diff --git a/crypto/openssh/.depend b/crypto/openssh/.depend index 945a01dcc05d..cd38d15f8f52 100644 --- a/crypto/openssh/.depend +++ b/crypto/openssh/.depend @@ -121,7 +121,7 @@ sftp-common.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-c sftp-glob.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sftp.h sftp-common.h sftp-client.h openbsd-compat/glob.h sftp-realpath.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sftp-server-main.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h ssherr.h sftp.h misc.h xmalloc.h -sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h +sftp-server.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h atomicio.h xmalloc.h sshbuf.h ssherr.h log.h misc.h match.h uidswap.h sftp.h sftp-common.h sftp.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h log.h ssherr.h pathnames.h misc.h utf8.h sftp.h sshbuf.h sftp-common.h sftp-client.h openbsd-compat/glob.h sk-usbhid.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h sntrup761.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/fnmatch.h openbsd-compat/getopt.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h diff --git a/crypto/openssh/.github/configs b/crypto/openssh/.github/configs index 853da58a51e3..871a3d414d94 100755 --- a/crypto/openssh/.github/configs +++ b/crypto/openssh/.github/configs @@ -38,13 +38,13 @@ case "$config" in CC="clang-12" # clang's implicit-fallthrough requires that the code be annotated with # __attribute__((fallthrough)) and does not understand /* FALLTHROUGH */ - CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough" + CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough -Wno-error=unused-parameter" CONFIGFLAGS="--with-pam --with-Werror" ;; gcc-11-Werror) CC="gcc" # -Wnoformat-truncation in gcc 7.3.1 20180130 fails on fmt_scaled - CFLAGS="-Wall -Wextra -Wno-format-truncation -O2 -Wimplicit-fallthrough=4" + CFLAGS="-Wall -Wextra -O2 -Wno-format-truncation -Wimplicit-fallthrough=4 -Wno-unused-parameter" CONFIGFLAGS="--with-pam --with-Werror" ;; clang*|gcc*) @@ -145,10 +145,23 @@ case "$config" in esac case "${TARGET_HOST}" in + aix*) + # These are slow real or virtual machines so skip the slowest tests + # (which tend to be thw ones that transfer lots of data) so that the + # test run does not time out. + # The agent-restrict test fails due to some quoting issue when run + # with sh or ksh so specify bash for now. + TEST_TARGET="t-exec TEST_SHELL=bash" + SKIP_LTESTS="rekey sftp" + ;; dfly58*|dfly60*) # scp 3-way connection hangs on these so skip until sorted. SKIP_LTESTS=scp3 ;; + fbsd6) + # Native linker is not great with PIC so OpenSSL is built w/out. + CONFIGFLAGS="${CONFIGFLAGS} --disable-security-key" + ;; hurd) SKIP_LTESTS="forwarding multiplex proxy-connect hostkey-agent agent-ptrace" ;; @@ -173,6 +186,10 @@ case "${TARGET_HOST}" in # SHA256 functions in sha2.h conflict with OpenSSL's breaking sk-dummy CONFIGFLAGS="${CONFIGFLAGS} --without-hardening --disable-security-key" ;; + openwrt-*) + CONFIGFLAGS="${CONFIGFLAGS} --without-openssl --without-zlib" + TEST_TARGET="t-exec" + ;; sol10|sol11) # sol10 VM is 32bit and the unit tests are slow. # sol11 has 4 test configs so skip unit tests to speed up. diff --git a/crypto/openssh/.github/setup_ci.sh b/crypto/openssh/.github/setup_ci.sh index ca37f8c5512f..a3bb8587eab1 100755 --- a/crypto/openssh/.github/setup_ci.sh +++ b/crypto/openssh/.github/setup_ci.sh @@ -80,7 +80,7 @@ for TARGET in $TARGETS; do INSTALL_LIBRESSL=$(echo ${TARGET} | cut -f2 -d-) case ${INSTALL_LIBRESSL} in master) ;; - *) INSTALL_LIBRESSL="v$(echo ${TARGET} | cut -f2 -d-)" ;; + *) INSTALL_LIBRESSL="$(echo ${TARGET} | cut -f2 -d-)" ;; esac PACKAGES="${PACKAGES} putty-tools" ;; @@ -122,11 +122,20 @@ if [ ! -z "${INSTALL_OPENSSL}" ]; then fi if [ ! -z "${INSTALL_LIBRESSL}" ]; then - (mkdir -p ${HOME}/libressl && cd ${HOME}/libressl && - git clone https://github.com/libressl-portable/portable.git && - cd ${HOME}/libressl/portable && - git checkout ${INSTALL_LIBRESSL} && - sh update.sh && sh autogen.sh && - ./configure --prefix=/opt/libressl && - make -j2 && sudo make install) + if [ "${INSTALL_LIBRESSL}" = "master" ]; then + (mkdir -p ${HOME}/libressl && cd ${HOME}/libressl && + git clone https://github.com/libressl-portable/portable.git && + cd ${HOME}/libressl/portable && + git checkout ${INSTALL_LIBRESSL} && + sh update.sh && sh autogen.sh && + ./configure --prefix=/opt/libressl && + make -j2 && sudo make install) + else + LIBRESSL_URLBASE=https://cdn.openbsd.org/pub/OpenBSD/LibreSSL + (cd ${HOME} && + wget ${LIBRESSL_URLBASE}/libressl-${INSTALL_LIBRESSL}.tar.gz && + tar xfz libressl-${INSTALL_LIBRESSL}.tar.gz && + cd libressl-${INSTALL_LIBRESSL} && + ./configure --prefix=/opt/libressl && make -j2 && sudo make install) + fi fi diff --git a/crypto/openssh/.github/workflows/c-cpp.yml b/crypto/openssh/.github/workflows/c-cpp.yml index 5ee896308478..b778c9804203 100644 --- a/crypto/openssh/.github/workflows/c-cpp.yml +++ b/crypto/openssh/.github/workflows/c-cpp.yml @@ -46,6 +46,7 @@ jobs: - { os: ubuntu-latest, configs: libressl-3.2.6 } - { os: ubuntu-latest, configs: libressl-3.3.4 } - { os: ubuntu-latest, configs: libressl-3.4.1 } + - { os: ubuntu-latest, configs: libressl-3.5.0 } - { os: ubuntu-latest, configs: openssl-master } - { os: ubuntu-latest, configs: openssl-noec } - { os: ubuntu-latest, configs: openssl-1.0.1 } @@ -54,7 +55,9 @@ jobs: - { os: ubuntu-latest, configs: openssl-1.1.0h } - { os: ubuntu-latest, configs: openssl-1.1.1 } - { os: ubuntu-latest, configs: openssl-1.1.1k } + - { os: ubuntu-latest, configs: openssl-1.1.1m } - { os: ubuntu-latest, configs: openssl-3.0.0 } + - { os: ubuntu-latest, configs: openssl-3.0.1 } - { os: ubuntu-latest, configs: openssl-1.1.1_stable } # stable branch - { os: ubuntu-latest, configs: openssl-3.0 } # stable branch - { os: ubuntu-18.04, configs: pam } diff --git a/crypto/openssh/.github/workflows/selfhosted.yml b/crypto/openssh/.github/workflows/selfhosted.yml index 09f7af939912..ec2c29825c85 100644 --- a/crypto/openssh/.github/workflows/selfhosted.yml +++ b/crypto/openssh/.github/workflows/selfhosted.yml @@ -16,9 +16,11 @@ jobs: # default config. "os" corresponds to a label associated with the worker. matrix: os: + - aix51 - ARM64 - alpine - bbone + - debian-i386 - dfly30 - dfly48 - dfly58 @@ -40,6 +42,8 @@ jobs: - obsd70 - obsdsnap - openindiana + - openwrt-mips + - openwrt-mipsel # - rocky84 - sol10 - sol11 @@ -49,6 +53,7 @@ jobs: # Then we include any extra configs we want to test for specific VMs. include: - { os: ARM64, configs: pam } + - { os: debian-i386, configs: pam } - { os: dfly30, configs: without-openssl} - { os: dfly48, configs: pam } - { os: dfly58, configs: pam } @@ -87,7 +92,7 @@ jobs: run: vmrun make - name: make tests run: vmrun ./.github/run_test.sh ${{ matrix.configs }} - timeout-minutes: 300 + timeout-minutes: 600 - name: save logs if: failure() uses: actions/upload-artifact@v2 diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog index c225b94dfd3e..063b54769d53 100644 --- a/crypto/openssh/ChangeLog +++ b/crypto/openssh/ChangeLog @@ -1,3 +1,504 @@ +commit 94eb6858efecc1b4f02d8a6bd35e149f55c814c8 +Author: Damien Miller +Date: Wed Apr 6 10:47:48 2022 +1000 + + update version numbers for release + +commit 8e4a8eadf4fe74e65e6492f34250f8cf7d67e8da +Author: djm@openbsd.org +Date: Mon Apr 4 22:45:25 2022 +0000 + + upstream: openssh-9.0 + + OpenBSD-Commit-ID: 0dfb461188f4513ec024c1534da8c1ce14c20b64 + +commit a9f23ea2e3227f406880c2634d066f6f50fa5eaa +Author: naddy@openbsd.org +Date: Thu Mar 31 17:58:44 2022 +0000 + + upstream: ssh: document sntrup761x25519-sha512@openssh.com as + + default KEX + + OpenBSD-Commit-ID: 12545bfa10bcbf552d04d9d9520d0f4e98b0e171 + +commit 9ec2713d122af79d66ebb9c1d6d9ae8621a8945f +Author: naddy@openbsd.org +Date: Thu Mar 31 17:27:27 2022 +0000 + + upstream: man pages: add missing commas between subordinate and + + main clauses + + jmc@ dislikes a comma before "then" in a conditional, so leave those + untouched. + + ok jmc@ + + OpenBSD-Commit-ID: 9520801729bebcb3c9fe43ad7f9776ab4dd05ea3 + +commit 3741df98ffaaff92b474ee70d8ef276b5882f85a +Author: Darren Tucker +Date: Mon Apr 4 23:52:11 2022 +1000 + + Disable security key on fbsd6 test host. + +commit 32c12236f27ae83bfe6d2983b67c9bc67a83a417 +Author: Darren Tucker +Date: Mon Apr 4 15:16:51 2022 +1000 + + Specify TEST_SHELL=bash on AIX. + + The system shells cause the agent-restrict test to fail due to some + quoting so explicitly specify bash until we can get configure to + autmatically work around that. + +commit 90452c8b69d065b7c7c285ff78b81418a75bcd76 +Author: Darren Tucker +Date: Fri Apr 1 23:38:44 2022 +1100 + + Only return events from ppoll that were requested. + + If the underlying system's select() returns bits that were not in the + request set, our ppoll() implementation can return revents for events + not requested, which can apparently cause a hang. Only return revents + for activity in the requested event set. bz#3416, analysis and fix by + yaroslav.kuzmin at vmssoftware com, ok djm@ + +commit 6c49eb5fabc56f4865164ed818aa5112d09c31a8 +Author: Darren Tucker +Date: Fri Apr 1 23:21:40 2022 +1100 + + Only run regression tests on slow VMs. + +commit f67e47903977b42cb6abcd5565a61bd7293e4dc3 +Author: Darren Tucker +Date: Fri Apr 1 23:21:06 2022 +1100 + + Increase test timeout to allow slow VMs to finish + +commit 02488c1b54065ddc4f25835dbd2618b2a2fe21f5 +Author: Darren Tucker +Date: Fri Apr 1 16:27:38 2022 +1100 + + Use bash or ksh if available for SH in Makefile. + +commit 34c7018c316af4773e432066de28d0ef9d0888cd +Author: Darren Tucker +Date: Fri Apr 1 14:56:54 2022 +1100 + + Set Makefile SHELL as determined by configure. + + This should improve compatibility for users with non-POSIX shells. If + using Makefile.in directly (eg make -f Makefile.in distprep) then SHELL + will need to be specified on the command line (along with MANFMT in that + particular case). ok djm@ + +commit 5b054d76402faab38c48377efd112426469553a0 +Author: Darren Tucker +Date: Fri Apr 1 13:16:47 2022 +1100 + + Skip slow tests on (very) slow test targets. + +commit b275818065b31a865142c48c2acf6a7c1655c542 +Author: Damien Miller +Date: Thu Mar 31 14:11:36 2022 +1100 + + depend + +commit 3fa539c3ffaabd6211995512d33e29150f88c5c5 +Author: djm@openbsd.org +Date: Thu Mar 31 03:07:03 2022 +0000 + + upstream: add a sftp client "cp" command that supports server-side + + copying of files. Useful for this task and for testing the copy-data + extension. Patch from Mike Frysinger; ok dtucker@ + + OpenBSD-Commit-ID: 1bb1b950af0d49f0d5425b1f267e197aa1b57444 + +commit 7988bfc4b701c4b3fe9b36c8561a3d1c5d4c9a74 +Author: djm@openbsd.org +Date: Thu Mar 31 03:05:49 2022 +0000 + + upstream: add support for the "corp-data" protocol extension to + + allow server-side copies to be performed without having to go via the client. + Patch by Mike Frysinger, ok dtucker@ + + OpenBSD-Commit-ID: 00aa510940fedd66dab1843b58682de4eb7156d5 + +commit 32dc1c29a4ac9c592ddfef0a4895eb36c1f567ba +Author: djm@openbsd.org +Date: Wed Mar 30 21:13:23 2022 +0000 + + upstream: select post-quantum KEX + + sntrup761x25519-sha512@openssh.com as the default; ok markus@ + + OpenBSD-Commit-ID: f02d99cbfce22dffec2e2ab1b60905fbddf48fb9 + +commit d6556de1db0822c76ba2745cf5c097d9472adf7c +Author: djm@openbsd.org +Date: Wed Mar 30 21:10:25 2022 +0000 + + upstream: fix poll() spin when a channel's output fd closes without + + data in the channel buffer. Introduce more exact packing of channel fds into + the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@ + + OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10 + +commit 8a74a96d25ca4d32fbf298f6c0ac5a148501777d +Author: djm@openbsd.org +Date: Wed Mar 30 04:33:09 2022 +0000 + + upstream: ssh is almost out of getopt() characters; note the + + remaining remaining available ones in a comment + + OpenBSD-Commit-ID: 48d38cef59d6bc8e84c6c066f6d601875d3253fd + +commit 6d4fc51adb9d8a42f67b5474f02f877422379de6 +Author: djm@openbsd.org +Date: Wed Mar 30 04:27:51 2022 +0000 + + upstream: avoid NULL deref via ssh-keygen -Y find-principals. + + bz3409, reported by Mateusz Adamowski + + OpenBSD-Commit-ID: a3b2c02438052ee858e0ee18e5a288586b5df2c5 + +commit e937514920335b92b543fd9be79cd6481d1eb0b6 +Author: Darren Tucker +Date: Mon Mar 28 17:51:03 2022 +1100 + + Add AIX 5.1 test target. + +commit 