CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: ws Date: Fri Dec 1 12:07:20 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect.c Log Message: Add option IPv6PreferTemporary to allow selection of temporary vs. static IPv6 addresses on a host by host basis. To generate a diff of this commit: cvs rdiff -u -r1.42 -r1.43 src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/readconf.h cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/scp.1 cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/sftp.1 cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/ssh.1 cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssh/dist/ssh_config.5 cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/sshconnect.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/readconf.c diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.42 src/crypto/external/bsd/openssh/dist/readconf.c:1.43 --- src/crypto/external/bsd/openssh/dist/readconf.c:1.42 Wed Oct 25 20:19:57 2023 +++ src/crypto/external/bsd/openssh/dist/readconf.c Fri Dec 1 12:07:19 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: readconf.c,v 1.42 2023/10/25 20:19:57 christos Exp $ */ +/* $NetBSD: readconf.c,v 1.43 2023/12/01 12:07:19 ws Exp $ */ /* $OpenBSD: readconf.c,v 1.381 2023/08/28 03:31:16 djm Exp $ */ /* @@ -15,7 +15,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: readconf.c,v 1.42 2023/10/25 20:19:57 christos Exp $"); +__RCSID("$NetBSD: readconf.c,v 1.43 2023/12/01 12:07:19 ws Exp $"); #include #include #include @@ -160,6 +160,7 @@ typedef enum { oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oBindInterface, oPKCS11Provider, + oIPv6PreferTemporary, oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -303,6 +304,7 @@ static struct { { "casignaturealgorithms", oCASignatureAlgorithms }, { "bindaddress", oBindAddress }, { "bindinterface", oBindInterface }, + { "ipv6prefertemporary", oIPv6PreferTemporary }, { "clearallforwardings", oClearAllForwardings }, { "enablesshkeysign", oEnableSSHKeysign }, { "verifyhostkeydns", oVerifyHostKeyDNS }, @@ -1474,6 +1476,10 @@ parse_char_array: charptr = >bind_interface; goto parse_string; + case oIPv6PreferTemporary: + intptr = >ipv6_prefer_temporary; + goto parse_flag; + case oPKCS11Provider: charptr = >pkcs11_provider; goto parse_string; @@ -2615,6 +2621,7 @@ initialize_options(Options * options) options->preferred_authentications = NULL; options->bind_address = NULL; options->bind_interface = NULL; + options->ipv6_prefer_temporary = -1; options->pkcs11_provider = NULL; options->sk_provider = NULL; options->enable_ssh_keysign = - 1; Index: src/crypto/external/bsd/openssh/dist/readconf.h diff -u src/crypto/external/bsd/openssh/dist/readconf.h:1.32 src/crypto/external/bsd/openssh/dist/readconf.h:1.33 --- src/crypto/external/bsd/openssh/dist/readconf.h:1.32 Wed Oct 25 20:19:57 2023 +++ src/crypto/external/bsd/openssh/dist/readconf.h Fri Dec 1 12:07:19 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: readconf.h,v 1.32 2023/10/25 20:19:57 christos Exp $ */ +/* $NetBSD: readconf.h,v 1.33 2023/12/01 12:07:19 ws Exp $ */ /* $OpenBSD: readconf.h,v 1.152 2023/08/28 03:31:16 djm Exp $ */ /* @@ -99,6 +99,7 @@ typedef struct { char *preferred_authentications; char *bind_address; /* local socket address for connection to sshd */ char *bind_interface; /* local interface for bind address */ + int ipv6_prefer_temporary; /* Prefer temporary IPv6 address */ char *pkcs11_provider; /* PKCS#11 provider */ char *sk_provider; /* Security key provider */ int verify_host_key_dns; /* Verify host key using DNS */ Index: src/crypto/external/bsd/openssh/dist/scp.1 diff -u src/crypto/external/bsd/openssh/dist/scp.1:1.30 src/crypto/external/bsd/openssh/dist/scp.1:1.31 --- src/crypto/external/bsd/openssh/dist/scp.1:1.30 Fri Jul 28 05:06:44 2023 +++ src/crypto/external/bsd/openssh/dist/scp.1 Fri Dec 1 12:07:19 2023 @@ -1,4 +1,4 @@ -.\" $NetBSD: scp.1,v 1.30 2023/07/28 05:06:44 rin Exp $ +.\" $NetBSD: scp.1,v 1.31 2023/12/01 12:07:19 ws Exp $ .\" .\" scp.1 .\" @@ -196,6 +196,7 @@ For full details of the options listed b .It IdentityAgent .It IdentityFile .It IPQoS +.It IPv6PreferTemporary .It KbdInteractiveAuthentication .It KbdInteractiveDevices .It KexAlgorithms Index: src/crypto/external/bsd/openssh/dist/sftp.1 diff -u src/crypto/external/bsd/openssh/dist/sftp.1:1.29
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: ws Date: Fri Dec 1 12:07:20 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect.c Log Message: Add option IPv6PreferTemporary to allow selection of temporary vs. static IPv6 addresses on a host by host basis. To generate a diff of this commit: cvs rdiff -u -r1.42 -r1.43 src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/readconf.h cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/scp.1 cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/sftp.1 cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/ssh.1 cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssh/dist/ssh_config.5 cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/sshconnect.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Oct 26 15:10:14 UTC 2023 Added Files: src/crypto/external/bsd/openssh/dist: moduli Log Message: Put back module from 9.5p1 To generate a diff of this commit: cvs rdiff -u -r0 -r1.10 src/crypto/external/bsd/openssh/dist/moduli Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Mon Aug 7 00:44:25 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c Log Message: openssh: channel_new(): Appease GCC12 -Wmaybe-uninitialized for some archs IIUC, ``found'' is always initialized. Seems like GCC bug. To generate a diff of this commit: cvs rdiff -u -r1.39 -r1.40 src/crypto/external/bsd/openssh/dist/channels.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/channels.c diff -u src/crypto/external/bsd/openssh/dist/channels.c:1.39 src/crypto/external/bsd/openssh/dist/channels.c:1.40 --- src/crypto/external/bsd/openssh/dist/channels.c:1.39 Wed Jul 26 17:58:15 2023 +++ src/crypto/external/bsd/openssh/dist/channels.c Mon Aug 7 00:44:25 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: channels.c,v 1.39 2023/07/26 17:58:15 christos Exp $ */ +/* $NetBSD: channels.c,v 1.40 2023/08/07 00:44:25 rin Exp $ */ /* $OpenBSD: channels.c,v 1.430 2023/03/10 03:01:51 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -41,7 +41,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: channels.c,v 1.39 2023/07/26 17:58:15 christos Exp $"); +__RCSID("$NetBSD: channels.c,v 1.40 2023/08/07 00:44:25 rin Exp $"); #include #include #include @@ -449,7 +449,7 @@ channel_new(struct ssh *ssh, const char int nonblock) { struct ssh_channels *sc = ssh->chanctxt; - u_int i, found; + u_int i, found = 0 /* XXXGCC12 */; Channel *c; int r;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Mon Aug 7 00:44:25 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c Log Message: openssh: channel_new(): Appease GCC12 -Wmaybe-uninitialized for some archs IIUC, ``found'' is always initialized. Seems like GCC bug. To generate a diff of this commit: cvs rdiff -u -r1.39 -r1.40 src/crypto/external/bsd/openssh/dist/channels.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: mrg Date: Thu Aug 3 07:59:33 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sshkey-xmss.c Log Message: avoid potential uninitialised variable use. found by GCC 12. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/sshkey-xmss.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: mrg Date: Thu Aug 3 07:59:33 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sshkey-xmss.c Log Message: avoid potential uninitialised variable use. found by GCC 12. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/sshkey-xmss.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshkey-xmss.c diff -u src/crypto/external/bsd/openssh/dist/sshkey-xmss.c:1.9 src/crypto/external/bsd/openssh/dist/sshkey-xmss.c:1.10 --- src/crypto/external/bsd/openssh/dist/sshkey-xmss.c:1.9 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/sshkey-xmss.c Thu Aug 3 07:59:32 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: sshkey-xmss.c,v 1.9 2023/07/26 17:58:16 christos Exp $ */ +/* $NetBSD: sshkey-xmss.c,v 1.10 2023/08/03 07:59:32 mrg Exp $ */ /* $OpenBSD: sshkey-xmss.c,v 1.12 2022/10/28 00:39:29 djm Exp $ */ /* * Copyright (c) 2017 Markus Friedl. All rights reserved. @@ -24,7 +24,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -__RCSID("$NetBSD: sshkey-xmss.c,v 1.9 2023/07/26 17:58:16 christos Exp $"); +__RCSID("$NetBSD: sshkey-xmss.c,v 1.10 2023/08/03 07:59:32 mrg Exp $"); #include #include @@ -445,7 +445,7 @@ sshkey_xmss_get_state(const struct sshke u_int32_t idx = 0; char *filename = NULL; char *statefile = NULL, *ostatefile = NULL, *lockfile = NULL; - int lockfd = -1, have_state = 0, have_ostate, tries = 0; + int lockfd = -1, have_state = 0, have_ostate = 0, tries = 0; int ret = SSH_ERR_INVALID_ARGUMENT, r; if (state == NULL)
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 09:47:37 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sshd.c Log Message: openssh: Apply __dead to print_config() to fix build with clang To generate a diff of this commit: cvs rdiff -u -r1.48 -r1.49 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 09:47:37 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sshd.c Log Message: openssh: Apply __dead to print_config() to fix build with clang To generate a diff of this commit: cvs rdiff -u -r1.48 -r1.49 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd.c diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.48 src/crypto/external/bsd/openssh/dist/sshd.c:1.49 --- src/crypto/external/bsd/openssh/dist/sshd.c:1.48 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/sshd.c Fri Jul 28 09:47:37 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: sshd.c,v 1.48 2023/07/26 17:58:16 christos Exp $ */ +/* $NetBSD: sshd.c,v 1.49 2023/07/28 09:47:37 rin Exp $ */ /* $OpenBSD: sshd.c,v 1.600 2023/03/08 04:43:12 guenther Exp $ */ /* * Author: Tatu Ylonen @@ -44,7 +44,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshd.c,v 1.48 2023/07/26 17:58:16 christos Exp $"); +__RCSID("$NetBSD: sshd.c,v 1.49 2023/07/28 09:47:37 rin Exp $"); #include #include #include @@ -1484,7 +1484,7 @@ prepare_proctitle(int ac, char **av) return ret; } -static void +__dead static void print_config(struct ssh *ssh, struct connection_info *connection_info) { /*
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 05:06:44 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: scp.1 ssh-pkcs11-helper.8 ssh.1 sshd.8 sshd_config.5 Log Message: openssh: Fix commented out lines for manpages to reduce diff from upstream To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/scp.1 \ src/crypto/external/bsd/openssh/dist/sshd.8 cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/ssh.1 cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/sshd_config.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 05:06:44 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: scp.1 ssh-pkcs11-helper.8 ssh.1 sshd.8 sshd_config.5 Log Message: openssh: Fix commented out lines for manpages to reduce diff from upstream To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/scp.1 \ src/crypto/external/bsd/openssh/dist/sshd.8 cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/ssh.1 cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/sshd_config.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/scp.1 diff -u src/crypto/external/bsd/openssh/dist/scp.1:1.29 src/crypto/external/bsd/openssh/dist/scp.1:1.30 --- src/crypto/external/bsd/openssh/dist/scp.1:1.29 Wed Jul 26 17:58:15 2023 +++ src/crypto/external/bsd/openssh/dist/scp.1 Fri Jul 28 05:06:44 2023 @@ -1,5 +1,4 @@ -.\" $NetBSD: scp.1,v 1.29 2023/07/26 17:58:15 christos Exp $ -.\" -*- nroff -*- +.\" $NetBSD: scp.1,v 1.30 2023/07/28 05:06:44 rin Exp $ .\" .\" scp.1 .\" Index: src/crypto/external/bsd/openssh/dist/sshd.8 diff -u src/crypto/external/bsd/openssh/dist/sshd.8:1.29 src/crypto/external/bsd/openssh/dist/sshd.8:1.30 --- src/crypto/external/bsd/openssh/dist/sshd.8:1.29 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/sshd.8 Fri Jul 28 05:06:44 2023 @@ -1,5 +1,4 @@ -.\" $NetBSD: sshd.8,v 1.29 2023/07/26 17:58:16 christos Exp $ -.\" -*- nroff -*- +.