Module Name: src
Committed By: christos
Date: Tue Feb 18 17:53:25 UTC 2025
Modified Files:
src/crypto/external/bsd/openssh/dist: gss-serv.c krl.c misc.c misc.h
packet.c readconf.c servconf.c ssh-agent.c ssh-sk-client.c
sshconnect2.c sshsig.c version.h
src/crypto/external/bsd/openssh/lib: shlib_version ssh.expsym
src/crypto/external/bsd/openssh/libexec: Makefile.inc
Log Message:
Bring in changes from OpenSSH-9.9p2:
Security
========
* Fix CVE-2025-26465 - ssh(1) in OpenSSH versions 6.8p1 to 9.9p1
(inclusive) contained a logic error that allowed an on-path
attacker (a.k.a MITM) to impersonate any server when the
VerifyHostKeyDNS option is enabled. This option is off by default.
* Fix CVE-2025-26466 - sshd(8) in OpenSSH versions 9.5p1 to 9.9p1
(inclusive) is vulnerable to a memory/CPU denial-of-service related
to the handling of SSH2_MSG_PING packets. This condition may be
mitigated using the existing PerSourcePenalties feature.
Both vulnerabilities were discovered and demonstrated to be exploitable
by the Qualys Security Advisory team. We thank them for their detailed
review of OpenSSH.
For OpenBSD, fixes to these problems are available as errata; refer
to https://www.openbsd.org/errata.html
Bugfixes
========
* ssh(1), sshd(8): fix regression in Match directive that caused
failures when predicates and their arguments were separated by '='
characters instead of whitespace (bz3739).
* sshd(8): fix the "Match invalid-user" predicate, which was matching
incorrectly in the initial pass of config evaluation.
* ssh(1), sshd(8), ssh-keyscan(1): fix mlkem768x25519-sha256 key
exchange on big-endian systems.
* Fix a number of build problems on particular operating systems /
configurations.
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/gss-serv.c
cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/krl.c
cvs rdiff -u -r1.37 -r1.38 src/crypto/external/bsd/openssh/dist/misc.c
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/misc.h
cvs rdiff -u -r1.52 -r1.53 src/crypto/external/bsd/openssh/dist/packet.c
cvs rdiff -u -r1.47 -r1.48 src/crypto/external/bsd/openssh/dist/readconf.c
cvs rdiff -u -r1.48 -r1.49 src/crypto/external/bsd/openssh/dist/servconf.c \
src/crypto/external/bsd/openssh/dist/version.h
cvs rdiff -u -r1.39 -r1.40 src/crypto/external/bsd/openssh/dist/ssh-agent.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/ssh-sk-client.c
cvs rdiff -u -r1.49 -r1.50 src/crypto/external/bsd/openssh/dist/sshconnect2.c
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/sshsig.c
cvs rdiff -u -r1.38 -r1.39 src/crypto/external/bsd/openssh/lib/shlib_version
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/lib/ssh.expsym
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/libexec/Makefile.inc
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssh/dist/gss-serv.c
diff -u src/crypto/external/bsd/openssh/dist/gss-serv.c:1.15 src/crypto/external/bsd/openssh/dist/gss-serv.c:1.16
