2021/09/01 00:50:27 dtucker Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -462,6 +462,14 @@ fatal () exit $RESULT } +# Skip remaining tests in script. +skip () +{ + echo "SKIPPED: $@" + cleanup + exit $RESULT +} + RESULT=0 PIDFILE=$OBJ/pidfile diff --git a/crypto/openssh/scp.1 b/crypto/openssh/scp.1 index 68aac04b205..10cd4efb912 100644 --- a/crypto/openssh/scp.1 +++ b/crypto/openssh/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.100 2021/08/11 14:07:54 naddy Exp $ +.\" $OpenBSD: scp.1,v 1.105 2021/09/20 06:53:56 djm Exp $ .\" -.Dd $Mdocdate: August 11 2021 $ +.Dd $Mdocdate: September 20 2021 $ .Dt SCP 1 .Os .Sh NAME @@ -37,9 +37,6 @@ It uses .Xr ssh 1 for data transfer, and uses the same authentication and provides the same security as a login session. -The scp protocol requires execution of the remote user's shell to perform -.Xr glob 3 -pattern matching. .Pp .Nm will ask for passwords or passphrases if they are needed for @@ -79,7 +76,7 @@ The options are as follows: Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. -Note that, when using the legacy SCP protocol (the default), this option +Note that, when using the original SCP protocol (the default), this option selects batch mode for the second host as .Nm cannot ask for passwords or passphrases for both hosts. @@ -112,7 +109,7 @@ This option is directly passed to .Xr ssh 1 . .It Fl D Ar sftp_server_path When using the SFTP protocol support via -.Fl M , +.Fl s , connect directly to a local SFTP server program rather than a remote one via .Xr ssh 1 . @@ -144,10 +141,12 @@ This option is directly passed to .It Fl l Ar limit Limits the used bandwidth, specified in Kbit/s. .It Fl O -Use the legacy SCP protocol for file transfers instead of the SFTP protocol. +Use the original SCP protocol for file transfers instead of the SFTP protocol. Forcing the use of the SCP protocol may be necessary for servers that do -not implement SFTP or for backwards-compatibility for particular filename -wildcard patterns. +not implement SFTP, for backwards-compatibility for particular filename +wildcard patterns and for expanding paths with a +.Sq ~ +prefix for older SFTP servers. This mode is the default. .It Fl o Ar ssh_option Can be used to pass options to @@ -229,10 +228,10 @@ Note that this option is written with a capital .Sq P , because .Fl p -is already reserved for preserving the times and modes of the file. +is already reserved for preserving the times and mode bits of the file. .It Fl p -Preserves modification times, access times, and modes from the -original file. +Preserves modification times, access times, and file mode bits from the +source file. .It Fl q Quiet mode: disables the progress meter as well as warning and diagnostic messages from @@ -259,15 +258,7 @@ The program must understand .Xr ssh 1 options. .It Fl s -Use the SFTP protocol for file transfers instead of the legacy SCP protocol. -Using SFTP avoids invoking a shell on the remote side and provides -more predictable filename handling, as the SCP protocol -relied on the remote shell for expanding -.Xr glob 3 -wildcards. -.Pp -A near-future release of OpenSSH will make the SFTP protocol the default. -This option will be deleted before the end of 2022. +Use the SFTP protocol for transfers rather than the original scp protocol. .It Fl T Disable strict filename checking. By default when copying files from a remote host to a local directory @@ -307,3 +298,10 @@ source code from the Regents of the University of California. .Sh AUTHORS .An Timo Rinne Aq Mt tri@iki.fi .An Tatu Ylonen Aq Mt ylo@cs.hut.fi +.Sh CAVEATS +The original SCP protocol (used by default) requires execution of the +remote user's shell to perform +.Xr glob 3 +pattern matching. +This requires careful quoting of any characters that have special meaning to +the remote shell, such as quote characters. diff --git a/crypto/openssh/scp.c b/crypto/openssh/scp.c index e039350c609..73ce8554d78 100644 --- a/crypto/openssh/scp.c +++ b/crypto/openssh/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.232 2021/08/11 14:07:54 naddy Exp $ */ +/* $OpenBSD: scp.c,v 1.239 2021/09/20 06:53:56 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -467,7 +467,7 @@ main(int argc, char **argv) __progname = ssh_get_progname(argv[0]); - log_init(argv0, log_level, SYSLOG_FACILITY_USER, 1); + log_init(argv0, log_level, SYSLOG_FACILITY_USER, 2); memset(&args, '\0', sizeof(args)); memset(&remote_remote_args, '\0', sizeof(remote_remote_args)); @@ -588,7 +588,7 @@ main(int argc, char **argv) argc -= optind; argv += optind; - log_init(argv0, log_level, SYSLOG_FACILITY_USER, 1); + log_init(argv0, log_level, SYSLOG_FACILITY_USER, 2); /* Do this last because we want the user to be able to override it */ addargs(&args, "-oForwardAgent=no"); @@ -652,7 +652,7 @@ main(int argc, char **argv) * Finally check the exit status of the ssh process, if one was forked * and no error has occurred yet */ - if (do_cmd_pid != -1 && errs == 0) { + if (do_cmd_pid != -1 && (mode == MODE_SFTP || errs == 0)) { if (remin != -1) (void) close(remin); if (remout != -1) @@ -1213,8 +1213,7 @@ tolocal(int argc, char **argv, enum scp_mode_e mode, char *sftp_direct) conn = do_sftp_connect(host, suser, sport, sftp_direct, &remin, &remout, &do_cmd_pid); if (conn == NULL) { - error("Couldn't make sftp connection " - "to server"); + error("sftp connection failed"); ++errs; continue; } @@ -1261,7 +1260,8 @@ prepare_remote_path(struct sftp_conn *conn, const char *path) if (can_expand_path(conn)) return do_expand_path(conn, path); /* No protocol extension */ - error("~user paths are not currently supported"); + error("server expand-path extension is required " + "for ~user paths in SFTP mode"); return NULL; } @@ -1296,11 +1296,14 @@ source_sftp(int argc, char *src, char *targ, struct sftp_conn *conn) if (local_is_dir(src) && iamrecursive) { if (upload_dir(conn, src, abs_dst, pflag, SFTP_PROGRESS_ONLY, 0, 0, 1) != 0) { - fatal("failed to upload directory %s to %s", + error("failed to upload directory %s to %s", src, abs_dst); + errs = 1; } - } else if (do_upload(conn, src, abs_dst, pflag, 0, 0) != 0) - fatal("failed to upload file %s to %s", src, abs_dst); + } else if (do_upload(conn, src, abs_dst, pflag, 0, 0) != 0) { + error("failed to upload file %s to %s", src, abs_dst); + errs = 1; + } free(abs_dst); free(target); @@ -1490,9 +1493,9 @@ sink_sftp(int argc, char *dst, const char *src, struct sftp_conn *conn) debug3_f("copying remote %s to local %s", abs_src, dst); if ((r = remote_glob(conn, abs_src, GLOB_MARK, NULL, &g)) != 0) { if (r == GLOB_NOSPACE) - error("Too many glob matches for \"%s\".", abs_src); + error("%s: too many glob matches", abs_src); else - error("File \"%s\" not found.", abs_src); + error("%s: %s", abs_src, strerror(ENOENT)); err = -1; goto out; } @@ -1537,9 +1540,8 @@ out: free(abs_src); free(tmp); globfree(&g); - if (err == -1) { - fatal("Failed to download file '%s'", src); - } + if (err == -1) + errs = 1; } @@ -1887,7 +1889,7 @@ throughlocal_sftp(struct sftp_conn *from, struct sftp_conn *to, targetisdir = remote_is_dir(to, target); if (!targetisdir && targetshouldbedirectory) { - error("Destination path \"%s\" is not a directory", target); + error("%s: destination is not a directory", target); err = -1; goto out; } @@ -1895,9 +1897,9 @@ throughlocal_sftp(struct sftp_conn *from, struct sftp_conn *to, debug3_f("copying remote %s to remote %s", abs_src, target); if ((r = remote_glob(from, abs_src, GLOB_MARK, NULL, &g)) != 0) { if (r == GLOB_NOSPACE) - error("Too many glob matches for \"%s\".", abs_src); + error("%s: too many glob matches", abs_src); else - error("File \"%s\" not found.", abs_src); + error("%s: %s", abs_src, strerror(ENOENT)); err = -1; goto out; } @@ -1938,7 +1940,7 @@ out: free(tmp); globfree(&g); if (err == -1) - fatal("Failed to download file '%s'", src); + errs = 1; } int diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index 2dac5023247..0c8e6f950e8 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.381 2021/07/02 05:11:21 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.382 2021/09/06 00:36:01 millert Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -501,9 +501,8 @@ typedef enum { sPort, sHostKeyFile, sLoginGraceTime, sPermitRootLogin, sLogFacility, sLogLevel, sLogVerbose, sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, - sKerberosGetAFSToken, sChallengeResponseAuthentication, - sPasswordAuthentication, sKbdInteractiveAuthentication, - sListenAddress, sAddressFamily, + sKerberosGetAFSToken, sPasswordAuthentication, + sKbdInteractiveAuthentication, sListenAddress, sAddressFamily, sPrintMotd, sPrintLastLog, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, diff --git a/crypto/openssh/sftp-client.c b/crypto/openssh/sftp-client.c index 5bfff90d187..9de9afa20f6 100644 --- a/crypto/openssh/sftp-client.c +++ b/crypto/openssh/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.154 2021/08/09 23:47:44 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.155 2021/09/03 05:12:25 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2039,7 +2039,6 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, if (print_flag && print_flag != SFTP_PROGRESS_ONLY) mprintf("Entering %s\n", src); - attrib_clear(&a); stat_to_attrib(&sb, &a); a.flags &= ~SSH2_FILEXFER_ATTR_SIZE; a.flags &= ~SSH2_FILEXFER_ATTR_UIDGID; diff --git a/crypto/openssh/sftp-realpath.c b/crypto/openssh/sftp-realpath.c index 9ac40181227..2ec779d8f90 100644 --- a/crypto/openssh/sftp-realpath.c +++ b/crypto/openssh/sftp-realpath.