\" $NetBSD: sshd.8,v 1.30 2023/07/28 05:06:44 rin Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland Index: src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 diff -u src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8:1.11 src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8:1.12 --- src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8:1.11 Wed Oct 5 22:39:36 2022 +++ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 Fri Jul 28 05:06:44 2023 @@ -1,6 +1,5 @@ -.\" $NetBSD: ssh-pkcs11-helper.8,v 1.11 2022/10/05 22:39:36 christos Exp $ +.\" $NetBSD: ssh-pkcs11-helper.8,v 1.12 2023/07/28 05:06:44 rin Exp $ .\" $OpenBSD: ssh-pkcs11-helper.8,v 1.7 2022/04/29 03:24:30 djm Exp $ - .\" .\" Copyright (c) 2010 Markus Friedl. All rights reserved. .\" Index: src/crypto/external/bsd/openssh/dist/ssh.1 diff -u src/crypto/external/bsd/openssh/dist/ssh.1:1.35 src/crypto/external/bsd/openssh/dist/ssh.1:1.36 --- src/crypto/external/bsd/openssh/dist/ssh.1:1.35 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/ssh.1 Fri Jul 28 05:06:44 2023 @@ -1,5 +1,4 @@ -.\" $NetBSD: ssh.1,v 1.35 2023/07/26 17:58:16 christos Exp $ -.\" -*- nroff -*- +.\" $NetBSD: ssh.1,v 1.36 2023/07/28 05:06:44 rin Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland Index: src/crypto/external/bsd/openssh/dist/sshd_config.5 diff -u src/crypto/external/bsd/openssh/dist/sshd_config.5:1.40 src/crypto/external/bsd/openssh/dist/sshd_config.5:1.41 --- src/crypto/external/bsd/openssh/dist/sshd_config.5:1.40 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/sshd_config.5 Fri Jul 28 05:06:44 2023 @@ -1,5 +1,4 @@ -.\" $NetBSD: sshd_config.5,v 1.40 2023/07/26 17:58:16 christos Exp $ -.\" -*- nroff -*- +.\" $NetBSD: sshd_config.5,v 1.41 2023/07/28 05:06:44 rin Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 05:02:47 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sshconnect.c Log Message: openssh: KNF for our local changes. To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/sshconnect.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 05:02:47 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sshconnect.c Log Message: openssh: KNF for our local changes. To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/sshconnect.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshconnect.c diff -u src/crypto/external/bsd/openssh/dist/sshconnect.c:1.34 src/crypto/external/bsd/openssh/dist/sshconnect.c:1.35 --- src/crypto/external/bsd/openssh/dist/sshconnect.c:1.34 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/sshconnect.c Fri Jul 28 05:02:46 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: sshconnect.c,v 1.34 2023/07/26 17:58:16 christos Exp $ */ +/* $NetBSD: sshconnect.c,v 1.35 2023/07/28 05:02:46 rin Exp $ */ /* $OpenBSD: sshconnect.c,v 1.363 2023/03/10 07:17:08 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -15,7 +15,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshconnect.c,v 1.34 2023/07/26 17:58:16 christos Exp $"); +__RCSID("$NetBSD: sshconnect.c,v 1.35 2023/07/28 05:02:46 rin Exp $"); #include /* roundup */ #include @@ -292,14 +292,17 @@ ssh_set_socket_recvbuf(int sock) int socksize; socklen_t socksizelen = sizeof(int); - debug("setsockopt Attempting to set SO_RCVBUF to %d", options.tcp_rcv_buf); + debug("setsockopt Attempting to set SO_RCVBUF to %d", + options.tcp_rcv_buf); if (setsockopt(sock, SOL_SOCKET, SO_RCVBUF, buf, sz) >= 0) { - getsockopt(sock, SOL_SOCKET, SO_RCVBUF, , ); - debug("setsockopt SO_RCVBUF: %.100s %d", strerror(errno), socksize); - } - else + getsockopt(sock, SOL_SOCKET, SO_RCVBUF, , + ); + debug("setsockopt SO_RCVBUF: %.100s %d", strerror(errno), + socksize); + } else { error("Couldn't set socket receive buffer to %d: %.100s", options.tcp_rcv_buf, strerror(errno)); + } } /*
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:59:40 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: ssh_config.5 Log Message: ssh_config.5: Change in comment from upstream. To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/ssh_config.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh_config.5 diff -u src/crypto/external/bsd/openssh/dist/ssh_config.5:1.36 src/crypto/external/bsd/openssh/dist/ssh_config.5:1.37 --- src/crypto/external/bsd/openssh/dist/ssh_config.5:1.36 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/ssh_config.5 Fri Jul 28 04:59:40 2023 @@ -1,5 +1,4 @@ -.\" $NetBSD: ssh_config.5,v 1.36 2023/07/26 17:58:16 christos Exp $ -.\" -*- nroff -*- +.\" $NetBSD: ssh_config.5,v 1.37 2023/07/28 04:59:40 rin Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:59:40 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: ssh_config.5 Log Message: ssh_config.5: Change in comment from upstream. To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/ssh_config.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:58:27 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: ssh_api.c Log Message: openssh: whitespace To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/ssh_api.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh_api.c diff -u src/crypto/external/bsd/openssh/dist/ssh_api.c:1.14 src/crypto/external/bsd/openssh/dist/ssh_api.c:1.15 --- src/crypto/external/bsd/openssh/dist/ssh_api.c:1.14 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/ssh_api.c Fri Jul 28 04:58:27 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh_api.c,v 1.14 2023/07/26 17:58:16 christos Exp $ */ +/* $NetBSD: ssh_api.c,v 1.15 2023/07/28 04:58:27 rin Exp $ */ /* $OpenBSD: ssh_api.c,v 1.27 2021/04/03 06:18:41 djm Exp $ */ /* @@ -18,7 +18,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: ssh_api.c,v 1.14 2023/07/26 17:58:16 christos Exp $"); +__RCSID("$NetBSD: ssh_api.c,v 1.15 2023/07/28 04:58:27 rin Exp $"); #include @@ -82,7 +82,7 @@ mm_choose_dh(int min, int nbits, int max int ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) { -const char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; + const char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; struct ssh *ssh; const char **proposal; static int called;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:58:27 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: ssh_api.c Log Message: openssh: whitespace To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/ssh_api.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:55:40 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-keygen.1 Log Message: ssh-keygen.1: Catch up upstream change in comment. To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/ssh-keygen.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.1 diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.32 src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.33 --- src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.32 Wed Jul 26 17:58:16 2023 +++ src/crypto/external/bsd/openssh/dist/ssh-keygen.1 Fri Jul 28 04:55:40 2023 @@ -1,8 +1,6 @@ -.\" $NetBSD: ssh-keygen.1,v 1.32 2023/07/26 17:58:16 christos Exp $ +.\" $NetBSD: ssh-keygen.1,v 1.33 2023/07/28 04:55:40 rin Exp $ .\" $OpenBSD: ssh-keygen.1,v 1.228 2023/02/10 06:40:48 jmc Exp $ .\" -.\" -*- nroff -*- -.\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland .\"All rights reserved
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:55:40 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-keygen.1 Log Message: ssh-keygen.1: Catch up upstream change in comment. To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/ssh-keygen.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:52:23 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sftp.c Log Message: oepnssh: trailing tab To generate a diff of this commit: cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/sftp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sftp.c diff -u src/crypto/external/bsd/openssh/dist/sftp.c:1.37 src/crypto/external/bsd/openssh/dist/sftp.c:1.38 --- src/crypto/external/bsd/openssh/dist/sftp.c:1.37 Wed Jul 26 17:58:15 2023 +++ src/crypto/external/bsd/openssh/dist/sftp.c Fri Jul 28 04:52:23 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: sftp.c,v 1.37 2023/07/26 17:58:15 christos Exp $ */ +/* $NetBSD: sftp.c,v 1.38 2023/07/28 04:52:23 rin Exp $ */ /* $OpenBSD: sftp.c,v 1.229 2023/03/12 09:41:18 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller @@ -17,7 +17,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sftp.c,v 1.37 2023/07/26 17:58:15 christos Exp $"); +__RCSID("$NetBSD: sftp.c,v 1.38 2023/07/28 04:52:23 rin Exp $"); #include /* MIN MAX */ #include @@ -2019,7 +2019,7 @@ complete_match(EditLine *el, struct sftp remote_glob(conn, tmp, GLOB_DOOFFS|GLOB_MARK, NULL, ); } else glob(tmp, GLOB_LIMIT|GLOB_DOOFFS|GLOB_MARK, NULL, ); - + /* Determine length of pwd so we can trim completion display */ for (hadglob = tmplen = pwdlen = 0; tmp[tmplen] != 0; tmplen++) { /* Terminate counting on first unescaped glob metacharacter */
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:52:23 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sftp.c Log Message: oepnssh: trailing tab To generate a diff of this commit: cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/sftp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:49:38 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sftp.1 Log Message: sftp.1: Fix old (and non-critical) merge botch. To generate a diff of this commit: cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/sftp.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sftp.1 diff -u src/crypto/external/bsd/openssh/dist/sftp.1:1.28 src/crypto/external/bsd/openssh/dist/sftp.1:1.29 --- src/crypto/external/bsd/openssh/dist/sftp.1:1.28 Wed Jul 26 17:58:15 2023 +++ src/crypto/external/bsd/openssh/dist/sftp.1 Fri Jul 28 04:49:38 2023 @@ -1,4 +1,4 @@ -.\" $NetBSD: sftp.1,v 1.28 2023/07/26 17:58:15 christos Exp $ +.\" $NetBSD: sftp.1,v 1.29 2023/07/28 04:49:38 rin Exp $ .\" $OpenBSD: sftp.1,v 1.143 2022/12/16 03:40:03 djm Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. @@ -458,7 +458,7 @@ Quit .Op Ar local-path .Xc Retrieve the -.Ar remote-file +.Ar remote-path and store it on the local machine. If the local path name is not specified, it is given the same name it has on the
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:49:38 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: sftp.1 Log Message: sftp.1: Fix old (and non-critical) merge botch. To generate a diff of this commit: cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/sftp.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:40:54 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: scp.c Log Message: openssh: Adjust blank line to reduce diff from upstream. To generate a diff of this commit: cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/scp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/scp.c diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.37 src/crypto/external/bsd/openssh/dist/scp.c:1.38 --- src/crypto/external/bsd/openssh/dist/scp.c:1.37 Wed Jul 26 17:58:15 2023 +++ src/crypto/external/bsd/openssh/dist/scp.c Fri Jul 28 04:40:54 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: scp.c,v 1.37 2023/07/26 17:58:15 christos Exp $ */ +/* $NetBSD: scp.c,v 1.38 2023/07/28 04:40:54 rin Exp $ */ /* $OpenBSD: scp.c,v 1.253 2023/03/03 03:12:24 dtucker Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which @@ -73,7 +73,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: scp.c,v 1.37 2023/07/26 17:58:15 christos Exp $"); +__RCSID("$NetBSD: scp.c,v 1.38 2023/07/28 04:40:54 rin Exp $"); #include /* roundup MAX */ #include @@ -,6 +,7 @@ toremote(int argc, char **argv, enum scp addargs(, "%s", remote_remote_args.list[j]); } + if (sport != -1) { addargs(, "-p"); addargs(, "%d", sport);
