CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Mon Apr 19 14:40:16 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: addrmatch.c auth-krb5.c auth-options.c auth.c auth2-pubkey.c auth2.c chacha.h channels.c channels.h cipher.c clientloop.c dh.c dh.h hostfile.c kex.c kexgen.c log.c log.h misc.c misc.h monitor.c monitor_wrap.c monitor_wrap.h mux.c packet.c readconf.c scp.c servconf.c servconf.h serverloop.c session.c sftp-client.c sftp-client.h sftp-server.c sftp.c srclimit.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-sk-client.c ssh.c ssh_api.c ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5 sshkey-xmss.c sshkey-xmss.h sshkey.c umac.c utf8.h version.h xmalloc.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: shlib_version Log Message: Merge local changes between 8.5 and 8.6 To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/addrmatch.c cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/auth-krb5.c cvs rdiff -u -r1.25 -r1.26 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/serverloop.c \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.27 -r1.28 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/auth2.c \ src/crypto/external/bsd/openssh/dist/sftp-server.c \ src/crypto/external/bsd/openssh/dist/sshd.8 cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/chacha.h \ src/crypto/external/bsd/openssh/dist/srclimit.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/channels.h cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/cipher.c \ src/crypto/external/bsd/openssh/dist/dh.c \ src/crypto/external/bsd/openssh/dist/hostfile.c \ src/crypto/external/bsd/openssh/dist/umac.c cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/sftp.c \ src/crypto/external/bsd/openssh/dist/ssh-agent.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/dh.h \ src/crypto/external/bsd/openssh/dist/sftp-client.h \ src/crypto/external/bsd/openssh/dist/ssh_api.c cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/kexgen.c cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssh/dist/log.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/log.h cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/misc.h cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/monitor.c cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssh/dist/monitor_wrap.h cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/mux.c cvs rdiff -u -r1.43 -r1.44 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/readconf.c \ src/crypto/external/bsd/openssh/dist/session.c \ src/crypto/external/bsd/openssh/dist/sshd_config.5 cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/scp.c cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/servconf.h \ src/crypto/external/bsd/openssh/dist/ssh-add.c cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/sftp-client.c cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/ssh-sk-client.c \ src/crypto/external/bsd/openssh/dist/utf8.h cvs rdiff -u -r1.39 -r1.40 src/crypto/external/bsd/openssh/dist/sshconnect2.c cvs rdiff -u -r1.41 -r1.42 src/crypto/external/bsd/openssh/dist/sshd.c cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/sshkey-xmss.c cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/sshkey-xmss.h cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/xmalloc.h cvs rdiff -u -r1.9 -r1.10 \ src/crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 \ src/crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 \
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Mon Apr 19 14:07:36 UTC 2021 Modified Files: src/crypto/external/bsd/openssh: openssh2netbsd Log Message: Force user to specify source dir. Too dangerous to run in random places. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/openssh2netbsd Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/openssh2netbsd diff -u src/crypto/external/bsd/openssh/openssh2netbsd:1.3 src/crypto/external/bsd/openssh/openssh2netbsd:1.4 --- src/crypto/external/bsd/openssh/openssh2netbsd:1.3 Fri Dec 4 13:42:49 2020 +++ src/crypto/external/bsd/openssh/openssh2netbsd Mon Apr 19 10:07:36 2021 @@ -1,6 +1,6 @@ #! /bin/sh # -# $NetBSD: openssh2netbsd,v 1.3 2020/12/04 18:42:49 christos Exp $ +# $NetBSD: openssh2netbsd,v 1.4 2021/04/19 14:07:36 christos Exp $ # # Copyright (c) 2001 The NetBSD Foundation, Inc. # All rights reserved. @@ -28,6 +28,14 @@ # # openssh2netbsd: convert a openssh source tree into netbsd openssh tree +if [ -z "$1" ]; then + echo "Usage: $0 " 1>&2 + exit 1 +fi + +set -e +cd "$1" + ### Remove CVS find . -name CVS -print | xargs rm -r
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Mar 5 17:53:51 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/dist: scp.c Log Message: remove __UNCONST, initialize To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/scp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/scp.c diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.29 src/crypto/external/bsd/openssh/dist/scp.c:1.30 --- src/crypto/external/bsd/openssh/dist/scp.c:1.29 Fri Mar 5 12:47:16 2021 +++ src/crypto/external/bsd/openssh/dist/scp.c Fri Mar 5 12:53:51 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: scp.c,v 1.29 2021/03/05 17:47:16 christos Exp $ */ +/* $NetBSD: scp.c,v 1.30 2021/03/05 17:53:51 christos Exp $ */ /* $OpenBSD: scp.c,v 1.213 2020/10/18 11:32:01 djm Exp $ */ /* @@ -74,7 +74,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: scp.c,v 1.29 2021/03/05 17:47:16 christos Exp $"); +__RCSID("$NetBSD: scp.c,v 1.30 2021/03/05 17:53:51 christos Exp $"); #include /* roundup MAX */ #include @@ -877,7 +877,7 @@ brace_expand(const char *pattern, char * void toremote(int argc, char **argv) { - char *suser = NULL, *host = NULL, *src; + char *suser = NULL, *host = NULL, *src = NULL; char *bp, *tuser, *thost, *targ; int sport = -1, tport = -1; arglist alist; @@ -911,7 +911,7 @@ toremote(int argc, char **argv) for (i = 0; i < argc - 1; i++) { free(suser); free(host); - free(__UNCONST(src)); + free(src); r = parse_scp_uri(argv[i], , , , ); if (r == -1) { fmprintf(stderr, "%s: invalid uri\n", argv[i]); @@ -989,16 +989,16 @@ toremote(int argc, char **argv) out: free(tuser); free(thost); - free(__UNCONST(targ)); + free(targ); free(suser); free(host); - free(__UNCONST(src)); + free(src); } static void tolocal(int argc, char **argv) { - char *bp, *host = NULL, *suser = NULL, *src; + char *bp, *host = NULL, *suser = NULL, *src = NULL; arglist alist; int i, r, sport = -1; @@ -1008,7 +1008,7 @@ tolocal(int argc, char **argv) for (i = 0; i < argc - 1; i++) { free(suser); free(host); - free(__UNCONST(src)); + free(src); r = parse_scp_uri(argv[i], , , , ); if (r == -1) { fmprintf(stderr, "%s: invalid uri\n", argv[i]); @@ -1050,7 +1050,7 @@ tolocal(int argc, char **argv) } free(suser); free(host); - free(__UNCONST(src)); + free(src); } void
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Fri Mar 5 17:47:16 UTC 2021 Modified Files: src/crypto/external/bsd/openssh/bin/sshd: Makefile src/crypto/external/bsd/openssh/dist: PROTOCOL PROTOCOL.agent addr.c addrmatch.c auth-krb5.c auth-options.c auth-passwd.c auth-rhosts.c auth.c auth.h auth2-chall.c auth2-gss.c auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c authfd.c canohost.c channels.c cipher.c clientloop.c compat.c compat.h crypto_api.h dh.c digest-openssl.c digest.h dns.c fatal.c gss-genr.c hostfile.c hostfile.h kex.c kex.h kexdh.c kexgen.c kexgexc.c kexgexs.c krl.c log.c log.h match.c misc.c misc.h monitor.c monitor_fdpass.c monitor_wrap.c monitor_wrap.h msg.c mux.c myproposal.h namespace.h nchan.c packet.c readconf.c readconf.h readpass.c sandbox-pledge.c sandbox-rlimit.c scp.1 scp.c servconf.c servconf.h serverloop.c session.c sftp-client.c sftp-client.h sftp-common.c sftp-server.c sftp.1 sftp.c sk-usbhid.c srclimit.c ssh-add.c ssh-agent.c ssh-ed25519-sk.c ssh-ed25519.c ssh-gss.h ssh-keygen.1 ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c ssh-sk-client.c ssh-sk-helper.c ssh-sk.c ssh-xmss.c ssh.1 ssh.c ssh2.h ssh_api.c ssh_config.5 sshconnect.c sshconnect.h sshconnect2.c sshd.c sshd_config.5 sshkey-xmss.c sshkey-xmss.h sshkey.c sshkey.h sshlogin.c sshsig.c ttymodes.c version.h src/crypto/external/bsd/openssh/dist/moduli-gen: Makefile moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: Makefile shlib_version Removed Files: src/crypto/external/bsd/openssh/dist: kexsntrup4591761x25519.c sntrup4591761.c sntrup4591761.sh Log Message: merge local changes between openssh 8.4 and 8.5 To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssh/bin/sshd/Makefile cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/kexgexc.c \ src/crypto/external/bsd/openssh/dist/log.h \ src/crypto/external/bsd/openssh/dist/readpass.c \ src/crypto/external/bsd/openssh/dist/sshconnect.h cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/openssh/dist/PROTOCOL.agent \ src/crypto/external/bsd/openssh/dist/gss-genr.c \ src/crypto/external/bsd/openssh/dist/hostfile.h \ src/crypto/external/bsd/openssh/dist/msg.c cvs rdiff -u -r1.1.1.1 -r1.2 src/crypto/external/bsd/openssh/dist/addr.c \ src/crypto/external/bsd/openssh/dist/srclimit.c cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/addrmatch.c \ src/crypto/external/bsd/openssh/dist/auth2-passwd.c \ src/crypto/external/bsd/openssh/dist/canohost.c \ src/crypto/external/bsd/openssh/dist/compat.h \ src/crypto/external/bsd/openssh/dist/sshkey.h cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/auth-krb5.c \ src/crypto/external/bsd/openssh/dist/auth2-gss.c \ src/crypto/external/bsd/openssh/dist/match.c cvs rdiff -u -r1.24 -r1.25 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/auth-passwd.c \ src/crypto/external/bsd/openssh/dist/auth2-none.c \ src/crypto/external/bsd/openssh/dist/nchan.c \ src/crypto/external/bsd/openssh/dist/sftp-client.h \ src/crypto/external/bsd/openssh/dist/sftp-common.c \ src/crypto/external/bsd/openssh/dist/ssh_api.c \ src/crypto/external/bsd/openssh/dist/ttymodes.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/auth-rhosts.c \ src/crypto/external/bsd/openssh/dist/auth2-kbdint.c \ src/crypto/external/bsd/openssh/dist/ssh2.h \ src/crypto/external/bsd/openssh/dist/sshlogin.c cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/scp.c \ src/crypto/external/bsd/openssh/dist/serverloop.c \ src/crypto/external/bsd/openssh/dist/ssh.1 \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/auth.h \ src/crypto/external/bsd/openssh/dist/monitor_wrap.h \ src/crypto/external/bsd/openssh/dist/myproposal.h \ src/crypto/external/bsd/openssh/dist/ssh-keysign.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/auth2-chall.c \
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Fri Dec 4 18:42:50 UTC 2020 Modified Files: src/crypto/external/bsd/openssh: openssh2netbsd src/crypto/external/bsd/openssh/dist: PROTOCOL PROTOCOL.agent auth-options.c auth-options.h auth.c auth2-pubkey.c authfd.c authfd.h authfile.c channels.c channels.h clientloop.c compat.c compat.h hostfile.c hostfile.h kex.c kexdh.c krl.c log.c match.c match.h misc.c misc.h monitor.c monitor_wrap.c monitor_wrap.h msg.c mux.c packet.c readconf.c readconf.h readpass.c scp.1 scp.c servconf.c servconf.h serverloop.c session.c sftp-client.c sftp-server.8 sftp-server.c sftp.1 sftp.c sk-usbhid.c ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-ecdsa-sk.c ssh-keygen.1 ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-pkcs11.c ssh-sk-helper.c ssh-sk.c ssh.1 ssh.c ssh.h ssh_api.c ssh_config ssh_config.5 sshbuf-getput-basic.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5 sshkey.c sshkey.h sshsig.c version.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: shlib_version Removed Files: src/crypto/external/bsd/openssh/dist/ssh-sk-helper: Makefile Log Message: Merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/openssh2netbsd cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/authfd.h \ src/crypto/external/bsd/openssh/dist/readpass.c \ src/crypto/external/bsd/openssh/dist/ssh_config \ src/crypto/external/bsd/openssh/dist/sshbuf.h cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/PROTOCOL.agent \ src/crypto/external/bsd/openssh/dist/hostfile.h \ src/crypto/external/bsd/openssh/dist/msg.c cvs rdiff -u -r1.23 -r1.24 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.13 -r1.14 \ src/crypto/external/bsd/openssh/dist/auth-options.h \ src/crypto/external/bsd/openssh/dist/match.c cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/scp.c \ src/crypto/external/bsd/openssh/dist/serverloop.c \ src/crypto/external/bsd/openssh/dist/ssh.1 \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.25 -r1.26 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/authfd.c \ src/crypto/external/bsd/openssh/dist/scp.1 \ src/crypto/external/bsd/openssh/dist/sftp-server.c cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/authfile.c \ src/crypto/external/bsd/openssh/dist/readconf.h \ src/crypto/external/bsd/openssh/dist/sftp-client.c cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/channels.h \ src/crypto/external/bsd/openssh/dist/hostfile.c \ src/crypto/external/bsd/openssh/dist/krl.c cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/sftp.c \ src/crypto/external/bsd/openssh/dist/ssh-agent.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/compat.c \ src/crypto/external/bsd/openssh/dist/log.c \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/compat.h \ src/crypto/external/bsd/openssh/dist/sftp-server.8 \ src/crypto/external/bsd/openssh/dist/ssh.h \ src/crypto/external/bsd/openssh/dist/sshkey.h cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/kexdh.c cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/match.h \ src/crypto/external/bsd/openssh/dist/ssh_api.c \ src/crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/misc.h cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/monitor.c cvs rdiff -u -r1.19 -r1.20 \ src/crypto/external/bsd/openssh/dist/monitor_wrap.h \ src/crypto/external/bsd/openssh/dist/ssh-keysign.c cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/mux.c \ src/crypto/external/bsd/openssh/dist/ssh-keygen.1 \ src/crypto/external/bsd/openssh/dist/ssh-keyscan.c cvs rdiff -u -r1.41 -r1.42 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/readconf.c \
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Nov 12 19:43:19 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: getrrsetbyname.c Log Message: eliminate direct use of _res for threaded programs. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/openssh/dist/getrrsetbyname.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/getrrsetbyname.c diff -u src/crypto/external/bsd/openssh/dist/getrrsetbyname.c:1.5 src/crypto/external/bsd/openssh/dist/getrrsetbyname.c:1.6 --- src/crypto/external/bsd/openssh/dist/getrrsetbyname.c:1.5 Tue Apr 18 14:41:46 2017 +++ src/crypto/external/bsd/openssh/dist/getrrsetbyname.c Thu Nov 12 14:43:18 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: getrrsetbyname.c,v 1.5 2017/04/18 18:41:46 christos Exp $ */ +/* $NetBSD: getrrsetbyname.c,v 1.6 2020/11/12 19:43:18 christos Exp $ */ /* $OpenBSD: getrrsetbyname.c,v 1.10 2005/03/30 02:58:28 tedu Exp $ */ /* @@ -47,7 +47,7 @@ /* OPENBSD ORIGINAL: lib/libc/net/getrrsetbyname.c */ #include "includes.h" -__RCSID("$NetBSD: getrrsetbyname.c,v 1.5 2017/04/18 18:41:46 christos Exp $"); +__RCSID("$NetBSD: getrrsetbyname.c,v 1.6 2020/11/12 19:43:18 christos Exp $"); #ifndef HAVE_GETRRSETBYNAME @@ -189,8 +189,9 @@ getrrsetbyname(const char *hostname, uns unsigned int rdtype, unsigned int flags, struct rrsetinfo **res) { - struct __res_state *_resp = _THREAD_PRIVATE(_res, _res, &_res); + struct __res_state *_resp; int result; + unsigned long options; struct rrsetinfo *rrset = NULL; struct dns_response *response = NULL; struct dns_rr *rr; @@ -201,27 +202,33 @@ getrrsetbyname(const char *hostname, uns /* check for invalid class and type */ if (rdclass > 0x || rdtype > 0x) { - result = ERRSET_INVAL; - goto fail; + return ERRSET_INVAL; } /* don't allow queries of class or type ANY */ if (rdclass == 0xff || rdtype == 0xff) { - result = ERRSET_INVAL; - goto fail; + return ERRSET_INVAL; } /* don't allow flags yet, unimplemented */ if (flags) { - result = ERRSET_INVAL; - goto fail; + return ERRSET_INVAL; } +#ifndef __NetBSD__ + _resp = _THREAD_PRIVATE(_res, _res, &_res); /* initialize resolver */ if ((_resp->options & RES_INIT) == 0 && res_init() == -1) { result = ERRSET_FAIL; goto fail; } +#else + _resp = __res_get_state(); + if (_resp == NULL) { + return ERRSET_FAIL; + } +#endif + options = _resp->options; #ifdef DEBUG _resp->options |= RES_DEBUG; @@ -234,8 +241,8 @@ getrrsetbyname(const char *hostname, uns #endif /* RES_USE_DNSEC */ /* make query */ - length = res_query(hostname, (signed int) rdclass, (signed int) rdtype, - answer, sizeof(answer)); + length = res_nquery(_resp, hostname, (signed int) rdclass, + (signed int) rdtype, answer, sizeof(answer)); if (length < 0) { switch(h_errno) { case HOST_NOT_FOUND: @@ -335,9 +342,17 @@ getrrsetbyname(const char *hostname, uns free_dns_response(response); *res = rrset; + _resp->options = options; +#ifdef __NetBSD__ + __res_put_state(_resp); +#endif return (ERRSET_SUCCESS); fail: + _resp->options = options; +#ifdef __NetBSD__ + __res_put_state(_resp); +#endif if (rrset != NULL) freerrset(rrset); if (response != NULL) @@ -466,7 +481,7 @@ parse_dns_qsection(const u_char *answer, /* name */ length = dn_expand(answer, answer + size, *cp, name, - sizeof(name)); + (int)sizeof(name)); if (length < 0) { free_dns_query(head); return (NULL); @@ -513,7 +528,7 @@ parse_dns_rrsection(const u_char *answer /* name */ length = dn_expand(answer, answer + size, *cp, name, - sizeof(name)); + (int)sizeof(name)); if (length < 0) { free_dns_rr(head); return (NULL);
CVS commit: src/crypto/external/bsd/openssh/bin/scp
Module Name:src Committed By: christos Date: Fri May 29 12:15:30 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/bin/scp: Makefile Log Message: delete previous and fix bug instead. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/bin/scp/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/bin/scp/Makefile diff -u src/crypto/external/bsd/openssh/bin/scp/Makefile:1.4 src/crypto/external/bsd/openssh/bin/scp/Makefile:1.5 --- src/crypto/external/bsd/openssh/bin/scp/Makefile:1.4 Fri May 29 06:01:23 2020 +++ src/crypto/external/bsd/openssh/bin/scp/Makefile Fri May 29 08:15:30 2020 @@ -1,9 +1,7 @@ -# $NetBSD: Makefile,v 1.4 2020/05/29 10:01:23 kamil Exp $ +# $NetBSD: Makefile,v 1.5 2020/05/29 12:15:30 christos Exp $ BINDIR=/usr/bin PROG= scp -COPTS.scp.c += -Wno-format-nonliteral - .include
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri May 29 12:14:49 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: scp.c Log Message: Fix printf format error. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/scp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/scp.c diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.26 src/crypto/external/bsd/openssh/dist/scp.c:1.27 --- src/crypto/external/bsd/openssh/dist/scp.c:1.26 Thu May 28 13:05:49 2020 +++ src/crypto/external/bsd/openssh/dist/scp.c Fri May 29 08:14:49 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: scp.c,v 1.26 2020/05/28 17:05:49 christos Exp $ */ +/* $NetBSD: scp.c,v 1.27 2020/05/29 12:14:49 christos Exp $ */ /* $OpenBSD: scp.c,v 1.210 2020/05/06 20:57:38 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which @@ -73,7 +73,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: scp.c,v 1.26 2020/05/28 17:05:49 christos Exp $"); +__RCSID("$NetBSD: scp.c,v 1.27 2020/05/29 12:14:49 christos Exp $"); #include /* roundup MAX */ #include @@ -366,7 +366,7 @@ __dead static void lostconn(int); int okname(char *); void run_err(const char *,...) __printflike(1, 2); void run_err(const char *,...) __printflike(1, 2); -int note_err(const char *,...); +int note_err(const char *,...) __printflike(1, 2); void verifydir(char *); struct passwd *pwd; @@ -1503,7 +1503,7 @@ bad: run_err("%s: %s", np, strerror(er } } if (close(ofd) == -1) - note_err(np, "%s: close: %s", np, strerror(errno)); + note_err("%s: close: %s", np, strerror(errno)); (void) response(); if (showprogress) stop_progress_meter();
CVS commit: src/crypto/external/bsd/openssh/bin/scp
Module Name:src Committed By: kamil Date: Fri May 29 10:01:23 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/bin/scp: Makefile Log Message: Specify -Wno-format-nonlitera for scp.c (OpenSSH) Fixes build with Clang/LLVM. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/bin/scp/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/bin/scp/Makefile diff -u src/crypto/external/bsd/openssh/bin/scp/Makefile:1.3 src/crypto/external/bsd/openssh/bin/scp/Makefile:1.4 --- src/crypto/external/bsd/openssh/bin/scp/Makefile:1.3 Sun Mar 1 20:59:52 2020 +++ src/crypto/external/bsd/openssh/bin/scp/Makefile Fri May 29 10:01:23 2020 @@ -1,7 +1,9 @@ -# $NetBSD: Makefile,v 1.3 2020/03/01 20:59:52 christos Exp $ +# $NetBSD: Makefile,v 1.4 2020/05/29 10:01:23 kamil Exp $ BINDIR=/usr/bin PROG= scp +COPTS.scp.c += -Wno-format-nonliteral + .include
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Thu May 28 17:05:50 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: PROTOCOL PROTOCOL.mux auth-options.c auth-rhosts.c auth2-chall.c auth2-passwd.c auth2.c authfd.c authfile.c channels.c cipher-chachapoly.c cipher-chachapoly.h cipher.c clientloop.c clientloop.h digest-libc.c gss-serv.c hmac.c hostfile.c kex.c krl.c krl.h misc.c monitor.c mux.c packet.c packet.h readconf.c readconf.h scp.1 scp.c servconf.c servconf.h session.c sftp.1 sftp.c sk-usbhid.c ssh-add.c ssh-agent.c ssh-dss.c ssh-ed25519-sk.c ssh-ed25519.c ssh-keygen.1 ssh-keygen.c ssh-pkcs11-helper.c ssh-pkcs11.c ssh-sk.c ssh-xmss.c ssh.1 ssh.c ssh_config.5 sshbuf-misc.c sshbuf.c sshbuf.h sshconnect.c sshconnect2.c sshd.c sshd_config.5 sshkey.c sshkey.h sshsig.c umac.c utf8.c utf8.h version.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: shlib_version Log Message: Merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/sshbuf.h cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/PROTOCOL.mux \ src/crypto/external/bsd/openssh/dist/sshbuf-misc.c cvs rdiff -u -r1.22 -r1.23 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/auth-rhosts.c \ src/crypto/external/bsd/openssh/dist/sshbuf.c \ src/crypto/external/bsd/openssh/dist/sshkey.h cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/auth2-chall.c \ src/crypto/external/bsd/openssh/dist/cipher.c \ src/crypto/external/bsd/openssh/dist/clientloop.h cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssh/dist/auth2-passwd.c cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/auth2.c \ src/crypto/external/bsd/openssh/dist/packet.h \ src/crypto/external/bsd/openssh/dist/servconf.h \ src/crypto/external/bsd/openssh/dist/sftp.1 \ src/crypto/external/bsd/openssh/dist/ssh-add.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/authfd.c \ src/crypto/external/bsd/openssh/dist/scp.1 cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/authfile.c \ src/crypto/external/bsd/openssh/dist/readconf.h cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/channels.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/ssh.1 \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/openssh/dist/cipher-chachapoly.c cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssh/dist/cipher-chachapoly.h \ src/crypto/external/bsd/openssh/dist/sk-usbhid.c \ src/crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c \ src/crypto/external/bsd/openssh/dist/ssh-sk.c \ src/crypto/external/bsd/openssh/dist/ssh-xmss.c cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/sftp.c \ src/crypto/external/bsd/openssh/dist/ssh-agent.c cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/digest-libc.c \ src/crypto/external/bsd/openssh/dist/hmac.c cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/gss-serv.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/hostfile.c \ src/crypto/external/bsd/openssh/dist/krl.c \ src/crypto/external/bsd/openssh/dist/ssh-dss.c cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/krl.h cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/monitor.c cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/mux.c \ src/crypto/external/bsd/openssh/dist/scp.c \ src/crypto/external/bsd/openssh/dist/ssh-keygen.1 cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/readconf.c \ src/crypto/external/bsd/openssh/dist/session.c \ src/crypto/external/bsd/openssh/dist/sshd_config.5 cvs rdiff -u -r1.32 -r1.33 src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/ssh-ed25519.c cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.18 -r1.19 \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c \ src/crypto/external/bsd/openssh/dist/umac.c cvs rdiff -u -r1.19 -r1.20
CVS commit: src/crypto/external/bsd/openssh/libexec/ssh-sk-helper