4bbe815ba974b4fd89cc3fc3e3ef1be847a0befe +Author: Darren Tucker +Date: Sat Mar 26 22:01:31 2022 +1100 + + Drop leading "v" from release version identifier. + + It's present in the git tags but not in the release tarball names. + Also drop extra "/" from URL path. + +commit f5cdd3b3c275dffaebfca91df782dca29975e9ac +Author: Darren Tucker +Date: Sat Mar 26 16:28:04 2022 +1100 + + Use tarballs when testing LibreSSL releases. + + This means they'll still work when the combination of -portable and + openbsd github repos no longer match. + +commit 24dc37d198f35a7cf71bf4d5384363c7ef4209d4 +Author: Darren Tucker +Date: Sat Mar 26 15:02:45 2022 +1100 + + Remove now-unused passwd variable. + +commit 5b467ceef2c356f0a77f5e8ab4eb0fac367e4d24 +Author: Darren Tucker +Date: Sat Mar 26 13:15:44 2022 +1100 + + Missing semicolon. + +commit 2923d026e55998133c0f6e5186dca2a3c0fa5ff5 +Author: Darren Tucker +Date: Sat Mar 26 12:49:50 2022 +1100 + + Factor out platform-specific locked account check. + + Also fixes an incorrect free on platforms with both libiaf and shadow + passwords (probably only Unixware). Prompted by github PR#284, + originally from @c3h2_ctf and stoeckmann@. + +commit d23efe4b12886ffe416be10bc0a7da6ca8aa72d1 +Author: Darren Tucker +Date: Sat Mar 26 08:13:46 2022 +1100 + + Add OpenWRT mips and mipsel test targets. + +commit 16ea8b85838dd7a4dbeba4e51ac4f43fd68b1e5b +Author: djm@openbsd.org +Date: Sun Mar 20 08:52:17 2022 +0000 + + upstream: don't leak argument list; bz3404, reported by Balu + + Gajjala ok dtucker@ + + OpenBSD-Commit-ID: fddc32d74e5dd5cff1a49ddd6297b0867eae56a6 + +commit a72bde294fe0518c9a44ba63864093a1ef2425e3 +Author: djm@openbsd.org +Date: Sun Mar 20 08:51:21 2022 +0000 + + upstream: make addargs() and replacearg() a little more robust and + + improve error reporting + + make freeargs(NULL) a noop like the other free functions + + ok dtucker as part of bz3403 + + OpenBSD-Commit-ID: 15f86da83176978b4d1d288caa24c766dfa2983d + +commit 731087d2619fa7f01e675b23f57af10d745e8af2 +Author: djm@openbsd.org +Date: Fri Mar 18 04:04:11 2022 +0000 + + upstream: don't try to resolve ListenAddress directives in the sshd + + re-exec path - we're never going to use the result and if the operation fails + then it can prevent connections from being accepted. Reported by Aaron + Poffenberger; with / ok dtucker@ + + OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60 + +commit 1c83c082128694ddd11ac05fdf31d70312ff1763 +Author: djm@openbsd.org +Date: Fri Mar 18 02:50:21 2022 +0000 + + upstream: remove blank line + + OpenBSD-Commit-ID: d5e0182965b2fbfb03ad5f256d1a1ce5706bcddf + +commit 807be68684da7a1fe969c399ddce2fafb7997dcb +Author: djm@openbsd.org +Date: Fri Mar 18 02:32:22 2022 +0000 + + upstream: helpful comment + + OpenBSD-Commit-ID: e3315a45cb04e7feeb614d76ec80a9fe4ca0e8c7 + +commit a0b5816f8f1f645acdf74f7bc11b34455ec30bac +Author: djm@openbsd.org +Date: Fri Mar 18 02:31:25 2022 +0000 + + upstream: ssh-keygen -Y check-novalidate requires namespace or SEGV + + will ensue. Patch from Mateusz Adamowski via GHPR#307 + + OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd + +commit 5a252d54a63be30d5ba4be76210942d754a531c0 +Author: djm@openbsd.org +Date: Tue Mar 15 05:27:37 2022 +0000 + + upstream: improve DEBUG_CHANNEL_POLL debugging message + + OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f + +commit ce324cf58ba2840e31afeb996935800780c8fa4b +Author: cheloha@openbsd.org +Date: Sun Mar 13 23:27:54 2022 +0000 + + upstream: ssh: xstrdup(): use memcpy(3) + + Copying the given string into the buffer with strlcpy(3) confers no + benefit in this context because we have already determined the + string's length with strlen(3) in order to allocate that buffer. + + Thread: https://marc.info/?l=openbsd-tech&m=164687525802691&w=2 + + ok dtucker@ millert@ + + OpenBSD-Commit-ID: f8bfc082e36e2d2dc4e1feece02fe274155ca11a + +commit 2893c5e764557f48f9d6a929e224ed49c59545db +Author: Darren Tucker +Date: Fri Mar 11 18:43:58 2022 +1100 + + Resync fmt_scaled. with OpenBSD. + + Fixes underflow reported in bz#3401. + +commit 5ae31a0fdd27855af29f48ff027491629fff5979 +Author: Darren Tucker +Date: Wed Mar 9 09:41:56 2022 +1100 + + Provide killpg implementation. + + Based on github PR#301 for Tandem NonStop. + +commit c41c84b439f4cd74d4fe44298a4b4037ddd7d2ae +Author: Darren Tucker +Date: Wed Mar 9 09:29:30 2022 +1100 + + Check for missing ftruncate prototype. + + From github PR#301 in conjunction with rsbeckerca. + +commit 8cf5275452a950869cb90eeac7d220b01f77b12e +Author: Darren Tucker +Date: Tue Mar 8 20:04:06 2022 +1100 + + Default to not using sandbox when cross compiling. + + On most systems poll(2) does not work when the number of FDs is reduced + with setrlimit, so assume it doesn't when cross compiling and we can't + run the test. bz#3398. + +commit 379b30120da53d7c84aa8299c26b18c51c2a0dac +Author: djm@openbsd.org +Date: Tue Mar 1 01:59:19 2022 +0000 + + upstream: pack pollfd array before server_accept_loop() ppoll() + + call, and terminate sshd if ppoll() returns errno==EINVAL + + avoids spin in ppoll when MaxStartups > RLIMIT_NOFILE, reported by + Daniel Micay + + feedback/ok deraadt + + OpenBSD-Commit-ID: dbab1c24993ac977ec24d83283b8b7528f7c2c15 + +commit eceafbe0bdbbd9bd2f3cf024ccb350666a9934dd +Author: naddy@openbsd.org +Date: Sun Feb 27 01:33:59 2022 +0000 + + upstream: include rejected signature algorithm in error message and + + not the (useless) key type; ok djm@ + + OpenBSD-Commit-ID: d0c0f552a4d9161203e07e95d58a76eb602a76ff + +commit f2f3269423618a83157e18902385e720f9776007 +Author: dtucker@openbsd.org +Date: Fri Feb 25 09:46:24 2022 +0000 + + upstream: Remove the char * casts from arguments to do_lstat, + + do_readdir and do_stat paths since the underlying functions now take a const + char *. Patch from vapier at gentoo.org. + + OpenBSD-Commit-ID: 9e4d964dbfb0ed683a2a2900711b88e7f1c0297b + +commit 4a66dac052c5ff5047161853f36904607649e4f9 +Author: djm@openbsd.org +Date: Fri Feb 25 02:09:27 2022 +0000 + + upstream: save an unneccessary alloc/free, based on patch from + + Martin Vahlensieck; ok dtucker@ + + OpenBSD-Commit-ID: 90ffbf1f837e509742f2c31a1fbf2c0fd376fd5f + +commit 6f117cb151efe138ac57bdd8e26165f350328f5f +Author: Darren Tucker +Date: Tue Mar 1 09:02:06 2022 +1100 + + Remove unused ivbits argument from chacha_keysetup + +commit 15974235dd528aeab0ec67fb92a0a1d733f62be2 +Author: Darren Tucker +Date: Tue Mar 1 09:00:20 2022 +1100 + + Add OPENBSD ORIGINAL marker. + +commit f2ff669347d320532e7c1b63cdf5c62f46e73150 +Author: Darren Tucker +Date: Mon Feb 28 22:21:36 2022 +1100 + + No unused param warnings for clang-12 and gcc-11. + + These have too many false positives in -Werror tests on the github CI + since we often provide empty stub functions for functionality not needed + for particular configurations. + +commit 96558ecd87adac62efa9a2b5479f686ab86b0be1 +Author: Darren Tucker +Date: Sat Feb 26 14:10:41 2022 +1100 + + Add debian-i386 test target. + +commit 284b6e5394652d519e31782e3b3cdfd7b21d1a81 +Author: Darren Tucker +Date: Sat Feb 26 14:06:14 2022 +1100 + + Allow ppoll_time64 in seccomp sandbox. + + Should fix sandbox violations on (some? at least i386 and armhf) 32bit + Linux platforms. Patch from chutzpahu at gentoo.org and cjwatson at + debian.org via bz#3396. + +commit 0132056efabc5edb85c3c7105d2fb6dee41843c6 +Author: Darren Tucker +Date: Fri Feb 25 19:47:48 2022 +1100 + + Improve handling of _getshort and _getlong. + + If the system native ones are exactly as required then use them, + otherwise use the local versions mapped to another name to prevent + name collisions. + +commit 8e206e0dd6b9f757b07979e48f53ad5bf9b7b52b +Author: Darren Tucker +Date: Fri Feb 25 15:14:22 2022 +1100 + + Constify utimes in compat library to match specs. + + Patch from vapier at chromium.org. + +commit 1b2920e3b63db2eddebeec7330ffe8b723055573 +Author: Darren Tucker +Date: Fri Feb 25 13:50:56 2022 +1100 + + ANSIfy getshort and getlong. + + These functions appear to have come from OpenBSD's lib/libc/net/res_comp.c + which made this change in 2005. + +commit 54a86f4f6e1c43a2ca2be23ef799ab8910d4af70 +Author: Darren Tucker +Date: Fri Feb 25 13:23:04 2022 +1100 + + Use PICFLAG instead of hard coding -fPIC. + +commit 3016ba47035ac3561aabd48e2be70167fe157d6a +Author: Darren Tucker +Date: Fri Feb 25 11:37:11 2022 +1100 + + Add tests for latest releases of {Libre,Open}SSL. + +commit f107467179428a0e3ea9e4aa9738ac12ff02822d +Author: Colin Watson +Date: Thu Feb 24 16:04:18 2022 +0000 + + Improve detection of -fzero-call-used-regs=all support + + GCC doesn't tell us whether this option is supported unless it runs into + the situation where it would need to emit corresponding code. + +commit 3383b2cac0e9275bc93c4b4760e6e048f537e1d6 +Author: djm@openbsd.org +Date: Wed Feb 23 21:21:49 2022 +0000 + + upstream: free(3) wants stdlib.h + + OpenBSD-Commit-ID: 227a8c70a95b4428c49e46863c9ef4bd318a3b8a + +commit a4537e79ab4ac6db4493c5158744b9ebde5efcb0 +Author: djm@openbsd.org +Date: Wed Feb 23 21:21:16 2022 +0000 + + upstream: put back the scp manpage changes for SFTP mode too + + OpenBSD-Commit-ID: 05dc53921f927e1b5e5694e1f3aa314549f2e768 + +commit 449bcb8403adfb9724805d02a51aea76046de185 +Author: deraadt@openbsd.org +Date: Wed Feb 23 19:01:00 2022 +0000 + + upstream: and we go back to testing sftp-scp after the 8.9 + + release... + + OpenBSD-Commit-ID: a80440168258adca543a4607b871327a279c569c + commit 166456cedad3962b83b848b1e9caf80794831f0f Author: Damien Miller Date: Wed Feb 23 22:31:11 2022 +1100 @@ -11386,594 +11887,3 @@ Date: Wed Apr 8 00:01:52 2020 +0000 ok markus@ OpenBSD-Commit-ID: 7de31d80fb9062aa01901ddf040c286b64ff904e - -commit 8461a5b3db34ed0b5a4a18d82f64fd5ac8693ea8 -Author: Darren Tucker -Date: Mon Apr 6 20:54:34 2020 +1000 - - Include openssl-compat.h before checking ifdefs. - - Fixes problem where unsuitable chacha20 code in libressl would be used - unintentionally. - -commit 931c50c5883a9910ea1ae9a371e4e815ec56b035 -Author: Damien Miller -Date: Mon Apr 6 10:04:56 2020 +1000 - - fix inverted test for LibreSSL version - -commit d1d5f728511e2338b7c994968d301d8723012264 -Author: dtucker@openbsd.org -Date: Sat Apr 4 23:04:41 2020 +0000 - - upstream: Indicate if we're using a cached key in trace output. - - OpenBSD-Regress-ID: 409a7b0e59d1272890fda507651c0c3d2d3c0d89 - -commit a398251a4627367c78bc483c70c2ec973223f82c -Author: Darren Tucker -Date: Sun Apr 5 08:43:57 2020 +1000 - - Use /usr/bin/xp4g/id if necessary. - - Solaris' native "id" doesn't support the options we use but the one - in /usr/bin/xp4g does, so use that instead. - -commit db0fdd48335b5b01114f78c1a73a195235910f81 -Author: dtucker@openbsd.org -Date: Sat Apr 4 22:14:26 2020 +0000 - - upstream: Some platforms don't have "hostname -s", so use cut to trim - - short hostname instead. - - OpenBSD-Regress-ID: ebcf36a6fdf287c9336b0d4f6fc9f793c05307a7 - -commit e7e59a9cc8eb7fd5944ded28f4d7e3ae0a5fdecd -Author: dtucker@openbsd.org -Date: Fri Apr 3 07:53:10 2020 +0000 - - upstream: Compute hash locally and re-enable %C tests. - - OpenBSD-Regress-ID: 94d1366e8105274858b88a1f9ad2e62801e49770 - -commit abe2b245b3ac6c4801e99bc0f13289cd28211e22 -Author: Damien Miller -Date: Fri Apr 3 17:25:46 2020 +1100 - - prefer libcrypto chacha20-poly1305 where possible - -commit bc5c5d01ad668981f9e554e62195383bc12e8528 -Author: dtucker@openbsd.org -Date: Fri Apr 3 05:43:11 2020 +0000 - - upstream: Temporarily remove tests for '%C' since the hash contains the - - local hostname and it doesn't work on any machine except mine... spotted by - djm@ - - OpenBSD-Regress-ID: 2d4c3585b9fcbbff14f4a5a5fde51dbd0d690401 - -commit 81624026989654955a657ebf2a1fe8b9994f3c87 -Author: djm@openbsd.org -Date: Fri Apr 3 06:07:57 2020 +0000 - - upstream: r1.522 deleted one too many lines; repair - - OpenBSD-Commit-ID: 1af8851fd7a99e4a887b19aa8f4c41a6b3d25477 - -commit 668cb3585ce829bd6e34d4a962c489bda1d16370 -Author: jmc@openbsd.org -Date: Fri Apr 3 05:53:52 2020 +0000 - - upstream: sort -N and add it to usage(); - - OpenBSD-Commit-ID: 5b00e8db37c2b0a54c7831fed9e5f4db53ada332 - -commit 338ccee1e7fefa47f3d128c2541e94c5270abe0c -Author: djm@openbsd.org -Date: Fri Apr 3 05:48:57 2020 +0000 - - upstream: avoid another compiler warning spotted in -portable - - OpenBSD-Commit-ID: 1d29c51ac844b287c4c8bcaf04c63c7d9ba3b8c7 - -commit 9f8a42340bd9af86a99cf554dc39ecdf89287544 -Author: djm@openbsd.org -Date: Fri Apr 3 04:07:48 2020 +0000 - - upstream: this needs utf8.c too - - OpenBSD-Regress-ID: 445040036cec714d28069a20da25553a04a28451 - -commit 92115ea7c3a834374720c350841fc729e7d5c8b2 -Author: dtucker@openbsd.org -Date: Fri Apr 3 03:14:03 2020 +0000 - - upstream: Add percent_expand test for 'Match Exec'. - - OpenBSD-Regress-ID: a41c14fd6a0b54d66aa1e9eebfb9ec962b41232f - -commit de34a440276ae855c38deb20f926d46752c62c9d -Author: djm@openbsd.org -Date: Fri Apr 3 04:43:24 2020 +0000 - - upstream: fix format string (use %llu for uint64, not %lld). spotted by - - Darren and his tinderbox tests - - OpenBSD-Commit-ID: 3b4587c3d9d46a7be9bdf028704201943fba96c2 - -commit 9cd40b829a5295cc81fbea8c7d632b2478db6274 -Author: djm@openbsd.org -Date: Fri Apr 3 04:34:15 2020 +0000 - - upstream: Add a flag to re-enable verbose output when in batch - - mode; requested in bz3135; ok dtucker - - OpenBSD-Commit-ID: 5ad2ed0e6440562ba9c84b666a5bbddc1afe2e2b - -commit 6ce51a5da5d333a44e7c74c027f3571f70c39b24 -Author: djm@openbsd.org -Date: Fri Apr 3 04:32:21 2020 +0000 - - upstream: chacha20-poly1305 AEAD using libcrypto EVP_chacha20 - - Based on patch from Yuriy M. Kaminskiy. ok + lots of assistance along the - way at a2k20 tb@ - - OpenBSD-Commit-ID: 5e08754c13d31258bae6c5e318cc96219d6b10f0 - -commit eba523f0a130f1cce829e6aecdcefa841f526a1a -Author: djm@openbsd.org -Date: Fri Apr 3 04:27:03 2020 +0000 - - upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as - - part of a larger diff at a2k20 - - OpenBSD-Commit-ID: a4609b7263284f95c9417ef60ed7cdbb7bf52cfd - -commit ebd29e90129cf18fedfcfe1de86e324228669295 -Author: djm@openbsd.org -Date: Fri Apr 3 04:06:26 2020 +0000 - - upstream: fix debug statement - - OpenBSD-Commit-ID: 42c6edeeda5ce88b51a20d88c93be3729ce6b916 - -commit 7b4d8999f2e1a0cb7b065e3efa83e6edccfc7d82 -Author: djm@openbsd.org -Date: Fri Apr 3 04:03:51 2020 +0000 - - upstream: the tunnel-forwarding vs ExitOnForwardFailure fix that I - - committed earlier had an off-by-one. Fix this and add some debugging that - would have made it apparent sooner. - - OpenBSD-Commit-ID: 082f8f72b1423bd81bbdad750925b906e5ac6910 - -commit eece243666d44ceb710d004624c5c7bdc05454bc -Author: dtucker@openbsd.org -Date: Fri Apr 3 03:12:11 2020 +0000 - - upstream: %C expansion just added to Match Exec should include - - remote user not local user. - - OpenBSD-Commit-ID: 80f1d976938f2a55ee350c11d8b796836c8397e2 - -commit d5318a784d016478fc8da90a38d9062c51c10432 -Author: dtucker@openbsd.org -Date: Fri Apr 3 02:33:31 2020 +0000 - - upstream: Add regression test for percent expansions where possible. - - OpenBSD-Regress-ID: 7283be8b2733ac1cbefea3048a23d02594485288 - -commit 663e84bb53de2a60e56a44d538d25b8152b5c1cc -Author: djm@openbsd.org -Date: Fri Apr 3 02:40:32 2020 +0000 - - upstream: make failures when establishing "Tunnel" forwarding terminate - - the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker - - OpenBSD-Commit-ID: ef4b4808de0a419c17579b1081da768625c1d735 - -commit ed833da176611a39d3376d62154eb88eb440d31c -Author: dtucker@openbsd.org -Date: Fri Apr 3 02:27:12 2020 +0000 - - upstream: Make with config keywords support which - - percent_expansions more consistent. - %C is moved into its own function and - added to Match Exec. - move the common (global) options into a macro. This - is ugly but it's the least-ugly way I could come up with. - move - IdentityAgent and ForwardAgent percent expansion to before the config dump - to make it regression-testable. - document all of the above - - ok jmc@ for man page bits, "makes things less terrible" djm@ for the rest. - - OpenBSD-Commit-ID: 4b65664bd6d8ae2a9afaf1a2438ddd1b614b1d75 - -commit 6ec7457171468da2bbd908b8cd63d298b0e049ea -Author: djm@openbsd.org -Date: Fri Apr 3 02:26:56 2020 +0000 - - upstream: give ssh-keygen the ability to dump the contents of a - - binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker - - OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b - -commit af628b8a6c3ef403644d83d205c80ff188c97f0c -Author: djm@openbsd.org -Date: Fri Apr 3 02:25:21 2020 +0000 - - upstream: add allocating variant of the safe utf8 printer; ok - - dtucker as part of a larger diff - - OpenBSD-Commit-ID: 037e2965bd50eacc2ffb49889ecae41552744fa0 - -commit d8ac9af645f5519ac5211e9e1e4dc1ed00e9cced -Author: dtucker@openbsd.org -Date: Mon Mar 16 02:17:02 2020 +0000 - - upstream: Cast lifetime to u_long for comparison to prevent unsigned - - comparison warning on 32bit arches. Spotted by deraadt, ok djm. - - OpenBSD-Commit-ID: 7a75b2540bff5ab4fa00b4d595db1df13bb0515a - -commit 0eaca933ae08b0a515edfccd5cc4a6b667034813 -Author: Darren Tucker -Date: Sat Mar 14 20:58:46 2020 +1100 - - Include fido.h when checking for fido/credman.h. - - It's required for fido_dev_t, otherwise configure fails with - when given --with-security-key-builtin. - -commit c7c099060f82ffe6a36d8785ecf6052e12fd92f0 -Author: djm@openbsd.org -Date: Fri Mar 13 03:18:45 2020 +0000 - - upstream: some more speeling mistakes from - - OpenBSD-Regress-ID: 02471c079805471c546b7a69d9ab1d34e9a57443 - -commit 1d89232a4aa97fe935cd60b8d24d75c2f70d56c5 -Author: djm@openbsd.org -Date: Fri Mar 13 04:16:27 2020 +0000 - - upstream: improve error messages for some common PKCS#11 C_Login - - failure cases; based on patch from Jacob Hoffman-Andrews in bz3130; ok - dtucker - - OpenBSD-Commit-ID: b8b849621b4a98e468942efd0a1c519c12ce089e - -commit 5becbec023f2037394987f85ed7f74b9a28699e0 -Author: djm@openbsd.org -Date: Fri Mar 13 04:01:56 2020 +0000 - - upstream: use sshpkt_fatal() for kex_exchange_identification() - - errors. This ensures that the logged errors are consistent with other - transport- layer errors and that the relevant IP addresses are logged. bz3129 - ok dtucker@ - - OpenBSD-Commit-ID: 2c22891f0b9e1a6cd46771cedbb26ac96ec2e6ab - -commit eef88418f9e5e51910af3c5b23b5606ebc17af55 -Author: dtucker@openbsd.org -Date: Fri Mar 13 03:24:49 2020 +0000 - - upstream: Don't clear alarm timers in listening sshd. Previously - - these timers were used for regenerating the SSH1 ephemeral host keys but - those are now gone so there's no need to clear the timers either. ok - deraadt@ - - OpenBSD-Commit-ID: 280d2b885e4a1ce404632e8cc38fcb17be7dafc0 - -commit d081f017c20a3564255873ed99fd7d024cac540f -Author: djm@openbsd.org -Date: Fri Mar 13 03:17:07 2020 +0000 - - upstream: spelling errors in comments; no code change from - - OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924 - -commit c084a2d040f160bc2b83f13297e3e3ca3f5dbac6 -Author: djm@openbsd.org -Date: Fri Mar 13 03:12:17 2020 +0000 - - upstream: when downloading FIDO2 resident keys from a token, don't - - prompt for a PIN until the token has told us that it needs one. Avoids - double-prompting on devices that implement on-device authentication (e.g. a - touchscreen PIN pad on the Trezor Model T). ok dtucker@ - - OpenBSD-Commit-ID: 38b78903dd4422d7d3204095a31692fb69130817 - -commit 955c4cf4c6a1417c28d4e1040702c4d9bf63645b -Author: Damien Miller -Date: Fri Mar 13 14:30:16 2020 +1100 - - sync fnmatch.c with upstream to fix another typo - -commit 397f217e8640e75bb719a8e87111b4bd848fb3df -Author: Damien Miller -Date: Fri Mar 13 14:24:23 2020 +1100 - - another spelling error in comment - -commit def31bc5427579ec3f7f2ce99f2da1338fdc0c9f -Author: Damien Miller -Date: Fri Mar 13 14:23:07 2020 +1100 - - spelling mistakes - - from https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html - -commit 8bdc3bb7cf4c82c3344cfcb82495a43406e87e83 -Author: markus@openbsd.org -Date: Fri Mar 6 18:29:54 2020 +0000 - - upstream: fix relative includes in sshd_config; ok djm - - OpenBSD-Commit-ID: fa29b0da3c93cbc3a1d4c6bcd58af43c00ffeb5b - -commit e32ef97a56ae03febfe307688858badae3a70e5a -Author: markus@openbsd.org -Date: Fri Mar 6 18:29:14 2020 +0000 - - upstream: fix use-after-free in do_download_sk; ok djm - - OpenBSD-Commit-ID: 96b49623d297797d4fc069f1f09e13c8811f8863 - -commit 5732d58020309364bf31fa125354e399361006db -Author: markus@openbsd.org -Date: Fri Mar 6 18:28:50 2020 +0000 - - upstream: do not leak oprincipals; ok djm - - OpenBSD-Commit-ID: 4691d9387eab36f8fda48f5d8009756ed13a7c4c - -commit 8fae395f34c2c52cdaf9919aa261d1848b4bb00b -Author: markus@openbsd.org -Date: Fri Mar 6 18:28:27 2020 +0000 - - upstream: initialize seconds for debug message; ok djm - - OpenBSD-Commit-ID: 293fbefe6d00b4812a180ba02e26170e4c855b81 - -commit 46e5c4c8ffcd1569bcd5d04803abaa2ecf3e4cff -Author: markus@openbsd.org -Date: Fri Mar 6 18:27:50 2020 +0000 - - upstream: correct return code; ok djm - - OpenBSD-Commit-ID: 319d09e3b7f4b2bc920c67244d9ff6426b744810 - -commit 31c39e7840893f1bfdcbe4f813b20d1d7e69ec3e -Author: markus@openbsd.org -Date: Fri Mar 6 18:27:15 2020 +0000 - - upstream: principalsp is optional, pubkey required; ok djm - - OpenBSD-Commit-ID: 2cc3ea5018c28ed97edaccd7f17d2cc796f01024 - -commit e26a31757c5df2f58687cb9a4853d1418f39728e -Author: markus@openbsd.org -Date: Fri Mar 6 18:26:21 2020 +0000 - - upstream: remove unused variables in ssh-pkcs11-helper; ok djm - - OpenBSD-Commit-ID: 13e572846d0d1b28f1251ddd2165e9cf18135ae1 - -commit 1b378c0d982d6ab522eda634b0e88cf1fca5e352 -Author: markus@openbsd.org -Date: Fri Mar 6 18:25:48 2020 +0000 - - upstream: return correct error in sshsk_ed25519_sig; ok djm - - OpenBSD-Commit-ID: 52bf733df220303c260fee4f165ec64b4a977625 - -commit fbff605e637b068061ab6784ff03e3874890c092 -Author: markus@openbsd.org -Date: Fri Mar 6 18:25:12 2020 +0000 - - upstream: fix possible null-deref in check_key_not_revoked; ok - - djm - - OpenBSD-Commit-ID: 80855e9d7af42bb6fcc16c074ba69876bfe5e3bf - -commit bc30b446841fc16e50ed6e75c56ccfbd37b9f281 -Author: markus@openbsd.org -Date: Fri Mar 6 18:24:39 2020 +0000 - - upstream: ssh_fetch_identitylist() returns the return value from - - ssh_request_reply() so we should also check against != 0 ok djm - - OpenBSD-Commit-ID: 28d0028769d03e665688c61bb5fd943e18614952 - -commit 7b4f70ddeb59f35283d77d8d9c834ca58f8cf436 -Author: markus@openbsd.org -Date: Fri Mar 6 18:23:17 2020 +0000 - - upstream: sshkey_cert_check_authority requires reason to be set; - - ok djm - - OpenBSD-Commit-ID: 6f7a6f19540ed5749763c2f9530c0897c94aa552 - -commit 05efe270df1e925db0af56a806d18b5063db4b6d -Author: markus@openbsd.org -Date: Fri Mar 6 18:21:28 2020 +0000 - - upstream: passphrase depends on kdfname, not ciphername (possible - - null-deref); ok djm - - OpenBSD-Commit-ID: 0d39668edf5e790b5837df4926ee1141cec5471c - -commit 1ddf5682f3992bdacd29164891abb71a19c2cf61 -Author: markus@openbsd.org -Date: Fri Mar 6 18:20:44 2020 +0000 - - upstream: consistently check packet_timeout_ms against 0; ok djm - - OpenBSD-Commit-ID: e8fb8cb2c96c980f075069302534eaf830929928 - -commit 31f1ee54968ad84eb32375e4412e0318766b586b -Author: markus@openbsd.org -Date: Fri Mar 6 18:20:02 2020 +0000 - - upstream: initialize cname in case ai_canonname is NULL or too - - long; ok djm - - OpenBSD-Commit-ID: c27984636fdb1035d1642283664193e91aab6e37 - -commit a6134b02b5264b2611c8beae98bb392329452bba -Author: markus@openbsd.org -Date: Fri Mar 6 18:19:21 2020 +0000 - - upstream: fix uninitialized pointers for forward_cancel; ok djm - - OpenBSD-Commit-ID: 612778e6d87ee865d0ba97d0a335f141cee1aa37 - -commit 16d4f9961c75680aab374dee762a5baa0ad507af -Author: markus@openbsd.org -Date: Fri Mar 6 18:16:21 2020 +0000 - - upstream: exit on parse failures in input_service_request; ok djm - - OpenBSD-Commit-ID: 6a7e1bfded26051d5aa893c030229b1ee6a0d5d2 - -commit 5f25afe5216ba7f8921e04f79aa4ca0624eca820 -Author: markus@openbsd.org -Date: Fri Mar 6 18:15:38 2020 +0000 - - upstream: fix null-deref on calloc failure; ok djm - - OpenBSD-Commit-ID: a313519579b392076b7831ec022dfdefbec8724a - -commit ff2acca039aef16a15fce409163df404858f7aa5 -Author: markus@openbsd.org -Date: Fri Mar 6 18:15:04 2020 +0000 - - upstream: exit if ssh_krl_revoke_key_sha256 fails; ok djm - - OpenBSD-Commit-ID: 0864ad4fe8bf28ab21fd1df766e0365c11bbc0dc - -commit 31c860a0212af2d5b6a129e3e8fcead51392ee1d -Author: markus@openbsd.org -Date: Fri Mar 6 18:14:13 2020 +0000 - - upstream: pkcs11_register_provider: return < 0 on error; ok djm - - OpenBSD-Commit-ID: cfc8321315b787e4d40da4bdb2cbabd4154b0d97 - -commit 15be29e1e3318737b0768ca37d5b4a3fbe868ef0 -Author: markus@openbsd.org -Date: Fri Mar 6 18:13:29 2020 +0000 - - upstream: sshsig: return correct error, fix null-deref; ok djm - - OpenBSD-Commit-ID: 1d1af7cd538b8b23e621cf7ab84f11e7a923edcd - -commit 6fb6f186cb62a6370fba476b6a03478a1e95c30d -Author: markus@openbsd.org -Date: Fri Mar 6 18:12:55 2020 +0000 - - upstream: vasnmprintf allocates str and returns -1; ok djm - - OpenBSD-Commit-ID: dae4c9e83d88471bf3b3f89e3da7a107b44df11c - -commit 714e1cbca17daa13f4f98978cf9e0695d4b2e0a4 -Author: markus@openbsd.org -Date: Fri Mar 6 18:11:10 2020 +0000 - - upstream: sshpkt_fatal() does not return; ok djm - - OpenBSD-Commit-ID: 7dfe847e28bd78208eb227b37f29f4a2a0929929 - -commit 9b47bd7b09d191991ad9e0506bb66b74bbc93d34 -Author: djm@openbsd.org -Date: Fri Feb 28 01:07:28 2020 +0000 - - upstream: no-touch-required certificate option should be an - - extension, not a critical option. - - OpenBSD-Commit-ID: 626b22c5feb7be8a645e4b9a9bef89893b88600d - -commit dd992520bed35387fc010239abe1bdc0c2665e38 -Author: djm@openbsd.org -Date: Fri Feb 28 01:06:05 2020 +0000 - - upstream: better error message when trying to use a FIDO key - - function and SecurityKeyProvider is empty - - OpenBSD-Commit-ID: e56602c2ee8c82f835d30e4dc8ee2e4a7896be24 - -commit b81e66dbe0345aef4717911abcb4f589fff33a0a -Author: dtucker@openbsd.org -Date: Thu Feb 27 02:32:37 2020 +0000 - - upstream: Drop leading space from line count that was confusing - - ssh-keygen's screen mode. - - OpenBSD-Commit-ID: 3bcae7a754db3fc5ad3cab63dd46774edb35b8ae - -commit d5ba1c03278eb079438bb038266d80d7477d49cb -Author: jsg@openbsd.org -Date: Wed Feb 26 13:40:09 2020 +0000 - - upstream: change explicit_bzero();free() to freezero() - - While freezero() returns early if the pointer is NULL the tests for - NULL in callers are left to avoid warnings about passing an - uninitialised size argument across a function boundry. - - ok deraadt@ djm@ - - OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a - -commit 9e3220b585c5be19a7431ea4ff8884c137b3a81c -Author: dtucker@openbsd.org -Date: Wed Feb 26 11:46:51 2020 +0000 - - upstream: Have sftp reject "-1" in the same way as ssh(1) and - - scp(1) do instead of accepting and silently ignoring it since protocol 1 - support has been removed. Spotted by shivakumar2696 at gmail.com, ok - deraadt@ - - OpenBSD-Commit-ID: b79f95559a1c993214f4ec9ae3c34caa87e9d5de - -commit ade8e67bb0f07b12e5e47e7baeafbdc898de639f -Author: dtucker@openbsd.org -Date: Wed Feb 26 01:31:47 2020 +0000 - - upstream: Remove obsolete XXX comment. ok deraadt@ - - OpenBSD-Commit-ID: bc462cc843947feea26a2e21c750b3a7469ff01b - -commit 7eb903f51eba051d7f65790bab92a28970ac1ccc -Author: dtucker@openbsd.org -Date: Mon Feb 24 04:27:58 2020 +0000 - - upstream: Fix typo. Patch from itoama at live.jp via github PR#173. - - OpenBSD-Commit-ID: 5cdaafab38bbdea0d07e24777d00bfe6f972568a diff --git a/crypto/openssh/Makefile.in b/crypto/openssh/Makefile.in index 065bf91e3fcc..7250d3f315e1 100644 --- a/crypto/openssh/Makefile.in +++ b/crypto/openssh/Makefile.in @@ -1,5 +1,4 @@ -# uncomment if you run a non bourne compatible shell. Ie. csh -#SHELL = @SH@ +SHELL=@SH@ AUTORECONF=autoreconf @@ -688,7 +687,7 @@ SK_DUMMY_LIBRARY=@SK_DUMMY_LIBRARY@ $(CC) $(CFLAGS_NOPIE) $(PICFLAG) $(CPPFLAGS) -c $< -o $@ regress/misc/sk-dummy/sk-dummy.so: $(SK_DUMMY_OBJS) - $(CC) $(CFLAGS) $(CPPFLAGS) -fPIC -shared -o $@ $(SK_DUMMY_OBJS) \ + $(CC) $(CFLAGS) $(CPPFLAGS) $(PICFLAG) -shared -o $@ $(SK_DUMMY_OBJS) \ -L. -Lopenbsd-compat -lopenbsd-compat $(LDFLAGS_NOPIE) $(LIBS) regress-binaries: regress-prep $(LIBCOMPAT) \ diff --git a/crypto/openssh/PROTOCOL b/crypto/openssh/PROTOCOL index e6a7d60eef0b..2d50b5cb0528 100644 --- a/crypto/openssh/PROTOCOL +++ b/crypto/openssh/PROTOCOL @@ -492,7 +492,7 @@ This request asks the server to call fsync(2) on an open file handle. string "fsync@openssh.com" string handle -One receiving this request, a server will call fsync(handle_fd) and will +On receiving this request, a server will call fsync(handle_fd) and will respond with a SSH_FXP_STATUS message. This extension is advertised in the SSH_FXP_VERSION hello with version @@ -576,6 +576,43 @@ Its reply is the same format as that of SSH2_FXP_REALPATH. This extension is advertised in the SSH_FXP_VERSION hello with version "1". +4.10. sftp: Extension request "copy-data" + +This request asks the server to copy data from one open file handle and +write it to a different open file handle. This avoids needing to transfer +the data across the network twice (a download followed by an upload). + + byte SSH_FXP_EXTENDED + uint32 id + string "copy-data" + string read-from-handle + uint64 read-from-offset + uint64 read-data-length + string write-to-handle + uint64 write-to-offset + +The server will copy read-data-length bytes starting from +read-from-offset from the read-from-handle and write them to +write-to-handle starting from write-to-offset, and then respond with a +SSH_FXP_STATUS message. + +It's equivalent to issuing a series of SSH_FXP_READ requests on +read-from-handle and a series of requests of SSH_FXP_WRITE on +write-to-handle. + +If read-from-handle and write-to-handle are the same, the server will +fail the request and respond with a SSH_FX_INVALID_PARAMETER message. + +If read-data-length is 0, then the server will read data from the +read-from-handle until EOF is reached. + +This extension is advertised in the SSH_FXP_VERSION hello with version +"1". + +This request is identical to the "copy-data" request documented in: + +https://tools.ietf.org/html/draft-ietf-secsh-filexfer-extensions-00#section-7 + 5. Miscellaneous changes 5.1 Public key format @@ -612,4 +649,4 @@ master instance and later clients. OpenSSH extends the usual agent protocol. These changes are documented in the PROTOCOL.agent file. -$OpenBSD: PROTOCOL,v 1.43 2021/12/19 22:15:42 djm Exp $ +$OpenBSD: PROTOCOL,v 1.44 2022/03/31 03:05:49 djm Exp $ diff --git a/crypto/openssh/README b/crypto/openssh/README index a088ff8dca32..70a8f814caa9 100644 --- a/crypto/openssh/README +++ b/crypto/openssh/README @@ -1,4 +1,4 @@ -See https://www.openssh.com/releasenotes.html#8.9p1 for the release notes. +See https://www.openssh.com/releasenotes.html#9.0p1 for the release notes. Please read https://www.openssh.com/report.html for bug reporting instructions and note that we do not use Github for bug reporting or diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c index faa1a4d3c666..ad5a14e05ae8 100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@ -103,62 +103,18 @@ int allowed_user(struct ssh *ssh, struct passwd * pw) { struct stat st; - const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; + const char *hostname = NULL, *ipaddr = NULL; u_int i; int r; -#ifdef USE_SHADOW - struct spwd *spw = NULL; -#endif /* Shouldn't be called if pw is NULL, but better safe than sorry... */ if (!pw || !pw->pw_name) return 0; -#ifdef USE_SHADOW - if (!options.use_pam) - spw = getspnam(pw->pw_name); -#ifdef HAS_SHADOW_EXPIRE - if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw)) + if (!options.use_pam && platform_locked_account(pw)) { + logit("User %.100s not allowed because account is locked", + pw->pw_name); return 0; -#endif /* HAS_SHADOW_EXPIRE */ -#endif /* USE_SHADOW */ - - /* grab passwd field for locked account check */ - passwd = pw->pw_passwd; -#ifdef USE_SHADOW - if (spw != NULL) -#ifdef USE_LIBIAF - passwd = get_iaf_password(pw); -#else - passwd = spw->sp_pwdp; -#endif /* USE_LIBIAF */ -#endif - - /* check for locked account */ - if (!options.use_pam && passwd && *passwd) { - int locked = 0; - -#ifdef LOCKED_PASSWD_STRING - if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0) - locked = 1; -#endif -#ifdef LOCKED_PASSWD_PREFIX - if (strncmp(passwd, LOCKED_PASSWD_PREFIX, - strlen(LOCKED_PASSWD_PREFIX)) == 0) - locked = 1; -#endif -#ifdef LOCKED_PASSWD_SUBSTR - if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) - locked = 1; -#endif -#ifdef USE_LIBIAF - free((void *) passwd); -#endif /* USE_LIBIAF */ - if (locked) { - logit("User %.100s not allowed because account is locked", - pw->pw_name); - return 0; - } } /* diff --git a/crypto/openssh/auth2-pubkey.c b/crypto/openssh/auth2-pubkey.c index 9c2298fc887d..d297a5c3d975 100644 --- a/crypto/openssh/auth2-pubkey.c +++ b/crypto/openssh/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.112 2021/12/19 22:12:30 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.113 2022/02/27 01:33:59 naddy Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -166,8 +166,8 @@ userauth_pubkey(struct ssh *ssh, const char *method) goto done; } if (match_pattern_list(pkalg, options.pubkey_accepted_algos, 0) != 1) { - logit_f("key type %s not in PubkeyAcceptedAlgorithms", - sshkey_ssh_name(key)); + logit_f("signature algorithm %s not in " + "PubkeyAcceptedAlgorithms", pkalg); goto done; } if ((r = sshkey_check_cert_sigtype(key, diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index 73e93c032765..ee3c787922fb 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.413 2022/02/17 10:58:27 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.415 2022/03/30 21:10:25 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -432,21 +432,25 @@ channel_close_fd(struct ssh *ssh, Channel *c, int *fdp) c->io_want &= ~SSH_CHAN_IO_RFD; c->io_ready &= ~SSH_CHAN_IO_RFD; c->rfd = -1; + c->pfds[0] = -1; } if (*fdp == c->wfd) { c->io_want &= ~SSH_CHAN_IO_WFD; c->io_ready &= ~SSH_CHAN_IO_WFD; c->wfd = -1; + c->pfds[1] = -1; } if (*fdp == c->efd) { c->io_want &= ~SSH_CHAN_IO_EFD; c->io_ready &= ~SSH_CHAN_IO_EFD; c->efd = -1; + c->pfds[2] = -1; } if (*fdp == c->sock) { c->io_want &= ~SSH_CHAN_IO_SOCK; c->io_ready &= ~SSH_CHAN_IO_SOCK; c->sock = -1; + c->pfds[3] = -1; } ret = close(fd); @@ -2475,10 +2479,13 @@ dump_channel_poll(const char *func, const char *what, Channel *c, u_int pollfd_offset, struct pollfd *pfd) { #ifdef DEBUG_CHANNEL_POLL - debug3_f("channel %d: rfd r%d w%d e%d s%d " - "pfd[%u].fd=%d want 0x%02x ev 0x%02x ready 0x%02x rev 0x%02x", - c->self, c->rfd, c->wfd, c->efd, c->sock, pollfd_offset, pfd->fd, - c->io_want, pfd->events, c->io_ready, pfd->revents); + debug3("%s: channel %d: %s r%d w%d e%d s%d c->pfds [ %d %d %d %d ] " + "io_want 0x%02x io_ready 0x%02x pfd[%u].fd=%d " + "pfd.ev 0x%02x pfd.rev 0x%02x", func, c->self, what, + c->rfd, c->wfd, c->efd, c->sock, + c->pfds[0], c->pfds[1], c->pfds[2], c->pfds[3], + c->io_want, c->io_ready, + pollfd_offset, pfd->fd, pfd->events, pfd->revents); #endif } @@ -2487,7 +2494,7 @@ static void channel_prepare_pollfd(Channel *c, u_int *next_pollfd, struct pollfd *pfd, u_int npfd) { - u_int p = *next_pollfd; + u_int ev, p = *next_pollfd; if (c == NULL) return; @@ -2496,7 +2503,7 @@ channel_prepare_pollfd(Channel *c, u_int *next_pollfd, fatal_f("channel %d: bad pfd offset %u (max %u)", c->self, p, npfd); } - c->pollfd_offset = -1; + c->pfds[0] = c->pfds[1] = c->pfds[2] = c->pfds[3] = -1; /* * prepare c->rfd * @@ -2505,69 +2512,82 @@ channel_prepare_pollfd(Channel *c, u_int *next_pollfd, * IO too. */ if (c->rfd != -1) { - if (c->pollfd_offset == -1) - c->pollfd_offset = p; - pfd[p].fd = c->rfd; - pfd[p].events = 0; + ev = 0; if ((c->io_want & SSH_CHAN_IO_RFD) != 0) - pfd[p].events |= POLLIN; + ev |= POLLIN; /* rfd == wfd */ - if (c->wfd == c->rfd && - (c->io_want & SSH_CHAN_IO_WFD) != 0) - pfd[p].events |= POLLOUT; + if (c->wfd == c->rfd) { + if ((c->io_want & SSH_CHAN_IO_WFD) != 0) + ev |= POLLOUT; + } /* rfd == efd */ - if (c->efd == c->rfd && - (c->io_want & SSH_CHAN_IO_EFD_R) != 0) - pfd[p].events |= POLLIN; - if (c->efd == c->rfd && - (c->io_want & SSH_CHAN_IO_EFD_W) != 0) - pfd[p].events |= POLLOUT; + if (c->efd == c->rfd) { + if ((c->io_want & SSH_CHAN_IO_EFD_R) != 0) + ev |= POLLIN; + if ((c->io_want & SSH_CHAN_IO_EFD_W) != 0) + ev |= POLLOUT; + } /* rfd == sock */ - if (c->sock == c->rfd && - (c->io_want & SSH_CHAN_IO_SOCK_R) != 0) - pfd[p].events |= POLLIN; - if (c->sock == c->rfd && - (c->io_want & SSH_CHAN_IO_SOCK_W) != 0) - pfd[p].events |= POLLOUT; - dump_channel_poll(__func__, "rfd", c, p, &pfd[p]); - p++; + if (c->sock == c->rfd) { + if ((c->io_want & SSH_CHAN_IO_SOCK_R) != 0) + ev |= POLLIN; + if ((c->io_want & SSH_CHAN_IO_SOCK_W) != 0) + ev |= POLLOUT; + } + /* Pack a pfd entry if any event armed for this fd */ + if (ev != 0) { + c->pfds[0] = p; + pfd[p].fd = c->rfd; + pfd[p].events = ev; + dump_channel_poll(__func__, "rfd", c, p, &pfd[p]); + p++; + } } - /* prepare c->wfd (if not already handled above) */ + /* prepare c->wfd if wanting IO and not already handled above */ if (c->wfd != -1 && c->rfd != c->wfd) { - if (c->pollfd_offset == -1) - c->pollfd_offset = p; - pfd[p].fd = c->wfd; - pfd[p].events = 0; - if ((c->io_want & SSH_CHAN_IO_WFD) != 0) - pfd[p].events = POLLOUT; - dump_channel_poll(__func__, "wfd", c, p, &pfd[p]); - p++; + ev = 0; + if ((c->io_want & SSH_CHAN_IO_WFD)) + ev |= POLLOUT; + /* Pack a pfd entry if any event armed for this fd */ + if (ev != 0) { + c->pfds[1] = p; + pfd[p].fd = c->wfd; + pfd[p].events = ev; + dump_channel_poll(__func__, "wfd", c, p, &pfd[p]); + p++; + } } - /* prepare c->efd (if not already handled above) */ + /* prepare c->efd if wanting IO and not already handled above */ if (c->efd != -1 && c->rfd != c->efd) { - if (c->pollfd_offset == -1) - c->pollfd_offset = p; - pfd[p].fd = c->efd; - pfd[p].events = 0; + ev = 0; if ((c->io_want & SSH_CHAN_IO_EFD_R) != 0) - pfd[p].events |= POLLIN; + ev |= POLLIN; if ((c->io_want & SSH_CHAN_IO_EFD_W) != 0) - pfd[p].events |= POLLOUT; - dump_channel_poll(__func__, "efd", c, p, &pfd[p]); - p++; + ev |= POLLOUT; + /* Pack a pfd entry if any event armed for this fd */ + if (ev != 0) { + c->pfds[2] = p; + pfd[p].fd = c->efd; + pfd[p].events = ev; + dump_channel_poll(__func__, "efd", c, p, &pfd[p]); + p++; + } } - /* prepare c->sock (if not already handled above) */ + /* prepare c->sock if wanting IO and not already handled above */ if (c->sock != -1 && c->rfd != c->sock) { - if (c->pollfd_offset == -1) - c->pollfd_offset = p; - pfd[p].fd = c->sock; - pfd[p].events = 0; + ev = 0; if ((c->io_want & SSH_CHAN_IO_SOCK_R) != 0) - pfd[p].events |= POLLIN; + ev |= POLLIN; if ((c->io_want & SSH_CHAN_IO_SOCK_W) != 0) - pfd[p].events |= POLLOUT; - dump_channel_poll(__func__, "sock", c, p, &pfd[p]); - p++; + ev |= POLLOUT; + /* Pack a pfd entry if any event armed for this fd */ + if (ev != 0) { + c->pfds[3] = p; + pfd[p].fd = c->sock; + pfd[p].events = 0; + dump_channel_poll(__func__, "sock", c, p, &pfd[p]); + p++; + } } *next_pollfd = p; } @@ -2614,13 +2634,15 @@ channel_prepare_poll(struct ssh *ssh, struct pollfd **pfdp, u_int *npfd_allocp, } static void -fd_ready(Channel *c, u_int p, struct pollfd *pfds, int fd, +fd_ready(Channel *c, int p, struct pollfd *pfds, u_int npfd, int fd, const char *what, u_int revents_mask, u_int ready) { struct pollfd *pfd = &pfds[p]; if (fd == -1) return; + if (p == -1 || (u_int)p >= npfd) + fatal_f("channel %d: bad pfd %d (max %u)", c->self, p, npfd); dump_channel_poll(__func__, what, c, p, pfd); if (pfd->fd != fd) { fatal("channel %d: inconsistent %s fd=%d pollfd[%u].fd %d " @@ -2643,11 +2665,12 @@ void channel_after_poll(struct ssh *ssh, struct pollfd *pfd, u_int npfd) { struct ssh_channels *sc = ssh->chanctxt; - u_int i, p; + u_int i; + int p; Channel *c; #ifdef DEBUG_CHANNEL_POLL - for (p = 0; p < npfd; p++) { + for (p = 0; p < (int)npfd; p++) { if (pfd[p].revents == 0) continue; debug_f("pfd[%u].fd %d rev 0x%04x", @@ -2658,13 +2681,8 @@ channel_after_poll(struct ssh *ssh, struct pollfd *pfd, u_int npfd) /* Convert pollfd into c->io_ready */ for (i = 0; i < sc->channels_alloc; i++) { c = sc->channels[i]; - if (c == NULL || c->pollfd_offset < 0) + if (c == NULL) continue; - if ((u_int)c->pollfd_offset >= npfd) { - /* shouldn't happen */ - fatal_f("channel %d: (before) bad pfd %u (max %u)", - c->self, c->pollfd_offset, npfd); - } /* if rfd is shared with efd/sock then wfd should be too */ if (c->rfd != -1 && c->wfd != -1 && c->rfd != c->wfd && (c->rfd == c->efd || c->rfd == c->sock)) { @@ -2673,56 +2691,52 @@ channel_after_poll(struct ssh *ssh, struct pollfd *pfd, u_int npfd) c->self, c->rfd, c->wfd, c->efd, c->sock); } c->io_ready = 0; - p = c->pollfd_offset; /* rfd, potentially shared with wfd, efd and sock */ - if (c->rfd != -1) { - fd_ready(c, p, pfd, c->rfd, "rfd", POLLIN, - SSH_CHAN_IO_RFD); + if (c->rfd != -1 && (p = c->pfds[0]) != -1) { + fd_ready(c, p, pfd, npfd, c->rfd, + "rfd", POLLIN, SSH_CHAN_IO_RFD); if (c->rfd == c->wfd) { - fd_ready(c, p, pfd, c->wfd, "wfd/r", POLLOUT, - SSH_CHAN_IO_WFD); + fd_ready(c, p, pfd, npfd, c->wfd, + "wfd/r", POLLOUT, SSH_CHAN_IO_WFD); } if (c->rfd == c->efd) { - fd_ready(c, p, pfd, c->efd, "efdr/r", POLLIN, - SSH_CHAN_IO_EFD_R); - fd_ready(c, p, pfd, c->efd, "efdw/r", POLLOUT, - SSH_CHAN_IO_EFD_W); + fd_ready(c, p, pfd, npfd, c->efd, + "efdr/r", POLLIN, SSH_CHAN_IO_EFD_R); + fd_ready(c, p, pfd, npfd, c->efd, + "efdw/r", POLLOUT, SSH_CHAN_IO_EFD_W); } if (c->rfd == c->sock) { - fd_ready(c, p, pfd, c->sock, "sockr/r", POLLIN, - SSH_CHAN_IO_SOCK_R); - fd_ready(c, p, pfd, c->sock, "sockw/r", POLLOUT, - SSH_CHAN_IO_SOCK_W); + fd_ready(c, p, pfd, npfd, c->sock, + "sockr/r", POLLIN, SSH_CHAN_IO_SOCK_R); + fd_ready(c, p, pfd, npfd, c->sock, + "sockw/r", POLLOUT, SSH_CHAN_IO_SOCK_W); } - p++; + dump_channel_poll(__func__, "rfd", c, p, pfd); } /* wfd */ - if (c->wfd != -1 && c->wfd != c->rfd) { - fd_ready(c, p, pfd, c->wfd, "wfd", POLLOUT, - SSH_CHAN_IO_WFD); - p++; + if (c->wfd != -1 && c->wfd != c->rfd && + (p = c->pfds[1]) != -1) { + fd_ready(c, p, pfd, npfd, c->wfd, + "wfd", POLLOUT, SSH_CHAN_IO_WFD); + dump_channel_poll(__func__, "wfd", c, p, pfd); } /* efd */ - if (c->efd != -1 && c->efd != c->rfd) { - fd_ready(c, p, pfd, c->efd, "efdr", POLLIN, - SSH_CHAN_IO_EFD_R); - fd_ready(c, p, pfd, c->efd, "efdw", POLLOUT, - SSH_CHAN_IO_EFD_W); - p++; + if (c->efd != -1 && c->efd != c->rfd && + (p = c->pfds[2]) != -1) { + fd_ready(c, p, pfd, npfd, c->efd, + "efdr", POLLIN, SSH_CHAN_IO_EFD_R); + fd_ready(c, p, pfd, npfd, c->efd, + "efdw", POLLOUT, SSH_CHAN_IO_EFD_W); + dump_channel_poll(__func__, "efd", c, p, pfd); } /* sock */ - if (c->sock != -1 && c->sock != c->rfd) { - fd_ready(c, p, pfd, c->sock, "sockr", POLLIN, - SSH_CHAN_IO_SOCK_R); - fd_ready(c, p, pfd, c->sock, "sockw", POLLOUT, - SSH_CHAN_IO_SOCK_W); - p++; - } - - if (p > npfd) { - /* shouldn't happen */ - fatal_f("channel %d: (after) bad pfd %u (max %u)", - c->self, c->pollfd_offset, npfd); + if (c->sock != -1 && c->sock != c->rfd && + (p = c->pfds[3]) != -1) { + fd_ready(c, p, pfd, npfd, c->sock, + "sockr", POLLIN, SSH_CHAN_IO_SOCK_R); + fd_ready(c, p, pfd, npfd, c->sock, + "sockw", POLLOUT, SSH_CHAN_IO_SOCK_W); + dump_channel_poll(__func__, "sock", c, p, pfd); } } channel_handler(ssh, CHAN_POST, NULL); diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h index 82f33ba2ff14..dfb82f8ce262 100644 --- a/crypto/openssh/channels.h +++ b/crypto/openssh/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.141 2022/01/22 00:49:34 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.142 2022/03/30 21:10:25 djm Exp $ */ /* * Author: Tatu Ylonen @@ -138,7 +138,7 @@ struct Channel { int sock; /* sock fd */ u_int io_want; /* bitmask of SSH_CHAN_IO_* */ u_int io_ready; /* bitmask of SSH_CHAN_IO_* */ - int pollfd_offset; /* base offset into pollfd array (or -1) */ + int pfds[4]; /* pollfd entries for rfd/wfd/efd/sock */ int ctl_chan; /* control channel (multiplexed connections) */ int isatty; /* rfd is a tty */ #ifdef _AIX diff --git a/crypto/openssh/config.h b/crypto/openssh/config.h index 6e32815c034e..943f8c6e4b6e 100644 --- a/crypto/openssh/config.h +++ b/crypto/openssh/config.h @@ -334,6 +334,10 @@ */ #define HAVE_DECL_BZERO 1 +/* Define to 1 if you have the declaration of `ftruncate', and to 0 if you + don't. */ +#define HAVE_DECL_FTRUNCATE 1 + /* Define to 1 if you have the declaration of `getpeereid', and to 0 if you don't. */ #define HAVE_DECL_GETPEEREID 1 @@ -847,6 +851,9 @@ /* Define if you have isblank(3C). */ #define HAVE_ISBLANK 1 +/* Define to 1 if you have the `killpg' function. */ +#define HAVE_KILLPG 1 + /* Define to 1 if you have the `krb5_cc_new_unique' function. */ /* #undef HAVE_KRB5_CC_NEW_UNIQUE */ diff --git a/crypto/openssh/configure.ac b/crypto/openssh/configure.ac index 5a66d99b80b1..d98ea1afce8d 100644 --- a/crypto/openssh/configure.ac +++ b/crypto/openssh/configure.ac @@ -48,6 +48,8 @@ AC_PATH_PROG([SED], [sed]) AC_PATH_PROG([TEST_MINUS_S_SH], [bash]) AC_PATH_PROG([TEST_MINUS_S_SH], [ksh]) AC_PATH_PROG([TEST_MINUS_S_SH], [sh]) +AC_PATH_PROG([SH], [bash]) +AC_PATH_PROG([SH], [ksh]) AC_PATH_PROG([SH], [sh]) AC_PATH_PROG([GROFF], [groff]) AC_PATH_PROG([NROFF], [nroff awf]) @@ -1933,6 +1935,7 @@ AC_CHECK_FUNCS([ \ inet_ntoa \ inet_ntop \ innetgr \ + killpg \ llabs \ localtime_r \ login_getcapbool \ @@ -2149,6 +2152,12 @@ AC_CHECK_DECLS([O_NONBLOCK], , , #endif ]) +AC_CHECK_DECLS([ftruncate], , , + [ +#include +#include + ]) + AC_CHECK_DECLS([readv, writev], , , [ #include #include @@ -3631,8 +3640,8 @@ AC_RUN_IFELSE( select_works_with_rlimit=yes], [AC_MSG_RESULT([no]) select_works_with_rlimit=no], - [AC_MSG_WARN([cross compiling: assuming yes]) - select_works_with_rlimit=yes] + [AC_MSG_WARN([cross compiling: assuming no]) + select_works_with_rlimit=no] ) AC_CHECK_MEMBERS([struct pollfd.fd], [], [], [[ diff --git a/crypto/openssh/contrib/redhat/openssh.spec b/crypto/openssh/contrib/redhat/openssh.spec index 95ab2199b269..b8ba8bae0469 100644 --- a/crypto/openssh/contrib/redhat/openssh.spec +++ b/crypto/openssh/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%global ver 8.9p1 +%global ver 9.0p1 %global rel 1%{?dist} # OpenSSH privilege separation requires a user & group ID diff --git a/crypto/openssh/contrib/suse/openssh.spec b/crypto/openssh/contrib/suse/openssh.spec index 8df0ae3b0b44..28b9086f4cab 100644 --- a/crypto/openssh/contrib/suse/openssh.spec +++ b/crypto/openssh/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 8.9p1 +Version: 9.0p1 URL: https://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/crypto/openssh/m4/openssh.m4 b/crypto/openssh/m4/openssh.m4 index 4f9c3792dc17..8c33c701b8b4 100644 --- a/crypto/openssh/m4/openssh.m4 +++ b/crypto/openssh/m4/openssh.m4 @@ -14,6 +14,8 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ #include #include +/* Trivial function to help test for -fzero-call-used-regs */ +void f(int n) {} int main(int argc, char **argv) { (void)argv; /* Some math to catch -ftrapv problems in the toolchain */ @@ -21,6 +23,7 @@ int main(int argc, char **argv) { float l = i * 2.1; double m = l / 0.5; long long int n = argc * 12345LL, o = 12345LL * (long long int)argc; + f(0); printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o); /* * Test fallthrough behaviour. clang 10's -Wimplicit-fallthrough does diff --git a/crypto/openssh/misc.c b/crypto/openssh/misc.c index 417498deb7a2..85d22369505d 100644 --- a/crypto/openssh/misc.c +++ b/crypto/openssh/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.174 2022/02/11 00:43:56 dtucker Exp $ */ +/* $OpenBSD: misc.c,v 1.175 2022/03/20 08:51:21 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005-2020 Damien Miller. All rights reserved. @@ -1069,16 +1069,21 @@ addargs(arglist *args, char *fmt, ...) r = vasprintf(&cp, fmt, ap); va_end(ap); if (r == -1) - fatal("addargs: argument too long"); + fatal_f("argument too long"); nalloc = args->nalloc; if (args->list == NULL) { nalloc = 32; args->num = 0; - } else if (args->num+2 >= nalloc) + } else if (args->num > (256 * 1024)) + fatal_f("too many arguments"); + else if (args->num >= args->nalloc) + fatal_f("arglist corrupt"); + else if (args->num+2 >= nalloc) nalloc *= 2; - args->list = xrecallocarray(args->list, args->nalloc, nalloc, sizeof(char *)); + args->list = xrecallocarray(args->list, args->nalloc, + nalloc, sizeof(char *)); args->nalloc = nalloc; args->list[args->num++] = cp; args->list[args->num] = NULL; @@ -1095,10 +1100,12 @@ replacearg(arglist *args, u_int which, char *fmt, ...) r = vasprintf(&cp, fmt, ap); va_end(ap); if (r == -1) - fatal("replacearg: argument too long"); + fatal_f("argument too long"); + if (args->list == NULL || args->num >= args->nalloc) + fatal_f("arglist corrupt"); if (which >= args->num) - fatal("replacearg: tried to replace invalid arg %d >= %d", + fatal_f("tried to replace invalid arg %d >= %d", which, args->num); free(args->list[which]); args->list[which] = cp; @@ -1109,13 +1116,15 @@ freeargs(arglist *args) { u_int i; - if (args->list != NULL) { + if (args == NULL) + return; + if (args->list != NULL && args->num < args->nalloc) { for (i = 0; i < args->num; i++) free(args->list[i]); free(args->list); - args->nalloc = args->num = 0; - args->list = NULL; } + args->nalloc = args->num = 0; + args->list = NULL; } /* diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index c199cb9bc089..20b9f67b9349 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.231 