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:40:54 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: scp.c Log Message: openssh: Adjust blank line to reduce diff from upstream. To generate a diff of this commit: cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/scp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:37:37 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: monitor.h Log Message: openssh: whitespace fix To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/monitor.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor.h diff -u src/crypto/external/bsd/openssh/dist/monitor.h:1.12 src/crypto/external/bsd/openssh/dist/monitor.h:1.13 --- src/crypto/external/bsd/openssh/dist/monitor.h:1.12 Sun Apr 28 14:45:13 2019 +++ src/crypto/external/bsd/openssh/dist/monitor.h Fri Jul 28 04:37:37 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.h,v 1.12 2019/04/28 14:45:13 christos Exp $ */ +/* $NetBSD: monitor.h,v 1.13 2023/07/28 04:37:37 rin Exp $ */ /* $OpenBSD: monitor.h,v 1.23 2019/01/19 21:43:56 djm Exp $ */ /* @@ -71,7 +71,7 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, -MONITOR_REQ_KRB4 = 200, MONITOR_ANS_KRB4 = 201, + MONITOR_REQ_KRB4 = 200, MONITOR_ANS_KRB4 = 201, MONITOR_REQ_KRB5 = 202, MONITOR_ANS_KRB5 = 203, };
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:37:37 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: monitor.h Log Message: openssh: whitespace fix To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/monitor.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:27:30 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: compat.h Log Message: openssh: whitespace -> tab To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/compat.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/compat.h diff -u src/crypto/external/bsd/openssh/dist/compat.h:1.17 src/crypto/external/bsd/openssh/dist/compat.h:1.18 --- src/crypto/external/bsd/openssh/dist/compat.h:1.17 Wed Jul 26 17:58:15 2023 +++ src/crypto/external/bsd/openssh/dist/compat.h Fri Jul 28 04:27:30 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: compat.h,v 1.17 2023/07/26 17:58:15 christos Exp $ */ +/* $NetBSD: compat.h,v 1.18 2023/07/28 04:27:30 rin Exp $ */ /* $OpenBSD: compat.h,v 1.62 2023/03/06 12:14:48 dtucker Exp $ */ /* @@ -58,7 +58,7 @@ #define SSH_BUG_CURVE25519PAD 0x1000 #define SSH_BUG_HOSTKEYS 0x2000 #define SSH_BUG_DHGEX_LARGE 0x4000 -#define SSH_BUG_LARGEWINDOW 0x8000 +#define SSH_BUG_LARGEWINDOW 0x8000 struct ssh;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:27:30 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: compat.h Log Message: openssh: whitespace -> tab To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/compat.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:25:22 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: cipher.h Log Message: openssh: Reduce diff from upstream; remove never-enabled #if 0'ed block To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/cipher.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/cipher.h diff -u src/crypto/external/bsd/openssh/dist/cipher.h:1.15 src/crypto/external/bsd/openssh/dist/cipher.h:1.16 --- src/crypto/external/bsd/openssh/dist/cipher.h:1.15 Thu Feb 27 00:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/cipher.h Fri Jul 28 04:25:22 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: cipher.h,v 1.15 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: cipher.h,v 1.16 2023/07/28 04:25:22 rin Exp $ */ /* $OpenBSD: cipher.h,v 1.55 2020/01/23 10:24:29 dtucker Exp $ */ /* @@ -49,18 +49,7 @@ #define CIPHER_DECRYPT 0 struct sshcipher; -#if 0 -struct sshcipher_ctx { - int plaintext; - int encrypt; - EVP_CIPHER_CTX *evp; - struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ - struct aesctr_ctx ac_ctx; /* XXX union with evp? */ - const struct sshcipher *cipher; -}; -#else struct sshcipher_ctx; -#endif const struct sshcipher *cipher_by_name(const char *); const char *cipher_warning_message(const struct sshcipher_ctx *);
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 28 04:25:22 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: cipher.h Log Message: openssh: Reduce diff from upstream; remove never-enabled #if 0'ed block To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/cipher.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 7 07:04:18 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: auth-passwd.c Log Message: Remove extra whitespace inserted during merge. No binary changes. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/auth-passwd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 7 07:04:18 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: auth-passwd.c Log Message: Remove extra whitespace inserted during merge. No binary changes. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/auth-passwd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth-passwd.c diff -u src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.12 src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.13 --- src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.12 Fri Mar 5 17:47:15 2021 +++ src/crypto/external/bsd/openssh/dist/auth-passwd.c Fri Jul 7 07:04:17 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: auth-passwd.c,v 1.12 2021/03/05 17:47:15 christos Exp $ */ +/* $NetBSD: auth-passwd.c,v 1.13 2023/07/07 07:04:17 rin Exp $ */ /* $OpenBSD: auth-passwd.c,v 1.48 2020/10/18 11:32:01 djm Exp $ */ /* @@ -39,7 +39,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth-passwd.c,v 1.12 2021/03/05 17:47:15 christos Exp $"); +__RCSID("$NetBSD: auth-passwd.c,v 1.13 2023/07/07 07:04:17 rin Exp $"); #include #include @@ -94,9 +94,9 @@ auth_password(struct ssh *ssh, const cha #ifdef KRB5 if (options.kerberos_authentication == 1) { int ret = auth_krb5_password(authctxt, password); - if (ret == 1 || ret == 0) - return ret && ok; - /* Fall back to ordinary passwd authentication. */ + if (ret == 1 || ret == 0) + return ret && ok; + /* Fall back to ordinary passwd authentication. */ } #endif
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 7 07:02:59 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: LICENCE Log Message: Remove duplicate OpenBSD RCSID. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/LICENCE Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/LICENCE diff -u src/crypto/external/bsd/openssh/dist/LICENCE:1.6 src/crypto/external/bsd/openssh/dist/LICENCE:1.7 --- src/crypto/external/bsd/openssh/dist/LICENCE:1.6 Sat Oct 7 19:39:19 2017 +++ src/crypto/external/bsd/openssh/dist/LICENCE Fri Jul 7 07:02:59 2023 @@ -183,5 +183,4 @@ OpenSSH contains no GPL code. -- $OpenBSD: LICENCE,v 1.20 2017/04/30 23:26:16 djm Exp $ -$OpenBSD: LICENCE,v 1.19 2004/08/30 09:18:08 markus Exp $ -$NetBSD: LICENCE,v 1.6 2017/10/07 19:39:19 christos Exp $ +$NetBSD: LICENCE,v 1.7 2023/07/07 07:02:59 rin Exp $
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: rin Date: Fri Jul 7 07:02:59 UTC 2023 Modified Files: src/crypto/external/bsd/openssh/dist: LICENCE Log Message: Remove duplicate OpenBSD RCSID. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/LICENCE Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Dec 1 22:57:37 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: log.c Log Message: Correct lost change in the merge (Anthony Mallet) To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/log.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Dec 1 22:57:37 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: log.c Log Message: Correct lost change in the merge (Anthony Mallet) To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/log.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/log.c diff -u src/crypto/external/bsd/openssh/dist/log.c:1.25 src/crypto/external/bsd/openssh/dist/log.c:1.26 --- src/crypto/external/bsd/openssh/dist/log.c:1.25 Mon Sep 27 13:03:13 2021 +++ src/crypto/external/bsd/openssh/dist/log.c Thu Dec 1 17:57:37 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: log.c,v 1.25 2021/09/27 17:03:13 christos Exp $ */ +/* $NetBSD: log.c,v 1.26 2022/12/01 22:57:37 christos Exp $ */ /* $OpenBSD: log.c,v 1.60 2021/09/16 15:11:19 djm Exp $ */ /* @@ -37,7 +37,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: log.c,v 1.25 2021/09/27 17:03:13 christos Exp $"); +__RCSID("$NetBSD: log.c,v 1.26 2022/12/01 22:57:37 christos Exp $"); #include #include @@ -423,7 +423,7 @@ sshlogdie(const char *file, const char * sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_INFO, suffix, fmt, args); va_end(args); - cleanup_exit(255); + cleanup_exit(254); } void
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Oct 19 11:54:02 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: ssherr.c Log Message: remove debugging sleep. Pointed out by rillig. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/ssherr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Oct 19 11:54:02 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: ssherr.c Log Message: remove debugging sleep. Pointed out by rillig. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/ssherr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssherr.c diff -u src/crypto/external/bsd/openssh/dist/ssherr.c:1.9 src/crypto/external/bsd/openssh/dist/ssherr.c:1.10 --- src/crypto/external/bsd/openssh/dist/ssherr.c:1.9 Wed Feb 26 19:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/ssherr.c Wed Oct 19 07:54:02 2022 @@ -15,7 +15,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "includes.h" -__RCSID("$NetBSD: ssherr.c,v 1.9 2020/02/27 00:24:40 christos Exp $"); +__RCSID("$NetBSD: ssherr.c,v 1.10 2022/10/19 11:54:02 christos Exp $"); #include #include @@ -154,7 +154,6 @@ ssh_err(int n) { static char buf[1024]; snprintf(buf, sizeof(buf), "unknown error %d", n); - sleep(1000); return buf; } }
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kre Date: Tue Oct 18 06:46:51 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: auth2.c Log Message: Avoid sending banner (if configured) twice. Apparent merge error. Patch from RVP (issue noticed by John D. Baker). To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/auth2.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth2.c diff -u src/crypto/external/bsd/openssh/dist/auth2.c:1.25 src/crypto/external/bsd/openssh/dist/auth2.c:1.26 --- src/crypto/external/bsd/openssh/dist/auth2.c:1.25 Wed Feb 23 19:07:20 2022 +++ src/crypto/external/bsd/openssh/dist/auth2.c Tue Oct 18 06:46:51 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: auth2.c,v 1.25 2022/02/23 19:07:20 christos Exp $ */ +/* $NetBSD: auth2.c,v 1.26 2022/10/18 06:46:51 kre Exp $ */ /* $OpenBSD: auth2.c,v 1.164 2022/02/23 11:18:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth2.c,v 1.25 2022/02/23 19:07:20 christos Exp $"); +__RCSID("$NetBSD: auth2.c,v 1.26 2022/10/18 06:46:51 kre Exp $"); #include #include @@ -158,7 +158,7 @@ userauth_send_banner(struct ssh *ssh, co (r = sshpkt_put_cstring(ssh, msg)) != 0 || (r = sshpkt_put_cstring(ssh, "")) != 0 || /* language, unused */ (r = sshpkt_send(ssh)) != 0) - fatal("%s: %s", __func__, ssh_err(r)); + fatal_fr(r, "send packet"); debug("%s: sent", __func__); } @@ -166,7 +166,6 @@ static void userauth_banner(struct ssh *ssh) { char *banner = NULL; - int r; if (options.banner == NULL) return; @@ -175,12 +174,6 @@ userauth_banner(struct ssh *ssh) goto done; userauth_send_banner(ssh, banner); - if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_BANNER)) != 0 || - (r = sshpkt_put_cstring(ssh, banner)) != 0 || - (r = sshpkt_put_cstring(ssh, "")) != 0 || /* language, unused */ - (r = sshpkt_send(ssh)) != 0) - fatal_fr(r, "send packet"); - debug("userauth_banner: sent"); done: free(banner); }