Module Name:src Committed By: christos Date: Wed Mar 4 17:30:40 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/libexec/ssh-sk-helper: Makefile Log Message: Add a libm dependency To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile diff -u src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.2 src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.3 --- src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.2 Mon Mar 2 19:43:20 2020 +++ src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile Wed Mar 4 12:30:40 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.2 2020/03/03 00:43:20 christos Exp $ +# $NetBSD: Makefile,v 1.3 2020/03/04 17:30:40 christos Exp $ BINDIR= /usr/libexec @@ -6,7 +6,7 @@ PROG= ssh-sk-helper SRCS= ssh-sk-helper.c ssh-sk.c sk-usbhid.c MAN= ssh-sk-helper.8 -LDADD+=-lfido2 -lcbor -lusbhid -DPADD+=${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} +LDADD+=-lfido2 -lcbor -lusbhid -lm +DPADD+=${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} ${LIBM} .include
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Tue Mar 3 00:43:21 UTC 2020 Modified Files: src/crypto/external/bsd/openssh: Makefile src/crypto/external/bsd/openssh/libexec/ssh-sk-helper: Makefile Log Message: Enable ssh-sk-helper To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/Makefile cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/Makefile diff -u src/crypto/external/bsd/openssh/Makefile:1.2 src/crypto/external/bsd/openssh/Makefile:1.3 --- src/crypto/external/bsd/openssh/Makefile:1.2 Wed Feb 26 19:24:38 2020 +++ src/crypto/external/bsd/openssh/Makefile Mon Mar 2 19:43:20 2020 @@ -1,5 +1,5 @@ -# $NetBSD: Makefile,v 1.2 2020/02/27 00:24:38 christos Exp $ +# $NetBSD: Makefile,v 1.3 2020/03/03 00:43:20 christos Exp $ -SUBDIR= lib .WAIT bin # libexec +SUBDIR= lib .WAIT bin libexec .include Index: src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile diff -u src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.1 src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.2 --- src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile:1.1 Wed Feb 26 19:24:41 2020 +++ src/crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile Mon Mar 2 19:43:20 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.1 2020/02/27 00:24:41 christos Exp $ +# $NetBSD: Makefile,v 1.2 2020/03/03 00:43:20 christos Exp $ BINDIR= /usr/libexec @@ -6,7 +6,7 @@ PROG= ssh-sk-helper SRCS= ssh-sk-helper.c ssh-sk.c sk-usbhid.c MAN= ssh-sk-helper.8 -LDADD+=-lfido2 -lusbhid -DPADD+=${LIBFIDO2} ${LIBUSBHID} +LDADD+=-lfido2 -lcbor -lusbhid +DPADD+=${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} .include
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Mon Mar 2 15:23:17 UTC 2020 Modified Files: src/crypto/external/bsd/openssh: Makefile.inc Log Message: Enable compression To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/Makefile.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/Makefile.inc diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.14 src/crypto/external/bsd/openssh/Makefile.inc:1.15 --- src/crypto/external/bsd/openssh/Makefile.inc:1.14 Fri Apr 6 14:58:59 2018 +++ src/crypto/external/bsd/openssh/Makefile.inc Mon Mar 2 10:23:17 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.14 2018/04/06 18:58:59 christos Exp $ +# $NetBSD: Makefile.inc,v 1.15 2020/03/02 15:23:17 christos Exp $ WARNS?= 4 @@ -11,6 +11,7 @@ SSHDIST?= ${NETBSDSRCDIR}/crypto/externa CPPFLAGS+=-I${SSHDIST} +CPPFLAGS+=-D_OPENBSD_SOURCE CPPFLAGS+=-DHAVE_DLOPEN CPPFLAGS+=-DHAVE_HEADER_AD CPPFLAGS+=-DHAVE_LOGIN_CAP @@ -19,7 +20,7 @@ CPPFLAGS+=-DHAVE_STDLIB_H CPPFLAGS+=-DOPENSSL_API_COMPAT=0x1010L .endif -CPPFLAGS+=-DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE -DWITH_XMSS +CPPFLAGS+=-DWITH_OPENSSL -DENABLE_PKCS11 -DWITH_XMSS -DWITH_ZLIB .if !defined(NOPIC) CPPFLAGS+=-DHAVE_DLOPEN .endif
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sun Mar 1 14:51:06 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-sk-client.c Log Message: fix a sign-compare issue (for the pam module) To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/ssh-sk-client.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-sk-client.c diff -u src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.2 src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.3 --- src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.2 Wed Feb 26 19:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/ssh-sk-client.c Sun Mar 1 09:51:06 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-sk-client.c,v 1.2 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: ssh-sk-client.c,v 1.3 2020/03/01 14:51:06 christos Exp $ */ /* $OpenBSD: ssh-sk-client.c,v 1.7 2020/01/23 07:10:22 dtucker Exp $ */ /* * Copyright (c) 2019 Google LLC @@ -16,7 +16,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "includes.h" -__RCSID("$NetBSD: ssh-sk-client.c,v 1.2 2020/02/27 00:24:40 christos Exp $"); +__RCSID("$NetBSD: ssh-sk-client.c,v 1.3 2020/03/01 14:51:06 christos Exp $"); #include #include @@ -160,7 +160,7 @@ client_converse(struct sshbuf *msg, stru ll = log_level_get(); if ((r = sshbuf_put_u32(req, type)) != 0 || (r = sshbuf_put_u8(req, log_is_on_stderr() != 0)) != 0 || - (r = sshbuf_put_u32(req, ll < 0 ? 0 : ll)) != 0 || + (r = sshbuf_put_u32(req, (uint32_t)(ll < 0 ? 0 : ll))) != 0 || (r = sshbuf_putb(req, msg)) != 0) { error("%s: build: %s", __func__, ssh_err(r)); goto out;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Sun Mar 1 08:21:38 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: ssh_config sshd_config Log Message: Sync with OpenSSH 8.2p1 sample configs - Add GSSAPIAuthentication and related options - Add KerberosAuthentication and related options - Bring in the lengthy but useful comment block about the side-effect of UsePAM with regards to PermitRootLogin. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/ssh_config cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh_config diff -u src/crypto/external/bsd/openssh/dist/ssh_config:1.13 src/crypto/external/bsd/openssh/dist/ssh_config:1.14 --- src/crypto/external/bsd/openssh/dist/ssh_config:1.13 Fri Feb 28 10:41:48 2020 +++ src/crypto/external/bsd/openssh/dist/ssh_config Sun Mar 1 08:21:38 2020 @@ -1,4 +1,4 @@ -# $NetBSD: ssh_config,v 1.13 2020/02/28 10:41:48 kim Exp $ +# $NetBSD: ssh_config,v 1.14 2020/03/01 08:21:38 kim Exp $ # $OpenBSD: ssh_config,v 1.34 2019/02/04 02:39:42 dtucker Exp $ # This is the ssh client system-wide configuration file. See @@ -27,6 +27,8 @@ Host *.netbsd.org *.NetBSD.org # ForwardX11 no # PasswordAuthentication yes # HostbasedAuthentication no +# GSSAPIAuthentication no +# GSSAPIDelegateCredentials no # BatchMode no # CheckHostIP yes # AddressFamily any Index: src/crypto/external/bsd/openssh/dist/sshd_config diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.24 src/crypto/external/bsd/openssh/dist/sshd_config:1.25 --- src/crypto/external/bsd/openssh/dist/sshd_config:1.24 Fri Feb 28 10:59:58 2020 +++ src/crypto/external/bsd/openssh/dist/sshd_config Sun Mar 1 08:21:38 2020 @@ -1,4 +1,4 @@ -# $NetBSD: sshd_config,v 1.24 2020/02/28 10:59:58 kim Exp $ +# $NetBSD: sshd_config,v 1.25 2020/03/01 08:21:38 kim Exp $ # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ # This is the sshd server system-wide configuration file. See @@ -60,6 +60,27 @@ AuthorizedKeysFile .ssh/authorized_keys # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes + #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no @@ -72,7 +93,6 @@ AuthorizedKeysFile .ssh/authorized_keys #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes -UsePAM yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0
CVS commit: src/crypto/external/bsd/openssh/lib
Module Name:src Committed By: mgorny Date: Sat Feb 29 20:44:16 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/lib: Makefile Log Message: Workaround build failure due to -Werror=format-nonliteral Reviewed by kamil. To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/lib/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/lib/Makefile diff -u src/crypto/external/bsd/openssh/lib/Makefile:1.31 src/crypto/external/bsd/openssh/lib/Makefile:1.32 --- src/crypto/external/bsd/openssh/lib/Makefile:1.31 Thu Feb 27 00:24:40 2020 +++ src/crypto/external/bsd/openssh/lib/Makefile Sat Feb 29 20:44:15 2020 @@ -1,10 +1,11 @@ -# $NetBSD: Makefile,v 1.31 2020/02/27 00:24:40 christos Exp $ +# $NetBSD: Makefile,v 1.32 2020/02/29 20:44:15 mgorny Exp $ .include .include "../Makefile.inc" CWARNFLAGS.clang+= -Wno-error=sizeof-array-div +CWARNFLAGS.clang+= -Wno-error=format-nonliteral LIB= ssh SRCS=\ addrmatch.c \
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: tnn Date: Sat Feb 29 14:03:17 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: xmalloc.h Log Message: annotate xvasprintf w/ format string attribute To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/xmalloc.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/xmalloc.h diff -u src/crypto/external/bsd/openssh/dist/xmalloc.h:1.12 src/crypto/external/bsd/openssh/dist/xmalloc.h:1.13 --- src/crypto/external/bsd/openssh/dist/xmalloc.h:1.12 Thu Feb 27 00:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/xmalloc.h Sat Feb 29 14:03:17 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: xmalloc.h,v 1.12 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: xmalloc.h,v 1.13 2020/02/29 14:03:17 tnn Exp $ */ /* $OpenBSD: xmalloc.h,v 1.19 2019/11/12 22:32:48 djm Exp $ */ /* @@ -26,4 +26,5 @@ int xasprintf(char **, const char *, .. __attribute__((__format__ (printf, 2, 3))) __attribute__((__nonnull__ (2))); int xvasprintf(char **, const char *, va_list) +__attribute__((__format__ (printf, 2, 0))) __attribute__((__nonnull__ (2)));
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Fri Feb 28 17:50:29 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: version.h Log Message: Remove unreferenced SSH_RELEASE To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/version.h diff -u src/crypto/external/bsd/openssh/dist/version.h:1.31 src/crypto/external/bsd/openssh/dist/version.h:1.32 --- src/crypto/external/bsd/openssh/dist/version.h:1.31 Thu Feb 27 00:27:44 2020 +++ src/crypto/external/bsd/openssh/dist/version.h Fri Feb 28 17:50:29 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.31 2020/02/27 00:27:44 christos Exp $ */ +/* $NetBSD: version.h,v 1.32 2020/02/28 17:50:29 kim Exp $ */ /* $OpenBSD: version.h,v 1.86 2020/02/14 00:39:20 djm Exp $ */ #define __OPENSSH_VERSION "OpenSSH_8.2" @@ -10,4 +10,3 @@ * used for bug compatibility operation. present NetBSD SSH version as comment */ #define SSH_VERSION __OPENSSH_VERSION " " __NETBSDSSH_VERSION SSH_HPN SSH_LPK -#define SSH_RELEASE SSH_VERSION SSH_HPN SSH_LPK
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Fri Feb 28 17:27:34 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: readconf.c Log Message: Fix duplicate entries in the keywords list. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/readconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/readconf.c diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.29 src/crypto/external/bsd/openssh/dist/readconf.c:1.30 --- src/crypto/external/bsd/openssh/dist/readconf.c:1.29 Thu Feb 27 00:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/readconf.c Fri Feb 28 17:27:34 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: readconf.c,v 1.29 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: readconf.c,v 1.30 2020/02/28 17:27:34 kim Exp $ */ /* $OpenBSD: readconf.c,v 1.326 2020/02/06 22:46:31 djm Exp $ */ /* * Author: Tatu Ylonen @@ -14,7 +14,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: readconf.c,v 1.29 2020/02/27 00:24:40 christos Exp $"); +__RCSID("$NetBSD: readconf.c,v 1.30 2020/02/28 17:27:34 kim Exp $"); #include #include #include @@ -196,9 +196,25 @@ static struct { { "useprivilegedport", oDeprecated }, /* Unsupported options */ +#ifdef AFS + { "afstokenpassing", oAFSTokenPassing }, +#else { "afstokenpassing", oUnsupported }, +#endif +#if defined(KRB4) || defined(KRB5) + { "kerberosauthentication", oKerberosAuthentication }, +#else { "kerberosauthentication", oUnsupported }, +#endif +#if defined(AFS) || defined(KRB5) + { "kerberostgtpassing", oKerberosTgtPassing }, + { "kerberos5tgtpassing", oKerberosTgtPassing }, /* alias */ + { "kerberos4tgtpassing", oKerberosTgtPassing }, /* alias */ +#else { "kerberostgtpassing", oUnsupported }, + { "kerberos5tgtpassing", oUnsupported }, + { "kerberos4tgtpassing", oUnsupported }, +#endif { "rsaauthentication", oUnsupported }, { "rhostsrsaauthentication", oUnsupported }, { "compressionlevel", oUnsupported }, @@ -235,17 +251,6 @@ static struct { { "challengeresponseauthentication", oChallengeResponseAuthentication }, { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ -#if defined(KRB4) || defined(KRB5) - { "kerberosauthentication", oKerberosAuthentication }, -#endif -#if defined(AFS) || defined(KRB5) - { "kerberostgtpassing", oKerberosTgtPassing }, - { "kerberos5tgtpassing", oKerberosTgtPassing }, /* alias */ - { "kerberos4tgtpassing", oKerberosTgtPassing }, /* alias */ -#endif -#ifdef AFS - { "afstokenpassing", oAFSTokenPassing }, -#endif #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, { "gssapidelegatecredentials", oGssDelegateCreds },
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Fri Feb 28 10:59:58 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: sshd_config Log Message: Cleanup - Match the case of the UsePAM keyword used in the manual page and code, to aid case-sensitive grep etc. - Remove references to obsole UseLogin and UsePrivilegeSeparation keywords. - Whitespace police To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd_config diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.23 src/crypto/external/bsd/openssh/dist/sshd_config:1.24 --- src/crypto/external/bsd/openssh/dist/sshd_config:1.23 Sun Aug 26 07:46:37 2018 +++ src/crypto/external/bsd/openssh/dist/sshd_config Fri Feb 28 10:59:58 2020 @@ -1,4 +1,4 @@ -# $NetBSD: sshd_config,v 1.23 2018/08/26 07:46:37 christos Exp $ +# $NetBSD: sshd_config,v 1.24 2020/02/28 10:59:58 kim Exp $ # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ # This is the sshd server system-wide configuration file. See @@ -53,7 +53,7 @@ AuthorizedKeysFile .ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes -# To disable password authentication, set this and UsePam to no +# To disable password authentication, set this and UsePAM to no #PasswordAuthentication yes #PermitEmptyPasswords no @@ -72,9 +72,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes -#UseLogin no -#UsePrivilegeSeparation sandbox -UsePam yes +UsePAM yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 @@ -121,7 +119,6 @@ Subsystem sftp /usr/libexec/sftp-server # buffer size for hpn to non-hpn connections #HPNBufferSize 2048 - # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kim Date: Fri Feb 28 10:41:49 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: ssh_config Log Message: Move NetBSD.org-specific entry above the match-all entry The first matching entry that sets an option "wins." Therefore more specific matches should be provided before the "Host *" entry that matches everything. This way options set in the more specific entry will not be accidentally made ineffective by the match-all entry. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/ssh_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh_config diff -u src/crypto/external/bsd/openssh/dist/ssh_config:1.12 src/crypto/external/bsd/openssh/dist/ssh_config:1.13 --- src/crypto/external/bsd/openssh/dist/ssh_config:1.12 Sat Apr 20 17:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/ssh_config Fri Feb 28 10:41:48 2020 @@ -1,4 +1,4 @@ -# $NetBSD: ssh_config,v 1.12 2019/04/20 17:16:40 christos Exp $ +# $NetBSD: ssh_config,v 1.13 2020/02/28 10:41:48 kim Exp $ # $OpenBSD: ssh_config,v 1.34 2019/02/04 02:39:42 dtucker Exp $ # This is the ssh client system-wide configuration file. See @@ -18,6 +18,10 @@ # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. +# NetBSD.org DNS provides SSHFP records - use them when possible +Host *.netbsd.org *.NetBSD.org +VerifyHostKeyDNS ask + # Host * # ForwardAgent no # ForwardX11 no @@ -45,7 +49,3 @@ # If you use xorg from pkgsrc then uncomment the following line. # XAuthLocation /usr/pkg/bin/xauth - -# NetBSD.org DNS provides SSHFP records - use them when possible -Host *.netbsd.org *.NetBSD.org -VerifyHostKeyDNS ask
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Feb 27 00:27:44 UTC 2020 Modified Files: src/crypto/external/bsd/openssh/dist: version.h Log Message: fix date To generate a diff of this commit: cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/version.h diff -u src/crypto/external/bsd/openssh/dist/version.h:1.30 src/crypto/external/bsd/openssh/dist/version.h:1.31 --- src/crypto/external/bsd/openssh/dist/version.h:1.30 Wed Feb 26 19:24:40 2020 +++ src/crypto/external/bsd/openssh/dist/version.h Wed Feb 26 19:27:44 2020 @@ -1,8 +1,8 @@ -/* $NetBSD: version.h,v 1.30 2020/02/27 00:24:40 christos Exp $ */ +/* $NetBSD: version.h,v 1.31 2020/02/27 00:27:44 christos Exp $ */ /* $OpenBSD: version.h,v 1.86 2020/02/14 00:39:20 djm Exp $ */ #define __OPENSSH_VERSION "OpenSSH_8.2" -#define __NETBSDSSH_VERSION "NetBSD_Secure_Shell-2020025" +#define __NETBSDSSH_VERSION "NetBSD_Secure_Shell-20200225" #define SSH_HPN "-hpn13v14" #define SSH_LPK "-lpk" /*
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Thu Feb 27 00:24:41 UTC 2020 Modified Files: src/crypto/external/bsd/openssh: Makefile src/crypto/external/bsd/openssh/bin/scp: Makefile src/crypto/external/bsd/openssh/bin/sftp: Makefile src/crypto/external/bsd/openssh/bin/sftp-server: Makefile src/crypto/external/bsd/openssh/bin/ssh: Makefile src/crypto/external/bsd/openssh/bin/ssh-add: Makefile src/crypto/external/bsd/openssh/bin/ssh-agent: Makefile src/crypto/external/bsd/openssh/bin/ssh-keygen: Makefile src/crypto/external/bsd/openssh/bin/ssh-keyscan: Makefile src/crypto/external/bsd/openssh/bin/ssh-keysign: Makefile src/crypto/external/bsd/openssh/bin/ssh-pkcs11-helper: Makefile src/crypto/external/bsd/openssh/bin/sshd: Makefile src/crypto/external/bsd/openssh/dist: PROTOCOL.certkeys auth-options.c auth-options.h auth.c auth2-chall.c auth2-gss.c auth2-hostbased.c auth2-kbdint.c auth2-pubkey.c authfd.c authfd.h authfile.c authfile.h channels.c channels.h cipher.c cipher.h clientloop.c gss-serv.c hash.c hostfile.c kex.c kexgen.c kexgexc.c krl.c match.c misc.c misc.h moduli.c monitor.c monitor_wrap.c monitor_wrap.h msg.c mux.c myproposal.h packet.c pathnames.h progressmeter.c readconf.c readconf.h readpass.c scp.1 scp.c servconf.c servconf.h serverloop.c session.c sftp-glob.c sftp-realpath.c sftp-server.8 sftp.1 sftp.c sk-usbhid.c ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-ecdsa-sk.c ssh-ed25519-sk.c ssh-keygen.1 ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh-keysign.c ssh-pkcs11-client.c ssh-pkcs11-helper.8 ssh-pkcs11-helper.c ssh-pkcs11.c ssh-pkcs11.h ssh-sk-client.c ssh-sk-helper.c ssh-sk.c ssh.1 ssh.c ssh_api.c ssh_config.5 sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-io.c sshbuf-misc.c sshbuf.c sshbuf.h sshconnect.c sshconnect.h sshconnect2.c sshd.8 sshd.c sshd_config.5 ssherr.c ssherr.h sshkey-xmss.c sshkey.c sshkey.h sshsig.c umac.c version.h xmalloc.c xmalloc.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: Makefile shlib_version Added Files: src/crypto/external/bsd/openssh/libexec: Makefile Makefile.inc src/crypto/external/bsd/openssh/libexec/ssh-sk-helper: Makefile Log Message: Merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/Makefile cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/bin/scp/Makefile cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/bin/sftp/Makefile cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssh/bin/sftp-server/Makefile cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/bin/ssh/Makefile cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/bin/ssh-add/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssh/bin/ssh-agent/Makefile cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssh/bin/ssh-keygen/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssh/bin/ssh-keysign/Makefile cvs rdiff -u -r1.1 -r1.2 \ src/crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/bin/sshd/Makefile cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys \ src/crypto/external/bsd/openssh/dist/auth2-kbdint.c \ src/crypto/external/bsd/openssh/dist/sftp-glob.c \ src/crypto/external/bsd/openssh/dist/sftp-server.8 \ src/crypto/external/bsd/openssh/dist/xmalloc.c \ src/crypto/external/bsd/openssh/dist/xmalloc.h cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sshd.8 \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssh/dist/auth-options.h \ src/crypto/external/bsd/openssh/dist/match.c \ src/crypto/external/bsd/openssh/dist/progressmeter.c \ src/crypto/external/bsd/openssh/dist/ssh-keysign.8 \ src/crypto/external/bsd/openssh/dist/sshbuf.h cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/serverloop.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/auth2-chall.c \ src/crypto/external/bsd/openssh/dist/channels.h \ src/crypto/external/bsd/openssh/dist/cipher.c cvs rdiff -u -r1.13 -r1.14
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Dec 7 16:38:42 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: monitor.c Log Message: need pfilter.h To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/monitor.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor.c diff -u src/crypto/external/bsd/openssh/dist/monitor.c:1.31 src/crypto/external/bsd/openssh/dist/monitor.c:1.32 --- src/crypto/external/bsd/openssh/dist/monitor.c:1.31 Sat Dec 7 11:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/monitor.c Sat Dec 7 11:38:42 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.c,v 1.31 2019/12/07 16:32:22 christos Exp $ */ +/* $NetBSD: monitor.c,v 1.32 2019/12/07 16:38:42 christos Exp $ */ /* $OpenBSD: monitor.c,v 1.199 2019/10/07 23:10:38 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor.c,v 1.31 2019/12/07 16:32:22 christos Exp $"); +__RCSID("$NetBSD: monitor.c,v 1.32 2019/12/07 16:38:42 christos Exp $"); #include #include #include @@ -85,6 +85,8 @@ __RCSID("$NetBSD: monitor.c,v 1.31 2019/ #include "match.h" #include "ssherr.h" +#include "pfilter.h" + #ifdef GSSAPI static Gssctxt *gsscontext = NULL; #endif
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Dec 7 16:32:22 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: auth2.c monitor.c Log Message: Add some more pfilter_notify() calls where authentication attempts fail. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/auth2.c cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/monitor.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth2.c diff -u src/crypto/external/bsd/openssh/dist/auth2.c:1.20 src/crypto/external/bsd/openssh/dist/auth2.c:1.21 --- src/crypto/external/bsd/openssh/dist/auth2.c:1.20 Sat Oct 12 14:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/auth2.c Sat Dec 7 11:32:22 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: auth2.c,v 1.20 2019/10/12 18:32:22 christos Exp $ */ +/* $NetBSD: auth2.c,v 1.21 2019/12/07 16:32:22 christos Exp $ */ /* $OpenBSD: auth2.c,v 1.157 2019/09/06 04:53:27 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth2.c,v 1.20 2019/10/12 18:32:22 christos Exp $"); +__RCSID("$NetBSD: auth2.c,v 1.21 2019/12/07 16:32:22 christos Exp $"); #include #include @@ -440,8 +440,10 @@ userauth_finish(struct ssh *ssh, int aut } else { /* Allow initial try of "none" auth without failure penalty */ if (!partial && !authctxt->server_caused_failure && - (authctxt->attempt > 1 || strcmp(method, "none") != 0)) + (authctxt->attempt > 1 || strcmp(method, "none") != 0)) { authctxt->failures++; + pfilter_notify(1); + } if (authctxt->failures >= options.max_authtries) auth_maxtries_exceeded(ssh); methods = authmethods_get(authctxt); Index: src/crypto/external/bsd/openssh/dist/monitor.c diff -u src/crypto/external/bsd/openssh/dist/monitor.c:1.30 src/crypto/external/bsd/openssh/dist/monitor.c:1.31 --- src/crypto/external/bsd/openssh/dist/monitor.c:1.30 Sat Oct 12 14:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/monitor.c Sat Dec 7 11:32:22 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.c,v 1.30 2019/10/12 18:32:22 christos Exp $ */ +/* $NetBSD: monitor.c,v 1.31 2019/12/07 16:32:22 christos Exp $ */ /* $OpenBSD: monitor.c,v 1.199 2019/10/07 23:10:38 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor.c,v 1.30 2019/10/12 18:32:22 christos Exp $"); +__RCSID("$NetBSD: monitor.c,v 1.31 2019/12/07 16:32:22 christos Exp $"); #include #include #include @@ -320,8 +320,10 @@ monitor_child_preauth(struct ssh *ssh, s if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { auth_log(ssh, authenticated, partial, auth_method, auth_submethod); - if (!partial && !authenticated) + if (!partial && !authenticated) { +pfilter_notify(1); authctxt->failures++; + } if (authenticated || partial) { auth2_update_session_info(authctxt, auth_method, auth_submethod); @@ -1223,6 +1225,7 @@ mm_answer_keyallowed(struct ssh *ssh, in } else { /* Log failed attempt */ auth_log(ssh, 0, 0, auth_method, NULL); + pfilter_notify(1); free(cuser); free(chost); }