--- src/crypto/external/bsd/openssh/dist/gss-serv.c:1.15 Thu May 28 13:05:49 2020
+++ src/crypto/external/bsd/openssh/dist/gss-serv.c Tue Feb 18 12:53:24 2025
@@ -1,4 +1,4 @@
-/* $NetBSD: gss-serv.c,v 1.15 2020/05/28 17:05:49 christos Exp $ */
+/* $NetBSD: gss-serv.c,v 1.16 2025/02/18 17:53:24 christos Exp $ */
/* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */
/*
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: gss-serv.c,v 1.15 2020/05/28 17:05:49 christos Exp $");
+__RCSID("$NetBSD: gss-serv.c,v 1.16 2025/02/18 17:53:24 christos Exp $");
#include <sys/param.h>
#include <sys/types.h>
Index: src/crypto/external/bsd/openssh/dist/krl.c
diff -u src/crypto/external/bsd/openssh/dist/krl.c:1.23 src/crypto/external/bsd/openssh/dist/krl.c:1.24
--- src/crypto/external/bsd/openssh/dist/krl.c:1.23 Wed Oct 25 16:19:57 2023
+++ src/crypto/external/bsd/openssh/dist/krl.c Tue Feb 18 12:53:24 2025
@@ -1,5 +1,5 @@
-/* $NetBSD: krl.c,v 1.23 2023/10/25 20:19:57 christos Exp $ */
-/* $OpenBSD: krl.c,v 1.59 2023/07/17 05:22:30 djm Exp $ */
+/* $NetBSD: krl.c,v 1.24 2025/02/18 17:53:24 christos Exp $ */
+/* $OpenBSD: krl.c,v 1.60 2025/02/18 08:02:48 djm Exp $ */
/*
* Copyright (c) 2012 Damien Miller <d...@mindrot.org>
@@ -18,7 +18,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: krl.c,v 1.23 2023/10/25 20:19:57 christos Exp $");
+__RCSID("$NetBSD: krl.c,v 1.24 2025/02/18 17:53:24 christos Exp $");
#include <sys/types.h>
#include <sys/tree.h>
@@ -681,6 +681,7 @@ revoked_certs_generate(struct revoked_ce
break;
case KRL_SECTION_CERT_SERIAL_BITMAP:
if (rs->lo - bitmap_start > INT_MAX) {
+ r = SSH_ERR_INVALID_FORMAT;
error_f("insane bitmap gap");
goto out;
}
@@ -1066,6 +1067,7 @@ ssh_krl_from_blob(struct sshbuf *buf, st
}
if ((krl = ssh_krl_init()) == NULL) {
+ r = SSH_ERR_ALLOC_FAIL;
error_f("alloc failed");
goto out;
}
Index: src/crypto/external/bsd/openssh/dist/misc.c
diff -u src/crypto/external/bsd/openssh/dist/misc.c:1.37 src/crypto/external/bsd/openssh/dist/misc.c:1.38
--- src/crypto/external/bsd/openssh/dist/misc.c:1.37 Mon Jul 8 18:33:43 2024
+++ src/crypto/external/bsd/openssh/dist/misc.c Tue Feb 18 12:53:24 2025
@@ -1,5 +1,5 @@
-/* $NetBSD: misc.c,v 1.37 2024/07/08 22:33:43 christos Exp $ */
-/* $OpenBSD: misc.c,v 1.196 2024/06/06 17:15:25 djm Exp $ */
+/* $NetBSD: misc.c,v 1.38 2025/02/18 17:53:24 christos Exp $ */
+/* $OpenBSD: misc.c,v 1.197 2024/09/25 01:24:04 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -20,7 +20,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: misc.c,v 1.37 2024/07/08 22:33:43 christos Exp $");
+__RCSID("$NetBSD: misc.c,v 1.38 2025/02/18 17:53:24 christos Exp $");
#include <sys/types.h>
#include <sys/ioctl.h>
@@ -92,6 +92,27 @@ rtrim(char *s)
}
}
+/*
+ * returns pointer to character after 'prefix' in 's' or otherwise NULL
+ * if the prefix is not present.