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-realpath.c,v 1.1 2019/07/05 04:55:40 djm Exp $ */ +/* $OpenBSD: sftp-realpath.c,v 1.2 2021/09/02 21:03:54 deraadt Exp $ */ /* * Copyright (c) 2003 Constantin S. Svintsoff * @@ -30,7 +30,6 @@ #include "includes.h" #include -#include #include #include diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c index 69f84cdcf1a..418f312f7bc 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.211 2021/08/12 09:59:00 schwarze Exp $ */ +/* $OpenBSD: sftp.c,v 1.212 2021/09/11 09:05:50 schwarze Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2204,28 +2204,31 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) interactive = !batchmode && isatty(STDIN_FILENO); err = 0; for (;;) { + struct sigaction sa; + + interrupted = 0; + memset(&sa, 0, sizeof(sa)); + sa.sa_handler = interactive ? read_interrupt : killchild; + if (sigaction(SIGINT, &sa, NULL) == -1) { + debug3("sigaction(%s): %s", strsignal(SIGINT), + strerror(errno)); + break; + } if (el == NULL) { if (interactive) printf("sftp> "); if (fgets(cmd, sizeof(cmd), infile) == NULL) { if (interactive) printf("\n"); + if (interrupted) + continue; break; } } else { #ifdef USE_LIBEDIT const char *line; int count = 0; - struct sigaction sa; - interrupted = 0; - memset(&sa, 0, sizeof(sa)); - sa.sa_handler = read_interrupt; - if (sigaction(SIGINT, &sa, NULL) == -1) { - debug3("sigaction(%s): %s", - strsignal(SIGINT), strerror(errno)); - break; - } if ((line = el_gets(el, &count)) == NULL || count <= 0) { printf("\n"); diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c index 18e9f1d180c..4b40768d517 100644 --- a/crypto/openssh/ssh-keygen.c +++ b/crypto/openssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.435 2021/08/11 08:54:17 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.437 2021/09/08 03:23:44 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -2680,7 +2680,8 @@ sig_process_opts(char * const *opts, size_t nopts, uint64_t *verify_timep, time_t now; *verify_timep = 0; - *print_pubkey = 0; + if (print_pubkey != NULL) + *print_pubkey = 0; for (i = 0; i < nopts; i++) { if (strncasecmp(opts[i], "verify-time=", 12) == 0) { if (parse_absolute_time(opts[i] + 12, diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index 645962bc9d9..b854f9e5bdb 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.425 2021/07/28 05:57:42 jmc Exp $ +.\" $OpenBSD: ssh.1,v 1.427 2021/09/10 10:26:02 dtucker Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: July 28 2021 $ +.Dd $Mdocdate: September 10 2021 $ .Dt SSH 1 .Os .Sh NAME @@ -66,7 +66,7 @@ .Op Fl W Ar host : Ns Ar port .Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun .Ar destination -.Op Ar command +.Op Ar command Op Ar argument ... .Sh DESCRIPTION .Nm (SSH client) is a program for logging into a remote machine and for @@ -95,7 +95,12 @@ their identity to the remote machine using one of several methods If a .Ar command is specified, -it is executed on the remote host instead of a login shell. +it will be executed on the remote host instead of a login shell. +A complete command line may be specified as +.Ar command , +or it may have additional arguments. +If supplied, the arguments will be appended to the command, separated by +spaces, before it is sent to the server to be executed. .Pp The options are as follows: .Pp @@ -289,6 +294,10 @@ authentication. .It Fl i Ar identity_file Selects a file from which the identity (private key) for public key authentication is read. +You can also specify a public key file to use the corresponding +private key that is loaded in +.Xr ssh-agent 1 +when the private key file is not present locally. The default is .Pa ~/.ssh/id_dsa , .Pa ~/.ssh/id_ecdsa , diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index a5f04f5d0b1..19e13d4f212 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.566 2021/08/08 08:49:09 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.569 2021/09/20 04:02:13 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -186,7 +186,7 @@ usage(void) " [-i identity_file] [-J [user@]host[:port]] [-L address]\n" " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" " [-Q query_option] [-R address] [-S ctl_path] [-W host:port]\n" -" [-w local_tun[:remote_tun]] destination [command]\n" +" [-w local_tun[:remote_tun]] destination [command [argument ...]]