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Dec 7 16:25:36 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: auth.c Log Message: don't call pfilter_notify() from authz_log(). Logging should not have side effects (kim@) To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/auth.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth.c diff -u src/crypto/external/bsd/openssh/dist/auth.c:1.25 src/crypto/external/bsd/openssh/dist/auth.c:1.26 --- src/crypto/external/bsd/openssh/dist/auth.c:1.25 Sat Oct 12 14:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/auth.c Sat Dec 7 11:25:36 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: auth.c,v 1.25 2019/10/12 18:32:22 christos Exp $ */ +/* $NetBSD: auth.c,v 1.26 2019/12/07 16:25:36 christos Exp $ */ /* $OpenBSD: auth.c,v 1.141 2019/10/02 00:42:30 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth.c,v 1.25 2019/10/12 18:32:22 christos Exp $"); +__RCSID("$NetBSD: auth.c,v 1.26 2019/12/07 16:25:36 christos Exp $"); #include #include #include @@ -408,8 +408,6 @@ auth_log(struct ssh *ssh, int authentica extra != NULL ? extra : ""); free(extra); - if (!authctxt->postponed) - pfilter_notify(!authenticated); } void
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Dec 7 16:25:05 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: sshd.c Log Message: don't call pfilter_notify() twice in grace_alarm_handler(). (kim@) To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd.c diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.36 src/crypto/external/bsd/openssh/dist/sshd.c:1.37 --- src/crypto/external/bsd/openssh/dist/sshd.c:1.36 Sat Oct 12 14:32:22 2019 +++ src/crypto/external/bsd/openssh/dist/sshd.c Sat Dec 7 11:25:05 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sshd.c,v 1.36 2019/10/12 18:32:22 christos Exp $ */ +/* $NetBSD: sshd.c,v 1.37 2019/12/07 16:25:05 christos Exp $ */ /* $OpenBSD: sshd.c,v 1.537 2019/06/28 13:35:04 deraadt Exp $ */ /* * Author: Tatu Ylonen @@ -44,7 +44,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshd.c,v 1.36 2019/10/12 18:32:22 christos Exp $"); +__RCSID("$NetBSD: sshd.c,v 1.37 2019/12/07 16:25:05 christos Exp $"); #include #include #include @@ -370,7 +370,6 @@ grace_alarm_handler(int sig) /* XXX pre-format ipaddr/port so we don't need to access active_state */ /* Log error and exit. */ - pfilter_notify(1); sigdie("Timeout before authentication for %s port %d", ssh_remote_ipaddr(the_active_state), ssh_remote_port(the_active_state));
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sun Apr 28 14:45:13 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: monitor.h Log Message: one more noreturn To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/monitor.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor.h diff -u src/crypto/external/bsd/openssh/dist/monitor.h:1.11 src/crypto/external/bsd/openssh/dist/monitor.h:1.12 --- src/crypto/external/bsd/openssh/dist/monitor.h:1.11 Sat Apr 20 13:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/monitor.h Sun Apr 28 10:45:13 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.h,v 1.11 2019/04/20 17:16:40 christos Exp $ */ +/* $NetBSD: monitor.h,v 1.12 2019/04/28 14:45:13 christos Exp $ */ /* $OpenBSD: monitor.h,v 1.23 2019/01/19 21:43:56 djm Exp $ */ /* @@ -92,7 +92,8 @@ void monitor_reinit(struct monitor *); struct Authctxt; void monitor_child_preauth(struct ssh *, struct monitor *); -void monitor_child_postauth(struct ssh *, struct monitor *); +void monitor_child_postauth(struct ssh *, struct monitor *) +__attribute__((__noreturn__)); void monitor_clear_keystate(struct ssh *, struct monitor *); void monitor_apply_keystate(struct ssh *, struct monitor *);
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Apr 26 01:51:55 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: packet.c packet.h Log Message: attribute police To generate a diff of this commit: cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/packet.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.37 src/crypto/external/bsd/openssh/dist/packet.c:1.38 --- src/crypto/external/bsd/openssh/dist/packet.c:1.37 Sat Apr 20 13:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/packet.c Thu Apr 25 21:51:55 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.37 2019/04/20 17:16:40 christos Exp $ */ +/* $NetBSD: packet.c,v 1.38 2019/04/26 01:51:55 christos Exp $ */ /* $OpenBSD: packet.c,v 1.283 2019/03/01 03:29:32 djm Exp $ */ /* * Author: Tatu Ylonen @@ -39,7 +39,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: packet.c,v 1.37 2019/04/20 17:16:40 christos Exp $"); +__RCSID("$NetBSD: packet.c,v 1.38 2019/04/26 01:51:55 christos Exp $"); #include /* MIN roundup */ #include @@ -1767,7 +1767,7 @@ ssh_packet_remaining(struct ssh *ssh) * authentication problems. The length of the formatted message must not * exceed 1024 bytes. This will automatically call ssh_packet_write_wait. */ -void +void __attribute__((__format__ (__printf__, 2, 3))) ssh_packet_send_debug(struct ssh *ssh, const char *fmt,...) { char buf[1024]; @@ -1804,7 +1804,8 @@ sshpkt_fmt_connection_id(struct ssh *ssh /* * Pretty-print connection-terminating errors and exit. */ -static void +static void __attribute__((__format__ (__printf__, 3, 0))) +__attribute__((__noreturn__)) sshpkt_vfatal(struct ssh *ssh, int r, const char *fmt, va_list ap) { char *tag = NULL, remote_id[512]; @@ -1854,7 +1855,8 @@ sshpkt_vfatal(struct ssh *ssh, int r, co } } -void +void __attribute__((__format__ (__printf__, 3, 4))) +__attribute__((__noreturn__)) sshpkt_fatal(struct ssh *ssh, int r, const char *fmt, ...) { va_list ap; Index: src/crypto/external/bsd/openssh/dist/packet.h diff -u src/crypto/external/bsd/openssh/dist/packet.h:1.19 src/crypto/external/bsd/openssh/dist/packet.h:1.20 --- src/crypto/external/bsd/openssh/dist/packet.h:1.19 Sat Apr 20 13:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/packet.h Thu Apr 25 21:51:55 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.h,v 1.19 2019/04/20 17:16:40 christos Exp $ */ +/* $NetBSD: packet.h,v 1.20 2019/04/26 01:51:55 christos Exp $ */ /* $OpenBSD: packet.h,v 1.90 2019/01/21 10:35:09 djm Exp $ */ /* @@ -167,7 +167,7 @@ int sshpkt_disconnect(struct ssh *, __attribute__((format(printf, 2, 3))); int sshpkt_add_padding(struct ssh *, u_char); void sshpkt_fatal(struct ssh *ssh, int r, const char *fmt, ...) - __attribute__((format(printf, 3, 4))); + __attribute__((format(printf, 3, 4))) __attribute__((__noreturn__)); int sshpkt_msg_ignore(struct ssh *, u_int); int sshpkt_put(struct ssh *ssh, const void *v, size_t len);
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kre Date: Sun Apr 21 01:32:04 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: sshconnect2.c Log Message: Put declaration of 'userauth_kerberos' inside #if KRB5 where it belongs. To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/sshconnect2.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.33 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.34 --- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.33 Sat Apr 20 17:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/sshconnect2.c Sun Apr 21 01:32:04 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sshconnect2.c,v 1.33 2019/04/20 17:16:40 christos Exp $ */ +/* $NetBSD: sshconnect2.c,v 1.34 2019/04/21 01:32:04 kre Exp $ */ /* $OpenBSD: sshconnect2.c,v 1.303 2019/02/12 23:53:10 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshconnect2.c,v 1.33 2019/04/20 17:16:40 christos Exp $"); +__RCSID("$NetBSD: sshconnect2.c,v 1.34 2019/04/21 01:32:04 kre Exp $"); #include #include #include @@ -79,7 +79,9 @@ const char *auth_get_canonical_hostn #ifdef GSSAPI #include "ssh-gss.h" #endif +#ifdef KRB5 static int userauth_kerberos(struct ssh *); +#endif /* import */ extern char *client_version_string;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Apr 20 17:28:19 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: version.h Log Message: put back hpn/lpk strings To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/version.h diff -u src/crypto/external/bsd/openssh/dist/version.h:1.27 src/crypto/external/bsd/openssh/dist/version.h:1.28 --- src/crypto/external/bsd/openssh/dist/version.h:1.27 Sat Apr 20 13:16:40 2019 +++ src/crypto/external/bsd/openssh/dist/version.h Sat Apr 20 13:28:19 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.27 2019/04/20 17:16:40 christos Exp $ */ +/* $NetBSD: version.h,v 1.28 2019/04/20 17:28:19 christos Exp $ */ /* $OpenBSD: version.h,v 1.84 2019/04/03 15:48:45 djm Exp $ */ #define __OPENSSH_VERSION "OpenSSH_8.0" @@ -9,5 +9,5 @@ * it is important to retain OpenSSH version identification part, it is * used for bug compatibility operation. present NetBSD SSH version as comment */ -#define SSH_VERSION __OPENSSH_VERSION " " __NETBSDSSH_VERSION +#define SSH_VERSION __OPENSSH_VERSION " " __NETBSDSSH_VERSION SSH_HPN SSH_LPK #define SSH_RELEASE SSH_VERSION SSH_HPN SSH_LPK
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Sat Apr 20 17:16:41 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/bin/ssh-keyscan: Makefile src/crypto/external/bsd/openssh/bin/sshd: Makefile src/crypto/external/bsd/openssh/dist: OVERVIEW PROTOCOL PROTOCOL.certkeys PROTOCOL.mux atomicio.c atomicio.h auth-krb5.c auth-options.c auth-pam.c auth-pam.h auth.c auth.h auth2-hostbased.c auth2-krb5.c auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c channels.c channels.h cipher.c cipher.h clientloop.c crypto_api.h dh.c dh.h digest-openssl.c dispatch.c dispatch.h groupaccess.c kex.c kex.h kexc25519.c kexdh.c kexecdh.c kexgen.c kexgex.c kexgexc.c kexgexs.c kexsntrup4591761x25519.c krl.c krl.h match.c match.h misc.c misc.h moduli.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h mux.c myproposal.h namespace.h nchan.c packet.c packet.h pfilter.c progressmeter.c progressmeter.h readconf.c readconf.h readpass.c scp.1 scp.c servconf.c servconf.h serverloop.c session.c session.h sftp-client.c sftp-client.h sftp-common.c sftp-server.c sftp.1 sftp.c sntrup4591761.c ssh-add.1 ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-keygen.1 ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-pkcs11-client.c ssh-pkcs11-helper.8 ssh-pkcs11-helper.c ssh-pkcs11.c ssh-pkcs11.h ssh-rsa.c ssh.1 ssh.c ssh.h ssh2.h ssh_api.c ssh_config ssh_config.5 sshbuf-getput-crypto.c sshbuf.c sshbuf.h sshconnect.c sshconnect.h sshconnect2.c sshd.c sshd_config.5 sshkey.c sshkey.h version.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: Makefile shlib_version Removed Files: src/crypto/external/bsd/openssh/dist: kexc25519c.c kexc25519s.c kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c opacket.c opacket.h Log Message: merge conflicts. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/bin/sshd/Makefile cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/OVERVIEW \ src/crypto/external/bsd/openssh/dist/atomicio.h \ src/crypto/external/bsd/openssh/dist/digest-openssl.c \ src/crypto/external/bsd/openssh/dist/dispatch.h \ src/crypto/external/bsd/openssh/dist/kexc25519.c \ src/crypto/external/bsd/openssh/dist/kexdh.c \ src/crypto/external/bsd/openssh/dist/kexecdh.c \ src/crypto/external/bsd/openssh/dist/namespace.h \ src/crypto/external/bsd/openssh/dist/ssh_api.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/cipher.h \ src/crypto/external/bsd/openssh/dist/moduli.c \ src/crypto/external/bsd/openssh/dist/sshconnect.h cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys \ src/crypto/external/bsd/openssh/dist/dh.h \ src/crypto/external/bsd/openssh/dist/match.c \ src/crypto/external/bsd/openssh/dist/monitor.h \ src/crypto/external/bsd/openssh/dist/progressmeter.c \ src/crypto/external/bsd/openssh/dist/sftp-client.h \ src/crypto/external/bsd/openssh/dist/sftp-common.c \ src/crypto/external/bsd/openssh/dist/sshbuf.h cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/PROTOCOL.mux \ src/crypto/external/bsd/openssh/dist/dispatch.c \ src/crypto/external/bsd/openssh/dist/match.h \ src/crypto/external/bsd/openssh/dist/nchan.c \ src/crypto/external/bsd/openssh/dist/sshbuf.c cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/atomicio.c \ src/crypto/external/bsd/openssh/dist/auth-pam.h \ src/crypto/external/bsd/openssh/dist/auth2-krb5.c \ src/crypto/external/bsd/openssh/dist/groupaccess.c \ src/crypto/external/bsd/openssh/dist/session.h \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 \ src/crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c \ src/crypto/external/bsd/openssh/dist/sshkey.h cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/auth-krb5.c \ src/crypto/external/bsd/openssh/dist/kexgexc.c \ src/crypto/external/bsd/openssh/dist/krl.c \ src/crypto/external/bsd/openssh/dist/ssh-add.1 \ src/crypto/external/bsd/openssh/dist/ssh-ecdsa.c cvs rdiff -u -r1.19 -r1.20 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/sftp-server.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/auth-pam.c \ src/crypto/external/bsd/openssh/dist/auth.h \ src/crypto/external/bsd/openssh/dist/auth2.c \
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Mar 8 20:34:24 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: recallocarray.c Log Message: Replace our buggy recallocarray implementation one with the portable one from OpenBSD. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/dist/recallocarray.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/recallocarray.c diff -u src/crypto/external/bsd/openssh/dist/recallocarray.c:1.1 src/crypto/external/bsd/openssh/dist/recallocarray.c:1.2 --- src/crypto/external/bsd/openssh/dist/recallocarray.c:1.1 Sat Oct 7 17:14:59 2017 +++ src/crypto/external/bsd/openssh/dist/recallocarray.c Fri Mar 8 15:34:24 2019 @@ -1,51 +1,91 @@ -/* $NetBSD: recallocarray.c,v 1.1 2017/10/07 21:14:59 christos Exp $ */ -/* $OpenBSD: reallocarray.c,v 1.1 2014/05/08 21:43:49 deraadt Exp $ */ +/* $OpenBSD: recallocarray.c,v 1.1 2017/03/06 18:44:21 otto Exp $ */ -/*- - * Copyright (c) 2015 The NetBSD Foundation, Inc. - * All rights reserved. +/* + * Copyright (c) 2008, 2017 Otto Moerbeek * - * This code is derived from software contributed to The NetBSD Foundation - * by Christos Zoulas. + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - *notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - *notice, this list of conditions and the following disclaimer in the - *documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS - * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +/* OPENBSD ORIGINAL: lib/libc/stdlib/recallocarray.c */ + #include "includes.h" -#include -__RCSID("$NetBSD: recallocarray.c,v 1.1 2017/10/07 21:14:59 christos Exp $"); +#ifndef HAVE_RECALLOCARRAY #include -#include #include +#ifdef HAVE_STDINT_H +#include +#endif +#include +#include + +/* + * This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX + * if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW + */ +#define MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4)) void * -recallocarray(void *optr, size_t omemb, size_t nmemb, size_t size) +recallocarray(void *ptr, size_t oldnmemb, size_t newnmemb, size_t size) { - char *nptr = reallocarray(optr, nmemb, size); + size_t oldsize, newsize; + void *newptr; + + if (ptr == NULL) + return calloc(newnmemb, size); - if (nptr == NULL || omemb >= nmemb) - return nptr; + if ((newnmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && + newnmemb > 0 && SIZE_MAX / newnmemb < size) { + errno = ENOMEM; + return NULL; + } + newsize = newnmemb * size; + + if ((oldnmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && + oldnmemb > 0 && SIZE_MAX / oldnmemb < size) { + errno = EINVAL; + return NULL; + } + oldsize = oldnmemb * size; + + /* + * Don't bother too much if we're shrinking just a bit, + * we do not shrink for series of small steps, oh well. + */ + if (newsize <= oldsize) { + size_t d = oldsize - newsize; + + if (d < oldsize / 2 && d < (size_t)getpagesize()) { + memset((char *)ptr + newsize, 0, d); + return ptr; + } + } + + newptr = malloc(newsize); + if (newptr == NULL) + return NULL; + +
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Jan 25 14:29:05 UTC 2019 Modified Files: src/crypto/external/bsd/openssh/dist: auth-pam.c Log Message: PR/53908: Alex Raschi: Include for socketpair(2) To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/auth-pam.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth-pam.c diff -u src/crypto/external/bsd/openssh/dist/auth-pam.c:1.17 src/crypto/external/bsd/openssh/dist/auth-pam.c:1.18 --- src/crypto/external/bsd/openssh/dist/auth-pam.c:1.17 Mon Aug 27 13:47:48 2018 +++ src/crypto/external/bsd/openssh/dist/auth-pam.c Fri Jan 25 09:29:05 2019 @@ -51,7 +51,7 @@ /* * NetBSD local changes */ -__RCSID("$NetBSD: auth-pam.c,v 1.17 2018/08/27 17:47:48 tnn Exp $"); +__RCSID("$NetBSD: auth-pam.c,v 1.18 2019/01/25 14:29:05 christos Exp $"); #define _LIB_PTHREAD_H #undef USE_POSIX_THREADS /* Not yet */ #define HAVE_SECURITY_PAM_APPL_H @@ -65,6 +65,7 @@ void sshpam_password_change_required(int /* end NetBSD local changes */ #include +#include #include #include
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Tue Oct 2 22:44:07 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: log.c Log Message: Don't treat mostly connection closed events as filtering events. There a a failed to negotiate instance too, but I don't want to generate more diff. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/log.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/log.c diff -u src/crypto/external/bsd/openssh/dist/log.c:1.18 src/crypto/external/bsd/openssh/dist/log.c:1.19 --- src/crypto/external/bsd/openssh/dist/log.c:1.18 Sun Aug 26 03:46:36 2018 +++ src/crypto/external/bsd/openssh/dist/log.c Tue Oct 2 18:44:07 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: log.c,v 1.18 2018/08/26 07:46:36 christos Exp $ */ +/* $NetBSD: log.c,v 1.19 2018/10/02 22:44:07 christos Exp $ */ /* $OpenBSD: log.c,v 1.51 2018/07/27 12:03:17 markus Exp $ */ /* @@ -37,7 +37,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: log.c,v 1.18 2018/08/26 07:46:36 christos Exp $"); +__RCSID("$NetBSD: log.c,v 1.19 2018/10/02 22:44:07 christos Exp $"); #include #include @@ -183,7 +183,7 @@ logdie(const char *fmt,...) va_start(args, fmt); do_log(SYSLOG_LEVEL_INFO, fmt, args); va_end(args); - cleanup_exit(255); + cleanup_exit(254); } /* Log this message (information that usually should go to the log). */
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Tue Oct 2 22:40:29 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: monitor_wrap.c packet.c serverloop.c Log Message: Undo previous change. It made filtering a lot more aggressive. To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/serverloop.c cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/packet.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor_wrap.c diff -u src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.22 src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.23 --- src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.22 Sat Sep 29 11:10:44 2018 +++ src/crypto/external/bsd/openssh/dist/monitor_wrap.c Tue Oct 2 18:40:28 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor_wrap.c,v 1.22 2018/09/29 15:10:44 christos Exp $ */ +/* $NetBSD: monitor_wrap.c,v 1.23 2018/10/02 22:40:28 christos Exp $ */ /* $OpenBSD: monitor_wrap.c,v 1.107 2018/07/20 03:46:34 djm Exp $ */ /* @@ -28,7 +28,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor_wrap.c,v 1.22 2018/09/29 15:10:44 christos Exp $"); +__RCSID("$NetBSD: monitor_wrap.c,v 1.23 2018/10/02 22:40:28 christos Exp $"); #include #include #include @@ -151,7 +151,7 @@ mm_request_receive(int sock, struct sshb if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) { if (errno == EPIPE) - cleanup_exit(255); + cleanup_exit(254); fatal("%s: read: %s", __func__, strerror(errno)); } msg_len = PEEK_U32(buf); Index: src/crypto/external/bsd/openssh/dist/serverloop.c diff -u src/crypto/external/bsd/openssh/dist/serverloop.c:1.22 src/crypto/external/bsd/openssh/dist/serverloop.c:1.23 --- src/crypto/external/bsd/openssh/dist/serverloop.c:1.22 Sat Sep 29 11:10:44 2018 +++ src/crypto/external/bsd/openssh/dist/serverloop.c Tue Oct 2 18:40:28 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: serverloop.c,v 1.22 2018/09/29 15:10:44 christos Exp $ */ +/* $NetBSD: serverloop.c,v 1.23 2018/10/02 22:40:28 christos Exp $ */ /* $OpenBSD: serverloop.c,v 1.209 2018/07/27 05:13:02 dtucker Exp $ */ /* @@ -38,7 +38,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: serverloop.c,v 1.22 2018/09/29 15:10:44 christos Exp $"); +__RCSID("$NetBSD: serverloop.c,v 1.23 2018/10/02 22:40:28 christos Exp $"); #include /* MIN MAX */ #include @@ -343,7 +343,7 @@ process_input(struct ssh *ssh, fd_set *r "%.100s port %d: %.100s", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), strerror(errno)); -cleanup_exit(255); +cleanup_exit(254); } } else { /* Buffer any received data. */ @@ -440,7 +440,7 @@ server_loop2(struct ssh *ssh, Authctxt * if (received_sigterm) { logit("Exiting on signal %d", (int)received_sigterm); /* Clean up sessions, utmp, etc. */ - cleanup_exit(255); + cleanup_exit(254); } collect_children(ssh); Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.34 src/crypto/external/bsd/openssh/dist/packet.c:1.35 --- src/crypto/external/bsd/openssh/dist/packet.c:1.34 Sat Sep 29 11:10:44 2018 +++ src/crypto/external/bsd/openssh/dist/packet.c Tue Oct 2 18:40:28 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.34 2018/09/29 15:10:44 christos Exp $ */ +/* $NetBSD: packet.c,v 1.35 2018/10/02 22:40:28 christos Exp $ */ /* $OpenBSD: packet.c,v 1.277 2018/07/16 03:09:13 djm Exp $ */ /* @@ -40,7 +40,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: packet.c,v 1.34 2018/09/29 15:10:44 christos Exp $"); +__RCSID("$NetBSD: packet.c,v 1.35 2018/10/02 22:40:28 christos Exp $"); #include /* MIN roundup */ #include @@ -1883,7 +1883,7 @@ ssh_packet_disconnect(struct ssh *ssh, c /* Close the connection. */ ssh_packet_close(ssh); - cleanup_exit(255); + cleanup_exit(254); } /*
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Sep 29 15:10:45 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: monitor_wrap.c packet.c serverloop.c Log Message: be less aggressive about blocking connections from disconnected sessions. To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/serverloop.c cvs rdiff -u -r1.33 -r1.34 src/crypto/external/bsd/openssh/dist/packet.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor_wrap.c diff -u src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.21 src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.22 --- src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.21 Sun Aug 26 03:46:36 2018 +++ src/crypto/external/bsd/openssh/dist/monitor_wrap.c Sat Sep 29 11:10:44 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor_wrap.c,v 1.21 2018/08/26 07:46:36 christos Exp $ */ +/* $NetBSD: monitor_wrap.c,v 1.22 2018/09/29 15:10:44 christos Exp $ */ /* $OpenBSD: monitor_wrap.c,v 1.107 2018/07/20 03:46:34 djm Exp $ */ /* @@ -28,7 +28,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor_wrap.c,v 1.21 2018/08/26 07:46:36 christos Exp $"); +__RCSID("$NetBSD: monitor_wrap.c,v 1.22 2018/09/29 15:10:44 christos Exp $"); #include #include #include @@ -151,7 +151,7 @@ mm_request_receive(int sock, struct sshb if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) { if (errno == EPIPE) - cleanup_exit(254); + cleanup_exit(255); fatal("%s: read: %s", __func__, strerror(errno)); } msg_len = PEEK_U32(buf); Index: src/crypto/external/bsd/openssh/dist/serverloop.c diff -u src/crypto/external/bsd/openssh/dist/serverloop.c:1.21 src/crypto/external/bsd/openssh/dist/serverloop.c:1.22 --- src/crypto/external/bsd/openssh/dist/serverloop.c:1.21 Sun Aug 26 03:46:36 2018 +++ src/crypto/external/bsd/openssh/dist/serverloop.c Sat Sep 29 11:10:44 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: serverloop.c,v 1.21 2018/08/26 07:46:36 christos Exp $ */ +/* $NetBSD: serverloop.c,v 1.22 2018/09/29 15:10:44 christos Exp $ */ /* $OpenBSD: serverloop.c,v 1.209 2018/07/27 05:13:02 dtucker Exp $ */ /* @@ -38,7 +38,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: serverloop.c,v 1.21 2018/08/26 07:46:36 christos Exp $"); +__RCSID("$NetBSD: serverloop.c,v 1.22 2018/09/29 15:10:44 christos Exp $"); #include /* MIN MAX */ #include @@ -343,7 +343,7 @@ process_input(struct ssh *ssh, fd_set *r "%.100s port %d: %.100s", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), strerror(errno)); -cleanup_exit(254); +cleanup_exit(255); } } else { /* Buffer any received data. */ @@ -440,7 +440,7 @@ server_loop2(struct ssh *ssh, Authctxt * if (received_sigterm) { logit("Exiting on signal %d", (int)received_sigterm); /* Clean up sessions, utmp, etc. */ - cleanup_exit(254); + cleanup_exit(255); } collect_children(ssh); Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.33 src/crypto/external/bsd/openssh/dist/packet.c:1.34 --- src/crypto/external/bsd/openssh/dist/packet.c:1.33 Sun Aug 26 03:46:36 2018 +++ src/crypto/external/bsd/openssh/dist/packet.c Sat Sep 29 11:10:44 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.33 2018/08/26 07:46:36 christos Exp $ */ +/* $NetBSD: packet.c,v 1.34 2018/09/29 15:10:44 christos Exp $ */ /* $OpenBSD: packet.c,v 1.277 2018/07/16 03:09:13 djm Exp $ */ /* @@ -40,7 +40,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: packet.c,v 1.33 2018/08/26 07:46:36 christos Exp $"); +__RCSID("$NetBSD: packet.c,v 1.34 2018/09/29 15:10:44 christos Exp $"); #include /* MIN roundup */ #include @@ -1883,7 +1883,7 @@ ssh_packet_disconnect(struct ssh *ssh, c /* Close the connection. */ ssh_packet_close(ssh); - cleanup_exit(254); + cleanup_exit(255); } /*