+ */
+const char *
+strprefix(const char *s, const char *prefix, int ignorecase)
+{
+ size_t prefixlen;
+
+ if ((prefixlen = strlen(prefix)) == 0)
+ return s;
+ if (ignorecase) {
+ if (strncasecmp(s, prefix, prefixlen) != 0)
+ return NULL;
+ } else {
+ if (strncmp(s, prefix, prefixlen) != 0)
+ return NULL;
+ }
+ return s + prefixlen;
+}
+
/* set/unset filedescriptor to non-blocking */
int
set_nonblock(int fd)
Index: src/crypto/external/bsd/openssh/dist/misc.h
diff -u src/crypto/external/bsd/openssh/dist/misc.h:1.29 src/crypto/external/bsd/openssh/dist/misc.h:1.30
--- src/crypto/external/bsd/openssh/dist/misc.h:1.29 Mon Jul 8 18:33:43 2024
+++ src/crypto/external/bsd/openssh/dist/misc.h Tue Feb 18 12:53:24 2025
@@ -1,5 +1,5 @@
-/* $NetBSD: misc.h,v 1.29 2024/07/08 22:33:43 christos Exp $ */
-/* $OpenBSD: misc.h,v 1.109 2024/06/06 17:15:25 djm Exp $ */
+/* $NetBSD: misc.h,v 1.30 2025/02/18 17:53:24 christos Exp $ */
+/* $OpenBSD: misc.h,v 1.110 2024/09/25 01:24:04 djm Exp $ */
/*
* Author: Tatu Ylonen <y...@cs.hut.fi>
@@ -57,6 +57,7 @@ struct ForwardOptions {
char *chop(char *);
void rtrim(char *);
void skip_space(char **);
+const char *strprefix(const char *, const char *, int);
char *strdelim(char **);
char *strdelimw(char **);
int set_nonblock(int);
Index: src/crypto/external/bsd/openssh/dist/packet.c
diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.52 src/crypto/external/bsd/openssh/dist/packet.c:1.53
--- src/crypto/external/bsd/openssh/dist/packet.c:1.52 Tue Sep 24 17:32:18 2024
+++ src/crypto/external/bsd/openssh/dist/packet.c Tue Feb 18 12:53:24 2025
@@ -1,5 +1,5 @@
-/* $NetBSD: packet.c,v 1.52 2024/09/24 21:32:18 christos Exp $ */
-/* $OpenBSD: packet.c,v 1.317 2024/08/23 04:51:00 deraadt Exp $ */
+/* $NetBSD: packet.c,v 1.53 2025/02/18 17:53:24 christos Exp $ */
+/* $OpenBSD: packet.c,v 1.318 2025/02/18 08:02:12 djm Exp $ */
/*
* Author: Tatu Ylonen <y...@cs.hut.fi>
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: packet.c,v 1.52 2024/09/24 21:32:18 christos Exp $");
+__RCSID("$NetBSD: packet.c,v 1.53 2025/02/18 17:53:24 christos Exp $");
#include <sys/param.h> /* MIN roundup */
#include <sys/types.h>
@@ -1852,6 +1852,14 @@ ssh_packet_read_poll_seqnr(struct ssh *s
if ((r = sshpkt_get_string_direct(ssh, &d, &len)) != 0)
return r;
DBG(debug("Received SSH2_MSG_PING len %zu", len));
+ if (!ssh->state->after_authentication) {
+ DBG(debug("Won't reply to PING in preauth"));
+ break;
+ }
+ if (ssh_packet_is_rekeying(ssh)) {
+ DBG(debug("Won't reply to PING during KEX"));
+ break;
+ }
if ((r = sshpkt_start(ssh, SSH2_MSG_PONG)) != 0 ||
(r = sshpkt_put_string(ssh, d, len)) != 0 ||
(r = sshpkt_send(ssh)) != 0)
Index: src/crypto/external/bsd/openssh/dist/readconf.c
diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.47 src/crypto/external/bsd/openssh/dist/readconf.c:1.48
--- src/crypto/external/bsd/openssh/dist/readconf.c:1.47 Tue Sep 24 17:32:18 2024
+++ src/crypto/external/bsd/openssh/dist/readconf.c Tue Feb 18 12:53:24 2025
@@ -1,5 +1,5 @@
-/* $NetBSD: readconf.c,v 1.47 2024/09/24 21:32:18 christos Exp $ */
-/* $OpenBSD: readconf.c,v 1.390 2024/09/15 00:57:36 djm Exp $ */