\n" ); exit(255); } @@ -260,6 +260,7 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen) port = default_ssh_port(); if (cname != NULL) *cname = '\0'; + debug3_f("lookup %s:%d", name, port); snprintf(strport, sizeof strport, "%d", port); memset(&hints, 0, sizeof(hints)); @@ -383,7 +384,7 @@ check_follow_cname(int direct, char **namep, const char *cname) int i; struct allowed_cname *rule; - if (*cname == '\0' || options.num_permitted_cnames == 0 || + if (*cname == '\0' || !config_has_permitted_cnames(&options) || strcmp(*namep, cname) == 0) return 0; if (options.canonicalize_hostname == SSH_CANONICALISE_NO) @@ -1194,7 +1195,7 @@ main(int ac, char **av) */ direct = option_clear_or_none(options.proxy_command) && options.jump_host == NULL; - if (addrs == NULL && options.num_permitted_cnames != 0 && (direct || + if (addrs == NULL && config_has_permitted_cnames(&options) && (direct || options.canonicalize_hostname == SSH_CANONICALISE_ALWAYS)) { if ((addrs = resolve_host(host, options.port, direct, cname, sizeof(cname))) == NULL) { @@ -1817,7 +1818,8 @@ ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) rfwd->allocated_port = (int)port; logit("Allocated port %u for remote " "forward to %s:%d", - rfwd->allocated_port, rfwd->connect_host, + rfwd->allocated_port, rfwd->connect_path ? + rfwd->connect_path : rfwd->connect_host, rfwd->connect_port); channel_update_permission(ssh, rfwd->handle, rfwd->allocated_port); diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index d2a1db35d42..3b2ca9aa6d8 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -46,4 +46,4 @@ # RekeyLimit 1G 1h # UserKnownHostsFile ~/.ssh/known_hosts.d/%k # VerifyHostKeyDNS yes -# VersionAddendum FreeBSD-20210907 +# VersionAddendum FreeBSD-20211221 diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 3ca36e231c0..d2ae7f28234 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.362 2021/08/12 23:59:25 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.366 2021/09/25 09:40:33 kn Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: August 12 2021 $ +.Dd $Mdocdate: September 25 2021 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -373,6 +373,11 @@ to be canonicalized to names in the or .Qq *.c.example.com domains. +.Pp +A single argument of +.Qq none +causes no CNAMEs to be considered for canonicalization. +This is the default behaviour. .It Cm CASignatureAlgorithms Specifies which algorithms are allowed for signing of certificates by certificate authorities (CAs). @@ -1153,15 +1158,15 @@ Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms must be comma-separated. If the specified list begins with a .Sq + -character, then the specified methods will be appended to the default set +character, then the specified algorithms will be appended to the default set instead of replacing them. If the specified list begins with a .Sq - -character, then the specified methods (including wildcards) will be removed +character, then the specified algorithms (including wildcards) will be removed from the default set instead of replacing them. If the specified list begins with a .Sq ^ -character, then the specified methods will be placed at the head of the +character, then the specified algorithms will be placed at the head of the default set. The default is: .Bd -literal -offset indent @@ -1507,7 +1512,7 @@ sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, +-ssh-rsa-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, @@ -1791,15 +1796,15 @@ This option forces the user to manually add all new hosts. .Pp If this flag is set to -.Dq accept-new +.Cm accept-new then ssh will automatically add new host keys to the user's .Pa known_hosts file, but will not permit connections to hosts with changed host keys. If this flag is set to -.Dq no +.Cm no or -.Dq off , +.Cm off , ssh will automatically add new host keys to the user known hosts files and allow connections to hosts with changed hostkeys to proceed, subject to some restrictions. @@ -1969,7 +1974,7 @@ in Specifies a string to append to the regular version string to identify OS- or