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: tnn Date: Mon Aug 27 17:47:48 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: auth-pam.c Log Message: annotate pthread_exit as __dead (to appease clang) To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/auth-pam.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth-pam.c diff -u src/crypto/external/bsd/openssh/dist/auth-pam.c:1.16 src/crypto/external/bsd/openssh/dist/auth-pam.c:1.17 --- src/crypto/external/bsd/openssh/dist/auth-pam.c:1.16 Sun Aug 26 07:46:36 2018 +++ src/crypto/external/bsd/openssh/dist/auth-pam.c Mon Aug 27 17:47:48 2018 @@ -51,7 +51,7 @@ /* * NetBSD local changes */ -__RCSID("$NetBSD: auth-pam.c,v 1.16 2018/08/26 07:46:36 christos Exp $"); +__RCSID("$NetBSD: auth-pam.c,v 1.17 2018/08/27 17:47:48 tnn Exp $"); #define _LIB_PTHREAD_H #undef USE_POSIX_THREADS /* Not yet */ #define HAVE_SECURITY_PAM_APPL_H @@ -194,7 +194,7 @@ sshpam_sigchld_handler(int sig) } /* ARGSUSED */ -static void +__dead static void pthread_exit(void *value) { _exit(0);
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Sun Aug 26 07:46:37 UTC 2018 Modified Files: src/crypto/external/bsd/openssh: openssh2netbsd src/crypto/external/bsd/openssh/dist: OVERVIEW PROTOCOL PROTOCOL.certkeys addrmatch.c auth-bsdauth.c auth-krb5.c auth-options.c auth-options.h auth-pam.c auth-pam.h auth-passwd.c auth-rhosts.c auth.c auth.h auth2-chall.c auth2-gss.c auth2-hostbased.c auth2-kbdint.c auth2-krb5.c auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c channels.c channels.h clientloop.c clientloop.h compat.c compat.h dh.c gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c kex.h kexdhs.c kexgexs.c log.c log.h match.c match.h misc.c misc.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h msg.c mux.c myproposal.h opacket.h packet.c packet.h readconf.c readconf.h readpass.c scp.1 scp.c servconf.c servconf.h serverloop.c session.c sftp-client.c sftp-server.c sftp.1 sftp.c ssh-agent.c ssh-gss.h ssh-keygen.1 ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-pkcs11-client.c ssh-rsa.c ssh.1 ssh.c ssh.h ssh_api.h ssh_config.5 sshbuf.c sshbuf.h sshconnect.c sshconnect.h sshconnect2.c sshd.8 sshd.c sshd_config sshd_config.5 ssherr.c ssherr.h sshkey-xmss.c sshkey.c sshkey.h sshlogin.c ttymodes.c uidswap.c uidswap.h umac.c umac128.c utf8.c version.h xmss_wots.c src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: Makefile shlib_version Removed Files: src/crypto/external/bsd/openssh/dist: bufaux.c bufbn.c bufec.c buffer.c buffer.h key.c key.h Log Message: merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/openssh2netbsd cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/OVERVIEW \ src/crypto/external/bsd/openssh/dist/msg.c \ src/crypto/external/bsd/openssh/dist/uidswap.h \ src/crypto/external/bsd/openssh/dist/utf8.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/addrmatch.c \ src/crypto/external/bsd/openssh/dist/auth-krb5.c \ src/crypto/external/bsd/openssh/dist/auth2-gss.c \ src/crypto/external/bsd/openssh/dist/compat.h \ src/crypto/external/bsd/openssh/dist/gss-serv.c \ src/crypto/external/bsd/openssh/dist/hostfile.c \ src/crypto/external/bsd/openssh/dist/sshconnect.h cvs rdiff -u -r1.9 -r1.10 \ src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys \ src/crypto/external/bsd/openssh/dist/auth-passwd.c \ src/crypto/external/bsd/openssh/dist/auth2-none.c \ src/crypto/external/bsd/openssh/dist/auth2-passwd.c \ src/crypto/external/bsd/openssh/dist/gss-genr.c \ src/crypto/external/bsd/openssh/dist/monitor.h \ src/crypto/external/bsd/openssh/dist/opacket.h \ src/crypto/external/bsd/openssh/dist/readpass.c \ src/crypto/external/bsd/openssh/dist/sshbuf.h \ src/crypto/external/bsd/openssh/dist/sshlogin.c \ src/crypto/external/bsd/openssh/dist/ttymodes.c cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/auth-bsdauth.c \ src/crypto/external/bsd/openssh/dist/auth-pam.h \ src/crypto/external/bsd/openssh/dist/auth2-krb5.c \ src/crypto/external/bsd/openssh/dist/ssherr.c \ src/crypto/external/bsd/openssh/dist/sshkey.h \ src/crypto/external/bsd/openssh/dist/uidswap.c cvs rdiff -u -r1.17 -r1.18 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/auth.h \ src/crypto/external/bsd/openssh/dist/log.c \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/myproposal.h \ src/crypto/external/bsd/openssh/dist/packet.h \ src/crypto/external/bsd/openssh/dist/servconf.h \ src/crypto/external/bsd/openssh/dist/sftp-server.c \ src/crypto/external/bsd/openssh/dist/sftp.1 cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/openssh/dist/auth-options.h \ src/crypto/external/bsd/openssh/dist/authfd.h \ src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c \ src/crypto/external/bsd/openssh/dist/ssh.h cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/auth-pam.c \ src/crypto/external/bsd/openssh/dist/authfd.c \ src/crypto/external/bsd/openssh/dist/kexdhs.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.h \ src/crypto/external/bsd/openssh/dist/ssh-rsa.c \ src/crypto/external/bsd/openssh/dist/umac.c cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/auth-rhosts.c \ src/crypto/external/bsd/openssh/dist/auth2-kbdint.c \ src/crypto/external/bsd/openssh/dist/match.c \ src/crypto/external/bsd/openssh/dist/match.h
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Aug 13 09:55:20 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: monitor.c Log Message: add another exit 254 to avoid blacklistd notification To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/monitor.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor.c diff -u src/crypto/external/bsd/openssh/dist/monitor.c:1.25 src/crypto/external/bsd/openssh/dist/monitor.c:1.26 --- src/crypto/external/bsd/openssh/dist/monitor.c:1.25 Fri Apr 6 14:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/monitor.c Mon Aug 13 05:55:20 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.c,v 1.25 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: monitor.c,v 1.26 2018/08/13 09:55:20 christos Exp $ */ /* $OpenBSD: monitor.c,v 1.180 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor.c,v 1.25 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: monitor.c,v 1.26 2018/08/13 09:55:20 christos Exp $"); #include #include #include @@ -1383,7 +1383,7 @@ mm_record_login(Session *s, struct passw if (getpeername(packet_get_connection_in(), (struct sockaddr *), ) < 0) { debug("getpeername: %.100s", strerror(errno)); - cleanup_exit(255); + cleanup_exit(254); } } /* Record that there was a login on that tty from the remote host. */
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Aug 9 08:32:41 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: monitor_wrap.c mux.c packet.c serverloop.c session.c Log Message: change some 255's to 254's to avoid being too aggressive blacklisting. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/mux.c \ src/crypto/external/bsd/openssh/dist/serverloop.c cvs rdiff -u -r1.31 -r1.32 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.24 -r1.25 src/crypto/external/bsd/openssh/dist/session.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor_wrap.c diff -u src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.19 src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.20 --- src/crypto/external/bsd/openssh/dist/monitor_wrap.c:1.19 Fri Apr 6 14:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/monitor_wrap.c Thu Aug 9 04:32:41 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor_wrap.c,v 1.19 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: monitor_wrap.c,v 1.20 2018/08/09 08:32:41 christos Exp $ */ /* $OpenBSD: monitor_wrap.c,v 1.99 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor_wrap.c,v 1.19 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: monitor_wrap.c,v 1.20 2018/08/09 08:32:41 christos Exp $"); #include #include #include @@ -149,7 +149,7 @@ mm_request_receive(int sock, Buffer *m) if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) { if (errno == EPIPE) - cleanup_exit(255); + cleanup_exit(254); fatal("%s: read: %s", __func__, strerror(errno)); } msg_len = get_u32(buf); Index: src/crypto/external/bsd/openssh/dist/mux.c diff -u src/crypto/external/bsd/openssh/dist/mux.c:1.19 src/crypto/external/bsd/openssh/dist/mux.c:1.20 --- src/crypto/external/bsd/openssh/dist/mux.c:1.19 Sat Oct 7 15:39:19 2017 +++ src/crypto/external/bsd/openssh/dist/mux.c Thu Aug 9 04:32:41 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: mux.c,v 1.19 2017/10/07 19:39:19 christos Exp $ */ +/* $NetBSD: mux.c,v 1.20 2018/08/09 08:32:41 christos Exp $ */ /* $OpenBSD: mux.c,v 1.69 2017/09/20 05:19:00 dtucker Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller @@ -32,7 +32,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: mux.c,v 1.19 2017/10/07 19:39:19 christos Exp $"); +__RCSID("$NetBSD: mux.c,v 1.20 2018/08/09 08:32:41 christos Exp $"); #include #include #include @@ -1324,7 +1324,7 @@ muxserver_listen(struct ssh *ssh) return; } else { /* unix_listener() logs the error */ - cleanup_exit(255); + cleanup_exit(254); } } Index: src/crypto/external/bsd/openssh/dist/serverloop.c diff -u src/crypto/external/bsd/openssh/dist/serverloop.c:1.19 src/crypto/external/bsd/openssh/dist/serverloop.c:1.20 --- src/crypto/external/bsd/openssh/dist/serverloop.c:1.19 Fri Apr 6 14:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/serverloop.c Thu Aug 9 04:32:41 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: serverloop.c,v 1.19 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: serverloop.c,v 1.20 2018/08/09 08:32:41 christos Exp $ */ /* $OpenBSD: serverloop.c,v 1.205 2018/03/03 03:15:51 djm Exp $ */ /* * Author: Tatu Ylonen @@ -37,7 +37,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: serverloop.c,v 1.19 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: serverloop.c,v 1.20 2018/08/09 08:32:41 christos Exp $"); #include /* MIN MAX */ #include @@ -331,7 +331,7 @@ process_input(struct ssh *ssh, fd_set *r "%.100s port %d: %.100s", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), strerror(errno)); -cleanup_exit(255); +cleanup_exit(254); } } else { /* Buffer any received data. */ @@ -428,7 +428,7 @@ server_loop2(struct ssh *ssh, Authctxt * if (received_sigterm) { logit("Exiting on signal %d", (int)received_sigterm); /* Clean up sessions, utmp, etc. */ - cleanup_exit(255); + cleanup_exit(254); } collect_children(ssh); Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.31 src/crypto/external/bsd/openssh/dist/packet.c:1.32 --- src/crypto/external/bsd/openssh/dist/packet.c:1.31 Fri Apr 6 14:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/packet.c Thu Aug 9 04:32:41 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.31 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: packet.c,v 1.32 2018/08/09 08:32:41 christos Exp $ */ /* $OpenBSD: packet.c,v 1.269 2017/12/18 23:13:42 djm Exp $ */ /* * Author: Tatu Ylonen @@ -39,7 +39,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: packet.c,v 1.31 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: packet.c,v 1.32
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kre Date: Fri Aug 3 12:49:41 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: sshkey.c Log Message: Add a "gcc is stupid" comment to the previous change, as even the most cursory analysis shows that the var ("eg") is not (cannot be) used unitialialised, just gcc is too dumb to work it out. In this case, the code could be rewritten easily enough to appease even gcc, but that would cause unnecessary code churn, and some minor duplication, so just put up with the nonsense init... To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/sshkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshkey.c diff -u src/crypto/external/bsd/openssh/dist/sshkey.c:1.15 src/crypto/external/bsd/openssh/dist/sshkey.c:1.16 --- src/crypto/external/bsd/openssh/dist/sshkey.c:1.15 Fri Aug 3 04:32:12 2018 +++ src/crypto/external/bsd/openssh/dist/sshkey.c Fri Aug 3 12:49:41 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: sshkey.c,v 1.15 2018/08/03 04:32:12 kamil Exp $ */ +/* $NetBSD: sshkey.c,v 1.16 2018/08/03 12:49:41 kre Exp $ */ /* $OpenBSD: sshkey.c,v 1.64 2018/03/22 07:05:48 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -__RCSID("$NetBSD: sshkey.c,v 1.15 2018/08/03 04:32:12 kamil Exp $"); +__RCSID("$NetBSD: sshkey.c,v 1.16 2018/08/03 12:49:41 kre Exp $"); #include #include @@ -1641,7 +1641,7 @@ dsa_generate_private_key(u_int bits, DSA int sshkey_ecdsa_key_to_nid(EC_KEY *k) { - EC_GROUP *eg = NULL; + EC_GROUP *eg = NULL; /* XXXGCC: unneeded init */ int nids[] = { NID_X9_62_prime256v1, NID_secp384r1,
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: kamil Date: Fri Aug 3 04:32:12 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: sshkey.c Log Message: Appease GCC in the openssh code when built with UBSan Initialize eg to NULL in sshkey_ecdsa_key_to_nid(). The compiler warns that it might be uninitialized. To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/sshkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshkey.c diff -u src/crypto/external/bsd/openssh/dist/sshkey.c:1.14 src/crypto/external/bsd/openssh/dist/sshkey.c:1.15 --- src/crypto/external/bsd/openssh/dist/sshkey.c:1.14 Fri Apr 6 18:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/sshkey.c Fri Aug 3 04:32:12 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: sshkey.c,v 1.14 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: sshkey.c,v 1.15 2018/08/03 04:32:12 kamil Exp $ */ /* $OpenBSD: sshkey.c,v 1.64 2018/03/22 07:05:48 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -__RCSID("$NetBSD: sshkey.c,v 1.14 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: sshkey.c,v 1.15 2018/08/03 04:32:12 kamil Exp $"); #include #include @@ -1641,7 +1641,7 @@ dsa_generate_private_key(u_int bits, DSA int sshkey_ecdsa_key_to_nid(EC_KEY *k) { - EC_GROUP *eg; + EC_GROUP *eg = NULL; int nids[] = { NID_X9_62_prime256v1, NID_secp384r1,
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: wiz Date: Wed Jul 18 16:42:49 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-agent.1 Log Message: Fix Dd argument. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/ssh-agent.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-agent.1 diff -u src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.13 src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.14 --- src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.13 Tue Jul 10 22:12:08 2018 +++ src/crypto/external/bsd/openssh/dist/ssh-agent.1 Wed Jul 18 16:42:49 2018 @@ -1,4 +1,4 @@ -.\" $NetBSD: ssh-agent.1,v 1.13 2018/07/10 22:12:08 sevan Exp $ +.\" $NetBSD: ssh-agent.1,v 1.14 2018/07/18 16:42:49 wiz Exp $ .\" $OpenBSD: ssh-agent.1,v 1.64 2016/11/30 06:54:26 jmc Exp $ .\" .\" @@ -36,7 +36,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd November 30 2016 +.Dd July 10, 2018 .Dt SSH-AGENT 1 .Os .Sh NAME
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: sevan Date: Tue Jul 10 22:12:08 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-agent.1 ssh-agent.c Log Message: Amend whitelisted filesystem paths ssh-agent will look for PKCS11 related libraries so that things work out of the box with pkgsrc without having to explicitly whitelist things. ok christos To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/ssh-agent.1 cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssh/dist/ssh-agent.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-agent.1 diff -u src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.12 src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.13 --- src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.12 Tue Apr 18 18:41:46 2017 +++ src/crypto/external/bsd/openssh/dist/ssh-agent.1 Tue Jul 10 22:12:08 2018 @@ -1,4 +1,4 @@ -.\" $NetBSD: ssh-agent.1,v 1.12 2017/04/18 18:41:46 christos Exp $ +.\" $NetBSD: ssh-agent.1,v 1.13 2018/07/10 22:12:08 sevan Exp $ .\" $OpenBSD: ssh-agent.1,v 1.64 2016/11/30 06:54:26 jmc Exp $ .\" .\" @@ -131,7 +131,7 @@ that may be added using the option to .Xr ssh-add 1 . The default is to allow loading PKCS#11 libraries from -.Dq /usr/lib/*,/usr/local/lib/* . +.Dq /usr/lib/*,/usr/pkg/lib/* . PKCS#11 libraries that do not match the whitelist will be refused. See PATTERNS in .Xr ssh_config 5 Index: src/crypto/external/bsd/openssh/dist/ssh-agent.c diff -u src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.22 src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.23 --- src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.22 Fri Apr 6 18:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/ssh-agent.c Tue Jul 10 22:12:08 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-agent.c,v 1.22 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: ssh-agent.c,v 1.23 2018/07/10 22:12:08 sevan Exp $ */ /* $OpenBSD: ssh-agent.c,v 1.228 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen @@ -36,7 +36,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: ssh-agent.c,v 1.22 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: ssh-agent.c,v 1.23 2018/07/10 22:12:08 sevan Exp $"); #include /* MIN MAX */ #include @@ -82,7 +82,7 @@ __RCSID("$NetBSD: ssh-agent.c,v 1.22 201 #endif #ifndef DEFAULT_PKCS11_WHITELIST -# define DEFAULT_PKCS11_WHITELIST "/usr/lib*/*,/usr/local/lib*/*" +# define DEFAULT_PKCS11_WHITELIST "/usr/lib*/*,/usr/pkg/lib*/*" #endif /* Maximum accepted message length */
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sun Jun 24 15:36:31 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: pfilter.c Log Message: Since now we are called from cleanup_exit() make sure that we have a state to work with. Found by ASAN. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/pfilter.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/pfilter.c diff -u src/crypto/external/bsd/openssh/dist/pfilter.c:1.5 src/crypto/external/bsd/openssh/dist/pfilter.c:1.6 --- src/crypto/external/bsd/openssh/dist/pfilter.c:1.5 Fri Apr 6 14:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/pfilter.c Sun Jun 24 11:36:31 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: pfilter.c,v 1.5 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: pfilter.c,v 1.6 2018/06/24 15:36:31 christos Exp $ */ #include "namespace.h" #include "includes.h" #include "ssh.h" @@ -12,7 +12,7 @@ static struct blacklist *blstate; #endif #include "includes.h" -__RCSID("$NetBSD: pfilter.c,v 1.5 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: pfilter.c,v 1.6 2018/06/24 15:36:31 christos Exp $"); void pfilter_init() @@ -27,6 +27,8 @@ pfilter_notify(int a) { #ifndef SMALL int fd; + if (active_state == NULL) + return; if (blstate == NULL) pfilter_init(); if (blstate == NULL)
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: riastradh Date: Thu Jun 7 15:26:09 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: servconf.c Log Message: Disable loading XMSS keys by default too. Nobody should be using XMSS host keys without an explicit decision, because they're qualitatively different from all other types of host keys in that they require keeping state. This also eliminates a harmless but confusing warning that began after we stopped generating XMSS keys by default. To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/servconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/servconf.c diff -u src/crypto/external/bsd/openssh/dist/servconf.c:1.27 src/crypto/external/bsd/openssh/dist/servconf.c:1.28 --- src/crypto/external/bsd/openssh/dist/servconf.c:1.27 Sun Apr 8 21:56:48 2018 +++ src/crypto/external/bsd/openssh/dist/servconf.c Thu Jun 7 15:26:09 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: servconf.c,v 1.27 2018/04/08 21:56:48 joerg Exp $ */ +/* $NetBSD: servconf.c,v 1.28 2018/06/07 15:26:09 riastradh Exp $ */ /* $OpenBSD: servconf.c,v 1.326 2018/03/01 20:32:16 markus Exp $ */ /* @@ -13,7 +13,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: servconf.c,v 1.27 2018/04/08 21:56:48 joerg Exp $"); +__RCSID("$NetBSD: servconf.c,v 1.28 2018/06/07 15:26:09 riastradh Exp $"); #include #include #include @@ -294,10 +294,6 @@ fill_default_server_options(ServerOption _PATH_HOST_ECDSA_KEY_FILE); servconf_add_hostkey("[default]", 0, options, _PATH_HOST_ED25519_KEY_FILE); -#ifdef WITH_XMSS - servconf_add_hostkey("[default]", 0, options, - _PATH_HOST_XMSS_KEY_FILE); -#endif /* WITH_XMSS */ } /* No certificates by default */ if (options->num_ports == 0)
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed May 23 16:04:13 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: auth-pam.c sshd.c Log Message: Increase strictness of blacklistd patches to include timeouts, operating system errors, and pam failures. To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/auth-pam.c cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth-pam.c diff -u src/crypto/external/bsd/openssh/dist/auth-pam.c:1.14 src/crypto/external/bsd/openssh/dist/auth-pam.c:1.15 --- src/crypto/external/bsd/openssh/dist/auth-pam.c:1.14 Fri Apr 6 14:58:59 2018 +++ src/crypto/external/bsd/openssh/dist/auth-pam.c Wed May 23 12:04:13 2018 @@ -50,7 +50,7 @@ /* * NetBSD local changes */ -__RCSID("$NetBSD: auth-pam.c,v 1.14 2018/04/06 18:58:59 christos Exp $"); +__RCSID("$NetBSD: auth-pam.c,v 1.15 2018/05/23 16:04:13 christos Exp $"); #undef USE_POSIX_THREADS /* Not yet */ #define HAVE_SECURITY_PAM_APPL_H #define HAVE_PAM_GETENVLIST @@ -552,6 +552,7 @@ sshpam_thread(void *ctxtp) ssh_msg_send(ctxt->pam_csock, PAM_MAXTRIES, ); else ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, ); + pfilter_notify(1); buffer_free(); pthread_exit(NULL); @@ -830,6 +831,7 @@ sshpam_query(void *ctx, char **name, cha free(msg); return (0); } + pfilter_notify(1); error("PAM: %s for %s%.100s from %.100s", msg, sshpam_authctxt->valid ? "" : "illegal user ", sshpam_authctxt->user, Index: src/crypto/external/bsd/openssh/dist/sshd.c diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.30 src/crypto/external/bsd/openssh/dist/sshd.c:1.31 --- src/crypto/external/bsd/openssh/dist/sshd.c:1.30 Sun Apr 8 17:56:48 2018 +++ src/crypto/external/bsd/openssh/dist/sshd.c Wed May 23 12:04:13 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: sshd.c,v 1.30 2018/04/08 21:56:48 joerg Exp $ */ +/* $NetBSD: sshd.c,v 1.31 2018/05/23 16:04:13 christos Exp $ */ /* $OpenBSD: sshd.c,v 1.506 2018/03/03 03:15:51 djm Exp $ */ /* * Author: Tatu Ylonen@@ -44,7 +44,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshd.c,v 1.30 2018/04/08 21:56:48 joerg Exp $"); +__RCSID("$NetBSD: sshd.c,v 1.31 2018/05/23 16:04:13 christos Exp $"); #include #include #include @@ -344,6 +344,7 @@ main_sigchld_handler(int sig) __dead static void grace_alarm_handler(int sig) { + pfilter_notify(1); if (use_privsep && pmonitor != NULL && pmonitor->m_pid > 0) kill(pmonitor->m_pid, SIGALRM); @@ -356,7 +357,6 @@ grace_alarm_handler(int sig) killpg(0, SIGTERM); } - pfilter_notify(1); /* Log error and exit. */ sigdie("Timeout before authentication for %s port %d", ssh_remote_ipaddr(active_state), ssh_remote_port(active_state)); @@ -2193,6 +2193,9 @@ cleanup_exit(int i) { struct ssh *ssh = active_state; /* XXX */ + if (i == 255) + pfilter_notify(1); + if (the_authctxt) { do_cleanup(ssh, the_authctxt); if (use_privsep && privsep_is_preauth &&
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: joerg Date: Sun Apr 8 21:56:48 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: servconf.c sshd.c Log Message: Fix clang build by adding __dead annotations. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/servconf.c cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/servconf.c diff -u src/crypto/external/bsd/openssh/dist/servconf.c:1.26 src/crypto/external/bsd/openssh/dist/servconf.c:1.27 --- src/crypto/external/bsd/openssh/dist/servconf.c:1.26 Fri Apr 6 18:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/servconf.c Sun Apr 8 21:56:48 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: servconf.c,v 1.26 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: servconf.c,v 1.27 2018/04/08 21:56:48 joerg Exp $ */ /* $OpenBSD: servconf.c,v 1.326 2018/03/01 20:32:16 markus Exp $ */ /* @@ -13,7 +13,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: servconf.c,v 1.26 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: servconf.c,v 1.27 2018/04/08 21:56:48 joerg Exp $"); #include #include #include @@ -1053,7 +1053,7 @@ out: return result; } -static void +__dead static void match_test_missing_fatal(const char *criteria, const char *attrib) { fatal("'Match %s' in configuration but '%s' not in connection " Index: src/crypto/external/bsd/openssh/dist/sshd.c diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.29 src/crypto/external/bsd/openssh/dist/sshd.c:1.30 --- src/crypto/external/bsd/openssh/dist/sshd.c:1.29 Fri Apr 6 18:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/sshd.c Sun Apr 8 21:56:48 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: sshd.c,v 1.29 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: sshd.c,v 1.30 2018/04/08 21:56:48 joerg Exp $ */ /* $OpenBSD: sshd.c,v 1.506 2018/03/03 03:15:51 djm Exp $ */ /* * Author: Tatu Ylonen@@ -44,7 +44,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshd.c,v 1.29 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: sshd.c,v 1.30 2018/04/08 21:56:48 joerg Exp $"); #include #include #include @@ -1338,6 +1338,9 @@ check_ip_options(struct ssh *ssh) } /* Set the routing domain for this process */ +#if !defined(__OpenBSD__) +__dead +#endif static void set_process_rdomain(struct ssh *ssh, const char *name) {