+/* $NetBSD: readconf.c,v 1.48 2025/02/18 17:53:24 christos Exp $ */
+/* $OpenBSD: readconf.c,v 1.392 2024/09/26 23:55:08 djm Exp $ */
/*
* Author: Tatu Ylonen <y...@cs.hut.fi>
@@ -15,7 +15,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.47 2024/09/24 21:32:18 christos Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.48 2025/02/18 17:53:24 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
@@ -739,7 +739,7 @@ match_cfg_line(Options *options, const c
struct passwd *pw, const char *host_arg, const char *original_host,
int final_pass, int *want_final_pass, const char *filename, int linenum)
{
- char *arg, *oattrib, *attrib, *cmd, *host, *criteria;
+ char *arg, *oattrib = NULL, *attrib = NULL, *cmd, *host, *criteria;
const char *ruser;
int r, this_result, result = 1, attributes = 0, negate;
@@ -760,7 +760,8 @@ match_cfg_line(Options *options, const c
debug2("checking match for '%s' host %s originally %s",
full_line, host, original_host);
- while ((oattrib = attrib = argv_next(acp, avp)) != NULL) {
+ while ((attrib = argv_next(acp, avp)) != NULL) {
+ attrib = oattrib = xstrdup(attrib);
/* Terminate on comment */
if (*attrib == '#') {
argv_consume(acp);
@@ -806,9 +807,23 @@ match_cfg_line(Options *options, const c
this_result ? "" : "not ", oattrib);
continue;
}
+
+ /* Keep this list in sync with below */
+ if (strprefix(attrib, "host=", 1) != NULL ||
+ strprefix(attrib, "originalhost=", 1) != NULL ||
+ strprefix(attrib, "user=", 1) != NULL ||
+ strprefix(attrib, "localuser=", 1) != NULL ||
+ strprefix(attrib, "localnetwork=", 1) != NULL ||
+ strprefix(attrib, "tagged=", 1) != NULL ||
+ strprefix(attrib, "exec=", 1) != NULL) {
+ arg = strchr(attrib, '=');
+ *(arg++) = '\0';
+ } else {
+ arg = argv_next(acp, avp);
+ }
+
/* All other criteria require an argument */
- if ((arg = argv_next(acp, avp)) == NULL ||
- *arg == '\0' || *arg == '#') {
+ if (arg == NULL || *arg == '\0' || *arg == '#') {
error("Missing Match criteria for %s", attrib);
result = -1;
goto out;
@@ -885,6 +900,8 @@ match_cfg_line(Options *options, const c
criteria == NULL ? "" : criteria,
criteria == NULL ? "" : "\"");
free(criteria);
+ free(oattrib);
+ oattrib = attrib = NULL;
}
if (attributes == 0) {
error("One or more attributes required for Match");
@@ -894,6 +911,7 @@ match_cfg_line(Options *options, const c
out:
if (result != -1)
debug2("match %sfound", result ? "" : "not ");
+ free(oattrib);
free(host);
return result;
}
Index: src/crypto/external/bsd/openssh/dist/servconf.c
diff -u src/crypto/external/bsd/openssh/dist/servconf.c:1.48 src/crypto/external/bsd/openssh/dist/servconf.c:1.49
--- src/crypto/external/bsd/openssh/dist/servconf.c:1.48 Tue Sep 24 17:32:18 2024
+++ src/crypto/external/bsd/openssh/dist/servconf.c Tue Feb 18 12:53:24 2025
@@ -1,5 +1,5 @@
-/* $NetBSD: servconf.c,v 1.48 2024/09/24 21:32:18 christos Exp $ */
-/* $OpenBSD: servconf.c,v 1.418 2024/09/15 03:09:44 djm Exp $ */
+/* $NetBSD: servconf.c,v 1.49 2025/02/18 17:53:24 christos Exp $ */
+/* $OpenBSD: servconf.c,v 1.419 2024/09/25 01:24:04 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <y...@cs.hut.fi>, Espoo, Finland