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kre Date: Tue Oct 18 06:46:51 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: auth2.c Log Message: Avoid sending banner (if configured) twice. Apparent merge error. Patch from RVP (issue noticed by John D. Baker). To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/auth2.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: mlelstv Date: Sat Aug 27 10:04:45 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c readconf.c ssh.c sshbuf.h Log Message: Adopt TCP window handling from current HPN patch at https://github.com/rapier1/openssh-portable To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/channels.c cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/ssh.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/sshbuf.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/channels.c diff -u src/crypto/external/bsd/openssh/dist/channels.c:1.36 src/crypto/external/bsd/openssh/dist/channels.c:1.37 --- src/crypto/external/bsd/openssh/dist/channels.c:1.36 Fri Apr 15 14:00:06 2022 +++ src/crypto/external/bsd/openssh/dist/channels.c Sat Aug 27 10:04:45 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: channels.c,v 1.36 2022/04/15 14:00:06 christos Exp $ */ +/* $NetBSD: channels.c,v 1.37 2022/08/27 10:04:45 mlelstv Exp $ */ /* $OpenBSD: channels.c,v 1.415 2022/03/30 21:10:25 djm Exp $ */ /* * Author: Tatu Ylonen @@ -41,7 +41,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: channels.c,v 1.36 2022/04/15 14:00:06 christos Exp $"); +__RCSID("$NetBSD: channels.c,v 1.37 2022/08/27 10:04:45 mlelstv Exp $"); #include #include #include @@ -1117,9 +1117,9 @@ channel_tcpwinsz(struct ssh *ssh) return(128*1024); ret = getsockopt(ssh_packet_get_connection_in(ssh), SOL_SOCKET, SO_RCVBUF, , ); - /* return no more than 64MB */ - if ((ret == 0) && tcpwinsz > BUFFER_MAX_LEN_HPN) - tcpwinsz = BUFFER_MAX_LEN_HPN; + /* return no more than SSHBUF_SIZE_MAX (currently 256MB) */ + if ((ret == 0) && tcpwinsz > SSHBUF_SIZE_MAX) + tcpwinsz = SSHBUF_SIZE_MAX; debug2("tcpwinsz: %d for connection: %d", tcpwinsz, ssh_packet_get_connection_in(ssh)); return(tcpwinsz); @@ -1128,10 +1128,6 @@ channel_tcpwinsz(struct ssh *ssh) static void channel_pre_open(struct ssh *ssh, Channel *c) { -/* check buffer limits */ - if ((!c->tcpwinsz) || (c->dynamic_window > 0)) - c->tcpwinsz = channel_tcpwinsz(ssh); - c->io_want = 0; if (c->istate == CHAN_INPUT_OPEN && c->remote_window > 0 && @@ -2170,17 +2166,17 @@ channel_check_window(struct ssh *ssh, Ch c->local_window < c->local_window_max/2) && c->local_consumed > 0) { u_int addition = 0; - - if (!c->have_remote_id) - fatal_f("channel %d: no remote id", c->self); - + u_int32_t tcpwinsz = channel_tcpwinsz(ssh); /* adjust max window size if we are in a dynamic environment */ - if (c->dynamic_window && (c->tcpwinsz > c->local_window_max)) { + if (c->dynamic_window && (tcpwinsz > c->local_window_max)) { /* grow the window somewhat aggressively to maintain * pressure */ - addition = 1.5*(c->tcpwinsz - c->local_window_max); + addition = 1.5*(tcpwinsz - c->local_window_max); c->local_window_max += addition; + debug("Channel: Window growth to %d by %d bytes", c->local_window_max, addition); } + if (!c->have_remote_id) + fatal_f("channel %d: no remote id", c->self); if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_WINDOW_ADJUST)) != 0 || (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 || @@ -2189,7 +2185,8 @@ channel_check_window(struct ssh *ssh, Ch fatal_fr(r, "channel %i", c->self); } debug2("channel %d: window %d sent adjust %d", c->self, - c->local_window, c->local_consumed); + c->local_window, + c->local_consumed + addition); c->local_window += c->local_consumed + addition; c->local_consumed = 0; } Index: src/crypto/external/bsd/openssh/dist/readconf.c diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.38 src/crypto/external/bsd/openssh/dist/readconf.c:1.39 --- src/crypto/external/bsd/openssh/dist/readconf.c:1.38 Wed Feb 23 19:07:20 2022 +++ src/crypto/external/bsd/openssh/dist/readconf.c Sat Aug 27 10:04:45 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: readconf.c,v 1.38 2022/02/23 19:07:20 christos Exp $ */ +/* $NetBSD: readconf.c,v 1.39 2022/08/27 10:04:45 mlelstv Exp $ */ /* $OpenBSD: readconf.c,v 1.366 2022/02/08 08:59:12 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -14,7 +14,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: readconf.c,v 1.38 2022/02/23 19:07:20 christos Exp $"); +__RCSID("$NetBSD: readconf.c,v 1.39 2022/08/27 10:04:45 mlelstv Exp $"); #include #include #include @@ -42,6 +42,7 @@ __RCSID("$NetBSD: readconf.c,v 1.38 2022 #include "xmalloc.h" #include "ssh.h" +#include "sshbuf.h" #include "ssherr.h" #include "compat.h" #include "cipher.h" @@ -2711,13 +2712,14 @@ fill_default_options(Options * options) { /* if a user tries to set the size to 0 set it to 1KB */ if
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: mlelstv Date: Sat Aug 27 10:04:45 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c readconf.c ssh.c sshbuf.h Log Message: Adopt TCP window handling from current HPN patch at https://github.com/rapier1/openssh-portable To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/channels.c cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/ssh.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/sshbuf.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: nia Date: Mon May 9 15:06:29 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: sshd_config Log Message: sshd_config: Disable HPN as discussed on tech-userlevel. To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd_config diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.27 src/crypto/external/bsd/openssh/dist/sshd_config:1.28 --- src/crypto/external/bsd/openssh/dist/sshd_config:1.27 Sat Nov 27 23:22:25 2021 +++ src/crypto/external/bsd/openssh/dist/sshd_config Mon May 9 15:06:29 2022 @@ -1,4 +1,4 @@ -# $NetBSD: sshd_config,v 1.27 2021/11/27 23:22:25 he Exp $ +# $NetBSD: sshd_config,v 1.28 2022/05/09 15:06:29 nia Exp $ # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ # This is the sshd server system-wide configuration file. See @@ -134,7 +134,7 @@ Subsystem sftp /usr/libexec/sftp-server #NoneEnabled no # disable hpn performance boosts. -#HPNDisabled no +HPNDisabled yes # buffer size for hpn to non-hpn connections #HPNBufferSize 2048
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: nia Date: Mon May 9 15:06:29 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: sshd_config Log Message: sshd_config: Disable HPN as discussed on tech-userlevel. To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Apr 15 14:00:07 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: PROTOCOL auth-rhosts.c auth2-pubkey.c channels.c channels.h misc.c monitor.c myproposal.h scp.1 scp.c servconf.c servconf.h sftp-client.c sftp-client.h sftp-glob.c sftp-server.c sftp.1 sftp.c ssh-agent.1 ssh-keygen.c ssh-keysign.8 ssh.1 ssh.c ssh_config.5 sshd.8 sshd.c sshd_config.5 sshsig.c version.h xmalloc.c Log Message: merge conflicts between OpenSSH-8.9 and OpenSSH-9.0 To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/PROTOCOL cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/auth-rhosts.c cvs rdiff -u -r1.30 -r1.31 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sftp-client.c cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/channels.c cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/channels.h cvs rdiff -u -r1.39 -r1.40 src/crypto/external/bsd/openssh/dist/monitor.c \ src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/myproposal.h cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/scp.1 \ src/crypto/external/bsd/openssh/dist/servconf.h \ src/crypto/external/bsd/openssh/dist/sftp-server.c \ src/crypto/external/bsd/openssh/dist/sshd.8 cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/scp.c \ src/crypto/external/bsd/openssh/dist/sftp.c cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/sftp-client.h cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/sftp-glob.c \ src/crypto/external/bsd/openssh/dist/xmalloc.c cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/sftp.1 cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/ssh-agent.1 cvs rdiff -u -r1.42 -r1.43 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/ssh-keysign.8 cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/ssh.1 cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/ssh_config.5 cvs rdiff -u -r1.45 -r1.46 src/crypto/external/bsd/openssh/dist/sshd.c cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/sshd_config.5 cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/sshsig.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/PROTOCOL diff -u src/crypto/external/bsd/openssh/dist/PROTOCOL:1.18 src/crypto/external/bsd/openssh/dist/PROTOCOL:1.19 --- src/crypto/external/bsd/openssh/dist/PROTOCOL:1.18 Wed Feb 23 14:07:20 2022 +++ src/crypto/external/bsd/openssh/dist/PROTOCOL Fri Apr 15 10:00:06 2022 @@ -492,7 +492,7 @@ This request asks the server to call fsy string "fs...@openssh.com" string handle -One receiving this request, a server will call fsync(handle_fd) and will +On receiving this request, a server will call fsync(handle_fd) and will respond with a SSH_FXP_STATUS message. This extension is advertised in the SSH_FXP_VERSION hello with version @@ -576,6 +576,43 @@ Its reply is the same format as that of This extension is advertised in the SSH_FXP_VERSION hello with version "1". +4.10. sftp: Extension request "copy-data" + +This request asks the server to copy data from one open file handle and +write it to a different open file handle. This avoids needing to transfer +the data across the network twice (a download followed by an upload). + + byte SSH_FXP_EXTENDED + uint32 id + string "copy-data" + string read-from-handle + uint64 read-from-offset + uint64 read-data-length + string write-to-handle + uint64 write-to-offset + +The server will copy read-data-length bytes starting from +read-from-offset from the read-from-handle and write them to +write-to-handle starting from write-to-offset, and then respond with a +SSH_FXP_STATUS message. + +It's equivalent to issuing a series of SSH_FXP_READ requests on +read-from-handle and a series of requests of SSH_FXP_WRITE on +write-to-handle. + +If read-from-handle and write-to-handle are the same, the server will +fail the request and respond with a SSH_FX_INVALID_PARAMETER message. + +If read-data-length is 0, then the server will read data from the +read-from-handle until EOF is reached. + +This extension is advertised in the SSH_FXP_VERSION hello with version +"1". + +This request is identical to the "copy-data" request documented in: + +https://tools.ietf.org/html/draft-ietf-secsh-filexfer-extensions-00#section-7 + 5. Miscellaneous changes 5.1 Public key format @@ -612,5
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Apr 15 14:00:07 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: PROTOCOL auth-rhosts.c auth2-pubkey.c channels.c channels.h misc.c monitor.c myproposal.h scp.1 scp.c servconf.c servconf.h sftp-client.c sftp-client.h sftp-glob.c sftp-server.c sftp.1 sftp.c ssh-agent.1 ssh-keygen.c ssh-keysign.8 ssh.1 ssh.c ssh_config.5 sshd.8 sshd.c sshd_config.5 sshsig.c version.h xmalloc.c Log Message: merge conflicts between OpenSSH-8.9 and OpenSSH-9.0 To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/PROTOCOL cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/auth-rhosts.c cvs rdiff -u -r1.30 -r1.31 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sftp-client.c cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/channels.c cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/channels.h cvs rdiff -u -r1.39 -r1.40 src/crypto/external/bsd/openssh/dist/monitor.c \ src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/myproposal.h cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/scp.1 \ src/crypto/external/bsd/openssh/dist/servconf.h \ src/crypto/external/bsd/openssh/dist/sftp-server.c \ src/crypto/external/bsd/openssh/dist/sshd.8 cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/scp.c \ src/crypto/external/bsd/openssh/dist/sftp.c cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/sftp-client.h cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/sftp-glob.c \ src/crypto/external/bsd/openssh/dist/xmalloc.c cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/sftp.1 cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/ssh-agent.1 cvs rdiff -u -r1.42 -r1.43 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/ssh-keysign.8 cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/ssh.1 cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/ssh_config.5 cvs rdiff -u -r1.45 -r1.46 src/crypto/external/bsd/openssh/dist/sshd.c cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/sshd_config.5 cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/sshsig.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Feb 26 13:30:19 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: misc.c Log Message: fix merge botch and reduce diff from upstream. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/misc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/misc.c diff -u src/crypto/external/bsd/openssh/dist/misc.c:1.29 src/crypto/external/bsd/openssh/dist/misc.c:1.30 --- src/crypto/external/bsd/openssh/dist/misc.c:1.29 Wed Feb 23 14:07:20 2022 +++ src/crypto/external/bsd/openssh/dist/misc.c Sat Feb 26 08:30:19 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: misc.c,v 1.29 2022/02/23 19:07:20 christos Exp $ */ +/* $NetBSD: misc.c,v 1.30 2022/02/26 13:30:19 christos Exp $ */ /* $OpenBSD: misc.c,v 1.174 2022/02/11 00:43:56 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -19,7 +19,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: misc.c,v 1.29 2022/02/23 19:07:20 christos Exp $"); +__RCSID("$NetBSD: misc.c,v 1.30 2022/02/26 13:30:19 christos Exp $"); #include #include @@ -742,7 +742,7 @@ int parse_user_host_path(const char *s, char **userp, char **hostp, char **pathp) { char *user = NULL, *host = NULL, *path = NULL; - char *tmp, *sdup; + char *sdup, *tmp; int ret = -1; if (userp != NULL) @@ -1094,8 +1094,7 @@ tilde_expand(const char *filename, uid_t const char *path = NULL, *user = NULL; struct passwd *pw; size_t len; - int ret = -1, r; - const char *sep, *homedir; + int ret = -1, r, slash; *retp = NULL; if (*filename != '~') { @@ -1129,27 +1128,16 @@ tilde_expand(const char *filename, uid_t error_f("No such user %s", user); goto out; } - homedir = pw->pw_dir; - } else { - if ((pw = getpwuid(uid)) == NULL) { /* ~/path */ - error_f("No such uid %ld", (long)uid); - goto out; - } - homedir = pw->pw_dir; + } else if ((pw = getpwuid(uid)) == NULL) { + error_f("No such uid %ld", (long)uid); + goto out; } /* Make sure directory has a trailing '/' */ - len = strlen(homedir); - if (len == 0 || homedir[len - 1] != '/') - sep = "/"; - else - sep = ""; - - /* Skip leading '/' from specified path */ - if (path != NULL) - filename = path + 1; + slash = (len = strlen(pw->pw_dir)) == 0 || pw->pw_dir[len - 1] != '/'; - if ((r = xasprintf(, "%s%s%s", homedir, sep, filename)) <= 0) { + if ((r = xasprintf(, "%s%s%s", pw->pw_dir, + slash ? "/" : "", path != NULL ? path : "")) <= 0) { error_f("xasprintf failed"); goto out; }
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Feb 26 13:30:19 UTC 2022 Modified Files: src/crypto/external/bsd/openssh/dist: misc.c Log Message: fix merge botch and reduce diff from upstream. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/misc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Dec 24 21:52:48 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c Log Message: put back the tcpwinsz initialization code. To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/channels.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/channels.c diff -u src/crypto/external/bsd/openssh/dist/channels.c:1.33 src/crypto/external/bsd/openssh/dist/channels.c:1.34 --- src/crypto/external/bsd/openssh/dist/channels.c:1.33 Fri Dec 24 13:16:11 2021 +++ src/crypto/external/bsd/openssh/dist/channels.c Fri Dec 24 16:52:48 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: channels.c,v 1.33 2021/12/24 18:16:11 christos Exp $ */ +/* $NetBSD: channels.c,v 1.34 2021/12/24 21:52:48 christos Exp $ */ /* $OpenBSD: channels.c,v 1.408 2021/09/14 11:04:21 mbuhl Exp $ */ /* @@ -42,7 +42,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: channels.c,v 1.33 2021/12/24 18:16:11 christos Exp $"); +__RCSID("$NetBSD: channels.c,v 1.34 2021/12/24 21:52:48 christos Exp $"); #include #include #include @@ -1114,10 +1114,34 @@ channel_pre_connecting(struct ssh *ssh, FD_SET(c->sock, writeset); } +static int +channel_tcpwinsz(struct ssh *ssh) +{ + u_int32_t tcpwinsz = 0; + socklen_t optsz = sizeof(tcpwinsz); + int ret = -1; + + /* if we aren't on a socket return 128KB*/ + if(!ssh_packet_connection_is_on_socket(ssh)) + return(128*1024); + ret = getsockopt(ssh_packet_get_connection_in(ssh), + SOL_SOCKET, SO_RCVBUF, , ); + /* return no more than 64MB */ + if ((ret == 0) && tcpwinsz > BUFFER_MAX_LEN_HPN) + tcpwinsz = BUFFER_MAX_LEN_HPN; + debug2("tcpwinsz: %d for connection: %d", tcpwinsz, + ssh_packet_get_connection_in(ssh)); + return(tcpwinsz); +} + static void channel_pre_open(struct ssh *ssh, Channel *c, fd_set *readset, fd_set *writeset) { +/* check buffer limits */ + if ((!c->tcpwinsz) || (c->dynamic_window > 0)) + c->tcpwinsz = channel_tcpwinsz(ssh); + if (c->istate == CHAN_INPUT_OPEN && c->remote_window > 0 && sshbuf_len(c->input) < c->remote_window &&
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Dec 24 21:52:48 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c Log Message: put back the tcpwinsz initialization code. To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/channels.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Dec 24 18:16:11 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c Log Message: PR/56569: Mike Small: Remove unused code. To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/channels.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/channels.c diff -u src/crypto/external/bsd/openssh/dist/channels.c:1.32 src/crypto/external/bsd/openssh/dist/channels.c:1.33 --- src/crypto/external/bsd/openssh/dist/channels.c:1.32 Mon Sep 27 13:03:13 2021 +++ src/crypto/external/bsd/openssh/dist/channels.c Fri Dec 24 13:16:11 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: channels.c,v 1.32 2021/09/27 17:03:13 christos Exp $ */ +/* $NetBSD: channels.c,v 1.33 2021/12/24 18:16:11 christos Exp $ */ /* $OpenBSD: channels.c,v 1.408 2021/09/14 11:04:21 mbuhl Exp $ */ /* @@ -42,7 +42,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: channels.c,v 1.32 2021/09/27 17:03:13 christos Exp $"); +__RCSID("$NetBSD: channels.c,v 1.33 2021/12/24 18:16:11 christos Exp $"); #include #include #include @@ -1114,38 +1114,10 @@ channel_pre_connecting(struct ssh *ssh, FD_SET(c->sock, writeset); } -static int -channel_tcpwinsz(struct ssh *ssh) -{ - u_int32_t tcpwinsz = 0; - socklen_t optsz = sizeof(tcpwinsz); - int ret = -1; - - /* if we aren't on a socket return 128KB*/ - if(!ssh_packet_connection_is_on_socket(ssh)) - return(128*1024); - ret = getsockopt(ssh_packet_get_connection_in(ssh), - SOL_SOCKET, SO_RCVBUF, , ); - /* return no more than 64MB */ - if ((ret == 0) && tcpwinsz > BUFFER_MAX_LEN_HPN) - tcpwinsz = BUFFER_MAX_LEN_HPN; - debug2("tcpwinsz: %d for connection: %d", tcpwinsz, - ssh_packet_get_connection_in(ssh)); - return(tcpwinsz); -} - static void channel_pre_open(struct ssh *ssh, Channel *c, fd_set *readset, fd_set *writeset) { - u_int limit = ssh_packet_get_maxsize(ssh); - -/* check buffer limits */ - if ((!c->tcpwinsz) || (c->dynamic_window > 0)) - c->tcpwinsz = channel_tcpwinsz(ssh); - - limit = MIN(limit, 2 * c->tcpwinsz); - if (c->istate == CHAN_INPUT_OPEN && c->remote_window > 0 && sshbuf_len(c->input) < c->remote_window &&
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Dec 24 18:16:11 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c Log Message: PR/56569: Mike Small: Remove unused code. To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/channels.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: he Date: Sat Nov 27 23:22:25 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: sshd_config Log Message: Amend the comment about UsePAM; the ChallengeResponseAuthentication setting is deprecated, replaced by KbdInteractiveAuthentication, confirmed both by man page and code. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: he Date: Sat Nov 27 23:22:25 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: sshd_config Log Message: Amend the comment about UsePAM; the ChallengeResponseAuthentication setting is deprecated, replaced by KbdInteractiveAuthentication, confirmed both by man page and code. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd_config diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.26 src/crypto/external/bsd/openssh/dist/sshd_config:1.27 --- src/crypto/external/bsd/openssh/dist/sshd_config:1.26 Thu Sep 2 11:26:18 2021 +++ src/crypto/external/bsd/openssh/dist/sshd_config Sat Nov 27 23:22:25 2021 @@ -1,4 +1,4 @@ -# $NetBSD: sshd_config,v 1.26 2021/09/02 11:26:18 christos Exp $ +# $NetBSD: sshd_config,v 1.27 2021/11/27 23:22:25 he Exp $ # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ # This is the sshd server system-wide configuration file. See @@ -72,13 +72,13 @@ AuthorizedKeysFile .ssh/authorized_keys # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass +# be allowed through the KbdInteractiveAuthentication and +# PasswordAuthentication settings. Depending on your PAM configuration, +# PAM authentication via KbdInteractiveAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. +# and KbdInteractiveAuthentication to 'no'. UsePAM yes #AllowAgentForwarding yes
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Sep 27 17:03:13 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c clientloop.c compat.c log.c misc.c myproposal.h readconf.c readconf.h scp.1 scp.c servconf.c sftp-client.c sftp-realpath.c sftp.c ssh-keygen.c ssh.1 ssh.c ssh_config.5 sshd.8 sshd_config.5 version.h Log Message: Merge conflicts between OpenSSH 8.7 and 8.8 To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/ssh_config.5 cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/sftp.c cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/compat.c cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/log.c \ src/crypto/external/bsd/openssh/dist/scp.1 cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/readconf.h cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/myproposal.h cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/scp.c cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/sftp-client.c cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/sftp-realpath.c cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/ssh.1 cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/sshd.8 cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/sshd_config.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/channels.c diff -u src/crypto/external/bsd/openssh/dist/channels.c:1.31 src/crypto/external/bsd/openssh/dist/channels.c:1.32 --- src/crypto/external/bsd/openssh/dist/channels.c:1.31 Thu Sep 2 07:26:17 2021 +++ src/crypto/external/bsd/openssh/dist/channels.c Mon Sep 27 13:03:13 2021 @@ -1,5 +1,5 @@ -/* $NetBSD: channels.c,v 1.31 2021/09/02 11:26:17 christos Exp $ */ -/* $OpenBSD: channels.c,v 1.407 2021/05/19 01:24:05 djm Exp $ */ +/* $NetBSD: channels.c,v 1.32 2021/09/27 17:03:13 christos Exp $ */ +/* $OpenBSD: channels.c,v 1.408 2021/09/14 11:04:21 mbuhl Exp $ */ /* * Author: Tatu Ylonen @@ -42,7 +42,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: channels.c,v 1.31 2021/09/02 11:26:17 christos Exp $"); +__RCSID("$NetBSD: channels.c,v 1.32 2021/09/27 17:03:13 christos Exp $"); #include #include #include @@ -632,9 +632,11 @@ channel_free(struct ssh *ssh, Channel *c debug("channel %d: free: %s, nchannels %u", c->self, c->remote_name ? c->remote_name : "???", n); - if (c->type == SSH_CHANNEL_MUX_CLIENT) + if (c->type == SSH_CHANNEL_MUX_CLIENT) { mux_remove_remote_forwardings(ssh, c); - else if (c->type == SSH_CHANNEL_MUX_LISTENER) { + free(c->mux_ctx); + c->mux_ctx = NULL; + } else if (c->type == SSH_CHANNEL_MUX_LISTENER) { free(c->mux_ctx); c->mux_ctx = NULL; } Index: src/crypto/external/bsd/openssh/dist/ssh_config.5 diff -u src/crypto/external/bsd/openssh/dist/ssh_config.5:1.31 src/crypto/external/bsd/openssh/dist/ssh_config.5:1.32 --- src/crypto/external/bsd/openssh/dist/ssh_config.5:1.31 Thu Sep 2 07:26:18 2021 +++ src/crypto/external/bsd/openssh/dist/ssh_config.5 Mon Sep 27 13:03:13 2021 @@ -1,4 +1,4 @@ -.\" $NetBSD: ssh_config.5,v 1.31 2021/09/02 11:26:18 christos Exp $ +.\" $NetBSD: ssh_config.5,v 1.32 2021/09/27 17:03:13 christos Exp $ .\" -*- nroff -*- .\" .\" Author: Tatu Ylonen @@ -35,8 +35,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.362 2021/08/12 23:59:25 djm Exp $ -.Dd August 12 2021 +.\" $OpenBSD: ssh_config.5,v 1.366 2021/09/25 09:40:33 kn Exp $ +.Dd September 25 2021 .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -374,6 +374,11 @@ to be canonicalized to names in the or .Qq *.c.example.com domains. +.Pp +A single argument of +.Qq none +causes no CNAMEs to be considered for canonicalization. +This is the default behaviour. .It Cm CASignatureAlgorithms Specifies which algorithms are allowed for signing of certificates by certificate authorities (CAs). @@ -876,12 +881,11 @@ sk-ssh-ed25519-cert-...@openssh.com, sk-ecdsa-sha2-nistp256-cert-...@openssh.com, rsa-sha2-512-cert-...