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sun Apr 8 13:39:42 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: auth2-pubkey.c Log Message: fix compilation for non LDAP remove error comment To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth2-pubkey.c diff -u src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.19 src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.20 --- src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.19 Fri Apr 6 14:58:59 2018 +++ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c Sun Apr 8 09:39:42 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: auth2-pubkey.c,v 1.19 2018/04/06 18:58:59 christos Exp $ */ +/* $NetBSD: auth2-pubkey.c,v 1.20 2018/04/08 13:39:42 christos Exp $ */ /* $OpenBSD: auth2-pubkey.c,v 1.77 2018/03/03 03:15:51 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth2-pubkey.c,v 1.19 2018/04/06 18:58:59 christos Exp $"); +__RCSID("$NetBSD: auth2-pubkey.c,v 1.20 2018/04/08 13:39:42 christos Exp $"); #include #include @@ -692,9 +692,9 @@ check_authkeys_file(struct ssh *ssh, str char *cp, line[SSH_MAX_PUBKEY_BYTES], loc[256]; int found_key = 0; u_long linenum = 0; - struct sshkey *found = NULL; struct sshauthopt *opts = NULL; #ifdef WITH_LDAP_PUBKEY + struct sshkey *found = NULL; ldap_key_t * k; unsigned int i = 0; const char *reason; @@ -780,7 +780,6 @@ check_authkeys_file(struct ssh *ssh, str continue; /* Skip leading whitespace, empty and comment lines. */ -/*###782 [cc] error: 'cp' undeclared (first use in this function)%%%*/ cp = line; skip_space(); if (!*cp || *cp == '\n' || *cp == '#')
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Apr 7 00:36:55 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: readconf.c scp.c Log Message: fix unconst To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/scp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/readconf.c diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.23 src/crypto/external/bsd/openssh/dist/readconf.c:1.24 --- src/crypto/external/bsd/openssh/dist/readconf.c:1.23 Fri Apr 6 14:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/readconf.c Fri Apr 6 20:36:55 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: readconf.c,v 1.23 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: readconf.c,v 1.24 2018/04/07 00:36:55 christos Exp $ */ /* $OpenBSD: readconf.c,v 1.283 2018/02/23 15:58:37 markus Exp $ */ /* * Author: Tatu Ylonen@@ -14,7 +14,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: readconf.c,v 1.23 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: readconf.c,v 1.24 2018/04/07 00:36:55 christos Exp $"); #include #include #include @@ -2440,7 +2440,7 @@ parse_jump(const char *s, Options *o, in int parse_ssh_uri(const char *uri, char **userp, char **hostp, int *portp) { - char *path; + const char *path; int r; r = parse_uri("ssh", uri, userp, hostp, portp, ); Index: src/crypto/external/bsd/openssh/dist/scp.c diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.18 src/crypto/external/bsd/openssh/dist/scp.c:1.19 --- src/crypto/external/bsd/openssh/dist/scp.c:1.18 Fri Apr 6 14:59:00 2018 +++ src/crypto/external/bsd/openssh/dist/scp.c Fri Apr 6 20:36:55 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: scp.c,v 1.18 2018/04/06 18:59:00 christos Exp $ */ +/* $NetBSD: scp.c,v 1.19 2018/04/07 00:36:55 christos Exp $ */ /* $OpenBSD: scp.c,v 1.195 2018/02/10 06:15:12 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which @@ -73,7 +73,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: scp.c,v 1.18 2018/04/06 18:59:00 christos Exp $"); +__RCSID("$NetBSD: scp.c,v 1.19 2018/04/07 00:36:55 christos Exp $"); #include /* roundup MAX */ #include @@ -600,7 +600,7 @@ do_times(int fd, int verb, const struct static int parse_scp_uri(const char *uri, char **userp, char **hostp, int *portp, - char **pathp) + const char **pathp) { int r; @@ -613,8 +613,10 @@ parse_scp_uri(const char *uri, char **us void toremote(int argc, char **argv) { - char *suser = NULL, *host = NULL, *src = NULL; - char *bp, *tuser, *thost, *targ; + char *suser = NULL, *host = NULL; + const char *src = NULL; + char *bp, *tuser, *thost; + const char *targ; int sport = -1, tport = -1; arglist alist; int i, r; @@ -647,7 +649,7 @@ toremote(int argc, char **argv) for (i = 0; i < argc - 1; i++) { free(suser); free(host); - free(src); + free(__UNCONST(src)); r = parse_scp_uri(argv[i], , , , ); if (r == -1) { fmprintf(stderr, "%s: invalid uri\n", argv[i]); @@ -725,16 +727,17 @@ toremote(int argc, char **argv) out: free(tuser); free(thost); - free(targ); + free(__UNCONST(targ)); free(suser); free(host); - free(src); + free(__UNCONST(src)); } static void tolocal(int argc, char **argv) { - char *bp, *host = NULL, *src = NULL, *suser = NULL; + char *bp, *host = NULL, *suser = NULL; + const char *src = NULL; arglist alist; int i, r, sport = -1; @@ -744,7 +747,7 @@ tolocal(int argc, char **argv) for (i = 0; i < argc - 1; i++) { free(suser); free(host); - free(src); + free(__UNCONST(src)); r = parse_scp_uri(argv[i], , , , ); if (r == -1) { fmprintf(stderr, "%s: invalid uri\n", argv[i]); @@ -786,7 +789,7 @@ tolocal(int argc, char **argv) } free(suser); free(host); - free(src); + free(__UNCONST(src)); } void
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Apr 7 00:26:12 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: auth-passwd.c Log Message: restore default xx salt. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/auth-passwd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth-passwd.c diff -u src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.8 src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.9 --- src/crypto/external/bsd/openssh/dist/auth-passwd.c:1.8 Fri Apr 6 14:58:59 2018 +++ src/crypto/external/bsd/openssh/dist/auth-passwd.c Fri Apr 6 20:26:12 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: auth-passwd.c,v 1.8 2018/04/06 18:58:59 christos Exp $ */ +/* $NetBSD: auth-passwd.c,v 1.9 2018/04/07 00:26:12 christos Exp $ */ /* $OpenBSD: auth-passwd.c,v 1.46 2018/03/03 03:15:51 djm Exp $ */ /* * Author: Tatu Ylonen@@ -38,7 +38,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth-passwd.c,v 1.8 2018/04/06 18:58:59 christos Exp $"); +__RCSID("$NetBSD: auth-passwd.c,v 1.9 2018/04/07 00:26:12 christos Exp $"); #include #include @@ -189,7 +189,7 @@ sys_auth_passwd(struct ssh *ssh, const c */ if (authctxt->valid && pw_password[0] && pw_password[1]) salt = pw_password; - encrypted_password = xcrypt(password, salt); + encrypted_password = xcrypt(password, salt ? salt : "xx"); /* * Authentication is accepted if the encrypted passwords
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: martin Date: Tue Feb 13 09:51:33 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: sshkey.c Log Message: Fix copy & pasto (dsa code vs. rsa code) in previous, fixes PR lib/53012 and recentish sshfs test failures. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/sshkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshkey.c diff -u src/crypto/external/bsd/openssh/dist/sshkey.c:1.12 src/crypto/external/bsd/openssh/dist/sshkey.c:1.13 --- src/crypto/external/bsd/openssh/dist/sshkey.c:1.12 Mon Feb 5 00:13:50 2018 +++ src/crypto/external/bsd/openssh/dist/sshkey.c Tue Feb 13 09:51:33 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: sshkey.c,v 1.12 2018/02/05 00:13:50 christos Exp $ */ +/* $NetBSD: sshkey.c,v 1.13 2018/02/13 09:51:33 martin Exp $ */ /* $OpenBSD: sshkey.c,v 1.56 2017/08/12 06:42:52 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -__RCSID("$NetBSD: sshkey.c,v 1.12 2018/02/05 00:13:50 christos Exp $"); +__RCSID("$NetBSD: sshkey.c,v 1.13 2018/02/13 09:51:33 martin Exp $"); #include #include @@ -258,7 +258,7 @@ sshkey_size(const struct sshkey *k) #if OPENSSL_VERSION_NUMBER >= 0x1010UL return RSA_bits(k->rsa); #else - return BN_num_bits(k->rsa->p); + return BN_num_bits(k->rsa->n); #endif case KEY_DSA: case KEY_DSA_CERT:
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Fri Feb 9 01:54:46 UTC 2018 Modified Files: src/crypto/external/bsd/openssh: Makefile.inc Log Message: only set the compat version for OpenSSL-1.0 To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/Makefile.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/Makefile.inc diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.12 src/crypto/external/bsd/openssh/Makefile.inc:1.13 --- src/crypto/external/bsd/openssh/Makefile.inc:1.12 Tue Feb 6 15:10:36 2018 +++ src/crypto/external/bsd/openssh/Makefile.inc Thu Feb 8 20:54:46 2018 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.12 2018/02/06 20:10:36 christos Exp $ +# $NetBSD: Makefile.inc,v 1.13 2018/02/09 01:54:46 christos Exp $ WARNS?= 4 @@ -15,7 +15,9 @@ CPPFLAGS+=-DHAVE_DLOPEN CPPFLAGS+=-DHAVE_HEADER_AD CPPFLAGS+=-DHAVE_LOGIN_CAP CPPFLAGS+=-DHAVE_STDLIB_H +.if ${HAVE_OPENSSL} < 11 CPPFLAGS+=-DOPENSSL_API_COMPAT=0x1010L +.endif CPPFLAGS+=-DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE .if !defined(NOPIC)
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Feb 8 23:04:13 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: kex.c Log Message: need openssl/dh.h To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/kex.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/kex.c diff -u src/crypto/external/bsd/openssh/dist/kex.c:1.19 src/crypto/external/bsd/openssh/dist/kex.c:1.20 --- src/crypto/external/bsd/openssh/dist/kex.c:1.19 Sat Oct 7 15:39:19 2017 +++ src/crypto/external/bsd/openssh/dist/kex.c Thu Feb 8 18:04:13 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: kex.c,v 1.19 2017/10/07 19:39:19 christos Exp $ */ +/* $NetBSD: kex.c,v 1.20 2018/02/08 23:04:13 christos Exp $ */ /* $OpenBSD: kex.c,v 1.134 2017/06/13 12:13:59 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: kex.c,v 1.19 2017/10/07 19:39:19 christos Exp $"); +__RCSID("$NetBSD: kex.c,v 1.20 2018/02/08 23:04:13 christos Exp $"); #include /* MAX roundup */ #include @@ -35,6 +35,7 @@ __RCSID("$NetBSD: kex.c,v 1.19 2017/10/0 #ifdef WITH_OPENSSL #include +#include #endif #include "ssh2.h"
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Tue Feb 6 20:10:36 UTC 2018 Modified Files: src/crypto/external/bsd/openssh: Makefile.inc Log Message: use OPENSSL_API_COMPAT To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/Makefile.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/Makefile.inc diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.11 src/crypto/external/bsd/openssh/Makefile.inc:1.12 --- src/crypto/external/bsd/openssh/Makefile.inc:1.11 Mon Feb 5 06:57:28 2018 +++ src/crypto/external/bsd/openssh/Makefile.inc Tue Feb 6 15:10:36 2018 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.11 2018/02/05 11:57:28 christos Exp $ +# $NetBSD: Makefile.inc,v 1.12 2018/02/06 20:10:36 christos Exp $ WARNS?= 4 @@ -15,7 +15,7 @@ CPPFLAGS+=-DHAVE_DLOPEN CPPFLAGS+=-DHAVE_HEADER_AD CPPFLAGS+=-DHAVE_LOGIN_CAP CPPFLAGS+=-DHAVE_STDLIB_H -CPPFLAGS+=-DOPENSSL_VERSION_NUMBER=0x1010L +CPPFLAGS+=-DOPENSSL_API_COMPAT=0x1010L CPPFLAGS+=-DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE .if !defined(NOPIC)
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: maya Date: Tue Feb 6 10:56:35 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-dss.c Log Message: style: remove spurious {} added in 1.12 To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/ssh-dss.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-dss.c diff -u src/crypto/external/bsd/openssh/dist/ssh-dss.c:1.12 src/crypto/external/bsd/openssh/dist/ssh-dss.c:1.13 --- src/crypto/external/bsd/openssh/dist/ssh-dss.c:1.12 Mon Feb 5 00:13:50 2018 +++ src/crypto/external/bsd/openssh/dist/ssh-dss.c Tue Feb 6 10:56:35 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-dss.c,v 1.12 2018/02/05 00:13:50 christos Exp $ */ +/* $NetBSD: ssh-dss.c,v 1.13 2018/02/06 10:56:35 maya Exp $ */ /* $OpenBSD: ssh-dss.c,v 1.35 2016/04/21 06:08:02 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: ssh-dss.c,v 1.12 2018/02/05 00:13:50 christos Exp $"); +__RCSID("$NetBSD: ssh-dss.c,v 1.13 2018/02/06 10:56:35 maya Exp $"); #include #include @@ -175,7 +175,6 @@ ssh_dss_verify(const struct sshkey *key, } /* parse signature */ - { BIGNUM *r=NULL, *s=NULL; if ((sig = DSA_SIG_new()) == NULL || (r = BN_new()) == NULL || @@ -194,7 +193,6 @@ ssh_dss_verify(const struct sshkey *key, } DSA_SIG_set0(sig, r, s); r = s = NULL; - } /* sha1 the data */ if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen,
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Mon Feb 5 11:57:28 UTC 2018 Modified Files: src/crypto/external/bsd/openssh: Makefile.inc Log Message: pretend we have openssl-1.1 To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/Makefile.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/Makefile.inc diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.10 src/crypto/external/bsd/openssh/Makefile.inc:1.11 --- src/crypto/external/bsd/openssh/Makefile.inc:1.10 Mon Nov 6 05:26:13 2017 +++ src/crypto/external/bsd/openssh/Makefile.inc Mon Feb 5 06:57:28 2018 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.10 2017/11/06 10:26:13 snj Exp $ +# $NetBSD: Makefile.inc,v 1.11 2018/02/05 11:57:28 christos Exp $ WARNS?= 4 @@ -15,6 +15,7 @@ CPPFLAGS+=-DHAVE_DLOPEN CPPFLAGS+=-DHAVE_HEADER_AD CPPFLAGS+=-DHAVE_LOGIN_CAP CPPFLAGS+=-DHAVE_STDLIB_H +CPPFLAGS+=-DOPENSSL_VERSION_NUMBER=0x1010L CPPFLAGS+=-DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE .if !defined(NOPIC)
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Feb 5 00:13:50 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: auth-pam.c cipher.c cipher.h dh.c dh.h digest-openssl.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c monitor.c ssh-dss.c ssh-ecdsa.c ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11.c ssh-rsa.c sshkey.c Log Message: patch for OpenSSL-1.1 To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/auth-pam.c \ src/crypto/external/bsd/openssh/dist/dh.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/cipher.c \ src/crypto/external/bsd/openssh/dist/cipher.h \ src/crypto/external/bsd/openssh/dist/ssh-dss.c \ src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/dh.h cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/openssh/dist/digest-openssl.c cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/kexdhc.c \ src/crypto/external/bsd/openssh/dist/kexgexc.c \ src/crypto/external/bsd/openssh/dist/ssh-ecdsa.c \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/kexdhs.c \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c \ src/crypto/external/bsd/openssh/dist/ssh-rsa.c cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/kexgexs.c cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/monitor.c cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/ssh-keygen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth-pam.c diff -u src/crypto/external/bsd/openssh/dist/auth-pam.c:1.12 src/crypto/external/bsd/openssh/dist/auth-pam.c:1.13 --- src/crypto/external/bsd/openssh/dist/auth-pam.c:1.12 Sat Oct 7 15:39:19 2017 +++ src/crypto/external/bsd/openssh/dist/auth-pam.c Sun Feb 4 19:13:50 2018 @@ -50,7 +50,7 @@ /* * NetBSD local changes */ -__RCSID("$NetBSD: auth-pam.c,v 1.12 2017/10/07 19:39:19 christos Exp $"); +__RCSID("$NetBSD: auth-pam.c,v 1.13 2018/02/05 00:13:50 christos Exp $"); #undef USE_POSIX_THREADS /* Not yet */ #define HAVE_SECURITY_PAM_APPL_H #define HAVE_PAM_GETENVLIST @@ -142,6 +142,11 @@ extern u_int utmp_len; typedef pthread_t sp_pthread_t; #else typedef pid_t sp_pthread_t; +# undef pthread_exit +# define pthread_create(a, b, c, d)_ssh_compat_pthread_create(a, b, c, d) +# define pthread_exit(a) _ssh_compat_pthread_exit(a) +# define pthread_cancel(a) _ssh_compat_pthread_cancel(a) +# define pthread_join(a, b)_ssh_compat_pthread_join(a, b) #endif struct pam_ctxt { Index: src/crypto/external/bsd/openssh/dist/dh.c diff -u src/crypto/external/bsd/openssh/dist/dh.c:1.12 src/crypto/external/bsd/openssh/dist/dh.c:1.13 --- src/crypto/external/bsd/openssh/dist/dh.c:1.12 Tue Apr 18 14:41:46 2017 +++ src/crypto/external/bsd/openssh/dist/dh.c Sun Feb 4 19:13:50 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: dh.c,v 1.12 2017/04/18 18:41:46 christos Exp $ */ +/* $NetBSD: dh.c,v 1.13 2018/02/05 00:13:50 christos Exp $ */ /* $OpenBSD: dh.c,v 1.62 2016/12/15 21:20:41 dtucker Exp $ */ /* @@ -26,7 +26,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: dh.c,v 1.12 2017/04/18 18:41:46 christos Exp $"); +__RCSID("$NetBSD: dh.c,v 1.13 2018/02/05 00:13:50 christos Exp $"); #include /* MIN */ #include @@ -216,14 +216,15 @@ choose_dh(int min, int wantbits, int max /* diffie-hellman-groupN-sha1 */ int -dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) +dh_pub_is_valid(const DH *dh, const BIGNUM *dh_pub) { int i; int n = BN_num_bits(dh_pub); int bits_set = 0; BIGNUM *tmp; + const BIGNUM *p; - if (dh_pub->neg) { + if (BN_is_negative(dh_pub)) { logit("invalid public DH value: negative"); return 0; } @@ -236,7 +237,8 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) error("%s: BN_new failed", __func__); return 0; } - if (!BN_sub(tmp, dh->p, BN_value_one()) || + DH_get0_pqg(dh, , NULL, NULL); + if (!BN_sub(tmp, p, BN_value_one()) || BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ BN_clear_free(tmp); logit("invalid public DH value: >= p-1"); @@ -247,14 +249,14 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) for (i = 0; i <= n; i++) if (BN_is_bit_set(dh_pub, i)) bits_set++; - debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); + debug2("bits set: %d/%d", bits_set, BN_num_bits(p)); /* * if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ if (bits_set < 4) { logit("invalid public DH value (%d/%d)", - bits_set, BN_num_bits(dh->p)); + bits_set, BN_num_bits(p)); return 0; } return 1; @@ -264,9 +266,12 @@ int dh_gen_key(DH *dh, int need) { int pbits; + const BIGNUM *p, *pub_key, *priv_key; - if (need < 0 || dh->p == NULL || - (pbits =
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: maya Date: Mon Jan 15 05:04:58 UTC 2018 Modified Files: src/crypto/external/bsd/openssh/dist: packet.c Log Message: Move spammy debug message to debug2. Similarly spammy messages exist in this debug level. Requested by gson in PR bin/52898: ssh -v prints debug message on every keystroke To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/packet.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.29 src/crypto/external/bsd/openssh/dist/packet.c:1.30 --- src/crypto/external/bsd/openssh/dist/packet.c:1.29 Mon Oct 9 12:07:03 2017 +++ src/crypto/external/bsd/openssh/dist/packet.c Mon Jan 15 05:04:58 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.29 2017/10/09 12:07:03 christos Exp $ */ +/* $NetBSD: packet.c,v 1.30 2018/01/15 05:04:58 maya Exp $ */ /* $OpenBSD: packet.c,v 1.264 2017/09/12 06:32:07 djm Exp $ */ /* * Author: Tatu Ylonen@@ -39,7 +39,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: packet.c,v 1.29 2017/10/09 12:07:03 christos Exp $"); +__RCSID("$NetBSD: packet.c,v 1.30 2018/01/15 05:04:58 maya Exp $"); #include /* MIN roundup */ #include @@ -1117,7 +1117,7 @@ ssh_packet_send2_wrapped(struct ssh *ssh len, padlen, aadlen)); /* compute MAC over seqnr and packet(length fields, payload, padding) */ -debug("mac %p, %d %d", mac, mac? mac->enabled : -1, mac ? mac->etm : -1); +debug2("mac %p, %d %d", mac, mac? mac->enabled : -1, mac ? mac->etm : -1); if (mac && mac->enabled && !mac->etm) { if ((r = mac_compute(mac, state->p_send.seqnr, sshbuf_ptr(state->outgoing_packet), len,
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: snj Date: Mon Nov 6 10:26:13 UTC 2017 Modified Files: src/crypto/external/bsd/openssh: Makefile.inc Log Message: no more ssh1 code in openssh, so no use defining WITH_SSH1 To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/Makefile.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/Makefile.inc diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.9 src/crypto/external/bsd/openssh/Makefile.inc:1.10 --- src/crypto/external/bsd/openssh/Makefile.inc:1.9 Thu Jul 23 08:03:25 2015 +++ src/crypto/external/bsd/openssh/Makefile.inc Mon Nov 6 10:26:13 2017 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.9 2015/07/23 08:03:25 mrg Exp $ +# $NetBSD: Makefile.inc,v 1.10 2017/11/06 10:26:13 snj Exp $ WARNS?= 4 @@ -16,7 +16,7 @@ CPPFLAGS+=-DHAVE_HEADER_AD CPPFLAGS+=-DHAVE_LOGIN_CAP CPPFLAGS+=-DHAVE_STDLIB_H -CPPFLAGS+=-DWITH_SSH1 -DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE +CPPFLAGS+=-DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE .if !defined(NOPIC) CPPFLAGS+=-DHAVE_DLOPEN .endif
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Oct 9 12:07:03 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: channels.c packet.c Log Message: PR/52604: Tatoku Ogaito: Fix x11 session forwarding. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/channels.c cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/packet.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/channels.c diff -u src/crypto/external/bsd/openssh/dist/channels.c:1.19 src/crypto/external/bsd/openssh/dist/channels.c:1.20 --- src/crypto/external/bsd/openssh/dist/channels.c:1.19 Sat Oct 7 15:39:19 2017 +++ src/crypto/external/bsd/openssh/dist/channels.c Mon Oct 9 08:07:03 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: channels.c,v 1.19 2017/10/07 19:39:19 christos Exp $ */ +/* $NetBSD: channels.c,v 1.20 2017/10/09 12:07:03 christos Exp $ */ /* $OpenBSD: channels.c,v 1.375 2017/09/24 13:45:34 djm Exp $ */ /* * Author: Tatu Ylonen@@ -41,7 +41,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: channels.c,v 1.19 2017/10/07 19:39:19 christos Exp $"); +__RCSID("$NetBSD: channels.c,v 1.20 2017/10/09 12:07:03 christos Exp $"); #include #include #include @@ -3733,10 +3733,11 @@ channel_request_remote_forwarding(struct "streamlocal-forw...@openssh.com")) != 0 || (r = sshpkt_put_u8(ssh, 1)) != 0 || /* want reply */ (r = sshpkt_put_cstring(ssh, fwd->listen_path)) != 0 || - (r = sshpkt_send(ssh)) != 0 || - (r = ssh_packet_write_wait(ssh)) != 0) + (r = sshpkt_send(ssh)) != 0) fatal("%s: request streamlocal: %s", __func__, ssh_err(r)); + if ((r = ssh_packet_write_wait(ssh)) < 0) + sshpkt_fatal(ssh, __func__, r); } else { if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 || (r = sshpkt_put_cstring(ssh, "tcpip-forward")) != 0 || @@ -3744,10 +3745,11 @@ channel_request_remote_forwarding(struct (r = sshpkt_put_cstring(ssh, channel_rfwd_bind_host(fwd->listen_host))) != 0 || (r = sshpkt_put_u32(ssh, fwd->listen_port)) != 0 || - (r = sshpkt_send(ssh)) != 0 || - (r = ssh_packet_write_wait(ssh)) != 0) + (r = sshpkt_send(ssh)) != 0) fatal("%s: request tcpip-forward: %s", __func__, ssh_err(r)); + if ((r = ssh_packet_write_wait(ssh)) < 0) + sshpkt_fatal(ssh, __func__, r); } /* Assume that server accepts the request */ success = 1; @@ -4691,8 +4693,11 @@ x11_request_forwarding_with_spoofing(str (r = sshpkt_put_cstring(ssh, proto)) != 0 || (r = sshpkt_put_cstring(ssh, new_data)) != 0 || (r = sshpkt_put_u32(ssh, screen_number)) != 0 || - (r = sshpkt_send(ssh)) != 0 || - (r = ssh_packet_write_wait(ssh)) != 0) + (r = sshpkt_send(ssh)) != 0) fatal("%s: send x11-req: %s", __func__, ssh_err(r)); + + if ((r = ssh_packet_write_wait(ssh)) < 0) + sshpkt_fatal(ssh, __func__, r); + free(new_data); } Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.28 src/crypto/external/bsd/openssh/dist/packet.c:1.29 --- src/crypto/external/bsd/openssh/dist/packet.c:1.28 Sat Oct 7 15:39:19 2017 +++ src/crypto/external/bsd/openssh/dist/packet.c Mon Oct 9 08:07:03 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.28 2017/10/07 19:39:19 christos Exp $ */ +/* $NetBSD: packet.c,v 1.29 2017/10/09 12:07:03 christos Exp $ */ /* $OpenBSD: packet.c,v 1.264 2017/09/12 06:32:07 djm Exp $ */ /* * Author: Tatu Ylonen @@ -39,7 +39,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: packet.c,v 1.28 2017/10/07 19:39:19 christos Exp $"); +__RCSID("$NetBSD: packet.c,v 1.29 2017/10/09 12:07:03 christos Exp $"); #include /* MIN roundup */ #include @@ -1779,9 +1779,10 @@ ssh_packet_send_debug(struct ssh *ssh, c (r = sshpkt_put_u8(ssh, 0)) != 0 || /* always display */ (r = sshpkt_put_cstring(ssh, buf)) != 0 || (r = sshpkt_put_cstring(ssh, "")) != 0 || - (r = sshpkt_send(ssh)) != 0 || - (r = ssh_packet_write_wait(ssh)) != 0) + (r = sshpkt_send(ssh)) != 0) fatal("%s: %s", __func__, ssh_err(r)); + if ((r = ssh_packet_write_wait(ssh)) < 0) + sshpkt_fatal(ssh, __func__, r); } static void