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: servconf.c,v 1.48 2024/09/24 21:32:18 christos Exp $");
+__RCSID("$NetBSD: servconf.c,v 1.49 2025/02/18 17:53:24 christos Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/queue.h>
@@ -1168,7 +1168,7 @@ match_cfg_line(const char *full_line, in
int line, struct connection_info *ci)
{
int result = 1, attributes = 0, port;
- char *arg, *attrib;
+ char *arg, *attrib = NULL, *oattrib;
if (ci == NULL)
debug3("checking syntax for 'Match %s'", full_line);
@@ -1182,7 +1182,8 @@ match_cfg_line(const char *full_line, in
ci->laddress ? ci->laddress : "(null)", ci->lport);
}
- while ((attrib = argv_next(acp, avp)) != NULL) {
+ while ((oattrib = argv_next(acp, avp)) != NULL) {
+ attrib = xstrdup(oattrib);
/* Terminate on comment */
if (*attrib == '#') {
argv_consume(acp); /* mark all arguments consumed */
@@ -1197,27 +1198,46 @@ match_cfg_line(const char *full_line, in
*arg != '\0' && *arg != '#')) {
error("'all' cannot be combined with other "
"Match attributes");
- return -1;
+ result = -1;
+ goto out;
}
if (arg != NULL && *arg == '#')
argv_consume(acp); /* consume remaining args */
- return 1;
+ result = 1;
+ goto out;
}
/* Criterion "invalid-user" also has no argument */
if (strcasecmp(attrib, "invalid-user") == 0) {
- if (ci == NULL)
+ if (ci == NULL) {
+ result = 0;
continue;
+ }
if (ci->user_invalid == 0)
result = 0;
else
debug("matched invalid-user at line %d", line);
continue;
}
+
+ /* Keep this list in sync with below */
+ if (strprefix(attrib, "user=", 1) != NULL ||
+ strprefix(attrib, "group=", 1) != NULL ||
+ strprefix(attrib, "host=", 1) != NULL ||
+ strprefix(attrib, "address=", 1) != NULL ||
+ strprefix(attrib, "localaddress=", 1) != NULL ||
+ strprefix(attrib, "localport=", 1) != NULL ||
+ strprefix(attrib, "rdomain=", 1) != NULL) {
+ arg = strchr(attrib, '=');
+ *(arg++) = '\0';
+ } else {
+ arg = argv_next(acp, avp);
+ }
+
/* All other criteria require an argument */
- if ((arg = argv_next(acp, avp)) == NULL ||
- *arg == '\0' || *arg == '#') {
+ if (arg == NULL || *arg == '\0' || *arg == '#') {
error("Missing Match criteria for %s", attrib);
- return -1;
+ result = -1;
+ goto out;
}
if (strcasecmp(attrib, "user") == 0) {
if (ci == NULL || (ci->test && ci->user == NULL)) {
@@ -1240,7 +1260,8 @@ match_cfg_line(const char *full_line, in
match_test_missing_fatal("Group", "user");
switch (match_cfg_line_group(arg, line, ci->user)) {
case -1:
- return -1;
+ result = -1;
+ goto out;
case 0:
result = 0;
}
@@ -1276,7 +1297,8 @@ match_cfg_line(const char *full_line, in
result = 0;
break;
case -2:
- return -1;
+ result = -1;
+ goto out;
}
} else if (strcasecmp(attrib, "localaddress") == 0){
if (ci == NULL || (ci->test && ci->laddress == NULL)) {
@@ -1301,13 +1323,15 @@ match_cfg_line(const char *full_line, in
result = 0;
break;
case -2:
- return -1;
+ result = -1;
+ goto out;
}
} else if (strcasecmp(attrib, "localport") == 0) {
if ((port = a2port(arg)) == -1) {
error("Invalid LocalPort '%s' on Match line",
arg);
- return -1;
+ result = -1;
+ goto out;
}
if (ci == NULL || (ci->test && ci->lport == -1)) {