2022/01/28 06:18:42 guenther Exp $ */ +/* $OpenBSD: monitor.c,v 1.232 2022/02/25 02:09:27 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -709,7 +709,6 @@ mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m) int mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m) { - char *username; struct passwd *pwent; int r, allowed = 0; u_int i; @@ -719,14 +718,12 @@ mm_answer_pwnamallow(struct ssh *ssh, int sock, struct sshbuf *m) if (authctxt->attempt++ != 0) fatal_f("multiple attempts for getpwnam"); - if ((r = sshbuf_get_cstring(m, &username, NULL)) != 0) + if ((r = sshbuf_get_cstring(m, &authctxt->user, NULL)) != 0) fatal_fr(r, "parse"); - pwent = getpwnamallow(ssh, username); + pwent = getpwnamallow(ssh, authctxt->user); - authctxt->user = xstrdup(username); - setproctitle("%s [priv]", pwent ? username : "unknown"); - free(username); + setproctitle("%s [priv]", pwent ? authctxt->user : "unknown"); sshbuf_reset(m); diff --git a/crypto/openssh/myproposal.h b/crypto/openssh/myproposal.h index ee50d215be06..ee6e9f741526 100644 --- a/crypto/openssh/myproposal.h +++ b/crypto/openssh/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.70 2021/11/10 06:29:25 djm Exp $ */ +/* $OpenBSD: myproposal.h,v 1.71 2022/03/30 21:13:23 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,12 +25,12 @@ */ #define KEX_SERVER_KEX \ + "sntrup761x25519-sha512@openssh.com," \ "curve25519-sha256," \ "curve25519-sha256@libssh.org," \ "ecdh-sha2-nistp256," \ "ecdh-sha2-nistp384," \ "ecdh-sha2-nistp521," \ - "sntrup761x25519-sha512@openssh.com," \ "diffie-hellman-group-exchange-sha256," \ "diffie-hellman-group16-sha512," \ "diffie-hellman-group18-sha512," \ diff --git a/crypto/openssh/openbsd-compat/arc4random.c b/crypto/openssh/openbsd-compat/arc4random.c index 80ff3c1801a1..ce5f054f1e23 100644 --- a/crypto/openssh/openbsd-compat/arc4random.c +++ b/crypto/openssh/openbsd-compat/arc4random.c @@ -79,7 +79,7 @@ _rs_init(u_char *buf, size_t n) { if (n < KEYSZ + IVSZ) return; - chacha_keysetup(&rs, buf, KEYSZ * 8, 0); + chacha_keysetup(&rs, buf, KEYSZ * 8); chacha_ivsetup(&rs, buf + KEYSZ); } diff --git a/crypto/openssh/openbsd-compat/bsd-misc.c b/crypto/openssh/openbsd-compat/bsd-misc.c index 059b6d3b3ec7..3b00ef6d240e 100644 --- a/crypto/openssh/openbsd-compat/bsd-misc.c +++ b/crypto/openssh/openbsd-compat/bsd-misc.c @@ -107,7 +107,7 @@ const char *strerror(int e) #endif #ifndef HAVE_UTIMES -int utimes(char *filename, struct timeval *tvp) +int utimes(const char *filename, struct timeval *tvp) { struct utimbuf ub; @@ -412,6 +412,14 @@ getsid(pid_t pid) } #endif +#ifndef HAVE_KILLPG +int +killpg(pid_t pgrp, int sig) +{ + return kill(pgrp, sig); +} +#endif + #ifdef FFLUSH_NULL_BUG #undef fflush int _ssh_compat_fflush(FILE *f) diff --git a/crypto/openssh/openbsd-compat/bsd-misc.h b/crypto/openssh/openbsd-compat/bsd-misc.h index 2206e1a82140..61ead1b7fad0 100644 --- a/crypto/openssh/openbsd-compat/bsd-misc.h +++ b/crypto/openssh/openbsd-compat/bsd-misc.h @@ -62,7 +62,7 @@ struct timeval { } #endif /* HAVE_STRUCT_TIMEVAL */ -int utimes(char *, struct timeval *); +int utimes(const char *, struct timeval *); #endif /* HAVE_UTIMES */ #ifndef AT_FDCWD diff --git a/crypto/openssh/openbsd-compat/bsd-poll.c b/crypto/openssh/openbsd-compat/bsd-poll.c index 781ee978a651..9a9794f5863b 100644 --- a/crypto/openssh/openbsd-compat/bsd-poll.c +++ b/crypto/openssh/openbsd-compat/bsd-poll.c @@ -91,11 +91,11 @@ ppoll(struct pollfd *fds, nfds_t nfds, const struct timespec *tmoutp, fds[i].revents = 0; if (fd == -1) continue; - if (FD_ISSET(fd, readfds)) + if ((fds[i].events & POLLIN) && FD_ISSET(fd, readfds)) fds[i].revents |= POLLIN; - if (FD_ISSET(fd, writefds)) + if ((fds[i].events & POLLOUT) && FD_ISSET(fd, writefds)) fds[i].revents |= POLLOUT; - if (FD_ISSET(fd, exceptfds)) + if ((fds[i].events & POLLPRI) && FD_ISSET(fd, exceptfds)) fds[i].revents |= POLLPRI; } diff --git a/crypto/openssh/openbsd-compat/chacha_private.h b/crypto/openssh/openbsd-compat/chacha_private.h index 7c3680fa6d64..cdcb78560825 100644 --- a/crypto/openssh/openbsd-compat/chacha_private.h +++ b/crypto/openssh/openbsd-compat/chacha_private.h @@ -1,10 +1,12 @@ +/* OPENBSD ORIGINAL: lib/libc/crypt/chacha_private.h */ + /* chacha-merged.c version 20080118 D. J. Bernstein Public domain. */ -/* $OpenBSD: chacha_private.h,v 1.2 2013/10/04 07:02:27 djm Exp $ */ +/* $OpenBSD: chacha_private.h,v 1.3 2022/02/28 21:56:29 dtucker Exp $ */ typedef unsigned char u8; typedef unsigned int u32; @@ -52,7 +54,7 @@ static const char sigma[16] = "expand 32-byte k"; static const char tau[16] = "expand 16-byte k"; static void -chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits,u32 ivbits) +chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits) { const char *constants; diff --git a/crypto/openssh/openbsd-compat/getrrsetbyname.c b/crypto/openssh/openbsd-compat/getrrsetbyname.c index dc6fe0533732..cc1f8ae519eb 100644 --- a/crypto/openssh/openbsd-compat/getrrsetbyname.c +++ b/crypto/openssh/openbsd-compat/getrrsetbyname.c @@ -89,7 +89,7 @@ struct __res_state _res; #ifndef GETSHORT #define GETSHORT(s, cp) { \ - register u_char *t_cp = (u_char *)(cp); \ + u_char *t_cp = (u_char *)(cp); \ (s) = ((u_int16_t)t_cp[0] << 8) \ | ((u_int16_t)t_cp[1]) \ ; \ @@ -99,7 +99,7 @@ struct __res_state _res; #ifndef GETLONG #define GETLONG(l, cp) { \ - register u_char *t_cp = (u_char *)(cp); \ + u_char *t_cp = (u_char *)(cp); \ (l) = ((u_int32_t)t_cp[0] << 24) \ | ((u_int32_t)t_cp[1] << 16) \ | ((u_int32_t)t_cp[2] << 8) \ @@ -109,36 +109,35 @@ struct __res_state _res; } #endif +/* + * If the system doesn't have _getshort/_getlong or that are not exactly what + * we need then use local replacements, avoiding name collisions. + */ +#if !defined(HAVE__GETSHORT) || !defined(HAVE__GETLONG) || \ + !defined(HAVE_DECL__GETSHORT) || HAVE_DECL__GETSHORT == 0 || \ + !defined(HAVE_DECL__GETLONG) || HAVE_DECL__GETLONG == 0 +#define _getshort(x) (_ssh_compat_getshort(x)) +#define _getlong(x) (_ssh_compat_getlong(x)) /* * Routines to insert/extract short/long's. */ - -#ifndef HAVE__GETSHORT static u_int16_t -_getshort(msgp) - register const u_char *msgp; +_getshort(const u_char *msgp) { - register u_int16_t u; + u_int16_t u; GETSHORT(u, msgp); return (u); } -#elif defined(HAVE_DECL__GETSHORT) && (HAVE_DECL__GETSHORT == 0) -u_int16_t _getshort(register const u_char *); -#endif -#ifndef HAVE__GETLONG static u_int32_t -_getlong(msgp) - register const u_char *msgp; +_getlong(const u_char *msgp) { - register u_int32_t u; + u_int32_t u; GETLONG(u, msgp); return (u); } -#elif defined(HAVE_DECL__GETLONG) && (HAVE_DECL__GETLONG == 0) -u_int32_t _getlong(register const u_char *); #endif /* ************** */ diff --git a/crypto/openssh/openbsd-compat/openbsd-compat.h b/crypto/openssh/openbsd-compat/openbsd-compat.h index c202e1429245..4316ab84bf89 100644 --- a/crypto/openssh/openbsd-compat/openbsd-compat.h +++ b/crypto/openssh/openbsd-compat/openbsd-compat.h @@ -65,6 +65,10 @@ int bindresvport_sa(int sd, struct sockaddr *sa); void closefrom(int); #endif +#if defined(HAVE_DECL_FTRUNCATE) && HAVE_DECL_FTRUNCATE == 0 +int ftruncate(int filedes, off_t length); +#endif + #ifndef HAVE_GETLINE #include ssize_t getline(char **, size_t *, FILE *); @@ -78,6 +82,10 @@ int getpagesize(void); char *getcwd(char *pt, size_t size); #endif +#ifndef HAVE_KILLPG +int killpg(pid_t, int); +#endif + #if defined(HAVE_DECL_MEMMEM) && HAVE_DECL_MEMMEM == 0 void *memmem(const void *, size_t, const void *, size_t); #endif diff --git a/crypto/openssh/platform.c b/crypto/openssh/platform.c index 44ba71dc5fcb..4fe8744ee887 100644 --- a/crypto/openssh/platform.c +++ b/crypto/openssh/platform.c @@ -18,6 +18,7 @@ #include #include +#include #include #include "log.h" @@ -197,3 +198,53 @@ platform_krb5_get_principal_name(const char *pw_name) return NULL; #endif } + +/* returns 1 if account is locked */ +int +platform_locked_account(struct passwd *pw) +{ + int locked = 0; + char *passwd = pw->pw_passwd; +#ifdef USE_SHADOW + struct spwd *spw = NULL; +#ifdef USE_LIBIAF + char *iaf_passwd = NULL; +#endif + + spw = getspnam(pw->pw_name); +#ifdef HAS_SHADOW_EXPIRE + if (spw != NULL && auth_shadow_acctexpired(spw)) + return 1; +#endif /* HAS_SHADOW_EXPIRE */ + + if (spw != NULL) +#ifdef USE_LIBIAF + iaf_passwd = passwd = get_iaf_password(pw); +#else + passwd = spw->sp_pwdp; +#endif /* USE_LIBIAF */ +#endif + + /* check for locked account */ + if (passwd && *passwd) { +#ifdef LOCKED_PASSWD_STRING + if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0) + locked = 1; +#endif +#ifdef LOCKED_PASSWD_PREFIX + if (strncmp(passwd, LOCKED_PASSWD_PREFIX, + strlen(LOCKED_PASSWD_PREFIX)) == 0) + locked = 1; +#endif +#ifdef LOCKED_PASSWD_SUBSTR + if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) + locked = 1; +#endif + } +#ifdef USE_LIBIAF + if (iaf_passwd != NULL) + freezero(iaf_passwd, strlen(iaf_passwd)); +#endif /* USE_LIBIAF */ + + return locked; +} diff --git a/crypto/openssh/platform.h b/crypto/openssh/platform.h index ea4f9c584924..7fef8c983e5e 100644 --- a/crypto/openssh/platform.h +++ b/crypto/openssh/platform.h @@ -28,6 +28,7 @@ void platform_setusercontext(struct passwd *); void platform_setusercontext_post_groups(struct passwd *); char *platform_get_krb5_client(const char *); char *platform_krb5_get_principal_name(const char *); +int platform_locked_account(struct passwd *); int platform_sys_dir_uid(uid_t); void platform_disable_tracing(int); diff --git a/crypto/openssh/scp.c b/crypto/openssh/scp.c index 519bffa1be1e..7a3851c5fdd1 100644 --- a/crypto/openssh/scp.c +++ b/crypto/openssh/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.245 2022/02/10 04:12:38 djm Exp $ */ +/* $OpenBSD: scp.c,v 1.247 2022/03/20 08:52:17 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -968,7 +968,7 @@ do_sftp_connect(char *host, char *user, int port, char *sftp_direct, return NULL; } else { - args.list = NULL; + freeargs(&args); addargs(&args, "sftp-server"); if (do_cmd(sftp_direct, host, NULL, -1, 0, "sftp", reminp, remoutp, pidp) < 0) diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index e3c43c8cb487..6ab8e66f09e2 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.383 2022/02/08 08:59:12 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.384 2022/03/18 04:04:11 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2542,7 +2542,7 @@ parse_server_match_config(ServerOptions *options, initialize_server_options(&mo); parse_server_config(&mo, "reprocess config", cfg, includes, - connectinfo); + connectinfo, 0); copy_set_server_options(options, &mo, 0); } @@ -2720,12 +2720,13 @@ parse_server_config_depth(ServerOptions *options, const char *filename, void parse_server_config(ServerOptions *options, const char *filename, struct sshbuf *conf, struct include_list *includes, - struct connection_info *connectinfo) + struct connection_info *connectinfo, int reexec) { int active = connectinfo ? 