@openssh.com, rsa-sha2-256-cert-...@openssh.com, -ssh-rsa-cert-...@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Sep 27 17:03:13 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c clientloop.c compat.c log.c misc.c myproposal.h readconf.c readconf.h scp.1 scp.c servconf.c sftp-client.c sftp-realpath.c sftp.c ssh-keygen.c ssh.1 ssh.c ssh_config.5 sshd.8 sshd_config.5 version.h Log Message: Merge conflicts between OpenSSH 8.7 and 8.8 To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/ssh_config.5 cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/sftp.c cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/compat.c cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/log.c \ src/crypto/external/bsd/openssh/dist/scp.1 cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/readconf.h cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/myproposal.h cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/scp.c cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/sftp-client.c cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/sftp-realpath.c cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/ssh.1 cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/sshd.8 cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/sshd_config.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Mon Sep 27 11:05:50 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: readconf.c Log Message: OpenSSH: Restore ChallengeResponseAuthentication as an alias OpenSSH 8.7 has deprecated ChallengeResponseAuthentication, but not removed it. It is now an alias for KbdInteractiveAuthentication (as are the prior aliases of ChallengeResponseAuthentication). I think this chunk was accidentally dropped in the OpenSSH 8.7 merge. To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/readconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/readconf.c diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.35 src/crypto/external/bsd/openssh/dist/readconf.c:1.36 --- src/crypto/external/bsd/openssh/dist/readconf.c:1.35 Thu Sep 2 11:26:18 2021 +++ src/crypto/external/bsd/openssh/dist/readconf.c Mon Sep 27 11:05:50 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: readconf.c,v 1.35 2021/09/02 11:26:18 christos Exp $ */ +/* $NetBSD: readconf.c,v 1.36 2021/09/27 11:05:50 kim Exp $ */ /* $OpenBSD: readconf.c,v 1.361 2021/07/23 04:04:52 djm Exp $ */ /* @@ -15,7 +15,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: readconf.c,v 1.35 2021/09/02 11:26:18 christos Exp $"); +__RCSID("$NetBSD: readconf.c,v 1.36 2021/09/27 11:05:50 kim Exp $"); #include #include #include @@ -248,6 +248,9 @@ static struct { { "passwordauthentication", oPasswordAuthentication }, { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, { "kbdinteractivedevices", oKbdInteractiveDevices }, + { "challengeresponseauthentication", oKbdInteractiveAuthentication }, /* alias */ + { "skeyauthentication", oKbdInteractiveAuthentication }, /* alias */ + { "tisauthentication", oKbdInteractiveAuthentication }, /* alias */ { "pubkeyauthentication", oPubkeyAuthentication }, { "dsaauthentication", oPubkeyAuthentication }, /* alias */ { "hostbasedauthentication", oHostbasedAuthentication },
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Mon Sep 27 11:05:50 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: readconf.c Log Message: OpenSSH: Restore ChallengeResponseAuthentication as an alias OpenSSH 8.7 has deprecated ChallengeResponseAuthentication, but not removed it. It is now an alias for KbdInteractiveAuthentication (as are the prior aliases of ChallengeResponseAuthentication). I think this chunk was accidentally dropped in the OpenSSH 8.7 merge. To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/readconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On 2021/09/06 23:31, Taylor R Campbell wrote: Date: Mon, 6 Sep 2021 22:32:22 +0900 From: Rin Okuyama On 2021/09/06 22:11, Ryo ONODERA wrote: Module Name:src Committed By: ryoon Date: Mon Sep 6 13:11:34 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: dns.c Log Message: Make no diff to upstream This diff from upstream is intentional. See: http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.6 http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.7 At the time, I think upstream used memcmp, so anything different from that was a local change. Now our libc has consttime_memequal, and upstream uses a similar function called timingsafe_bcmp, so as long as timingsafe_bcmp is defined in terms of consttime_memequal (and not in terms of memcmp or bcmp), reducing this local diff strikes me as an improvement (speaking as the author of the original local change). Yeah, I agree. I didn't notice the definitions in includes.h. Thanks for your detailed explanation! rin
Re: CVS commit: src/crypto/external/bsd/openssh/dist
Hi, Rin Okuyama writes: > On 2021/09/06 23:11, Ryo ONODERA wrote: >> Hi, >> >> Rin Okuyama writes: >> >>> On 2021/09/06 22:11, Ryo ONODERA wrote: Module Name: src Committed By: ryoon Date: Mon Sep 6 13:11:34 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: dns.c Log Message: Make no diff to upstream To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/dns.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. >>> >>> This diff from upstream is intentional. See: >>> >>> http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.6 >>> http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.7 >> >> Thanks for your pointer. >> >> >> #define timingsafe_bcmp(a, b, c) (!consttime_memequal((a), (b), (c))) >> >> is in src/crypto/external/bsd/openssh/dist/includes.h. >> >> My change still uses consttime_memequal() practically like >> other places in OpenSSH. > > Ah, I got it. Thanks for explanation, and sorry for the noise! Sorry for my less explanation. I should write more information in the commit message. Thank you. > rin -- Ryo ONODERA // r...@tetera.org PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On 2021/09/06 23:11, Ryo ONODERA wrote: Hi, Rin Okuyama writes: On 2021/09/06 22:11, Ryo ONODERA wrote: Module Name:src Committed By: ryoon Date: Mon Sep 6 13:11:34 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: dns.c Log Message: Make no diff to upstream To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/dns.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. This diff from upstream is intentional. See: http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.6 http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.7 Thanks for your pointer. #define timingsafe_bcmp(a, b, c) (!consttime_memequal((a), (b), (c))) is in src/crypto/external/bsd/openssh/dist/includes.h. My change still uses consttime_memequal() practically like other places in OpenSSH. Ah, I got it. Thanks for explanation, and sorry for the noise! rin
Re: CVS commit: src/crypto/external/bsd/openssh/dist
Hi, Rin Okuyama writes: > On 2021/09/06 22:11, Ryo ONODERA wrote: >> Module Name: src >> Committed By:ryoon >> Date:Mon Sep 6 13:11:34 UTC 2021 >> >> Modified Files: >> src/crypto/external/bsd/openssh/dist: dns.c >> >> Log Message: >> Make no diff to upstream >> >> >> To generate a diff of this commit: >> cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/dns.c >> >> Please note that diffs are not public domain; they are subject to the >> copyright notices on the relevant files. > > This diff from upstream is intentional. See: > > http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.6 > http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.7 Thanks for your pointer. #define timingsafe_bcmp(a, b, c) (!consttime_memequal((a), (b), (c))) is in src/crypto/external/bsd/openssh/dist/includes.h. My change still uses consttime_memequal() practically like other places in OpenSSH. > Thanks, > rin -- Ryo ONODERA // r...@tetera.org PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On 2021/09/06 22:11, Ryo ONODERA wrote: Module Name:src Committed By: ryoon Date: Mon Sep 6 13:11:34 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: dns.c Log Message: Make no diff to upstream To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/dns.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. This diff from upstream is intentional. See: http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.6 http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/dns.c#rev1.7 Thanks, rin
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: ryoon Date: Mon Sep 6 13:11:34 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: dns.c Log Message: Make no diff to upstream To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/dns.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/dns.c diff -u src/crypto/external/bsd/openssh/dist/dns.c:1.20 src/crypto/external/bsd/openssh/dist/dns.c:1.21 --- src/crypto/external/bsd/openssh/dist/dns.c:1.20 Sat Sep 4 01:47:47 2021 +++ src/crypto/external/bsd/openssh/dist/dns.c Mon Sep 6 13:11:34 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: dns.c,v 1.20 2021/09/04 01:47:47 ryoon Exp $ */ +/* $NetBSD: dns.c,v 1.21 2021/09/06 13:11:34 ryoon Exp $ */ /* $OpenBSD: dns.c,v 1.41 2021/07/19 03:13:28 dtucker Exp $ */ /* @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: dns.c,v 1.20 2021/09/04 01:47:47 ryoon Exp $"); +__RCSID("$NetBSD: dns.c,v 1.21 2021/09/06 13:11:34 ryoon Exp $"); #include #include @@ -267,7 +267,7 @@ verify_host_key_dns(const char *hostname /* Check if the current key is the same as the given key */ if (hostkey_algorithm == dnskey_algorithm && hostkey_digest_len == dnskey_digest_len) { - if (!consttime_memequal(hostkey_digest, dnskey_digest, + if (timingsafe_bcmp(hostkey_digest, dnskey_digest, hostkey_digest_len) == 0) { debug_f("matched SSHFP type %d fptype %d", dnskey_algorithm, dnskey_digest_type);
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: ryoon Date: Mon Sep 6 13:11:34 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: dns.c Log Message: Make no diff to upstream To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/dns.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: ryoon Date: Sat Sep 4 01:47:47 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: dns.c Log Message: Fix inverted logic in OpenSSH SSHFP DNS record verification To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/dns.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: ryoon Date: Sat Sep 4 01:47:47 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: dns.c Log Message: Fix inverted logic in OpenSSH SSHFP DNS record verification To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/dns.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/dns.c diff -u src/crypto/external/bsd/openssh/dist/dns.c:1.19 src/crypto/external/bsd/openssh/dist/dns.c:1.20 --- src/crypto/external/bsd/openssh/dist/dns.c:1.19 Thu Sep 2 11:26:17 2021 +++ src/crypto/external/bsd/openssh/dist/dns.c Sat Sep 4 01:47:47 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: dns.c,v 1.19 2021/09/02 11:26:17 christos Exp $ */ +/* $NetBSD: dns.c,v 1.20 2021/09/04 01:47:47 ryoon Exp $ */ /* $OpenBSD: dns.c,v 1.41 2021/07/19 03:13:28 dtucker Exp $ */ /* @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: dns.c,v 1.19 2021/09/02 11:26:17 christos Exp $"); +__RCSID("$NetBSD: dns.c,v 1.20 2021/09/04 01:47:47 ryoon Exp $"); #include #include @@ -267,7 +267,7 @@ verify_host_key_dns(const char *hostname /* Check if the current key is the same as the given key */ if (hostkey_algorithm == dnskey_algorithm && hostkey_digest_len == dnskey_digest_len) { - if (consttime_memequal(hostkey_digest, dnskey_digest, + if (!consttime_memequal(hostkey_digest, dnskey_digest, hostkey_digest_len) == 0) { debug_f("matched SSHFP type %d fptype %d", dnskey_algorithm, dnskey_digest_type);