site-specific modifications. The default is -.Dq FreeBSD-20210907 . +.Dq FreeBSD-20211221 . The value .Cm none may be used to disable this. diff --git a/crypto/openssh/ssh_namespace.h b/crypto/openssh/ssh_namespace.h index 94a391ee5f4..d815e579190 100644 --- a/crypto/openssh/ssh_namespace.h +++ b/crypto/openssh/ssh_namespace.h @@ -206,6 +206,7 @@ #define ciphers_valid Fssh_ciphers_valid #define cleanhostname Fssh_cleanhostname #define cleanup_exit Fssh_cleanup_exit +#define client_converse Fssh_client_converse #define colon Fssh_colon #define compare Fssh_compare #define compare_gps Fssh_compare_gps @@ -877,11 +878,8 @@ #define sshpkt_start Fssh_sshpkt_start #define sshpkt_vfatal Fssh_sshpkt_vfatal #define sshsigdie Fssh_sshsigdie -#define sshsk_add_option Fssh_sshsk_add_option #define sshsk_enroll Fssh_sshsk_enroll -#define sshsk_key_from_response Fssh_sshsk_key_from_response #define sshsk_load_resident Fssh_sshsk_load_resident -#define sshsk_open Fssh_sshsk_open #define sshsk_sign Fssh_sshsk_sign #define start_progress_meter Fssh_start_progress_meter #define stdfd_devnull Fssh_stdfd_devnull diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8 index be9a57cf2ff..877621b011a 100644 --- a/crypto/openssh/sshd.8 +++ b/crypto/openssh/sshd.8 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.316 2021/07/30 14:28:13 jmc Exp $ +.\" $OpenBSD: sshd.8,v 1.317 2021/09/10 11:38:38 dtucker Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: July 30 2021 $ +.Dd $Mdocdate: September 10 2021 $ .Dt SSHD 8 .Os .Sh NAME @@ -304,7 +304,12 @@ things like allocating a pseudo-tty, forwarding X11 connections, forwarding TCP connections, or forwarding the authentication agent connection over the secure channel. .Pp -After this, the client either requests a shell or execution of a command. +After this, the client either requests an interactive shell or execution +or a non-interactive command, which +.Nm +will execute via the user's shell using its +.Fl c +option. The sides then enter session mode. In this mode, either side may send data at any time, and such data is forwarded to/from the shell or diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index 7555b01be83..eb9bdcc437f 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -105,7 +105,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitTunnel no #ChrootDirectory none #UseBlacklist no -#VersionAddendum FreeBSD-20210907 +#VersionAddendum FreeBSD-20211221 # no default banner path #Banner none diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index c3a747061b8..527f3d4bb46 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.334 2021/08/12 23:59:25 djm Exp $ +.\" $OpenBSD: sshd_config.5,v 1.335 2021/09/03 05:25:50 dtucker Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: August 12 2021 $ +.Dd $Mdocdate: September 3 2021 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -921,15 +921,15 @@ Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms must be comma-separated. Alternately if the specified list begins with a .Sq + -character, then the specified methods will be appended to the default set +character, then the specified algorithms will be appended to the default set instead of replacing them. If the specified list begins with a .Sq - -character, then the specified methods (including wildcards) will be removed +character, then the specified algorithms (including wildcards) will be removed from the default set instead of replacing them. If the specified list begins with a .Sq ^ -character, then the specified methods will be placed at the head of the +character, then the specified algorithms will be placed at the head of the default set. The supported algorithms are: .Pp @@ -1805,7 +1805,7 @@ The default is Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. The default is -.Qq FreeBSD-20210907 . +.Qq FreeBSD-20211221 . The value .Cm none may be used to disable this. diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index bce1a257b92..ddbdbf778fe 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -1,12 +1,12 @@ -/* $OpenBSD: version.h,v 1.91 2021/08/20 03:22:55 djm Exp $ */ +/* $OpenBSD: version.h,v 1.92 2021/09/26 14:01:11 djm Exp $ */ /* $FreeBSD$ */ -#define SSH_VERSION "OpenSSH_8.7" +#define SSH_VERSION "OpenSSH_8.8" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -#define SSH_VERSION_FREEBSD "FreeBSD-20210907" +#define SSH_VERSION_FREEBSD "FreeBSD-20211221" #ifdef WITH_OPENSSL #define OPENSSL_VERSION_STRING OpenSSL_version(OPENSSL_VERSION)