0 : 1; parse_server_config_depth(options, filename, conf, includes, connectinfo, (connectinfo ? SSHCFG_MATCH_ONLY : 0), &active, 0); - process_queued_listen_addrs(options); + if (!reexec) + process_queued_listen_addrs(options); } static const char * diff --git a/crypto/openssh/servconf.h b/crypto/openssh/servconf.h index 6094e85d99ca..6f87db44421a 100644 --- a/crypto/openssh/servconf.h +++ b/crypto/openssh/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.155 2021/07/02 05:11:21 dtucker Exp $ */ +/* $OpenBSD: servconf.h,v 1.156 2022/03/18 04:04:11 djm Exp $ */ /* * Author: Tatu Ylonen @@ -298,7 +298,7 @@ int process_server_config_line(ServerOptions *, char *, const char *, int, void process_permitopen(struct ssh *ssh, ServerOptions *options); void load_server_config(const char *, struct sshbuf *); void parse_server_config(ServerOptions *, const char *, struct sshbuf *, - struct include_list *includes, struct connection_info *); + struct include_list *includes, struct connection_info *, int); void parse_server_match_config(ServerOptions *, struct include_list *includes, struct connection_info *); int parse_server_match_testspec(struct connection_info *, char *); diff --git a/crypto/openssh/sftp-client.c b/crypto/openssh/sftp-client.c index c75657553790..1b8ce6d78826 100644 --- a/crypto/openssh/sftp-client.c +++ b/crypto/openssh/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.161 2022/01/17 21:41:04 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.162 2022/03/31 03:07:03 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -103,6 +103,7 @@ struct sftp_conn { #define SFTP_EXT_LSETSTAT 0x00000020 #define SFTP_EXT_LIMITS 0x00000040 #define SFTP_EXT_PATH_EXPAND 0x00000080 +#define SFTP_EXT_COPY_DATA 0x00000100 u_int exts; u_int64_t limit_kbps; struct bwlimit bwlimit_in, bwlimit_out; @@ -534,6 +535,10 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, strcmp((char *)value, "1") == 0) { ret->exts |= SFTP_EXT_PATH_EXPAND; known = 1; + } else if (strcmp(name, "copy-data") == 0 && + strcmp((char *)value, "1") == 0) { + ret->exts |= SFTP_EXT_COPY_DATA; + known = 1; } if (known) { debug2("Server supports extension \"%s\" revision %s", @@ -1078,6 +1083,121 @@ do_expand_path(struct sftp_conn *conn, const char *path) return do_realpath_expand(conn, path, 1); } +int +do_copy(struct sftp_conn *conn, const char *oldpath, const char *newpath) +{ + Attrib junk, *a; + struct sshbuf *msg; + u_char *old_handle, *new_handle; + u_int mode, status, id; + size_t old_handle_len, new_handle_len; + int r; + + /* Return if the extension is not supported */ + if ((conn->exts & SFTP_EXT_COPY_DATA) == 0) { + error("Server does not support copy-data extension"); + return -1; + } + + /* Make sure the file exists, and we can copy its perms */ + if ((a = do_stat(conn, oldpath, 0)) == NULL) + return -1; + + /* Do not preserve set[ug]id here, as we do not preserve ownership */ + if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { + mode = a->perm & 0777; + + if (!S_ISREG(a->perm)) { + error("Cannot copy non-regular file: %s", oldpath); + return -1; + } + } else { + /* NB: The user's umask will apply to this */ + mode = 0666; + } + + /* Set up the new perms for the new file */ + attrib_clear(a); + a->perm = mode; + a->flags |= SSH2_FILEXFER_ATTR_PERMISSIONS; + + if ((msg = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + + attrib_clear(&junk); /* Send empty attributes */ + + /* Open the old file for reading */ + id = conn->msg_id++; + if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPEN)) != 0 || + (r = sshbuf_put_u32(msg, id)) != 0 || + (r = sshbuf_put_cstring(msg, oldpath)) != 0 || + (r = sshbuf_put_u32(msg, SSH2_FXF_READ)) != 0 || + (r = encode_attrib(msg, &junk)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + send_msg(conn, msg); + debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, oldpath); + + sshbuf_reset(msg); + + old_handle = get_handle(conn, id, &old_handle_len, + "remote open(\"%s\")", oldpath); + if (old_handle == NULL) { + sshbuf_free(msg); + return -1; + } + + /* Open the new file for writing */ + id = conn->msg_id++; + if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPEN)) != 0 || + (r = sshbuf_put_u32(msg, id)) != 0 || + (r = sshbuf_put_cstring(msg, newpath)) != 0 || + (r = sshbuf_put_u32(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT| + SSH2_FXF_TRUNC)) != 0 || + (r = encode_attrib(msg, a)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + send_msg(conn, msg); + debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, newpath); + + sshbuf_reset(msg); + + new_handle = get_handle(conn, id, &new_handle_len, + "remote open(\"%s\")", newpath); + if (new_handle == NULL) { + sshbuf_free(msg); + free(old_handle); + return -1; + } + + /* Copy the file data */ + id = conn->msg_id++; + if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || + (r = sshbuf_put_u32(msg, id)) != 0 || + (r = sshbuf_put_cstring(msg, "copy-data")) != 0 || + (r = sshbuf_put_string(msg, old_handle, old_handle_len)) != 0 || + (r = sshbuf_put_u64(msg, 0)) != 0 || + (r = sshbuf_put_u64(msg, 0)) != 0 || + (r = sshbuf_put_string(msg, new_handle, new_handle_len)) != 0 || + (r = sshbuf_put_u64(msg, 0)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + send_msg(conn, msg); + debug3("Sent message copy-data \"%s\" 0 0 -> \"%s\" 0", + oldpath, newpath); + + status = get_status(conn, id); + if (status != SSH2_FX_OK) + error("Couldn't copy file \"%s\" to \"%s\": %s", oldpath, + newpath, fx2txt(status)); + + /* Clean up everything */ + sshbuf_free(msg); + do_close(conn, old_handle, old_handle_len); + do_close(conn, new_handle, new_handle_len); + free(old_handle); + free(new_handle); + + return status == SSH2_FX_OK ? 0 : -1; +} + int do_rename(struct sftp_conn *conn, const char *oldpath, const char *newpath, int force_legacy) diff --git a/crypto/openssh/sftp-client.h b/crypto/openssh/sftp-client.h index 8851b23b89b5..282a4c70037d 100644 --- a/crypto/openssh/sftp-client.h +++ b/crypto/openssh/sftp-client.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.h,v 1.35 2022/01/01 01:55:30 jsg Exp $ */ +/* $OpenBSD: sftp-client.h,v 1.36 2022/03/31 03:07:03 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller @@ -125,6 +125,9 @@ int do_statvfs(struct sftp_conn *, const char *, struct sftp_statvfs *, int); /* Rename 'oldpath' to 'newpath' */ int do_rename(struct sftp_conn *, const char *, const char *, int); +/* Copy 'oldpath' to 'newpath' */ +int do_copy(struct sftp_conn *, const char *, const char *); + /* Link 'oldpath' to 'newpath' */ int do_hardlink(struct sftp_conn *, const char *, const char *); diff --git a/crypto/openssh/sftp-glob.c b/crypto/openssh/sftp-glob.c index f573f98f01ec..764e99552d42 100644 --- a/crypto/openssh/sftp-glob.c +++ b/crypto/openssh/sftp-glob.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-glob.c,v 1.29 2019/11/13 04:47:52 deraadt Exp $ */ +/* $OpenBSD: sftp-glob.c,v 1.30 2022/02/25 09:46:24 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -51,7 +51,7 @@ fudge_opendir(const char *path) r = xcalloc(1, sizeof(*r)); - if (do_readdir(cur.conn, (char *)path, &r->dir)) { + if (do_readdir(cur.conn, path, &r->dir)) { free(r); return(NULL); } @@ -112,7 +112,7 @@ fudge_lstat(const char *path, struct stat *st) { Attrib *a; - if (!(a = do_lstat(cur.conn, (char *)path, 1))) + if (!(a = do_lstat(cur.conn, path, 1))) return(-1); attrib_to_stat(a, st); @@ -125,7 +125,7 @@ fudge_stat(const char *path, struct stat *st) { Attrib *a; - if (!(a = do_stat(cur.conn, (char *)path, 1))) + if (!(a = do_stat(cur.conn, path, 1))) return(-1); attrib_to_stat(a, st); diff --git a/crypto/openssh/sftp-server.c b/crypto/openssh/sftp-server.c index d4c6a3b4c39a..3dd19d4c81db 100644 --- a/crypto/openssh/sftp-server.c +++ b/crypto/openssh/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.139 2022/02/01 23:32:51 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.140 2022/03/31 03:05:49 djm Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -44,6 +44,7 @@ #include #include +#include "atomicio.h" #include "xmalloc.h" #include "sshbuf.h" #include "ssherr.h" @@ -119,6 +120,7 @@ static void process_extended_fsync(u_int32_t id); static void process_extended_lsetstat(u_int32_t id); static void process_extended_limits(u_int32_t id); static void process_extended_expand(u_int32_t id); +static void process_extended_copy_data(u_int32_t id); static void process_extended(u_int32_t id); struct sftp_handler { @@ -164,6 +166,7 @@ static const struct sftp_handler extended_handlers[] = { { "limits", "limits@openssh.com", 0, process_extended_limits, 0 }, { "expand-path", "expand-path@openssh.com", 0, process_extended_expand, 0 }, + { "copy-data", "copy-data", 0, process_extended_copy_data, 1 }, { NULL, NULL, 0, NULL, 0 } }; @@ -720,6 +723,7 @@ process_init(void) compose_extension(msg, "lsetstat@openssh.com", "1"); compose_extension(msg, "limits@openssh.com", "1"); compose_extension(msg, "expand-path@openssh.com", "1"); + compose_extension(msg, "copy-data", "1"); send_msg(msg); sshbuf_free(msg); @@ -1592,6 +1596,94 @@ process_extended_expand(u_int32_t id) free(path); } +static void +process_extended_copy_data(u_int32_t id) +{ + u_char buf[64*1024]; + int read_handle, read_fd, write_handle, write_fd; + u_int64_t len, read_off, read_len, write_off; + int r, copy_until_eof, status = SSH2_FX_OP_UNSUPPORTED; + size_t ret; + + if ((r = get_handle(iqueue, &read_handle)) != 0 || + (r = sshbuf_get_u64(iqueue, &read_off)) != 0 || + (r = sshbuf_get_u64(iqueue, &read_len)) != 0 || + (r = get_handle(iqueue, &write_handle)) != 0 || + (r = sshbuf_get_u64(iqueue, &write_off)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + debug("request %u: copy-data from \"%s\" (handle %d) off %llu len %llu " + "to \"%s\" (handle %d) off %llu", + id, handle_to_name(read_handle), read_handle, + (unsigned long long)read_off, (unsigned long long)read_len, + handle_to_name(write_handle), write_handle, + (unsigned long long)write_off); + + /* For read length of 0, we read until EOF. */ + if (read_len == 0) { + read_len = (u_int64_t)-1 - read_off; + copy_until_eof = 1; + } else + copy_until_eof = 0; + + read_fd = handle_to_fd(read_handle); + write_fd = handle_to_fd(write_handle); + + /* Disallow reading & writing to the same handle or same path or dirs */ + if (read_handle == write_handle || read_fd < 0 || write_fd < 0 || + !strcmp(handle_to_name(read_handle), handle_to_name(write_handle))) { + status = SSH2_FX_FAILURE; + goto out; + } + + if (lseek(read_fd, read_off, SEEK_SET) < 0) { + status = errno_to_portable(errno); + error("%s: read_seek failed", __func__); + goto out; + } + + if ((handle_to_flags(write_handle) & O_APPEND) == 0 && + lseek(write_fd, write_off, SEEK_SET) < 0) { + status = errno_to_portable(errno); + error("%s: write_seek failed", __func__); + goto out; + } + + /* Process the request in chunks. */ + while (read_len > 0 || copy_until_eof) { + len = MINIMUM(sizeof(buf), read_len); + read_len -= len; + + ret = atomicio(read, read_fd, buf, len); + if (ret == 0 && errno == EPIPE) { + status = copy_until_eof ? SSH2_FX_OK : SSH2_FX_EOF; + break; + } else if (ret == 0) { + status = errno_to_portable(errno); + error("%s: read failed: %s", __func__, strerror(errno)); + break; + } + len = ret; + handle_update_read(read_handle, len); + + ret = atomicio(vwrite, write_fd, buf, len); + if (ret != len) { + status = errno_to_portable(errno); + error("%s: write failed: %llu != %llu: %s", __func__, + (unsigned long long)ret, (unsigned long long)len, + strerror(errno)); + break; + } + handle_update_write(write_handle, len); + } + + if (read_len == 0) + status = SSH2_FX_OK; + + out: + send_status(id, status); +} + static void process_extended(u_int32_t id) { diff --git a/crypto/openssh/sftp.1 b/crypto/openssh/sftp.1 index 7eebeeacbf3f..39e7d6ed68a8 100644 --- a/crypto/openssh/sftp.1 +++ b/crypto/openssh/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.138 2021/07/02 05:11:21 dtucker Exp $ +.\" $OpenBSD: sftp.1,v 1.140 2022/03/31 17:27:27 naddy Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 2 2021 $ +.Dd $Mdocdate: March 31 2022 $ .Dt SFTP 1 .Os .Sh NAME @@ -126,7 +126,7 @@ Batch mode reads a series of commands from an input .Ar batchfile instead of .Em stdin . -Since it lacks user interaction it should be used in conjunction with +Since it lacks user interaction, it should be used in conjunction with non-interactive authentication to obviate the need to enter a password at connection time (see .Xr sshd 8 @@ -144,7 +144,7 @@ will abort if any of the following commands fail: .Ic get , put , reget , reput , rename , ln , .Ic rm , mkdir , chdir , ls , -.Ic lchdir , chmod , chown , +.Ic lchdir , copy , cp , chmod , chown , .Ic chgrp , lpwd , df , symlink , and .Ic lmkdir . @@ -400,6 +400,18 @@ If the flag is specified, then symlinks will not be followed. Note that this is only supported by servers that implement the "lsetstat@openssh.com" extension. +.It Ic copy Ar oldpath Ar newpath +Copy remote file from +.Ar oldpath +to +.Ar newpath . +.Pp +Note that this is only supported by servers that implement the "copy-data" +extension. +.It Ic cp Ar oldpath Ar newpath +Alias to +.Ic copy +command. .It Xo Ic df .Op Fl hi .Op Ar path diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c index 8cb5917a91f1..4efc025a504c 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.212 2021/09/11 09:05:50 schwarze Exp $ */ +/* $OpenBSD: sftp.c,v 1.214 2022/03/31 03:07:03 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -137,6 +137,7 @@ enum sftp_command { I_CHGRP, I_CHMOD, I_CHOWN, + I_COPY, I_DF, I_GET, I_HELP, @@ -180,6 +181,8 @@ static const struct CMD cmds[] = { { "chgrp", I_CHGRP, REMOTE }, { "chmod", I_CHMOD, REMOTE }, { "chown", I_CHOWN, REMOTE }, + { "copy", I_COPY, REMOTE }, + { "cp", I_COPY, REMOTE }, { "df", I_DF, REMOTE }, { "dir", I_LS, REMOTE }, { "exit", I_QUIT, NOARGS }, @@ -286,6 +289,8 @@ help(void) "chgrp [-h] grp path Change group of file 'path' to 'grp'\n" "chmod [-h] mode path Change permissions of file 'path' to 'mode'\n" "chown [-h] own path Change owner of file 'path' to 'own'\n" + "copy oldpath newpath Copy remote file\n" + "cp oldpath newpath Copy remote file\n" "df [-hi] [path] Display statistics for current directory or\n" " filesystem containing 'path'\n" "exit Quit sftp\n" @@ -1369,6 +1374,10 @@ parse_args(const char **cpp, int *ignore_errors, int *disable_echo, int *aflag, if ((optidx = parse_link_flags(cmd, argv, argc, sflag)) == -1) return -1; goto parse_two_paths; + case I_COPY: + if ((optidx = parse_no_flags(cmd, argv, argc)) == -1) + return -1; + goto parse_two_paths; case I_RENAME: if ((optidx = parse_rename_flags(cmd, argv, argc, lflag)) == -1) return -1; @@ -1536,6 +1545,11 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, err = process_put(conn, path1, path2, *pwd, pflag, rflag, aflag, fflag); break; + case I_COPY: + path1 = make_absolute(path1, *pwd); + path2 = make_absolute(path2, *pwd); + err = do_copy(conn, path1, path2); + break; case I_RENAME: path1 = make_absolute(path1, *pwd); path2 = make_absolute(path2, *pwd); @@ -2272,7 +2286,6 @@ static void connect_to_server(char *path, char **args, int *in, int *out) { int c_in, c_out; - #ifdef USE_PIPES int pin[2], pout[2]; diff --git a/crypto/openssh/ssh-agent.1 b/crypto/openssh/ssh-agent.1 index 0320a2b0ff58..6fc0acb0a608 100644 --- a/crypto/openssh/ssh-agent.1 +++ b/crypto/openssh/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.72 2020/06/22 05:52:05 djm Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.73 2022/03/31 17:27:27 naddy Exp $ .