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Sep 3 10:30:33 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: cipher-chachapoly-libcrypto.c includes.h kexsntrup761x25519.c namespace.h sntrup761.c Log Message: add some more functions to namespace.h; add missing RCSIDs To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 \ src/crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c \ src/crypto/external/bsd/openssh/dist/kexsntrup761x25519.c \ src/crypto/external/bsd/openssh/dist/sntrup761.c cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/includes.h cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/namespace.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c diff -u src/crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c:1.1.1.1 src/crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c:1.2 --- src/crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c:1.1.1.1 Thu May 28 13:02:59 2020 +++ src/crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c Fri Sep 3 06:30:33 2021 @@ -1,3 +1,4 @@ +/* $NetBSD: cipher-chachapoly-libcrypto.c,v 1.2 2021/09/03 10:30:33 christos Exp $ */ /* * Copyright (c) 2013 Damien Miller * @@ -15,6 +16,8 @@ */ /* $OpenBSD: cipher-chachapoly-libcrypto.c,v 1.1 2020/04/03 04:32:21 djm Exp $ */ +#include "includes.h" +__RCSID("$NetBSD: cipher-chachapoly-libcrypto.c,v 1.2 2021/09/03 10:30:33 christos Exp $"); #include #include /* needed for log.h */ Index: src/crypto/external/bsd/openssh/dist/kexsntrup761x25519.c diff -u src/crypto/external/bsd/openssh/dist/kexsntrup761x25519.c:1.1.1.1 src/crypto/external/bsd/openssh/dist/kexsntrup761x25519.c:1.2 --- src/crypto/external/bsd/openssh/dist/kexsntrup761x25519.c:1.1.1.1 Fri Mar 5 12:45:25 2021 +++ src/crypto/external/bsd/openssh/dist/kexsntrup761x25519.c Fri Sep 3 06:30:33 2021 @@ -1,3 +1,4 @@ +/* $NetBSD: kexsntrup761x25519.c,v 1.2 2021/09/03 10:30:33 christos Exp $ */ /* $OpenBSD: kexsntrup761x25519.c,v 1.1 2020/12/29 00:59:15 djm Exp $ */ /* * Copyright (c) 2019 Markus Friedl. All rights reserved. @@ -23,6 +24,9 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include "includes.h" +__RCSID("$NetBSD: kexsntrup761x25519.c,v 1.2 2021/09/03 10:30:33 christos Exp $"); + #include #include Index: src/crypto/external/bsd/openssh/dist/sntrup761.c diff -u src/crypto/external/bsd/openssh/dist/sntrup761.c:1.1.1.1 src/crypto/external/bsd/openssh/dist/sntrup761.c:1.2 --- src/crypto/external/bsd/openssh/dist/sntrup761.c:1.1.1.1 Fri Mar 5 12:45:26 2021 +++ src/crypto/external/bsd/openssh/dist/sntrup761.c Fri Sep 3 06:30:33 2021 @@ -1,3 +1,4 @@ +/* $NetBSD: sntrup761.c,v 1.2 2021/09/03 10:30:33 christos Exp $ */ /* $OpenBSD: sntrup761.c,v 1.5 2021/01/08 02:33:13 dtucker Exp $ */ /* @@ -7,6 +8,8 @@ * - Tanja Lange * - Christine van Vredendaal */ +#include "includes.h" +__RCSID("$NetBSD: sntrup761.c,v 1.2 2021/09/03 10:30:33 christos Exp $"); #include #include "crypto_api.h" Index: src/crypto/external/bsd/openssh/dist/includes.h diff -u src/crypto/external/bsd/openssh/dist/includes.h:1.8 src/crypto/external/bsd/openssh/dist/includes.h:1.9 --- src/crypto/external/bsd/openssh/dist/includes.h:1.8 Fri Apr 6 14:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/includes.h Fri Sep 3 06:30:33 2021 @@ -1,13 +1,14 @@ -/* $NetBSD: includes.h,v 1.8 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: includes.h,v 1.9 2021/09/03 10:30:33 christos Exp $ */ #include #ifndef __OpenBSD__ #define __bounded__(a, b, c) #include + +#include "namespace.h" + void freezero(void *, size_t); #define explicit_bzero(a, b) explicit_memset((a), 0, (b)) #define timingsafe_bcmp(a, b, c) (!consttime_memequal((a), (b), (c))) -#include void *recallocarray(void *, size_t, size_t, size_t); #endif -#include "namespace.h" Index: src/crypto/external/bsd/openssh/dist/namespace.h diff -u src/crypto/external/bsd/openssh/dist/namespace.h:1.9 src/crypto/external/bsd/openssh/dist/namespace.h:1.10 --- src/crypto/external/bsd/openssh/dist/namespace.h:1.9 Fri Mar 5 12:47:16 2021 +++ src/crypto/external/bsd/openssh/dist/namespace.h Fri Sep 3 06:30:33 2021 @@ -1,27 +1,98 @@ -/* $NetBSD: namespace.h,v 1.9 2021/03/05 17:47:16 christos Exp $ */ +/* $NetBSD: namespace.h,v 1.10 2021/09/03 10:30:33 christos Exp $ */ #ifndef _SSH_NAMESPACE_H_ -#define _SSH_NAMESPACE_H_ -#define addargs ssh_addargs -#define atomicio ssh_atomicio -#define chop ssh_chop -#define colon ssh_colon -#define convtime ssh_convtime -#define do_log ssh_do_log -#define freeargs ssh_freeargs -#define freerrset ssh_freerrset -#define hpdelim ssh_hpdelim -#define getpass ssh_getpass -#define getpeereid ssh_getpeereid -#define getrrsetbyname
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Sep 3 10:30:33 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: cipher-chachapoly-libcrypto.c includes.h kexsntrup761x25519.c namespace.h sntrup761.c Log Message: add some more functions to namespace.h; add missing RCSIDs To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 \ src/crypto/external/bsd/openssh/dist/cipher-chachapoly-libcrypto.c \ src/crypto/external/bsd/openssh/dist/kexsntrup761x25519.c \ src/crypto/external/bsd/openssh/dist/sntrup761.c cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/includes.h cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/namespace.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Oct 9 20:59:26 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: hostfile.c sshkey.c Log Message: bump buffer sizes To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/hostfile.c cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/sshkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/hostfile.c diff -u src/crypto/external/bsd/openssh/dist/hostfile.c:1.13 src/crypto/external/bsd/openssh/dist/hostfile.c:1.14 --- src/crypto/external/bsd/openssh/dist/hostfile.c:1.13 Sat Jan 26 21:08:33 2019 +++ src/crypto/external/bsd/openssh/dist/hostfile.c Wed Oct 9 16:59:26 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: hostfile.c,v 1.13 2019/01/27 02:08:33 pgoyette Exp $ */ +/* $NetBSD: hostfile.c,v 1.14 2019/10/09 20:59:26 christos Exp $ */ /* $OpenBSD: hostfile.c,v 1.73 2018/07/16 03:09:13 djm Exp $ */ /* @@ -39,7 +39,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: hostfile.c,v 1.13 2019/01/27 02:08:33 pgoyette Exp $"); +__RCSID("$NetBSD: hostfile.c,v 1.14 2019/10/09 20:59:26 christos Exp $"); #include #include @@ -124,7 +124,7 @@ host_hash(const char *host, const char * struct ssh_hmac_ctx *ctx; u_char salt[256], result[256]; char uu_salt[512], uu_result[512]; - static char encoded[1024]; + static char encoded[2048]; u_int len; len = ssh_digest_bytes(SSH_DIGEST_SHA1); Index: src/crypto/external/bsd/openssh/dist/sshkey.c diff -u src/crypto/external/bsd/openssh/dist/sshkey.c:1.19 src/crypto/external/bsd/openssh/dist/sshkey.c:1.20 --- src/crypto/external/bsd/openssh/dist/sshkey.c:1.19 Sat Apr 20 13:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/sshkey.c Wed Oct 9 16:59:26 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sshkey.c,v 1.19 2019/04/20 17:16:40 christos Exp $ */ +/* $NetBSD: sshkey.c,v 1.20 2019/10/09 20:59:26 christos Exp $ */ /* $OpenBSD: sshkey.c,v 1.73 2019/01/21 09:54:11 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -__RCSID("$NetBSD: sshkey.c,v 1.19 2019/04/20 17:16:40 christos Exp $"); +__RCSID("$NetBSD: sshkey.c,v 1.20 2019/10/09 20:59:26 christos Exp $"); #include #include @@ -2665,7 +2665,7 @@ sshkey_cert_check_authority(const struct size_t sshkey_format_cert_validity(const struct sshkey_cert *cert, char *s, size_t l) { - char from[32], to[32], ret[64]; + char from[32], to[32], ret[128]; time_t tt; struct tm *tm;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Oct 9 20:59:26 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: hostfile.c sshkey.c Log Message: bump buffer sizes To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/hostfile.c cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/sshkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Sep 7 13:45:30 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: sshd.c Log Message: Prevent DoS from hosts trying to eat all the sshd slots by marking timeouts for blacklistd. To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Sep 7 13:45:30 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: sshd.c Log Message: Prevent DoS from hosts trying to eat all the sshd slots by marking timeouts for blacklistd. To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd.c diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.34 src/crypto/external/bsd/openssh/dist/sshd.c:1.35 --- src/crypto/external/bsd/openssh/dist/sshd.c:1.34 Sat Apr 20 13:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/sshd.c Sat Sep 7 09:45:30 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sshd.c,v 1.34 2019/04/20 17:16:40 christos Exp $ */ +/* $NetBSD: sshd.c,v 1.35 2019/09/07 13:45:30 christos Exp $ */ /* $OpenBSD: sshd.c,v 1.533 2019/03/01 02:32:39 djm Exp $ */ /* * Author: Tatu Ylonen @@ -44,7 +44,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshd.c,v 1.34 2019/04/20 17:16:40 christos Exp $"); +__RCSID("$NetBSD: sshd.c,v 1.35 2019/09/07 13:45:30 christos Exp $"); #include #include #include @@ -370,6 +370,7 @@ grace_alarm_handler(int sig) /* XXX pre-format ipaddr/port so we don't need to access active_state */ /* Log error and exit. */ + pfilter_notify(1); sigdie("Timeout before authentication for %s port %d", ssh_remote_ipaddr(the_active_state), ssh_remote_port(the_active_state));
Re: CVS commit: src/crypto/external/bsd/openssh/dist (reallocarray())
In article <20190309110959.ga3...@primenet.com.au>, Geoff Wing wrote: >On Saturday 2019-03-09 07:35 +1100, Christos Zoulas output: >:Module Name: src >:Committed By: christos >:Date: Fri Mar 8 20:34:24 UTC 2019 >: >:Modified Files: >: src/crypto/external/bsd/openssh/dist: recallocarray.c >:Log Message: >:Replace our buggy recallocarray implementation one with the portable one >:from OpenBSD. > >This is interesting. We still have libc/stdlib/reallocarr{,ay}.c >which implements recallocarray() in -lc >Every version of pkgsrc/news/inn I try - self built or downloaded from >nyftp.netbsd* segvs due to reallocarray() unless I hack around those calls. >Does this "external/bsd/openssh/..." fix only work for openssh? Or does this >fix also affect the libc version we have? (Not sure why we are duplicating >but I'll take any one which works) > >[PS not pleased that ISC wanted to use this reallocarray() stuff] This is re"c"allocarray nor reallocararray() which is in libc. christos
Re: CVS commit: src/crypto/external/bsd/openssh/dist (reallocarray())
On Saturday 2019-03-09 07:35 +1100, Christos Zoulas output: :Module Name: src :Committed By: christos :Date: Fri Mar 8 20:34:24 UTC 2019 : :Modified Files: : src/crypto/external/bsd/openssh/dist: recallocarray.c :Log Message: :Replace our buggy recallocarray implementation one with the portable one :from OpenBSD. This is interesting. We still have libc/stdlib/reallocarr{,ay}.c which implements recallocarray() in -lc Every version of pkgsrc/news/inn I try - self built or downloaded from nyftp.netbsd* segvs due to reallocarray() unless I hack around those calls. Does this "external/bsd/openssh/..." fix only work for openssh? Or does this fix also affect the libc version we have? (Not sure why we are duplicating but I'll take any one which works) [PS not pleased that ISC wanted to use this reallocarray() stuff] Regards, Geoff
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On Feb 6, 1:26pm, m...@netbsd.org (m...@netbsd.org) wrote: -- Subject: Re: CVS commit: src/crypto/external/bsd/openssh/dist | > + const BIGNUM *pub_key; | > + if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) | > + goto out; | > + DH_get0_key(kex->dh, _key, NULL); | > + if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || | > + (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || | > + (r = sshpkt_send(ssh)) != 0) { | > goto out; | > + } | > + } | > debug("SSH2_MSG_KEX_DH_GEX_INIT sent"); | > #ifdef DEBUG_KEXDH | > DHparams_print_fp(stderr, kex->dh); | > @@ -134,10 +140,12 @@ input_kex_dh_gex_group(int type, u_int32 | > ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REPLY, _kex_dh_gex_reply); | > r = 0; | > out: | > - if (p) | > + if (r != 0) { | > BN_clear_free(p); | > - if (g) | > BN_clear_free(g); | > + DH_free(kex->dh); | > + kex->dh = NULL; | > + } | > return r; | | BN_clear_free will null deref on this error path I think void BN_clear_free(BIGNUM *a) { int i; if (a == NULL) return; christos
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On Tue, Feb 06, 2018 at 01:26:41PM +, m...@netbsd.org wrote: > BN_clear_free will null deref on this error path I think oops, I"m relying on ctags and went into the heimdal BN_clear_free instead which does this, and not the openssl which does NULL test.