result = 0;
@@ -1335,16 +1359,19 @@ match_cfg_line(const char *full_line, in
debug("user %.100s matched 'RDomain %.100s' at "
"line %d", ci->rdomain, arg, line);
} else {
- error("Unsupported Match attribute %s", attrib);
- return -1;
+ error("Unsupported Match attribute %s", oattrib);
+ result = -1;
+ goto out;
}
}
if (attributes == 0) {
error("One or more attributes required for Match");
return -1;
}
- if (ci != NULL)
+out:
+ if (ci != NULL && result != -1)
debug3("match %sfound", result ? "" : "not ");
+ free(attrib);
return result;
}
Index: src/crypto/external/bsd/openssh/dist/version.h
diff -u src/crypto/external/bsd/openssh/dist/version.h:1.48 src/crypto/external/bsd/openssh/dist/version.h:1.49
--- src/crypto/external/bsd/openssh/dist/version.h:1.48 Tue Sep 24 17:32:19 2024
+++ src/crypto/external/bsd/openssh/dist/version.h Tue Feb 18 12:53:24 2025
@@ -1,8 +1,8 @@
-/* $NetBSD: version.h,v 1.48 2024/09/24 21:32:19 christos Exp $ */
+/* $NetBSD: version.h,v 1.49 2025/02/18 17:53:24 christos Exp $ */
/* $OpenBSD: version.h,v 1.103 2024/09/19 22:17:44 djm Exp $ */
#define __OPENSSH_VERSION "OpenSSH_9.9"
-#define __NETBSDSSH_VERSION "NetBSD_Secure_Shell-20240924"
+#define __NETBSDSSH_VERSION "NetBSD_Secure_Shell-20250218"
#define SSH_HPN "-hpn13v14"
#define SSH_LPK "-lpk"
/*
Index: src/crypto/external/bsd/openssh/dist/ssh-agent.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.39 src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.40
--- src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.39 Sat Jun 29 04:02:40 2024
+++ src/crypto/external/bsd/openssh/dist/ssh-agent.c Tue Feb 18 12:53:24 2025
@@ -1,4 +1,4 @@
-/* $NetBSD: ssh-agent.c,v 1.39 2024/06/29 08:02:40 mrg Exp $ */
+/* $NetBSD: ssh-agent.c,v 1.40 2025/02/18 17:53:24 christos Exp $ */
/* $OpenBSD: ssh-agent.c,v 1.306 2024/03/09 05:12:13 djm Exp $ */
/*
@@ -37,7 +37,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: ssh-agent.c,v 1.39 2024/06/29 08:02:40 mrg Exp $");
+__RCSID("$NetBSD: ssh-agent.c,v 1.40 2025/02/18 17:53:24 christos Exp $");
#include <sys/param.h> /* MIN MAX */
#include <sys/types.h>
@@ -1202,6 +1202,7 @@ parse_key_constraint_extension(struct ss
"restrict-destination-...@openssh.com") == 0) {
if (*dcsp != NULL) {
error_f("%s already set", ext_name);
+ r = SSH_ERR_INVALID_FORMAT;
goto out;
}
if ((r = sshbuf_froms(m, &b)) != 0) {
@@ -1211,6 +1212,7 @@ parse_key_constraint_extension(struct ss
while (sshbuf_len(b) != 0) {
if (*ndcsp >= AGENT_MAX_DEST_CONSTRAINTS) {
error_f("too many %s constraints", ext_name);
+ r = SSH_ERR_INVALID_FORMAT;
goto out;
}
*dcsp = xrecallocarray(*dcsp, *ndcsp, *ndcsp + 1,
@@ -1228,6 +1230,7 @@ parse_key_constraint_extension(struct ss
}
if (*certs != NULL) {
error_f("%s already set", ext_name);
+ r = SSH_ERR_INVALID_FORMAT;
goto out;
}
if ((r = sshbuf_get_u8(m, &v)) != 0 ||
@@ -1239,6 +1242,7 @@ parse_key_constraint_extension(struct ss
while (sshbuf_len(b) != 0) {
if (*ncerts >= AGENT_MAX_EXT_CERTS) {
error_f("too many %s constraints", ext_name);
+ r = SSH_ERR_INVALID_FORMAT;
goto out;
}
*certs = xrecallocarray(*certs, *ncerts, *ncerts + 1,