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: joerg Date: Sun Oct 8 20:19:05 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-keygen.c Log Message: Mark do_ca_sign as dead. To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/dist/ssh-keygen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.c diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.27 src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.28 --- src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.27 Sat Oct 7 19:39:19 2017 +++ src/crypto/external/bsd/openssh/dist/ssh-keygen.c Sun Oct 8 20:19:05 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-keygen.c,v 1.27 2017/10/07 19:39:19 christos Exp $ */ +/* $NetBSD: ssh-keygen.c,v 1.28 2017/10/08 20:19:05 joerg Exp $ */ /* $OpenBSD: ssh-keygen.c,v 1.307 2017/07/07 03:53:12 djm Exp $ */ /* * Author: Tatu Ylonen@@ -14,7 +14,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: ssh-keygen.c,v 1.27 2017/10/07 19:39:19 christos Exp $"); +__RCSID("$NetBSD: ssh-keygen.c,v 1.28 2017/10/08 20:19:05 joerg Exp $"); #include #include #include @@ -1638,7 +1638,7 @@ agent_signer(const struct sshkey *key, u data, datalen, alg, compat); } -static void +__dead static void do_ca_sign(struct passwd *pw, int argc, char **argv) { int r, i, fd, found, agent_fd = -1;
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Sat Oct 7 21:14:59 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: includes.h src/crypto/external/bsd/openssh/lib: Makefile Added Files: src/crypto/external/bsd/openssh/dist: recallocarray.c Log Message: define recallocarray locally. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/includes.h cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/openssh/dist/recallocarray.c cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssh/lib/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/includes.h diff -u src/crypto/external/bsd/openssh/dist/includes.h:1.6 src/crypto/external/bsd/openssh/dist/includes.h:1.7 --- src/crypto/external/bsd/openssh/dist/includes.h:1.6 Tue Apr 18 14:41:46 2017 +++ src/crypto/external/bsd/openssh/dist/includes.h Sat Oct 7 17:14:59 2017 @@ -1,9 +1,11 @@ -/* $NetBSD: includes.h,v 1.6 2017/04/18 18:41:46 christos Exp $ */ +/* $NetBSD: includes.h,v 1.7 2017/10/07 21:14:59 christos Exp $ */ #include #ifndef __OpenBSD__ #define __bounded__(a, b, c) #define explicit_bzero(a, b) explicit_memset((a), 0, (b)) #define timingsafe_bcmp(a, b, c) (!consttime_memequal((a), (b), (c))) +#include +void *recallocarray(void *, size_t, size_t, size_t); #endif #include "namespace.h" Index: src/crypto/external/bsd/openssh/lib/Makefile diff -u src/crypto/external/bsd/openssh/lib/Makefile:1.22 src/crypto/external/bsd/openssh/lib/Makefile:1.23 --- src/crypto/external/bsd/openssh/lib/Makefile:1.22 Sat Oct 7 15:39:19 2017 +++ src/crypto/external/bsd/openssh/lib/Makefile Sat Oct 7 17:14:59 2017 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.22 2017/10/07 19:39:19 christos Exp $ +# $NetBSD: Makefile,v 1.23 2017/10/07 21:14:59 christos Exp $ .include @@ -57,6 +57,7 @@ packet.c \ poly1305.c \ progressmeter.c \ readpass.c \ +recallocarray.c \ sc25519.c \ smult_curve25519_ref.c \ sshbuf-getput-basic.c \ Added files: Index: src/crypto/external/bsd/openssh/dist/recallocarray.c diff -u /dev/null src/crypto/external/bsd/openssh/dist/recallocarray.c:1.1 --- /dev/null Sat Oct 7 17:14:59 2017 +++ src/crypto/external/bsd/openssh/dist/recallocarray.c Sat Oct 7 17:14:59 2017 @@ -0,0 +1,51 @@ +/* $NetBSD: recallocarray.c,v 1.1 2017/10/07 21:14:59 christos Exp $ */ +/* $OpenBSD: reallocarray.c,v 1.1 2014/05/08 21:43:49 deraadt Exp $ */ + +/*- + * Copyright (c) 2015 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +#include +__RCSID("$NetBSD: recallocarray.c,v 1.1 2017/10/07 21:14:59 christos Exp $"); + +#include +#include +#include + +void * +recallocarray(void *optr, size_t omemb, size_t nmemb, size_t size) +{ + char *nptr = reallocarray(optr, nmemb, size); + + if (nptr == NULL || omemb >= nmemb) + return nptr; + + memset(nptr + omemb * size, 0, (nmemb - omemb) * size); + return nptr; +}
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Sat Oct 7 19:39:20 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/bin/ssh: Makefile src/crypto/external/bsd/openssh/dist: LICENCE PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth-options.c auth-options.h auth-pam.c auth.c auth.h auth2-chall.c auth2-gss.c auth2-hostbased.c auth2-kbdint.c auth2-krb5.c auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bitmap.c bufbn.c buffer.h channels.c channels.h cipher.c cipher.h clientloop.c clientloop.h compat.c compat.h digest-libc.c digest-openssl.c dispatch.c dispatch.h dns.c dns.h gss-serv.c hostfile.c kex.c kex.h kexc25519c.c kexc25519s.c kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c key.c key.h krl.c log.c log.h mac.c misc.c misc.h monitor.c monitor_wrap.c monitor_wrap.h mux.c myproposal.h nchan.c opacket.c opacket.h packet.c packet.h pathnames.h readconf.c readconf.h scp.1 scp.c servconf.c servconf.h serverloop.c serverloop.h session.c session.h sftp-client.c sftp-common.c sftp-server.c sftp.1 sftp.c ssh-add.1 ssh-add.c ssh-agent.c ssh-gss.h ssh-keygen.1 ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c ssh-rsa.c ssh.1 ssh.c ssh.h ssh_api.c ssh_config ssh_config.5 sshbuf-getput-basic.c sshbuf.c sshbuf.h sshconnect.c sshconnect.h sshconnect2.c sshd.8 sshd.c sshd_config.5 ssherr.c sshkey.c sshkey.h ttymodes.c ttymodes.h umac.c utf8.c version.h xmalloc.c xmalloc.h src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048 moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192 src/crypto/external/bsd/openssh/lib: Makefile shlib_version Removed Files: src/crypto/external/bsd/openssh/dist: cipher-3des1.c cipher-bf1.c deattack.c deattack.h rsa.c rsa.h ssh1.h sshconnect1.c Log Message: merge conflicts. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/bin/ssh/Makefile cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/LICENCE \ src/crypto/external/bsd/openssh/dist/bitmap.c \ src/crypto/external/bsd/openssh/dist/digest-openssl.c \ src/crypto/external/bsd/openssh/dist/sshkey.h \ src/crypto/external/bsd/openssh/dist/utf8.c cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/buffer.h \ src/crypto/external/bsd/openssh/dist/compat.h \ src/crypto/external/bsd/openssh/dist/dns.h \ src/crypto/external/bsd/openssh/dist/kexdhc.c \ src/crypto/external/bsd/openssh/dist/kexgexc.c \ src/crypto/external/bsd/openssh/dist/sftp-common.c \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c \ src/crypto/external/bsd/openssh/dist/ssh.h \ src/crypto/external/bsd/openssh/dist/sshconnect.h \ src/crypto/external/bsd/openssh/dist/xmalloc.c \ src/crypto/external/bsd/openssh/dist/xmalloc.h cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/PROTOCOL.agent \ src/crypto/external/bsd/openssh/dist/auth-options.h \ src/crypto/external/bsd/openssh/dist/authfd.h \ src/crypto/external/bsd/openssh/dist/bufbn.c \ src/crypto/external/bsd/openssh/dist/dispatch.c \ src/crypto/external/bsd/openssh/dist/kexc25519s.c \ src/crypto/external/bsd/openssh/dist/kexecdhs.c \ src/crypto/external/bsd/openssh/dist/nchan.c cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys \ src/crypto/external/bsd/openssh/dist/auth2-kbdint.c \ src/crypto/external/bsd/openssh/dist/auth2-none.c \ src/crypto/external/bsd/openssh/dist/auth2-passwd.c \ src/crypto/external/bsd/openssh/dist/kexecdhc.c \ src/crypto/external/bsd/openssh/dist/opacket.c \ src/crypto/external/bsd/openssh/dist/opacket.h \ src/crypto/external/bsd/openssh/dist/session.h \ src/crypto/external/bsd/openssh/dist/ssh-gss.h \ src/crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c \ src/crypto/external/bsd/openssh/dist/sshbuf.c \ src/crypto/external/bsd/openssh/dist/sshbuf.h \ src/crypto/external/bsd/openssh/dist/ttymodes.c \ src/crypto/external/bsd/openssh/dist/ttymodes.h cvs rdiff -u -r1.15 -r1.16 \ src/crypto/external/bsd/openssh/dist/auth-options.c \ src/crypto/external/bsd/openssh/dist/auth.h \ src/crypto/external/bsd/openssh/dist/kex.h \ src/crypto/external/bsd/openssh/dist/misc.c \ src/crypto/external/bsd/openssh/dist/packet.h \ src/crypto/external/bsd/openssh/dist/servconf.h \ src/crypto/external/bsd/openssh/dist/sftp.1 \ src/crypto/external/bsd/openssh/dist/ssh-add.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/auth-pam.c \
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Jun 26 17:10:39 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: pfilter.c Log Message: If we've authenticated, we are already in the child and we don't need the socket anymore. XXX: pullup-7, pullup-8 To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/pfilter.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/pfilter.c diff -u src/crypto/external/bsd/openssh/dist/pfilter.c:1.3 src/crypto/external/bsd/openssh/dist/pfilter.c:1.4 --- src/crypto/external/bsd/openssh/dist/pfilter.c:1.3 Fri Jan 22 19:03:30 2016 +++ src/crypto/external/bsd/openssh/dist/pfilter.c Mon Jun 26 13:10:39 2017 @@ -30,6 +30,10 @@ pfilter_notify(int a) // XXX: 3? fd = packet_connection_is_on_socket() ? packet_get_connection_in() : 3; (void)blacklist_r(blstate, a, fd, "ssh"); + if (a == 0) { + blacklist_close(blstate); + blstate = NULL; + } #else __USE(a); #endif
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: joerg Date: Thu Apr 20 13:22:59 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: servconf.c Log Message: GC multistate_privsep. To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/servconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/servconf.c diff -u src/crypto/external/bsd/openssh/dist/servconf.c:1.23 src/crypto/external/bsd/openssh/dist/servconf.c:1.24 --- src/crypto/external/bsd/openssh/dist/servconf.c:1.23 Tue Apr 18 18:41:46 2017 +++ src/crypto/external/bsd/openssh/dist/servconf.c Thu Apr 20 13:22:59 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: servconf.c,v 1.23 2017/04/18 18:41:46 christos Exp $ */ +/* $NetBSD: servconf.c,v 1.24 2017/04/20 13:22:59 joerg Exp $ */ /* $OpenBSD: servconf.c,v 1.306 2017/03/14 07:19:07 djm Exp $ */ /* @@ -13,7 +13,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: servconf.c,v 1.23 2017/04/18 18:41:46 christos Exp $"); +__RCSID("$NetBSD: servconf.c,v 1.24 2017/04/20 13:22:59 joerg Exp $"); #include #include #include @@ -1066,13 +1066,6 @@ static const struct multistate multistat { "no",0 }, { NULL, -1 } }; -static const struct multistate multistate_privsep[] = { - { "yes", PRIVSEP_NOSANDBOX }, - { "sandbox", PRIVSEP_ON }, - { "nosandbox", PRIVSEP_NOSANDBOX }, - { "no",PRIVSEP_OFF }, - { NULL, -1 } -}; static const struct multistate multistate_tcpfwd[] = { { "yes", FORWARD_ALLOW }, { "all", FORWARD_ALLOW },
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Apr 19 15:34:25 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: sshd_config Log Message: fix conflict. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd_config diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.20 src/crypto/external/bsd/openssh/dist/sshd_config:1.21 --- src/crypto/external/bsd/openssh/dist/sshd_config:1.20 Tue Apr 18 14:41:46 2017 +++ src/crypto/external/bsd/openssh/dist/sshd_config Wed Apr 19 11:34:25 2017 @@ -1,4 +1,4 @@ -# $NetBSD: sshd_config,v 1.20 2017/04/18 18:41:46 christos Exp $ +# $NetBSD: sshd_config,v 1.21 2017/04/19 15:34:25 christos Exp $ # $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ # This is the sshd server system-wide configuration file. See @@ -74,11 +74,8 @@ AuthorizedKeysFile .ssh/authorized_keys #PrintLastLog yes #TCPKeepAlive yes #UseLogin no -<<< sshd_config #UsePrivilegeSeparation sandbox UsePam yes -=== ->>> 1.1.1.15 #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0
CVS commit: src/crypto/external/bsd/openssh/lib
Module Name:src Committed By: christos Date: Tue Apr 18 18:41:59 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/lib: shlib_version Log Message: bump To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/lib/shlib_version Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/lib/shlib_version diff -u src/crypto/external/bsd/openssh/lib/shlib_version:1.18 src/crypto/external/bsd/openssh/lib/shlib_version:1.19 --- src/crypto/external/bsd/openssh/lib/shlib_version:1.18 Sat Dec 24 19:07:47 2016 +++ src/crypto/external/bsd/openssh/lib/shlib_version Tue Apr 18 14:41:59 2017 @@ -1,5 +1,5 @@ -# $NetBSD: shlib_version,v 1.18 2016/12/25 00:07:47 christos Exp $ +# $NetBSD: shlib_version,v 1.19 2017/04/18 18:41:59 christos Exp $ # Remember to update distrib/sets/lists/base/shl.* when changing # -major=29 +major=30 minor=0
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Feb 16 17:56:07 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: auth2-pubkey.c Log Message: PR/51973: Use proper fd for AuthorizedKeysCommand To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth2-pubkey.c diff -u src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.15 src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.16 --- src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.15 Sat Dec 24 19:07:46 2016 +++ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c Thu Feb 16 12:56:07 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: auth2-pubkey.c,v 1.15 2016/12/25 00:07:46 christos Exp $ */ +/* $NetBSD: auth2-pubkey.c,v 1.16 2017/02/16 17:56:07 christos Exp $ */ /* $OpenBSD: auth2-pubkey.c,v 1.60 2016/11/30 02:57:40 djm Exp $ */ /* @@ -26,7 +26,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth2-pubkey.c,v 1.15 2016/12/25 00:07:46 christos Exp $"); +__RCSID("$NetBSD: auth2-pubkey.c,v 1.16 2017/02/16 17:56:07 christos Exp $"); #include #include #include @@ -839,13 +839,6 @@ check_authkeys_file(FILE *f, char *file, } } #endif - debug("trying public key file %s", file); - f = auth_openkeyfile(file, pw, options.strict_modes); - - if (!f) { - restore_uid(); - return 0; - } found_key = 0;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Feb 1 14:27:37 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: sshd_config Log Message: match the man page, and explain why. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/sshd_config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshd_config diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.18 src/crypto/external/bsd/openssh/dist/sshd_config:1.19 --- src/crypto/external/bsd/openssh/dist/sshd_config:1.18 Sat Dec 24 19:07:47 2016 +++ src/crypto/external/bsd/openssh/dist/sshd_config Wed Feb 1 09:27:37 2017 @@ -1,4 +1,4 @@ -# $NetBSD: sshd_config,v 1.18 2016/12/25 00:07:47 christos Exp $ +# $NetBSD: sshd_config,v 1.19 2017/02/01 14:27:37 christos Exp $ # $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $ # This is the sshd server system-wide configuration file. See @@ -28,7 +28,8 @@ # Authentication: -#LoginGraceTime 2m +# For slow CPUs, bumped from 2 minutes to 10 +LoginGraceTime 600 #PermitRootLogin prohibit-password #StrictModes yes #MaxAuthTries 6
CVS commit: src/crypto/external/bsd/openssh/bin
Module Name:src Committed By: christos Date: Sat Jan 28 23:38:48 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/bin/ssh: Makefile src/crypto/external/bsd/openssh/bin/sshd: Makefile Log Message: krb5 needs sqlite3 now To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/bin/ssh/Makefile cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/bin/sshd/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/bin/ssh/Makefile diff -u src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.10 src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.11 --- src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.10 Tue Aug 2 09:45:12 2016 +++ src/crypto/external/bsd/openssh/bin/ssh/Makefile Sat Jan 28 18:38:48 2017 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.10 2016/08/02 13:45:12 christos Exp $ +# $NetBSD: Makefile,v 1.11 2017/01/28 23:38:48 christos Exp $ .include @@ -29,8 +29,8 @@ DPADD+= ${LIBKRB5} ${LIBHX509} ${LIBHEIM LDADD+= -lkafs -lasn1 -lcrypt DPADD+= ${LIBKAFS} ${LIBASN1} ${LIBCRYPT} -LDADD+= -lcom_err -lroken -lutil -DPADD+= ${LIBCOM_ERR} ${LIBROKEN} ${LIBUTIL} +LDADD+= -lcom_err -lroken -lsqlite3 -lutil +DPADD+= ${LIBCOM_ERR} ${LIBROKEN} ${LIBSQLITE3} ${LIBUTIL} .endif .include Index: src/crypto/external/bsd/openssh/bin/sshd/Makefile diff -u src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.14 src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.15 --- src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.14 Sat Dec 24 19:07:46 2016 +++ src/crypto/external/bsd/openssh/bin/sshd/Makefile Sat Jan 28 18:38:48 2017 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.14 2016/12/25 00:07:46 christos Exp $ +# $NetBSD: Makefile,v 1.15 2017/01/28 23:38:48 christos Exp $ .include @@ -51,8 +51,8 @@ SRCS+= auth2-krb5.c LDADD+= -lkrb5 -lasn1 DPADD+= ${LIBKRB5} ${LIBASN1} -LDADD+= -lcom_err -lroken -DPADD+= ${LIBCOM_ERR} ${LIBROKEN} +LDADD+= -lcom_err -lroken -lsqlite3 +DPADD+= ${LIBCOM_ERR} ${LIBROKEN} ${LIBSQLITE3} .endif .if (${USE_LDAP} != "no")
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Tue Jan 10 13:53:26 UTC 2017 Modified Files: src/crypto/external/bsd/openssh/dist: monitor.c Log Message: include for close, pipe, dup2 etc. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/monitor.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/monitor.c diff -u src/crypto/external/bsd/openssh/dist/monitor.c:1.20 src/crypto/external/bsd/openssh/dist/monitor.c:1.21 --- src/crypto/external/bsd/openssh/dist/monitor.c:1.20 Sat Dec 24 19:07:47 2016 +++ src/crypto/external/bsd/openssh/dist/monitor.c Tue Jan 10 08:53:26 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.c,v 1.20 2016/12/25 00:07:47 christos Exp $ */ +/* $NetBSD: monitor.c,v 1.21 2017/01/10 13:53:26 christos Exp $ */ /* $OpenBSD: monitor.c,v 1.166 2016/09/28 16:33:06 djm Exp $ */ /* @@ -28,7 +28,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: monitor.c,v 1.20 2016/12/25 00:07:47 christos Exp $"); +__RCSID("$NetBSD: monitor.c,v 1.21 2017/01/10 13:53:26 christos Exp $"); #include #include #include @@ -47,6 +47,7 @@ __RCSID("$NetBSD: monitor.c,v 1.20 2016/ #include #include #include +#include #include #include #include
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: jakllsch Date: Wed Aug 3 15:24:28 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: utf8.c utf8.h Log Message: Add some missing __attribute__((format(printf annotations. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/utf8.c cvs rdiff -u -r1.1.1.1 -r1.2 src/crypto/external/bsd/openssh/dist/utf8.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/utf8.c diff -u src/crypto/external/bsd/openssh/dist/utf8.c:1.2 src/crypto/external/bsd/openssh/dist/utf8.c:1.3 --- src/crypto/external/bsd/openssh/dist/utf8.c:1.2 Tue Aug 2 13:45:12 2016 +++ src/crypto/external/bsd/openssh/dist/utf8.c Wed Aug 3 15:24:28 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: utf8.c,v 1.2 2016/08/02 13:45:12 christos Exp $ */ +/* $NetBSD: utf8.c,v 1.3 2016/08/03 15:24:28 jakllsch Exp $ */ /* $OpenBSD: utf8.c,v 1.3 2016/05/30 12:57:21 schwarze Exp $ */ /* * Copyright (c) 2016 Ingo Schwarze@@ -17,7 +17,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: utf8.c,v 1.2 2016/08/02 13:45:12 christos Exp $"); +__RCSID("$NetBSD: utf8.c,v 1.3 2016/08/03 15:24:28 jakllsch Exp $"); /* * Utility functions for multibyte-character handling, * in particular to sanitize untrusted strings for terminal output. @@ -37,7 +37,8 @@ __RCSID("$NetBSD: utf8.c,v 1.2 2016/08/0 static int dangerous_locale(void); static int grow_dst(char **, size_t *, size_t, char **, size_t); -static int vasnmprintf(char **, size_t, int *, const char *, va_list); +static int vasnmprintf(char **, size_t, int *, const char *, va_list) + __attribute__((format(printf, 4, 0))); /* Index: src/crypto/external/bsd/openssh/dist/utf8.h diff -u src/crypto/external/bsd/openssh/dist/utf8.h:1.1.1.1 src/crypto/external/bsd/openssh/dist/utf8.h:1.2 --- src/crypto/external/bsd/openssh/dist/utf8.h:1.1.1.1 Tue Aug 2 13:30:06 2016 +++ src/crypto/external/bsd/openssh/dist/utf8.h Wed Aug 3 15:24:28 2016 @@ -19,6 +19,7 @@ int mprintf(const char *, ...) __attribute__((format(printf, 1, 2))); int fmprintf(FILE *, const char *, ...) __attribute__((format(printf, 2, 3))); -int vfmprintf(FILE *, const char *, va_list); +int vfmprintf(FILE *, const char *, va_list) + __attribute__((format(printf, 2, 0))); int snmprintf(char *, size_t, int *, const char *, ...) __attribute__((format(printf, 4, 5)));
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Tue Aug 2 13:53:45 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: canohost.c Log Message: remove unused code To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/canohost.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/canohost.c diff -u src/crypto/external/bsd/openssh/dist/canohost.c:1.9 src/crypto/external/bsd/openssh/dist/canohost.c:1.10 --- src/crypto/external/bsd/openssh/dist/canohost.c:1.9 Tue Aug 2 09:45:12 2016 +++ src/crypto/external/bsd/openssh/dist/canohost.c Tue Aug 2 09:53:44 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: canohost.c,v 1.9 2016/08/02 13:45:12 christos Exp $ */ +/* $NetBSD: canohost.c,v 1.10 2016/08/02 13:53:44 christos Exp $ */ /* $OpenBSD: canohost.c,v 1.73 2016/03/07 19:02:43 djm Exp $ */ /* * Author: Tatu Ylonen@@ -14,7 +14,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: canohost.c,v 1.9 2016/08/02 13:45:12 christos Exp $"); +__RCSID("$NetBSD: canohost.c,v 1.10 2016/08/02 13:53:44 christos Exp $"); #include #include #include @@ -36,173 +36,6 @@ __RCSID("$NetBSD: canohost.c,v 1.9 2016/ #include "canohost.h" #include "misc.h" -#if removeme -static void check_ip_options(int, char *); -static char *canonical_host_ip = NULL; -static int cached_port = -1; - -/* - * Return the canonical name of the host at the other end of the socket. The - * caller should free the returned string. - */ - -static char * -get_remote_hostname(int sock, int use_dns) -{ - struct sockaddr_storage from; - socklen_t fromlen; - struct addrinfo hints, *ai, *aitop; - char name[NI_MAXHOST], ntop[NI_MAXHOST], ntop2[NI_MAXHOST]; - - /* Get IP address of client. */ - fromlen = sizeof(from); - memset(, 0, sizeof(from)); - if (getpeername(sock, (struct sockaddr *), ) < 0) { - debug("getpeername failed: %.100s", strerror(errno)); - cleanup_exit(255); - } - - if (getnameinfo((struct sockaddr *), fromlen, ntop, sizeof(ntop), - NULL, 0, NI_NUMERICHOST) != 0) - fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); - - if (from.ss_family == AF_INET) - check_ip_options(sock, ntop); - - if (!use_dns) - return xstrdup(ntop); - - debug3("Trying to reverse map address %.100s.", ntop); - /* Map the IP address to a host name. */ - if (getnameinfo((struct sockaddr *), fromlen, name, sizeof(name), - NULL, 0, NI_NAMEREQD) != 0) { - /* Host name not found. Use ip address. */ - return xstrdup(ntop); - } - - /* - * if reverse lookup result looks like a numeric hostname, - * someone is trying to trick us by PTR record like following: - * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 - */ - memset(, 0, sizeof(hints)); - hints.ai_socktype = SOCK_DGRAM; /*dummy*/ - hints.ai_flags = AI_NUMERICHOST; - if (getaddrinfo(name, NULL, , ) == 0) { - logit("Nasty PTR record \"%s\" is set up for %s, ignoring", - name, ntop); - freeaddrinfo(ai); - return xstrdup(ntop); - } - - /* Names are stores in lowercase. */ - lowercase(name); - - /* - * Map it back to an IP address and check that the given - * address actually is an address of this host. This is - * necessary because anyone with access to a name server can - * define arbitrary names for an IP address. Mapping from - * name to IP address can be trusted better (but can still be - * fooled if the intruder has access to the name server of - * the domain). - */ - memset(, 0, sizeof(hints)); - hints.ai_family = from.ss_family; - hints.ai_socktype = SOCK_STREAM; - if (getaddrinfo(name, NULL, , ) != 0) { - logit("reverse mapping checking getaddrinfo for %.700s " - "[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop); - return xstrdup(ntop); - } - /* Look for the address from the list of addresses. */ - for (ai = aitop; ai; ai = ai->ai_next) { - if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2, - sizeof(ntop2), NULL, 0, NI_NUMERICHOST) == 0 && - (strcmp(ntop, ntop2) == 0)) -break; - } - freeaddrinfo(aitop); - /* If we reached the end of the list, the address was not there. */ - if (!ai) { - /* Address not found for the host name. */ - logit("Address %.100s maps to %.600s, but this does not " - "map back to the address - POSSIBLE BREAK-IN ATTEMPT!", - ntop, name); - return xstrdup(ntop); - } - return xstrdup(name); -} - -/* - * If IP options are supported, make sure there are none (log and - * disconnect them if any are found). Basically we are worried about - * source routing; it can be used to pretend you are somebody - * (ip-address) you are not. That itself may be "almost acceptable" - * under certain circumstances, but rhosts autentication is useless - * if source routing is accepted. Notice also that if we just dropped - * source routing here, the other side could use IP spoofing to do - * rest of the interaction and could still