\" $FreeBSD$ .\" .\" Author: Tatu Ylonen @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 22 2020 $ +.Dd $Mdocdate: March 31 2022 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -83,12 +83,12 @@ This is the default if looks like it's a csh style of shell. .It Fl D Foreground mode. -When this option is specified +When this option is specified, .Nm will not fork. .It Fl d Debug mode. -When this option is specified +When this option is specified, .Nm will not fork and will write debug information to standard error. .It Fl E Ar fingerprint_hash diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c index d4b7f4dcf800..d62fab3e818a 100644 --- a/crypto/openssh/ssh-keygen.c +++ b/crypto/openssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.448 2022/02/01 23:32:51 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.450 2022/03/18 02:32:22 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -3538,6 +3538,13 @@ main(int argc, char **argv) return sig_sign(identity_file, cert_principals, argc, argv, opts, nopts); } else if (strncmp(sign_op, "check-novalidate", 16) == 0) { + /* NB. cert_principals is actually namespace, via -n */ + if (cert_principals == NULL || + *cert_principals == '\0') { + error("Too few arguments for check-novalidate: " + "missing namespace"); + exit(1); + } if (ca_key_path == NULL) { error("Too few arguments for check-novalidate: " "missing signature file"); diff --git a/crypto/openssh/ssh-keysign.8 b/crypto/openssh/ssh-keysign.8 index 73b62397c10b..6b4b9b270ba9 100644 --- a/crypto/openssh/ssh-keysign.8 +++ b/crypto/openssh/ssh-keysign.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keysign.8,v 1.16 2019/11/30 07:07:59 jmc Exp $ +.\" $OpenBSD: ssh-keysign.8,v 1.17 2022/03/31 17:27:27 naddy Exp $ .\" .\" Copyright (c) 2002 Markus Friedl. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 30 2019 $ +.Dd $Mdocdate: March 31 2022 $ .Dt SSH-KEYSIGN 8 .Os .Sh NAME @@ -77,7 +77,7 @@ must be set-uid root if host-based authentication is used. .It Pa /etc/ssh/ssh_host_ecdsa_key-cert.pub .It Pa /etc/ssh/ssh_host_ed25519_key-cert.pub .It Pa /etc/ssh/ssh_host_rsa_key-cert.pub -If these files exist they are assumed to contain public certificate +If these files exist, they are assumed to contain public certificate information corresponding with the private keys above. .El .Sh SEE ALSO diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index a6384460872d..9c6f5b798778 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.429 2022/02/06 00:29:03 jsg Exp $ +.\" $OpenBSD: ssh.1,v 1.430 2022/03/31 17:27:27 naddy Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: February 6 2022 $ +.Dd $Mdocdate: March 31 2022 $ .Dt SSH 1 .Os .Sh NAME @@ -707,7 +707,7 @@ argument is the listen port will be dynamically allocated on the server and reported to the client at run time. When used together with -.Ic -O forward +.Ic -O forward , the allocated port will be printed to the standard output. .Pp .It Fl S Ar ctl_path @@ -1047,7 +1047,7 @@ the user a normal shell as an interactive session. All communication with the remote command or shell will be automatically encrypted. .Pp -If an interactive session is requested +If an interactive session is requested, .Nm by default will only request a pseudo-terminal (pty) for interactive sessions when the client has one. @@ -1057,7 +1057,7 @@ and .Fl t can be used to override this behaviour. .Pp -If a pseudo-terminal has been allocated the +If a pseudo-terminal has been allocated, the user may use the escape characters noted below. .Pp If no pseudo-terminal has been allocated, diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index ed5735117839..8bad4da56e14 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.573 2022/02/08 08:59:12 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.574 2022/03/30 04:33:09 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -697,7 +697,7 @@ main(int ac, char **av) again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" - "AB:CD:E:F:GI:J:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { + "AB:CD:E:F:GI:J:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { /* HUZdhjruz */ switch (opt) { case '1': fatal("SSH protocol v.1 is no longer supported"); diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index 02d72f367089..792a47f333ee 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -46,4 +46,4 @@ # RekeyLimit 1G 1h # UserKnownHostsFile ~/.ssh/known_hosts.d/%k # VerifyHostKeyDNS yes -# VersionAddendum FreeBSD-20220413 +# VersionAddendum FreeBSD-20220415 diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index d76e689c3c34..cb51f6aefe57 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.369 2022/02/15 05:13:36 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.371 2022/03/31 17:58:44 naddy Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: February 15 2022 $ +.Dd $Mdocdate: March 31 2022 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1168,9 +1168,9 @@ character, then the specified algorithms will be placed at the head of the default set. The default is: .Bd -literal -offset indent +sntrup761x25519-sha512@openssh.com, curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -sntrup761x25519-sha512@openssh.com, diffie-hellman-group-exchange-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, @@ -1584,7 +1584,7 @@ If forwarding to a specific destination then the second argument must be or a Unix domain socket path, otherwise if no destination argument is specified then the remote forwarding will be established as a SOCKS proxy. -When acting as a SOCKS proxy the destination of the connection can be +When acting as a SOCKS proxy, the destination of the connection can be restricted by .Cm PermitRemoteOpen . .Pp @@ -1979,7 +1979,7 @@ in Specifies a string to append to the regular version string to identify OS- or site-specific modifications. The default is -.Dq FreeBSD-20220413 . +.Dq FreeBSD-20220415 . The value .Cm none may be used to disable this. diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8 index 877621b011a4..db4c35da847c 100644 --- a/crypto/openssh/sshd.8 +++ b/crypto/openssh/sshd.8 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.317 2021/09/10 11:38:38 dtucker Exp $ +.\" $OpenBSD: sshd.8,v 1.318 2022/03/31 17:27:27 naddy Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: September 10 2021 $ +.Dd $Mdocdate: March 31 2022 $ .Dt SSHD 8 .Os .Sh NAME @@ -652,7 +652,7 @@ Enable all restrictions, i.e. disable port, agent and X11 forwarding, as well as disabling PTY allocation and execution of .Pa ~/.ssh/rc . -If any future restriction capabilities are added to authorized_keys files +If any future restriction capabilities are added to authorized_keys files, they will be included in this set. .It Cm tunnel="n" Force a diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index d1492fa3fcd4..84d42ed0384a 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.584 2022/03/01 01:59:19 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.585 2022/03/18 04:04:11 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1806,7 +1806,7 @@ main(int ac, char **av) load_server_config(config_file_name, cfg); parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, - cfg, &includes, NULL); + cfg, &includes, NULL, rexeced_flag); #ifdef WITH_OPENSSL if (options.moduli_file != NULL) diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index 4dd09265be61..9aa116b1792a 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -105,7 +105,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitTunnel no #ChrootDirectory none #UseBlacklist no -#VersionAddendum FreeBSD-20220413 +#VersionAddendum FreeBSD-20220415 # no default banner path #Banner none diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index 0d468035d38a..a30975d0fc59 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.339 2021/12/04 00:05:39 naddy Exp $ +.\" $OpenBSD: sshd_config.5,v 1.340 2022/03/31 17:58:44 naddy Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: December 4 2021 $ +.Dd $Mdocdate: March 31 2022 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -962,9 +962,9 @@ sntrup761x25519-sha512@openssh.com .Pp The default is: .Bd -literal -offset indent +sntrup761x25519-sha512@openssh.com, curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, -sntrup761x25519-sha512@openssh.com, diffie-hellman-group-exchange-sha256, diffie-hellman-group16-sha512,diffie-hellman-group18-sha512, diffie-hellman-group14-sha256 @@ -1806,7 +1806,7 @@ The default is Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. The default is -.Qq FreeBSD-20220413 . +.Qq FreeBSD-20220415 . The value .Cm none may be used to disable this. diff --git a/crypto/openssh/sshsig.c b/crypto/openssh/sshsig.c index 773613462758..1e3b63982ba8 100644 --- a/crypto/openssh/sshsig.c +++ b/crypto/openssh/sshsig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshsig.c,v 1.28 2022/02/01 23:34:47 djm Exp $ */ +/* $OpenBSD: sshsig.c,v 1.29 2022/03/30 04:27:51 djm Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -739,7 +739,7 @@ parse_principals_key_and_options(const char *path, u_long linenum, char *line, return SSH_ERR_KEY_NOT_FOUND; /* blank or all-comment line */ /* format: identity[,identity...] [option[,option...]] key */ - if ((tmp = strdelimw(&cp)) == NULL) { + if ((tmp = strdelimw(&cp)) == NULL || cp == NULL) { error("%s:%lu: invalid line", path, linenum); r = SSH_ERR_INVALID_FORMAT; goto out; @@ -777,6 +777,11 @@ parse_principals_key_and_options(const char *path, u_long linenum, char *line, r = SSH_ERR_INVALID_FORMAT; goto out; } + if (cp == NULL || *cp == '\0') { + error("%s:%lu: missing key", path, linenum); + r = SSH_ERR_INVALID_FORMAT; + goto out; + } *cp++ = '\0'; skip_space(&cp); if (sshkey_read(key, &cp) != 0) { diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index 656382b17db9..193ca07938c6 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -6,7 +6,7 @@ #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -#define SSH_VERSION_FREEBSD "FreeBSD-20220413" +#define SSH_VERSION_FREEBSD "FreeBSD-20220415" #ifdef WITH_OPENSSL #define OPENSSL_VERSION_STRING OpenSSL_version(OPENSSL_VERSION) diff --git a/crypto/openssh/xmalloc.c b/crypto/openssh/xmalloc.c index b48d33bbf68c..67191e3f214d 100644 --- a/crypto/openssh/xmalloc.c +++ b/crypto/openssh/xmalloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: xmalloc.c,v 1.36 2019/11/12 22:32:48 djm Exp $ */ +/* $OpenBSD: xmalloc.c,v 1.37 2022/03/13 23:27:54 cheloha Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -91,8 +91,7 @@ xstrdup(const char *str) len = strlen(str) + 1; cp = xmalloc(len); - strlcpy(cp, str, len); - return cp; + return memcpy(cp, str, len); } int