@@ -1735,6 +1739,7 @@ process_ext_session_bind(SocketEntry *e)
/* record new key/sid */
if (e->nsession_ids >= AGENT_MAX_SESSION_IDS) {
error_f("too many session IDs recorded");
+ r = -1;
goto out;
}
e->session_ids = xrecallocarray(e->session_ids, e->nsession_ids,
Index: src/crypto/external/bsd/openssh/dist/ssh-sk-client.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.6 src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.7
--- src/crypto/external/bsd/openssh/dist/ssh-sk-client.c:1.6 Wed Feb 23 14:07:20 2022
+++ src/crypto/external/bsd/openssh/dist/ssh-sk-client.c Tue Feb 18 12:53:24 2025
@@ -1,5 +1,5 @@
-/* $NetBSD: ssh-sk-client.c,v 1.6 2022/02/23 19:07:20 christos Exp $ */
-/* $OpenBSD: ssh-sk-client.c,v 1.12 2022/01/14 03:34:00 djm Exp $ */
+/* $NetBSD: ssh-sk-client.c,v 1.7 2025/02/18 17:53:24 christos Exp $ */
+/* $OpenBSD: ssh-sk-client.c,v 1.13 2025/02/18 08:02:48 djm Exp $ */
/*
* Copyright (c) 2019 Google LLC
*
@@ -16,7 +16,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include "includes.h"
-__RCSID("$NetBSD: ssh-sk-client.c,v 1.6 2022/02/23 19:07:20 christos Exp $");
+__RCSID("$NetBSD: ssh-sk-client.c,v 1.7 2025/02/18 17:53:24 christos Exp $");
#include <sys/types.h>
#include <sys/socket.h>
@@ -432,6 +432,7 @@ sshsk_load_resident(const char *provider
}
if ((srk = calloc(1, sizeof(*srk))) == NULL) {
error_f("calloc failed");
+ r = SSH_ERR_ALLOC_FAIL;
goto out;
}
srk->key = key;
@@ -443,6 +444,7 @@ sshsk_load_resident(const char *provider
if ((tmp = recallocarray(srks, nsrks, nsrks + 1,
sizeof(*srks))) == NULL) {
error_f("recallocarray keys failed");
+ r = SSH_ERR_ALLOC_FAIL;
goto out;
}
debug_f("srks[%zu]: %s %s uidlen %zu", nsrks,
Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.49 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.50
--- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.49 Tue Sep 24 17:32:19 2024
+++ src/crypto/external/bsd/openssh/dist/sshconnect2.c Tue Feb 18 12:53:24 2025
@@ -1,4 +1,4 @@
-/* $NetBSD: sshconnect2.c,v 1.49 2024/09/24 21:32:19 christos Exp $ */
+/* $NetBSD: sshconnect2.c,v 1.50 2025/02/18 17:53:24 christos Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.375 2024/09/09 02:39:57 djm Exp $ */
/*
@@ -27,7 +27,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.49 2024/09/24 21:32:19 christos Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.50 2025/02/18 17:53:24 christos Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
@@ -113,7 +113,7 @@ verify_host_key_callback(struct sshkey *
options.required_rsa_size)) != 0)
fatal_r(r, "Bad server host key");
if (verify_host_key(xxx_host, xxx_hostaddr, hostkey,
- xxx_conn_info) == -1)
+ xxx_conn_info) != 0)
fatal("Host key verification failed.");
return 0;
}
@@ -732,6 +732,7 @@ input_userauth_pk_ok(int type, u_int32_t
if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) {
debug_f("server sent unknown pkalg %s", pkalg);
+ r = SSH_ERR_INVALID_FORMAT;
goto done;
}
if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) {
@@ -742,6 +743,7 @@ input_userauth_pk_ok(int type, u_int32_t
error("input_userauth_pk_ok: type mismatch "