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Apr 14 16:42:09 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: session.c Log Message: If PAM is configured to read user-specified environment variables and UseLogin=yes in sshd_config, then a hostile local user may attack /bin/login via LD_PRELOAD or similar environment variables set via PAM. CVE-2015-8325, found by Shayan Sadigh, via Colin Watson https://anongit.mindrot.org/openssh.git/commit/?\ id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755 XXX: pullup-7 To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/session.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/session.c diff -u src/crypto/external/bsd/openssh/dist/session.c:1.18 src/crypto/external/bsd/openssh/dist/session.c:1.19 --- src/crypto/external/bsd/openssh/dist/session.c:1.18 Thu Mar 10 20:55:00 2016 +++ src/crypto/external/bsd/openssh/dist/session.c Thu Apr 14 12:42:09 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: session.c,v 1.18 2016/03/11 01:55:00 christos Exp $ */ +/* $NetBSD: session.c,v 1.19 2016/04/14 16:42:09 christos Exp $ */ /* $OpenBSD: session.c,v 1.280 2016/02/16 03:37:48 djm Exp $ */ /* @@ -36,7 +36,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: session.c,v 1.18 2016/03/11 01:55:00 christos Exp $"); +__RCSID("$NetBSD: session.c,v 1.19 2016/04/14 16:42:09 christos Exp $"); #include #include #include @@ -1226,7 +1226,7 @@ do_setup_env(Session *s, const char *she * Pull in any environment variables that may have * been set by PAM. */ - if (options.use_pam) { + if (options.use_pam && !options.use_login) { char **p; p = fetch_pam_child_environment();
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Mar 16 21:06:06 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: kex.c Log Message: CID 1356388: Prevent DoS from Tainted scalar To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/kex.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/kex.c diff -u src/crypto/external/bsd/openssh/dist/kex.c:1.14 src/crypto/external/bsd/openssh/dist/kex.c:1.15 --- src/crypto/external/bsd/openssh/dist/kex.c:1.14 Thu Mar 10 20:55:00 2016 +++ src/crypto/external/bsd/openssh/dist/kex.c Wed Mar 16 17:06:06 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: kex.c,v 1.14 2016/03/11 01:55:00 christos Exp $ */ +/* $NetBSD: kex.c,v 1.15 2016/03/16 21:06:06 christos Exp $ */ /* $OpenBSD: kex.c,v 1.117 2016/02/08 10:57:07 djm Exp $ */ /* @@ -26,7 +26,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: kex.c,v 1.14 2016/03/11 01:55:00 christos Exp $"); +__RCSID("$NetBSD: kex.c,v 1.15 2016/03/16 21:06:06 christos Exp $"); #include /* MAX roundup */ #include @@ -364,6 +364,10 @@ kex_input_ext_info(int type, u_int32_t s ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, _protocol_error); if ((r = sshpkt_get_u32(ssh, )) != 0) return r; + if (ninfo > 1024) { + fatal("%s: too many %u fields", __func__, ninfo); + return SSH_ERR_INTERNAL_ERROR; + } for (i = 0; i < ninfo; i++) { if ((r = sshpkt_get_cstring(ssh, , NULL)) != 0) return r;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Mar 16 21:41:25 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-keygen.c Log Message: remove unused variable To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssh/dist/ssh-keygen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.c diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.22 src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.23 --- src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.22 Wed Mar 16 17:07:59 2016 +++ src/crypto/external/bsd/openssh/dist/ssh-keygen.c Wed Mar 16 17:41:25 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-keygen.c,v 1.22 2016/03/16 21:07:59 christos Exp $ */ +/* $NetBSD: ssh-keygen.c,v 1.23 2016/03/16 21:41:25 christos Exp $ */ /* $OpenBSD: ssh-keygen.c,v 1.288 2016/02/15 09:47:49 dtucker Exp $ */ /* @@ -15,7 +15,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: ssh-keygen.c,v 1.22 2016/03/16 21:07:59 christos Exp $"); +__RCSID("$NetBSD: ssh-keygen.c,v 1.23 2016/03/16 21:41:25 christos Exp $"); #include #include #include @@ -1906,7 +1906,6 @@ __dead static void do_show_cert(struct passwd *pw) { struct sshkey *key = NULL; - struct stat st; int r, is_stdin = 0, ok = 0; FILE *f; char *cp, line[SSH_MAX_PUBKEY_BYTES];
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Mar 16 20:55:54 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: packet.c Log Message: CID 1018734: Unitialized variable To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/packet.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.23 src/crypto/external/bsd/openssh/dist/packet.c:1.24 --- src/crypto/external/bsd/openssh/dist/packet.c:1.23 Thu Mar 10 20:55:00 2016 +++ src/crypto/external/bsd/openssh/dist/packet.c Wed Mar 16 16:55:54 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.23 2016/03/11 01:55:00 christos Exp $ */ +/* $NetBSD: packet.c,v 1.24 2016/03/16 20:55:54 christos Exp $ */ /* $OpenBSD: packet.c,v 1.229 2016/02/17 22:20:14 djm Exp $ */ /* @@ -40,7 +40,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: packet.c,v 1.23 2016/03/11 01:55:00 christos Exp $"); +__RCSID("$NetBSD: packet.c,v 1.24 2016/03/16 20:55:54 christos Exp $"); #include /* MIN roundup */ #include #include @@ -1387,7 +1387,7 @@ int ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) { struct session_state *state = ssh->state; - int len, r, ms_remain; + int len, r, ms_remain = 0; fd_set *setp; char buf[8192]; struct timeval timeout, start, *timeoutp = NULL;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Mar 16 21:07:59 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-keygen.c Log Message: CID 1356389: Remove TOCTOU. To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/ssh-keygen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.c diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.21 src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.22 --- src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.21 Fri Mar 11 08:15:02 2016 +++ src/crypto/external/bsd/openssh/dist/ssh-keygen.c Wed Mar 16 17:07:59 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-keygen.c,v 1.21 2016/03/11 13:15:02 christos Exp $ */ +/* $NetBSD: ssh-keygen.c,v 1.22 2016/03/16 21:07:59 christos Exp $ */ /* $OpenBSD: ssh-keygen.c,v 1.288 2016/02/15 09:47:49 dtucker Exp $ */ /* @@ -15,7 +15,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: ssh-keygen.c,v 1.21 2016/03/11 13:15:02 christos Exp $"); +__RCSID("$NetBSD: ssh-keygen.c,v 1.22 2016/03/16 21:07:59 christos Exp $"); #include #include #include @@ -1915,8 +1915,6 @@ do_show_cert(struct passwd *pw) if (!have_identity) ask_filename(pw, "Enter file in which the key is"); - if (strcmp(identity_file, "-") != 0 && stat(identity_file, ) < 0) - fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); path = identity_file; if (strcmp(path, "-") == 0) {
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Mar 16 21:00:37 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: sshconnect.c Log Message: CID 1356386: Don't leak sock To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/sshconnect.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshconnect.c diff -u src/crypto/external/bsd/openssh/dist/sshconnect.c:1.16 src/crypto/external/bsd/openssh/dist/sshconnect.c:1.17 --- src/crypto/external/bsd/openssh/dist/sshconnect.c:1.16 Thu Mar 10 20:55:00 2016 +++ src/crypto/external/bsd/openssh/dist/sshconnect.c Wed Mar 16 17:00:37 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: sshconnect.c,v 1.16 2016/03/11 01:55:00 christos Exp $ */ +/* $NetBSD: sshconnect.c,v 1.17 2016/03/16 21:00:37 christos Exp $ */ /* $OpenBSD: sshconnect.c,v 1.271 2016/01/14 22:56:56 markus Exp $ */ /* @@ -16,7 +16,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sshconnect.c,v 1.16 2016/03/11 01:55:00 christos Exp $"); +__RCSID("$NetBSD: sshconnect.c,v 1.17 2016/03/16 21:00:37 christos Exp $"); #include /* roundup */ #include #include @@ -1552,4 +1552,6 @@ maybe_add_key_to_agent(char *authfile, K debug("identity added to agent: %s", authfile); else debug("could not add identity to agent: %s (%d)", authfile, r); + + close(auth_sock); }
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Mar 16 20:57:46 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-keyscan.c Log Message: CID 1356384: Check returns To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/ssh-keyscan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-keyscan.c diff -u src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.15 src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.16 --- src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.15 Thu Mar 10 20:55:00 2016 +++ src/crypto/external/bsd/openssh/dist/ssh-keyscan.c Wed Mar 16 16:57:46 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-keyscan.c,v 1.15 2016/03/11 01:55:00 christos Exp $ */ +/* $NetBSD: ssh-keyscan.c,v 1.16 2016/03/16 20:57:46 christos Exp $ */ /* $OpenBSD: ssh-keyscan.c,v 1.105 2016/02/15 09:47:49 dtucker Exp $ */ /* @@ -10,7 +10,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: ssh-keyscan.c,v 1.15 2016/03/11 01:55:00 christos Exp $"); +__RCSID("$NetBSD: ssh-keyscan.c,v 1.16 2016/03/16 20:57:46 christos Exp $"); #include #include @@ -307,6 +307,7 @@ static void keyprint_one(char *host, struct sshkey *key) { char *hostport; + int r; if (hash_hosts && (host = host_hash(host, NULL, 0)) == NULL) fatal("host_hash failed"); @@ -314,7 +315,9 @@ keyprint_one(char *host, struct sshkey * hostport = put_host_port(host, ssh_port); if (!get_cert) fprintf(stdout, "%s ", hostport); - sshkey_write(key, stdout); + if ((r = sshkey_write(key, stdout)) != 0) + error("key_write failed: %s", ssh_err(r)); + fputs("\n", stdout); free(hostport); }
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Mar 11 13:15:02 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-keygen.c Log Message: Add more __dead; pointed out by clang (from tnn@) To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/ssh-keygen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.c diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.20 src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.21 --- src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.20 Thu Mar 10 20:55:00 2016 +++ src/crypto/external/bsd/openssh/dist/ssh-keygen.c Fri Mar 11 08:15:02 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-keygen.c,v 1.20 2016/03/11 01:55:00 christos Exp $ */ +/* $NetBSD: ssh-keygen.c,v 1.21 2016/03/11 13:15:02 christos Exp $ */ /* $OpenBSD: ssh-keygen.c,v 1.288 2016/02/15 09:47:49 dtucker Exp $ */ /* @@ -15,7 +15,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: ssh-keygen.c,v 1.20 2016/03/11 01:55:00 christos Exp $"); +__RCSID("$NetBSD: ssh-keygen.c,v 1.21 2016/03/11 13:15:02 christos Exp $"); #include #include #include @@ -821,7 +821,7 @@ try_read_key(char **cpp) return NULL; } -static __dead void +static void fingerprint_one_key(const struct sshkey *public, const char *comment) { char *fp = NULL, *ra = NULL; @@ -866,7 +866,7 @@ fingerprint_private(const char *path) free(comment); } -static void +__dead static void do_fingerprint(struct passwd *pw) { FILE *f; @@ -1902,7 +1902,7 @@ print_cert(struct sshkey *key) } } -static void +__dead static void do_show_cert(struct passwd *pw) { struct sshkey *key = NULL;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Mar 11 03:54:27 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: sshkey.h Log Message: fix pam build. To generate a diff of this commit: cvs rdiff -u -r1.1.1.5 -r1.2 src/crypto/external/bsd/openssh/dist/sshkey.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sshkey.h diff -u src/crypto/external/bsd/openssh/dist/sshkey.h:1.1.1.5 src/crypto/external/bsd/openssh/dist/sshkey.h:1.2 --- src/crypto/external/bsd/openssh/dist/sshkey.h:1.1.1.5 Thu Mar 10 20:50:02 2016 +++ src/crypto/external/bsd/openssh/dist/sshkey.h Thu Mar 10 22:54:27 2016 @@ -26,6 +26,7 @@ #ifndef SSHKEY_H #define SSHKEY_H +#include "includes.h" #include #ifdef WITH_OPENSSL
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: seanb Date: Thu Feb 4 15:04:11 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: session.c Log Message: - Avoid uninitialized variable usage in do_nologin() when HAVE_LOGIN_CAP isn't defined (which doesn't apply to NetBSD but...) and a root login is being evaluated. - From upstream. To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/session.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/session.c diff -u src/crypto/external/bsd/openssh/dist/session.c:1.16 src/crypto/external/bsd/openssh/dist/session.c:1.17 --- src/crypto/external/bsd/openssh/dist/session.c:1.16 Mon Jul 6 15:09:17 2015 +++ src/crypto/external/bsd/openssh/dist/session.c Thu Feb 4 15:04:11 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: session.c,v 1.16 2015/07/06 15:09:17 christos Exp $ */ +/* $NetBSD: session.c,v 1.17 2016/02/04 15:04:11 seanb Exp $ */ /* $OpenBSD: session.c,v 1.278 2015/04/24 01:36:00 deraadt Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen, Espoo, Finland @@ -35,7 +35,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: session.c,v 1.16 2015/07/06 15:09:17 christos Exp $"); +__RCSID("$NetBSD: session.c,v 1.17 2016/02/04 15:04:11 seanb Exp $"); #include #include #include @@ -1339,16 +1339,17 @@ do_nologin(struct passwd *pw) if (login_getcapbool(lc, "ignorenologin", 0) || pw->pw_uid == 0) return; nl = login_getcapstr(lc, "nologin", def_nl, def_nl); - +#else + if (pw->pw_uid == 0) + return; + nl = def_nl; +#endif if (stat(nl, ) == -1) { if (nl != def_nl) free(nl); return; } -#else - if (pw->pw_uid) - nl = def_nl; -#endif + /* /etc/nologin exists. Print its contents if we can and exit. */ logit("User %.100s not allowed because %s exists", pw->pw_name, nl); if ((f = fopen(nl, "r")) != NULL) {
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat Jan 23 00:03:30 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/dist: auth-pam.c auth.c auth1.c pfilter.c Log Message: add more blacklist rejection points. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/auth-pam.c cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/auth.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/auth1.c cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/pfilter.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth-pam.c diff -u src/crypto/external/bsd/openssh/dist/auth-pam.c:1.7 src/crypto/external/bsd/openssh/dist/auth-pam.c:1.8 --- src/crypto/external/bsd/openssh/dist/auth-pam.c:1.7 Thu Jul 2 20:59:59 2015 +++ src/crypto/external/bsd/openssh/dist/auth-pam.c Fri Jan 22 19:03:30 2016 @@ -50,7 +50,7 @@ /* * NetBSD local changes */ -__RCSID("$NetBSD: auth-pam.c,v 1.7 2015/07/03 00:59:59 christos Exp $"); +__RCSID("$NetBSD: auth-pam.c,v 1.8 2016/01/23 00:03:30 christos Exp $"); #undef USE_POSIX_THREADS /* Not yet */ #define HAVE_SECURITY_PAM_APPL_H #define HAVE_PAM_GETENVLIST @@ -114,6 +114,7 @@ void sshpam_password_change_required(int #include "ssh-gss.h" #endif #include "monitor_wrap.h" +#include "pfilter.h" extern ServerOptions options; extern Buffer loginmsg; @@ -809,6 +810,7 @@ sshpam_query(void *ctx, char **name, cha free(msg); return (0); } + pfilter_notify(1); error("PAM: %s for %s%.100s from %.100s", msg, sshpam_authctxt->valid ? "" : "illegal user ", sshpam_authctxt->user, Index: src/crypto/external/bsd/openssh/dist/auth.c diff -u src/crypto/external/bsd/openssh/dist/auth.c:1.15 src/crypto/external/bsd/openssh/dist/auth.c:1.16 --- src/crypto/external/bsd/openssh/dist/auth.c:1.15 Fri Aug 21 04:20:59 2015 +++ src/crypto/external/bsd/openssh/dist/auth.c Fri Jan 22 19:03:30 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: auth.c,v 1.15 2015/08/21 08:20:59 christos Exp $ */ +/* $NetBSD: auth.c,v 1.16 2016/01/23 00:03:30 christos Exp $ */ /* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth.c,v 1.15 2015/08/21 08:20:59 christos Exp $"); +__RCSID("$NetBSD: auth.c,v 1.16 2016/01/23 00:03:30 christos Exp $"); #include #include @@ -656,6 +656,7 @@ getpwnamallow(const char *user) pw = getpwnam(user); if (pw == NULL) { + pfilter_notify(1); logit("Invalid user %.100s from %.100s", user, get_remote_ipaddr()); return (NULL); Index: src/crypto/external/bsd/openssh/dist/auth1.c diff -u src/crypto/external/bsd/openssh/dist/auth1.c:1.12 src/crypto/external/bsd/openssh/dist/auth1.c:1.13 --- src/crypto/external/bsd/openssh/dist/auth1.c:1.12 Thu Jul 2 20:59:59 2015 +++ src/crypto/external/bsd/openssh/dist/auth1.c Fri Jan 22 19:03:30 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: auth1.c,v 1.12 2015/07/03 00:59:59 christos Exp $ */ +/* $NetBSD: auth1.c,v 1.13 2016/01/23 00:03:30 christos Exp $ */ /* $OpenBSD: auth1.c,v 1.82 2014/07/15 15:54:14 millert Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen, Espoo, Finland @@ -12,7 +12,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: auth1.c,v 1.12 2015/07/03 00:59:59 christos Exp $"); +__RCSID("$NetBSD: auth1.c,v 1.13 2016/01/23 00:03:30 christos Exp $"); #include #include @@ -376,6 +376,7 @@ do_authloop(Authctxt *authctxt) char *msg; size_t len; + pfilter_notify(1); error("Access denied for user %s by PAM account " "configuration", authctxt->user); len = buffer_len(); Index: src/crypto/external/bsd/openssh/dist/pfilter.c diff -u src/crypto/external/bsd/openssh/dist/pfilter.c:1.2 src/crypto/external/bsd/openssh/dist/pfilter.c:1.3 --- src/crypto/external/bsd/openssh/dist/pfilter.c:1.2 Sun Jan 25 22:57:17 2015 +++ src/crypto/external/bsd/openssh/dist/pfilter.c Fri Jan 22 19:03:30 2016 @@ -1,4 +1,5 @@ #include "namespace.h" +#include "includes.h" #include "ssh.h" #include "packet.h" #include "log.h"
CVS commit: src/crypto/external/bsd/openssh
Module Name:src Committed By: christos Date: Thu Jan 14 22:30:05 UTC 2016 Modified Files: src/crypto/external/bsd/openssh/bin/ssh: Makefile src/crypto/external/bsd/openssh/bin/sshd: Makefile src/crypto/external/bsd/openssh/dist: clientloop.c kex.c kex.h monitor.c monitor_wrap.c opacket.c opacket.h packet.c readconf.c readconf.h serverloop.c ssh.c ssh2.h sshconnect.c sshconnect2.c sshd.c version.h src/crypto/external/bsd/openssh/lib: Makefile shlib_version Removed Files: src/crypto/external/bsd/openssh/dist: roaming.h roaming_client.c roaming_common.c roaming_dummy.c roaming_serv.c Log Message: get rid of roaming (CVE-2016-0777) To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/bin/ssh/Makefile cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/bin/sshd/Makefile cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/clientloop.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/monitor_wrap.c \ src/crypto/external/bsd/openssh/dist/serverloop.c cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/kex.h cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/monitor.c \ src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/opacket.c cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/opacket.h cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/readconf.h \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.6 -r0 src/crypto/external/bsd/openssh/dist/roaming.h cvs rdiff -u -r1.7 -r0 src/crypto/external/bsd/openssh/dist/roaming_client.c cvs rdiff -u -r1.9 -r0 src/crypto/external/bsd/openssh/dist/roaming_common.c cvs rdiff -u -r1.4 -r0 src/crypto/external/bsd/openssh/dist/roaming_dummy.c \ src/crypto/external/bsd/openssh/dist/roaming_serv.c cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/ssh.c cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/ssh2.h cvs rdiff -u -r1.22 -r1.23 src/crypto/external/bsd/openssh/dist/sshconnect2.c \ src/crypto/external/bsd/openssh/dist/sshd.c cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/lib/Makefile cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/lib/shlib_version Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/bin/ssh/Makefile diff -u src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.8 src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.9 --- src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.8 Fri Aug 10 08:20:12 2012 +++ src/crypto/external/bsd/openssh/bin/ssh/Makefile Thu Jan 14 17:30:04 2016 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.8 2012/08/10 12:20:12 joerg Exp $ +# $NetBSD: Makefile,v 1.9 2016/01/14 22:30:04 christos Exp $ .include @@ -6,8 +6,7 @@ BINDIR = /usr/bin PROG= ssh SRCS= ssh.c readconf.c clientloop.c sshtty.c \ - sshconnect.c sshconnect1.c sshconnect2.c mux.c \ - roaming_common.c roaming_client.c + sshconnect.c sshconnect1.c sshconnect2.c mux.c COPTS.sshconnect1.c= -fno-strict-aliasing COPTS.mux.c= -Wno-pointer-sign Index: src/crypto/external/bsd/openssh/bin/sshd/Makefile diff -u src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.12 src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.13 --- src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.12 Sun Jan 25 22:57:17 2015 +++ src/crypto/external/bsd/openssh/bin/sshd/Makefile Thu Jan 14 17:30:04 2016 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.12 2015/01/26 03:57:17 christos Exp $ +# $NetBSD: Makefile,v 1.13 2016/01/14 22:30:04 christos Exp $ .include @@ -15,7 +15,7 @@ SRCS= sshd.c auth-rhosts.c auth-passwd.c auth2-none.c auth2-passwd.c auth2-pubkey.c \ monitor_mm.c monitor.c monitor_wrap.c \ kexdhs.c kexgexs.c kexecdhs.c sftp-server.c sftp-common.c \ - roaming_common.c roaming_serv.c sandbox-rlimit.c pfilter.c + sandbox-rlimit.c pfilter.c COPTS.auth-options.c= -Wno-pointer-sign COPTS.ldapauth.c= -Wno-format-nonliteral # XXX: should fix Index: src/crypto/external/bsd/openssh/dist/clientloop.c diff -u src/crypto/external/bsd/openssh/dist/clientloop.c:1.15 src/crypto/external/bsd/openssh/dist/clientloop.c:1.16 --- src/crypto/external/bsd/openssh/dist/clientloop.c:1.15 Thu Aug 13 06:33:21 2015 +++ src/crypto/external/bsd/openssh/dist/clientloop.c Thu Jan 14 17:30:04 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: clientloop.c,v 1.15 2015/08/13 10:33:21 christos Exp $ */ +/* $NetBSD: clientloop.c,v 1.16 2016/01/14 22:30:04 christos Exp $ */ /* $OpenBSD: clientloop.c,v 1.275 2015/07/10 06:21:53 markus Exp $ */ /* * Author: Tatu
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Dec 16 13:23:38 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: sftp.c Log Message: PR/50564: Rin Okuyama: sftp: filename completion is broken To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/sftp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sftp.c diff -u src/crypto/external/bsd/openssh/dist/sftp.c:1.16 src/crypto/external/bsd/openssh/dist/sftp.c:1.17 --- src/crypto/external/bsd/openssh/dist/sftp.c:1.16 Fri Aug 21 04:20:59 2015 +++ src/crypto/external/bsd/openssh/dist/sftp.c Wed Dec 16 08:23:38 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: sftp.c,v 1.16 2015/08/21 08:20:59 christos Exp $ */ +/* $NetBSD: sftp.c,v 1.17 2015/12/16 13:23:38 christos Exp $ */ /* $OpenBSD: sftp.c,v 1.171 2015/08/20 22:32:42 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller@@ -17,7 +17,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: sftp.c,v 1.16 2015/08/21 08:20:59 christos Exp $"); +__RCSID("$NetBSD: sftp.c,v 1.17 2015/12/16 13:23:38 christos Exp $"); #include /* MIN MAX */ #include #include @@ -1845,8 +1845,8 @@ complete_match(EditLine *el, struct sftp if (remote != LOCAL) { tmp = make_absolute(tmp, remote_path); remote_glob(conn, tmp, GLOB_DOOFFS|GLOB_MARK, NULL, ); + } else glob(tmp, GLOB_LIMIT|GLOB_DOOFFS|GLOB_MARK, NULL, ); - } /* Determine length of pwd so we can trim completion display */ for (hadglob = tmplen = pwdlen = 0; tmp[tmplen] != 0; tmplen++) {
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Nov 12 20:14:55 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: moduli Log Message: put back the old ones until the rest is generated To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/moduli Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/moduli diff -u src/crypto/external/bsd/openssh/dist/moduli:1.5 src/crypto/external/bsd/openssh/dist/moduli:1.6 --- src/crypto/external/bsd/openssh/dist/moduli:1.5 Thu Nov 12 13:28:34 2015 +++ src/crypto/external/bsd/openssh/dist/moduli Thu Nov 12 15:14:55 2015 @@ -1,42 +1,187 @@ -# $NetBSD: moduli,v 1.5 2015/11/12 18:28:34 christos Exp $ +# $NetBSD: moduli,v 1.6 2015/11/12 20:14:55 christos Exp $ +# $OpenBSD: moduli,v 1.2 2004/01/28 04:44:00 dtucker Exp $ # Time Type Tests Tries Size Generator Modulus -20151112182404 2 6 100 1023 5 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1AE85A87 -20151112182405 2 6 100 1023 2 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1AED242B -20151112182405 2 6 100 1023 5 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1AF6D7BF -20151112182406 2 6 100 1023 2 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1B038613 -20151112182406 2 6 100 1023 5 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1B0FE1E7 -20151112182408 2 6 100 1023 2 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1B3BC8CB -20151112182408 2 6 100 1023 2 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1B3BFB9B -20151112182409 2 6 100 1023 5 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1B519C9F -20151112182409 2 6 100 1023 2 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1B619623 -20151112182410 2 6 100 1023 5 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1B74C0F7 -20151112182412 2 6 100 1023 5 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1BB00937 -20151112182412 2 6 100 1023 5 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1BB071BF -20151112182413 2 6 100 1023 5 F4B6E11D2F628682F06FD44603E6290F595E68A4368D9F9C92E776DBCE0B58C6685EB4A465DC8330E7C4431F7B8550F879B82431B36197C05357C0757465E712313E08BEB9CEA4054B718263F65BE3A52C5B5C3029FF709C1CB85BA7F9869C291A43D3AEC639085745426F48404C17BD6AF849C78DA0A94E90D5250B1BC061A7 -20151112182413 2 6 100 1023 2