Re: CVS commit: src/crypto/external/bsd/openssh/dist
> + const BIGNUM *pub_key; > + if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) > + goto out; > + DH_get0_key(kex->dh, _key, NULL); > + if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 || > + (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || > + (r = sshpkt_send(ssh)) != 0) { > goto out; > + } > + } > debug("SSH2_MSG_KEX_DH_GEX_INIT sent"); > #ifdef DEBUG_KEXDH > DHparams_print_fp(stderr, kex->dh); > @@ -134,10 +140,12 @@ input_kex_dh_gex_group(int type, u_int32 > ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REPLY, > _kex_dh_gex_reply); > r = 0; > out: > - if (p) > + if (r != 0) { > BN_clear_free(p); > - if (g) > BN_clear_free(g); > + DH_free(kex->dh); > + kex->dh = NULL; > + } > return r; BN_clear_free will null deref on this error path I think
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On Feb 6, 11:10am, m...@netbsd.org (m...@netbsd.org) wrote: -- Subject: Re: CVS commit: src/crypto/external/bsd/openssh/dist | On Sun, Feb 04, 2018 at 07:13:50PM -0500, Christos Zoulas wrote: | > - return BN_num_bits(k->rsa->n); | > +#if OPENSSL_VERSION_NUMBER >= 0x1010UL | > + return RSA_bits(k->rsa); | > +#else | > + return BN_num_bits(k->rsa->p); | > +#endif | > case KEY_DSA: | > case KEY_DSA_CERT: | > +#if OPENSSL_VERSION_NUMBER >= 0x1010UL | > + return DSA_bits(k->dsa); | > +#else | > return BN_num_bits(k->dsa->p); | > +#endif | | you put RSA_bits in openssl.old, can use it directly instead of macros? Yes, it seems that the linux patch was done by different people; some tried to maintain backwards compatibility, others did not. I guess the remaining 4 ifdefs in sshkey.c can be removed since the code is already using 1.1 functions unconditionally elsewhere. Please test before you commit if you do this. christos
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On Sun, Feb 04, 2018 at 07:13:50PM -0500, Christos Zoulas wrote: > - return BN_num_bits(k->rsa->n); > +#if OPENSSL_VERSION_NUMBER >= 0x1010UL > + return RSA_bits(k->rsa); > +#else > + return BN_num_bits(k->rsa->p); > +#endif > case KEY_DSA: > case KEY_DSA_CERT: > +#if OPENSSL_VERSION_NUMBER >= 0x1010UL > + return DSA_bits(k->dsa); > +#else > return BN_num_bits(k->dsa->p); > +#endif you put RSA_bits in openssl.old, can use it directly instead of macros?
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On Apr 19, 5:17pm, herb...@mailbox.org ("Herbert J. Skuhra") wrote: -- Subject: Re: CVS commit: src/crypto/external/bsd/openssh/dist | I think something went wrong with merging | crypto/external/bsd/openssh/dist/sshd_config. | | r1.20 contains weird lines: | | Index: sshd_config | === | RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/sshd_config,v | retrieving revision 1.19 | retrieving revision 1.20 | diff -u -r1.19 -r1.20 | --- sshd_config 1 Feb 2017 14:27:37 - 1.19 | +++ sshd_config 18 Apr 2017 18:41:46 - 1.20 | @@ -1,5 +1,5 @@ | -# $NetBSD: sshd_config,v 1.19 2017/02/01 14:27:37 christos Exp $ | -# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $ | +# $NetBSD: sshd_config,v 1.20 2017/04/18 18:41:46 christos Exp $ | +# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ | | # This is the sshd server system-wide configuration file. See | # sshd_config(5) for more information. | @@ -74,8 +74,11 @@ | #PrintLastLog yes | #TCPKeepAlive yes | #UseLogin no | +<<<<<<< sshd_config | #UsePrivilegeSeparation sandbox | UsePam yes | +=== | +>>>>>>> 1.1.1.15 | #PermitUserEnvironment no | #Compression delayed | #ClientAliveInterval 0 | Thanks, I fixed that exact problem, so I don't know why it is still incorrect. I will fix it again. christos
Re: CVS commit: src/crypto/external/bsd/openssh/dist
Christos Zoulas skrev: > > Module Name: src > Committed By: christos > Date: Tue Apr 18 18:41:46 UTC 2017 > > Modified Files: > src/crypto/external/bsd/openssh/dist: addrmatch.c atomicio.c atomicio.h > auth-bsdauth.c auth-krb5.c auth-options.c auth-options.h auth-pam.c > auth-pam.h auth-passwd.c auth-rhosts.c auth-skey.c auth.c auth.h > auth2-chall.c auth2-gss.c auth2-hostbased.c auth2-kbdint.c > auth2-krb5.c auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c > authfd.c authfd.h authfile.c authfile.h bcrypt_pbkdf.c bitmap.c > bitmap.h blocks.c blowfish.c bufaux.c bufbn.c bufec.c buffer.c > buffer.h canohost.c canohost.h chacha.c channels.c channels.h > cipher-3des1.c cipher-bf1.c cipher-chachapoly.c cipher-ctr-mt.c > cipher.c cipher.h cleanup.c clientloop.c clientloop.h compat.c > compat.h crc32.c crc32.h deattack.c deattack.h dh.c dh.h > digest-libc.c digest-openssl.c dispatch.c dispatch.h dns.c dns.h > ed25519.c fatal.c fe25519.c fmt_scaled.c fmt_scaled.h ge25519.c > getpeereid.c getpeereid.h getrrsetbyname.c getrrsetbyname.h > groupaccess.c groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c > hash.c hmac.c hostfile.c hostfile.h includes.h kex.c kex.h > kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c > kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c key.c > key.h krl.c ldapauth.c ldapauth.h log.c log.h mac.c mac.h match.c > match.h md-sha256.c misc.c misc.h moduli.5 moduli.c monitor.c > monitor.h monitor_fdpass.c monitor_fdpass.h monitor_wrap.c > monitor_wrap.h msg.c msg.h mux.c myproposal.h namespace.h nchan.c > opacket.c opacket.h packet.c packet.h pathnames.h pkcs11.h > poly1305.c progressmeter.c progressmeter.h random.h readconf.c > readconf.h readpass.c readpassphrase.3 readpassphrase.c > readpassphrase.h rsa.c rsa.h sandbox-rlimit.c sc25519.c scp.1 scp.c > servconf.c servconf.h serverloop.c serverloop.h session.c session.h > sftp-client.c sftp-client.h sftp-common.c sftp-common.h sftp-glob.c > sftp-server-main.c sftp-server.8 sftp-server.c sftp.1 sftp.c sftp.h > smult_curve25519_ref.c ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c > ssh-dss.c ssh-ecdsa.c ssh-ed25519.c ssh-gss.h ssh-keygen.1 > ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 > ssh-keysign.c ssh-pkcs11-client.c ssh-pkcs11-helper.8 > ssh-pkcs11-helper.c ssh-pkcs11.c ssh-pkcs11.h ssh-rsa.c ssh.1 ssh.c > ssh.h ssh1.h ssh2.h ssh_api.c ssh_api.h ssh_config.5 > sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c > sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd.8 sshd.c > sshd_config sshd_config.5 ssherr.c sshkey.c sshkey.h sshlogin.c > sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c ttymodes.h > uidswap.c uidswap.h umac.c umac.h utf8.c uuencode.c uuencode.h > verify.c version.h xmalloc.c xmalloc.h > > Log Message: > merge conflicts I think something went wrong with merging crypto/external/bsd/openssh/dist/sshd_config. r1.20 contains weird lines: Index: sshd_config === RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/sshd_config,v retrieving revision 1.19 retrieving revision 1.20 diff -u -r1.19 -r1.20 --- sshd_config 1 Feb 2017 14:27:37 - 1.19 +++ sshd_config 18 Apr 2017 18:41:46 - 1.20 @@ -1,5 +1,5 @@ -# $NetBSD: sshd_config,v 1.19 2017/02/01 14:27:37 christos Exp $ -# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $ +# $NetBSD: sshd_config,v 1.20 2017/04/18 18:41:46 christos Exp $ +# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -74,8 +74,11 @@ #PrintLastLog yes #TCPKeepAlive yes #UseLogin no +<<< sshd_config #UsePrivilegeSeparation sandbox UsePam yes +=== +>>> 1.1.1.15 #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 Thanks. -- Herbert
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On Sun, 06 Oct 2013, Jean-Yves Migeon wrote: Modified Files: src/crypto/external/bsd/openssh/dist: ssh_config Log Message: Enable VerifyHostKeyDNS (SSHFP records verification) from DNS for hosts under NetBSD.org domain. Thank you. I think this is an improvement. Notified on netbsd-users@, no objection after a week -- committed. Please discuss such things in the relevant tech-* list (tech-net or tech-userlevel in this case, I suppose). +# NetBSD.org DNS provides SSHFP records - use them when possible +Host *.netbsd.org *.NetBSD.org +VerifyHostKeyDNS ask I have been running similar configuration for some time, but with with VerifyHostKeyDNS yes (not ask), and I have had no problems. The difference between yes and ask arises only when the ssh client can be sure that the DNS answer was secured by DNSSEC; in such a case, yes means accept the result silently, while ask means ask the user (the first time). If the DNS answer was not secured by DNSSEC, then both yes and ask end up asking the user. By the way, I think that's a bug in ssh that the Host patterns are case sensitive. --apb (Alan Barrett)
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On Mon Jan 03 2011 at 18:55:42 +, Arnaud Ysmal wrote: Module Name: src Committed By: stacktic Date: Mon Jan 3 18:55:42 UTC 2011 Modified Files: src/crypto/external/bsd/openssh/dist: sshconnect2.c Log Message: Fixed strvisx usage Didn't you fix that already once before? Can the fix be upstreamed? -- älä karot toivorikkauttas, kyl rätei ja lumpui piisaa
Re: CVS commit: src/crypto/external/bsd/openssh/dist
On Mon Jan 03 2011 at 18:55:42 +, Arnaud Ysmal wrote: Module Name: src Committed By: stacktic Date: Mon Jan 3 18:55:42 UTC 2011 Modified Files: src/crypto/external/bsd/openssh/dist: sshconnect2.c Log Message: Fixed strvisx usage Didn't you fix that already once before? Can the fix be upstreamed? Yes I did. There is no problem upstream, they are using strnvis, which takes the length of the destination buffer as a parameter, while we are using strvisx, which takes the length of the input buffer. This fix should be part of the fixes we merge for each new version of openssh.
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: joerg Date: Fri Jan 8 16:37:40 UTC 2010 Modified Files: src/crypto/external/bsd/openssh/dist: ssh.1 Log Message: Don't use .Xo/.Xc. Fix date format. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/ssh.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.