"for decoded key (received %d, expected %d)",
key->type, pktype);
+ r = SSH_ERR_INVALID_FORMAT;
goto done;
}
@@ -761,6 +763,7 @@ input_userauth_pk_ok(int type, u_int32_t
SSH_FP_DEFAULT);
error_f("server replied with unknown key: %s %s",
sshkey_type(key), fp == NULL ? "<ERROR>" : fp);
+ r = SSH_ERR_INVALID_FORMAT;
goto done;
}
ident = format_identity(id);
Index: src/crypto/external/bsd/openssh/dist/sshsig.c
diff -u src/crypto/external/bsd/openssh/dist/sshsig.c:1.13 src/crypto/external/bsd/openssh/dist/sshsig.c:1.14
--- src/crypto/external/bsd/openssh/dist/sshsig.c:1.13 Tue Jun 25 12:36:54 2024
+++ src/crypto/external/bsd/openssh/dist/sshsig.c Tue Feb 18 12:53:24 2025
@@ -1,4 +1,4 @@
-/* $NetBSD: sshsig.c,v 1.13 2024/06/25 16:36:54 christos Exp $ */
+/* $NetBSD: sshsig.c,v 1.14 2025/02/18 17:53:24 christos Exp $ */
/* $OpenBSD: sshsig.c,v 1.35 2024/03/08 22:16:32 djm Exp $ */
/*
@@ -17,7 +17,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include "includes.h"
-__RCSID("$NetBSD: sshsig.c,v 1.13 2024/06/25 16:36:54 christos Exp $");
+__RCSID("$NetBSD: sshsig.c,v 1.14 2025/02/18 17:53:24 christos Exp $");
#include <stdio.h>
#include <stdlib.h>
@@ -876,6 +876,7 @@ cert_filter_principals(const char *path,
}
if ((principals = sshbuf_dup_string(nprincipals)) == NULL) {
error_f("buffer error");
+ r = SSH_ERR_ALLOC_FAIL;
goto out;
}
/* success */
Index: src/crypto/external/bsd/openssh/lib/shlib_version
diff -u src/crypto/external/bsd/openssh/lib/shlib_version:1.38 src/crypto/external/bsd/openssh/lib/shlib_version:1.39
--- src/crypto/external/bsd/openssh/lib/shlib_version:1.38 Tue Sep 24 17:32:20 2024
+++ src/crypto/external/bsd/openssh/lib/shlib_version Tue Feb 18 12:53:25 2025
@@ -1,5 +1,5 @@
-# $NetBSD: shlib_version,v 1.38 2024/09/24 21:32:20 christos Exp $
+# $NetBSD: shlib_version,v 1.39 2025/02/18 17:53:25 christos Exp $
# Remember to update distrib/sets/lists/base/shl.* when changing
#
major=48
-minor=0
+minor=1
Index: src/crypto/external/bsd/openssh/lib/ssh.expsym
diff -u src/crypto/external/bsd/openssh/lib/ssh.expsym:1.1 src/crypto/external/bsd/openssh/lib/ssh.expsym:1.2
--- src/crypto/external/bsd/openssh/lib/ssh.expsym:1.1 Thu Nov 21 21:41:59 2024
+++ src/crypto/external/bsd/openssh/lib/ssh.expsym Tue Feb 18 12:53:25 2025
@@ -817,6 +817,7 @@ sshsk_sign
start_progress_meter
stop_progress_meter
strdelimw
+strprefix
subprocess
temporarily_use_uid
timeout_connect
Index: src/crypto/external/bsd/openssh/libexec/Makefile.inc
diff -u src/crypto/external/bsd/openssh/libexec/Makefile.inc:1.1 src/crypto/external/bsd/openssh/libexec/Makefile.inc:1.2
--- src/crypto/external/bsd/openssh/libexec/Makefile.inc:1.1 Wed Feb 26 19:24:40 2020
+++ src/crypto/external/bsd/openssh/libexec/Makefile.inc Tue Feb 18 12:53:25 2025
@@ -1,7 +1,4 @@
-# $NetBSD: Makefile.inc,v 1.1 2020/02/27 00:24:40 christos Exp $
-
-CPPFLAGS+=-DWITH_OPENSSL
-LDADD+= -lssh -lcrypto -lcrypt -lz
-DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT} ${LIBZ}
+# $NetBSD: Makefile.inc,v 1.2 2025/02/18 17:53:25 christos Exp $
+.include "${.PARSEDIR}/../bin/Makefile.inc"
.include "${.PARSEDIR}/../Makefile.inc"