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Nov 12 18:28:34 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: moduli Log Message: Regen; it's been a *long* while. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/moduli Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/moduli diff -u src/crypto/external/bsd/openssh/dist/moduli:1.4 src/crypto/external/bsd/openssh/dist/moduli:1.5 --- src/crypto/external/bsd/openssh/dist/moduli:1.4 Fri Apr 3 19:58:19 2015 +++ src/crypto/external/bsd/openssh/dist/moduli Thu Nov 12 13:28:34 2015 @@ -1,187 +1,42 @@ -# $NetBSD: moduli,v 1.4 2015/04/03 23:58:19 christos Exp $ -# $OpenBSD: moduli,v 1.2 2004/01/28 04:44:00 dtucker Exp $ +# $NetBSD: moduli,v 1.5 2015/11/12 18:28:34 christos Exp $ # Time Type Tests Tries Size Generator Modulus -20031210004503 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB -20031210004553 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22D0A0D7 -20031210004628 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22D6CB97 -20031210004801 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22F2D1B7 -20031210004827 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22F5615B -20031210004919 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230138C3 -20031210004952 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2305F6A3 -20031210005018 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230801DB -20031210005043 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230A0383 -20031210005147 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB231C3A7F -20031210005230 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23249C1B -20031210005301 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23288F0F -20031210005438 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2344EC9B -20031210005548 2 6 100 1023 2
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Fri Aug 21 08:20:59 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: auth.c compat.c dns.c mux.c packet.c sftp-server.c sftp.c ssh-keygen.1 ssh-keygen.c ssh-pkcs11-helper.c ssh_config.5 sshconnect.c sshd.c sshd_config.5 sshkey.c version.h Log Message: merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/ssh-keygen.1 cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/compat.c \ src/crypto/external/bsd/openssh/dist/mux.c \ src/crypto/external/bsd/openssh/dist/sftp-server.c \ src/crypto/external/bsd/openssh/dist/sshconnect.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/dns.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/sftp.c \ src/crypto/external/bsd/openssh/dist/ssh_config.5 cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/sshd.c cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/sshd_config.5 cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/sshkey.c cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth.c diff -u src/crypto/external/bsd/openssh/dist/auth.c:1.14 src/crypto/external/bsd/openssh/dist/auth.c:1.15 --- src/crypto/external/bsd/openssh/dist/auth.c:1.14 Thu Aug 13 06:33:21 2015 +++ src/crypto/external/bsd/openssh/dist/auth.c Fri Aug 21 04:20:59 2015 @@ -1,5 +1,5 @@ -/* $NetBSD: auth.c,v 1.14 2015/08/13 10:33:21 christos Exp $ */ -/* $OpenBSD: auth.c,v 1.112 2015/08/06 14:53:21 deraadt Exp $ */ +/* $NetBSD: auth.c,v 1.15 2015/08/21 08:20:59 christos Exp $ */ +/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -25,7 +25,7 @@ */ #include includes.h -__RCSID($NetBSD: auth.c,v 1.14 2015/08/13 10:33:21 christos Exp $); +__RCSID($NetBSD: auth.c,v 1.15 2015/08/21 08:20:59 christos Exp $); #include sys/types.h #include sys/stat.h @@ -392,7 +392,7 @@ auth_root_allowed(const char *method) case PERMIT_NO_PASSWD: if (strcmp(method, publickey) == 0 || strcmp(method, hostbased) == 0 || - strcmp(method, gssapi-with-mic)) + strcmp(method, gssapi-with-mic) == 0) return 1; break; case PERMIT_FORCED_ONLY: Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.1 diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.14 src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.15 --- src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.14 Thu Aug 13 06:33:21 2015 +++ src/crypto/external/bsd/openssh/dist/ssh-keygen.1 Fri Aug 21 04:20:59 2015 @@ -1,5 +1,5 @@ -.\ $NetBSD: ssh-keygen.1,v 1.14 2015/08/13 10:33:21 christos Exp $ -.\ $OpenBSD: ssh-keygen.1,v 1.126 2015/07/03 03:49:45 djm Exp $ +.\ $NetBSD: ssh-keygen.1,v 1.15 2015/08/21 08:20:59 christos Exp $ +.\ $OpenBSD: ssh-keygen.1,v 1.127 2015/08/20 19:20:06 naddy Exp $ .\ .\ -*- nroff -*- .\ @@ -38,7 +38,7 @@ .\ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\ -.Dd July 3 2015 +.Dd August 20 2015 .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -686,7 +686,7 @@ and identifying the CA key by providing to .Fl s : .Pp -.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub +.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id user_key.pub .Pp In all cases, .Ar key_id @@ -699,7 +699,7 @@ By default, generated certificates are v To generate a certificate for a specified set of principals: .Pp .Dl $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub -.Dl $ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub +.Dl $ ssh-keygen -s ca_key -I key_id -h -n host.domain host_key.pub .Pp Additional limitations on the validity and use of user certificates may be specified through certificate options. Index: src/crypto/external/bsd/openssh/dist/compat.c diff -u src/crypto/external/bsd/openssh/dist/compat.c:1.12 src/crypto/external/bsd/openssh/dist/compat.c:1.13 --- src/crypto/external/bsd/openssh/dist/compat.c:1.12 Thu Aug 13 06:33:21 2015 +++ src/crypto/external/bsd/openssh/dist/compat.c Fri Aug 21 04:20:59 2015 @@ -1,5 +1,5 @@ -/* $NetBSD: compat.c,v 1.12 2015/08/13 10:33:21 christos Exp $ */ -/* $OpenBSD: compat.c,v 1.96 2015/07/28 23:20:42 djm Exp $ */ +/* $NetBSD: compat.c,v 1.13 2015/08/21 08:20:59 christos Exp $ */ +/* $OpenBSD: compat.c,v 1.97 2015/08/19
CVS commit: src/crypto/external/bsd/openssh/lib
Module Name:src Committed By: christos Date: Thu Aug 13 10:32:36 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/lib: shlib_version Log Message: bump version To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/lib/shlib_version Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/lib/shlib_version diff -u src/crypto/external/bsd/openssh/lib/shlib_version:1.14 src/crypto/external/bsd/openssh/lib/shlib_version:1.15 --- src/crypto/external/bsd/openssh/lib/shlib_version:1.14 Thu Jul 2 21:00:00 2015 +++ src/crypto/external/bsd/openssh/lib/shlib_version Thu Aug 13 06:32:36 2015 @@ -1,5 +1,5 @@ -# $NetBSD: shlib_version,v 1.14 2015/07/03 01:00:00 christos Exp $ +# $NetBSD: shlib_version,v 1.15 2015/08/13 10:32:36 christos Exp $ # Remember to update distrib/sets/lists/base/shl.* when changing # -major=25 +major=26 minor=0
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Thu Aug 13 10:33:21 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: OVERVIEW PROTOCOL PROTOCOL.mux addrmatch.c auth-options.c auth.c auth2-chall.c authfd.c authfile.c cipher.h clientloop.c compat.c kex.c kex.h key.c key.h krl.c log.c monitor.c myproposal.h packet.c readconf.c readconf.h scp.1 servconf.c servconf.h ssh-add.c ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh-keysign.c ssh-pkcs11.c ssh.1 ssh.c ssh.h ssh_config.5 sshconnect2.c sshd.8 sshd.c sshd_config sshd_config.5 sshkey.c sshpty.c version.h Log Message: merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/OVERVIEW \ src/crypto/external/bsd/openssh/dist/sshkey.c \ src/crypto/external/bsd/openssh/dist/sshpty.c cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/PROTOCOL \ src/crypto/external/bsd/openssh/dist/krl.c cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/PROTOCOL.mux \ src/crypto/external/bsd/openssh/dist/cipher.h cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/addrmatch.c \ src/crypto/external/bsd/openssh/dist/auth2-chall.c \ src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c cvs rdiff -u -r1.10 -r1.11 \ src/crypto/external/bsd/openssh/dist/auth-options.c cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/auth.c \ src/crypto/external/bsd/openssh/dist/ssh-keygen.1 cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/authfd.c \ src/crypto/external/bsd/openssh/dist/kex.h \ src/crypto/external/bsd/openssh/dist/key.h \ src/crypto/external/bsd/openssh/dist/scp.1 \ src/crypto/external/bsd/openssh/dist/ssh-keysign.c cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/authfile.c \ src/crypto/external/bsd/openssh/dist/compat.c \ src/crypto/external/bsd/openssh/dist/kex.c \ src/crypto/external/bsd/openssh/dist/myproposal.h \ src/crypto/external/bsd/openssh/dist/ssh-add.c cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/clientloop.c \ src/crypto/external/bsd/openssh/dist/ssh_config.5 \ src/crypto/external/bsd/openssh/dist/sshd.8 \ src/crypto/external/bsd/openssh/dist/sshd_config cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/key.c cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/log.c \ src/crypto/external/bsd/openssh/dist/readconf.h \ src/crypto/external/bsd/openssh/dist/servconf.h cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/monitor.c \ src/crypto/external/bsd/openssh/dist/readconf.c \ src/crypto/external/bsd/openssh/dist/ssh-agent.c \ src/crypto/external/bsd/openssh/dist/ssh.1 \ src/crypto/external/bsd/openssh/dist/version.h cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/packet.c cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/servconf.c \ src/crypto/external/bsd/openssh/dist/ssh.c \ src/crypto/external/bsd/openssh/dist/sshd_config.5 cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/ssh-keygen.c cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/ssh.h cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/sshconnect2.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/OVERVIEW diff -u src/crypto/external/bsd/openssh/dist/OVERVIEW:1.4 src/crypto/external/bsd/openssh/dist/OVERVIEW:1.5 --- src/crypto/external/bsd/openssh/dist/OVERVIEW:1.4 Fri Apr 3 19:58:19 2015 +++ src/crypto/external/bsd/openssh/dist/OVERVIEW Thu Aug 13 06:33:21 2015 @@ -65,8 +65,8 @@ these programs. packets. CRC code comes from crc32.c. - The code in packet.c calls the buffer manipulation routines - (buffer.c, bufaux.c), compression routines (compress.c, zlib), - and the encryption routines. + (buffer.c, bufaux.c), compression routines (zlib), and the + encryption routines. X11, TCP/IP, and Agent forwarding @@ -165,5 +165,5 @@ these programs. uidswap.cuid-swapping xmalloc.csafe malloc routines -$OpenBSD: OVERVIEW,v 1.11 2006/08/03 03:34:41 deraadt Exp $ -$NetBSD: OVERVIEW,v 1.4 2015/04/03 23:58:19 christos Exp $ +$OpenBSD: OVERVIEW,v 1.12 2015/07/08 19:01:15 markus Exp $ +$NetBSD: OVERVIEW,v 1.5 2015/08/13 10:33:21 christos Exp $ Index: src/crypto/external/bsd/openssh/dist/sshkey.c diff -u src/crypto/external/bsd/openssh/dist/sshkey.c:1.4 src/crypto/external/bsd/openssh/dist/sshkey.c:1.5 --- src/crypto/external/bsd/openssh/dist/sshkey.c:1.4 Thu Jul 2 21:00:00 2015 +++ src/crypto/external/bsd/openssh/dist/sshkey.c Thu Aug 13 06:33:21 2015 @@ -1,5 +1,5 @@ -/* $NetBSD: sshkey.c,v 1.4 2015/07/03 01:00:00
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Wed Jul 29 15:04:40 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: auth2-chall.c Log Message: From FreeBSD: A remote attacker may effectively bypass MaxAuthTries settings, which would enable them to brute force passwords. [CVE-2015-5600] XXX: pullup-7 To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/auth2-chall.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth2-chall.c diff -u src/crypto/external/bsd/openssh/dist/auth2-chall.c:1.7 src/crypto/external/bsd/openssh/dist/auth2-chall.c:1.8 --- src/crypto/external/bsd/openssh/dist/auth2-chall.c:1.7 Fri Apr 3 19:58:19 2015 +++ src/crypto/external/bsd/openssh/dist/auth2-chall.c Wed Jul 29 11:04:40 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: auth2-chall.c,v 1.7 2015/04/03 23:58:19 christos Exp $ */ +/* $NetBSD: auth2-chall.c,v 1.8 2015/07/29 15:04:40 christos Exp $ */ /* $OpenBSD: auth2-chall.c,v 1.42 2015/01/19 20:07:45 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ */ #include includes.h -__RCSID($NetBSD: auth2-chall.c,v 1.7 2015/04/03 23:58:19 christos Exp $); +__RCSID($NetBSD: auth2-chall.c,v 1.8 2015/07/29 15:04:40 christos Exp $); #include sys/types.h #include stdio.h @@ -83,6 +83,7 @@ struct KbdintAuthctxt void *ctxt; KbdintDevice *device; u_int nreq; + u_int devices_done; }; #ifdef USE_PAM @@ -170,11 +171,15 @@ kbdint_next_device(Authctxt *authctxt, K if (len == 0) break; for (i = 0; devices[i]; i++) { - if (!auth2_method_allowed(authctxt, + if ((kbdintctxt-devices_done (1 i)) != 0 || + !auth2_method_allowed(authctxt, keyboard-interactive, devices[i]-name)) continue; - if (strncmp(kbdintctxt-devices, devices[i]-name, len) == 0) + if (strncmp(kbdintctxt-devices, devices[i]-name, + len) == 0) { kbdintctxt-device = devices[i]; +kbdintctxt-devices_done |= 1 i; + } } t = kbdintctxt-devices; kbdintctxt-devices = t[len] ? xstrdup(t+len+1) : NULL;
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Jul 6 15:09:17 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: auth2-pubkey.c readconf.c session.c ssh.c sshconnect2.c sshd.c Log Message: CID 1309355: check error return from closefrom(3) where appropriate. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/readconf.c cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/session.c cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/ssh.c cvs rdiff -u -r1.20 -r1.21 src/crypto/external/bsd/openssh/dist/sshconnect2.c cvs rdiff -u -r1.19 -r1.20 src/crypto/external/bsd/openssh/dist/sshd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/auth2-pubkey.c diff -u src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.12 src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.13 --- src/crypto/external/bsd/openssh/dist/auth2-pubkey.c:1.12 Thu Jul 2 20:59:59 2015 +++ src/crypto/external/bsd/openssh/dist/auth2-pubkey.c Mon Jul 6 11:09:17 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: auth2-pubkey.c,v 1.12 2015/07/03 00:59:59 christos Exp $ */ +/* $NetBSD: auth2-pubkey.c,v 1.13 2015/07/06 15:09:17 christos Exp $ */ /* $OpenBSD: auth2-pubkey.c,v 1.53 2015/06/15 18:44:22 jsing Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include includes.h -__RCSID($NetBSD: auth2-pubkey.c,v 1.12 2015/07/03 00:59:59 christos Exp $); +__RCSID($NetBSD: auth2-pubkey.c,v 1.13 2015/07/06 15:09:17 christos Exp $); #include sys/types.h #include sys/stat.h #include sys/wait.h @@ -474,7 +474,10 @@ subprocess(const char *tag, struct passw error(%s: dup2: %s, tag, strerror(errno)); _exit(1); } - closefrom(STDERR_FILENO + 1); + if (closefrom(STDERR_FILENO + 1) == -1) { + error(closefrom: %s, strerror(errno)); + _exit(1); + } /* Don't use permanently_set_uid() here to avoid fatal() */ if (setgid(pw-pw_gid) == -1) { Index: src/crypto/external/bsd/openssh/dist/readconf.c diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.14 src/crypto/external/bsd/openssh/dist/readconf.c:1.15 --- src/crypto/external/bsd/openssh/dist/readconf.c:1.14 Thu Jul 2 21:00:00 2015 +++ src/crypto/external/bsd/openssh/dist/readconf.c Mon Jul 6 11:09:17 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: readconf.c,v 1.14 2015/07/03 01:00:00 christos Exp $ */ +/* $NetBSD: readconf.c,v 1.15 2015/07/06 15:09:17 christos Exp $ */ /* $OpenBSD: readconf.c,v 1.237 2015/06/26 05:13:20 djm Exp $ */ /* * Author: Tatu Ylonen y...@cs.hut.fi @@ -14,7 +14,7 @@ */ #include includes.h -__RCSID($NetBSD: readconf.c,v 1.14 2015/07/03 01:00:00 christos Exp $); +__RCSID($NetBSD: readconf.c,v 1.15 2015/07/06 15:09:17 christos Exp $); #include sys/types.h #include sys/stat.h #include sys/socket.h @@ -467,7 +467,8 @@ execute_in_shell(const char *cmd) fatal(dup2: %s, strerror(errno)); if (devnull STDERR_FILENO) close(devnull); - closefrom(STDERR_FILENO + 1); + if (closefrom(STDERR_FILENO + 1) == -1) + fatal(closefrom: %s, strerror(errno)); argv[0] = __UNCONST(shell); argv[1] = __UNCONST(-c); Index: src/crypto/external/bsd/openssh/dist/session.c diff -u src/crypto/external/bsd/openssh/dist/session.c:1.15 src/crypto/external/bsd/openssh/dist/session.c:1.16 --- src/crypto/external/bsd/openssh/dist/session.c:1.15 Thu Jul 2 21:00:00 2015 +++ src/crypto/external/bsd/openssh/dist/session.c Mon Jul 6 11:09:17 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: session.c,v 1.15 2015/07/03 01:00:00 christos Exp $ */ +/* $NetBSD: session.c,v 1.16 2015/07/06 15:09:17 christos Exp $ */ /* $OpenBSD: session.c,v 1.278 2015/04/24 01:36:00 deraadt Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen y...@cs.hut.fi, Espoo, Finland @@ -35,7 +35,7 @@ */ #include includes.h -__RCSID($NetBSD: session.c,v 1.15 2015/07/03 01:00:00 christos Exp $); +__RCSID($NetBSD: session.c,v 1.16 2015/07/06 15:09:17 christos Exp $); #include sys/types.h #include sys/wait.h #include sys/un.h @@ -1557,7 +1557,7 @@ child_close_fds(void) * initgroups, because at least on Solaris 2.3 it leaves file * descriptors open. */ - closefrom(STDERR_FILENO + 1); + (void)closefrom(STDERR_FILENO + 1); } /* @@ -1688,7 +1688,7 @@ do_child(Session *s, const char *command exit(1); } - closefrom(STDERR_FILENO + 1); + (void)closefrom(STDERR_FILENO + 1); if (!options.use_login) do_rc_files(s, shell); Index: src/crypto/external/bsd/openssh/dist/ssh.c diff -u src/crypto/external/bsd/openssh/dist/ssh.c:1.17 src/crypto/external/bsd/openssh/dist/ssh.c:1.18 --- src/crypto/external/bsd/openssh/dist/ssh.c:1.17 Thu Jul 2 21:00:00 2015 +++ src/crypto/external/bsd/openssh/dist/ssh.c Mon Jul 6 11:09:17 2015 @@ -1,4 +1,4 @@ -/*
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Sat May 16 14:17:28 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: compat.c Log Message: Pass the correct length to match_patter_list; from Hanno Boeck. XXX: pullup-7 To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/compat.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/compat.c diff -u src/crypto/external/bsd/openssh/dist/compat.c:1.9 src/crypto/external/bsd/openssh/dist/compat.c:1.10 --- src/crypto/external/bsd/openssh/dist/compat.c:1.9 Fri Apr 3 19:58:19 2015 +++ src/crypto/external/bsd/openssh/dist/compat.c Sat May 16 10:17:28 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: compat.c,v 1.9 2015/04/03 23:58:19 christos Exp $ */ +/* $NetBSD: compat.c,v 1.10 2015/05/16 14:17:28 christos Exp $ */ /* $OpenBSD: compat.c,v 1.87 2015/01/19 20:20:20 markus Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. @@ -25,7 +25,7 @@ */ #include includes.h -__RCSID($NetBSD: compat.c,v 1.9 2015/04/03 23:58:19 christos Exp $); +__RCSID($NetBSD: compat.c,v 1.10 2015/05/16 14:17:28 christos Exp $); #include sys/types.h #include stdlib.h @@ -242,7 +242,7 @@ filter_proposal(const char *proposal, co buffer_init(b); tmp = orig_prop = xstrdup(proposal); while ((cp = strsep(tmp, ,)) != NULL) { - if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) { + if (match_pattern_list(cp, filter, strlen(filter), 0) != 1) { if (buffer_len(b) 0) buffer_append(b, ,, 1); buffer_append(b, cp, strlen(cp));
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Apr 13 17:35:16 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: sftp.c Log Message: CID 996110: Fix memory leak To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/sftp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/sftp.c diff -u src/crypto/external/bsd/openssh/dist/sftp.c:1.14 src/crypto/external/bsd/openssh/dist/sftp.c:1.15 --- src/crypto/external/bsd/openssh/dist/sftp.c:1.14 Fri Apr 3 19:58:19 2015 +++ src/crypto/external/bsd/openssh/dist/sftp.c Mon Apr 13 13:35:16 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: sftp.c,v 1.14 2015/04/03 23:58:19 christos Exp $ */ +/* $NetBSD: sftp.c,v 1.15 2015/04/13 17:35:16 christos Exp $ */ /* $OpenBSD: sftp.c,v 1.170 2015/01/20 23:14:00 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller d...@openbsd.org @@ -17,7 +17,7 @@ */ #include includes.h -__RCSID($NetBSD: sftp.c,v 1.14 2015/04/03 23:58:19 christos Exp $); +__RCSID($NetBSD: sftp.c,v 1.15 2015/04/13 17:35:16 christos Exp $); #include sys/param.h /* MIN MAX */ #include sys/types.h #include sys/ioctl.h @@ -732,6 +732,8 @@ process_put(struct sftp_conn *conn, char fflag || global_fflag) == -1) err = -1; } + free(abs_dst); + abs_dst = NULL; } out:
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Apr 13 17:54:52 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: ssh-keyscan.c Log Message: CID 1293644: Check returns To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/ssh-keyscan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/ssh-keyscan.c diff -u src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.12 src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.13 --- src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.12 Sat Apr 4 09:59:20 2015 +++ src/crypto/external/bsd/openssh/dist/ssh-keyscan.c Mon Apr 13 13:54:52 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-keyscan.c,v 1.12 2015/04/04 13:59:20 christos Exp $ */ +/* $NetBSD: ssh-keyscan.c,v 1.13 2015/04/13 17:54:52 christos Exp $ */ /* $OpenBSD: ssh-keyscan.c,v 1.99 2015/01/30 10:44:49 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres d...@lcs.mit.edu. @@ -9,7 +9,7 @@ */ #include includes.h -__RCSID($NetBSD: ssh-keyscan.c,v 1.12 2015/04/04 13:59:20 christos Exp $); +__RCSID($NetBSD: ssh-keyscan.c,v 1.13 2015/04/13 17:54:52 christos Exp $); #include sys/param.h #include sys/types.h @@ -284,6 +284,7 @@ static void keyprint(con *c, struct sshkey *key) { char *host = c-c_output_name ? c-c_output_name : c-c_name; + int r; if (!key) return; @@ -291,7 +292,9 @@ keyprint(con *c, struct sshkey *key) fatal(host_hash failed); fprintf(stdout, %s , host); - sshkey_write(key, stdout); + if ((r = sshkey_write(key, stdout)) != 0) + fprintf(stderr, key_write failed: %s, ssh_err(r)); + fputs(\n, stdout); }
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Apr 13 17:59:21 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: clientloop.c Log Message: CID 1293652: Forward NULL deref To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/clientloop.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/clientloop.c diff -u src/crypto/external/bsd/openssh/dist/clientloop.c:1.12 src/crypto/external/bsd/openssh/dist/clientloop.c:1.13 --- src/crypto/external/bsd/openssh/dist/clientloop.c:1.12 Fri Apr 3 19:58:19 2015 +++ src/crypto/external/bsd/openssh/dist/clientloop.c Mon Apr 13 13:59:21 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: clientloop.c,v 1.12 2015/04/03 23:58:19 christos Exp $ */ +/* $NetBSD: clientloop.c,v 1.13 2015/04/13 17:59:21 christos Exp $ */ /* $OpenBSD: clientloop.c,v 1.272 2015/02/25 19:54:02 djm Exp $ */ /* * Author: Tatu Ylonen y...@cs.hut.fi @@ -61,7 +61,7 @@ */ #include includes.h -__RCSID($NetBSD: clientloop.c,v 1.12 2015/04/03 23:58:19 christos Exp $); +__RCSID($NetBSD: clientloop.c,v 1.13 2015/04/13 17:59:21 christos Exp $); #include sys/param.h /* MIN MAX */ #include sys/types.h @@ -1594,7 +1594,8 @@ client_loop(int have_pty, int escape_cha channel_after_select(readset, writeset); if (need_rekeying || packet_need_rekeying()) { debug(need rekeying); -active_state-kex-done = 0; +if (active_state-kex != NULL) + active_state-kex-done = 0; if ((r = kex_send_kexinit(active_state)) != 0) fatal(%s: kex_send_kexinit: %s, __func__, ssh_err(r));
CVS commit: src/crypto/external/bsd/openssh/dist
Module Name:src Committed By: christos Date: Mon Apr 13 17:38:20 UTC 2015 Modified Files: src/crypto/external/bsd/openssh/dist: packet.c Log Message: CID 1018734: Fix uninit To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/packet.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssh/dist/packet.c diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.17 src/crypto/external/bsd/openssh/dist/packet.c:1.18 --- src/crypto/external/bsd/openssh/dist/packet.c:1.17 Wed Apr 8 11:49:46 2015 +++ src/crypto/external/bsd/openssh/dist/packet.c Mon Apr 13 13:38:20 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: packet.c,v 1.17 2015/04/08 15:49:46 christos Exp $ */ +/* $NetBSD: packet.c,v 1.18 2015/04/13 17:38:20 christos Exp $ */ /* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */ /* * Author: Tatu Ylonen y...@cs.hut.fi @@ -39,7 +39,7 @@ */ #include includes.h -__RCSID($NetBSD: packet.c,v 1.17 2015/04/08 15:49:46 christos Exp $); +__RCSID($NetBSD: packet.c,v 1.18 2015/04/13 17:38:20 christos Exp $); #include sys/param.h /* MIN roundup */ #include sys/types.h #include sys/queue.h @@ -1262,7 +1262,7 @@ int ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) { struct session_state *state = ssh-state; - int len, r, ms_remain, cont; + int len, r, ms_remain = 0, cont; fd_set *setp; char buf[8192]; struct timeval timeout, start, *timeoutp = NULL;