upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@
Darren Tucker [Sat, 24 Feb 2018 23:20:31 +0000 (10:20 +1100)]
Handle calloc(0,x) where different from malloc.
Configure assumes that if malloc(0) returns null then calloc(0,n)
also does. On some old platforms (SunOS4) malloc behaves as expected
(as determined by AC_FUNC_MALLOC) but calloc doesn't. Test for this
at configure time and activate the replacement function if found, plus
handle this case in rpl_calloc.
Darren Tucker [Fri, 23 Feb 2018 04:20:42 +0000 (15:20 +1100)]
Check for ifaddrs.h for BindInterface.
BindInterface required getifaddr and friends so disable if not available
(eg Solaris 10). We should be able to add support for some systems with
a bit more work but this gets the building again.
djm@openbsd.org [Fri, 23 Feb 2018 02:34:33 +0000 (02:34 +0000)]
upstream: Add BindInterface ssh_config directive and -B
command-line argument to ssh(1) that directs it to bind its outgoing
connection to the address of the specified network interface.
BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.
Based on patch by Mike Manning in bz#2820, ok dtucker@
upstream: Don't send IUTF8 to servers that don't like them.
Some SSH servers eg "ConfD" drop the connection if the client sends the
new IUTF8 (RFC8160) terminal mode even if it's not set. Add a bug bit
for such servers and avoid sending IUTF8 to them. ok djm@
Darren Tucker [Thu, 15 Feb 2018 10:43:01 +0000 (21:43 +1100)]
Replace remaining mysignal() with signal().
These seem to have been missed during the replacement of mysignal
with #define signal in commit 5ade9ab. Both include the requisite
headers to pick up the #define.
Darren Tucker [Mon, 12 Feb 2018 22:10:46 +0000 (09:10 +1100)]
Remove UNICOS support.
The code required to support it is quite invasive to the mainline
code that is synced with upstream and is an ongoing maintenance burden.
Both the hardware and software are literal museum pieces these days and
we could not find anyone still running OpenSSH on one.
upstream Don't reset signal handlers inside handlers.
The signal handlers from the original ssh1 code on which OpenSSH
is based assume unreliable signals and reinstall their handlers.
Since OpenBSD (and pretty much every current system) has reliable
signals this is not needed. In the unlikely even that -portable
is still being used on such systems we will deal with it in the
compat layer. ok deraadt@
Darren Tucker [Sat, 10 Feb 2018 22:32:37 +0000 (09:32 +1100)]
Add checks for Spectre v2 mitigation (retpoline)
This adds checks for gcc and clang flags for mitigations for Spectre
variant 2, ie "retpoline". It'll automatically enabled if the compiler
supports it as part of toolchain hardening flag. ok djm@
djm@openbsd.org [Sat, 10 Feb 2018 06:40:28 +0000 (06:40 +0000)]
upstream commit
Shorter, more accurate explanation of
NoHostAuthenticationForLocalhost without the confusing example. Prompted by
Christoph Anton Mitterer via github and bz#2293.
djm@openbsd.org [Sat, 10 Feb 2018 05:43:26 +0000 (05:43 +0000)]
upstream commit
fatal if we're unable to write all the public key; previously
we would silently ignore errors writing the comment and terminating newline.
Prompted by github PR from WillerZ; ok dtucker
Darren Tucker [Fri, 9 Feb 2018 22:57:04 +0000 (09:57 +1100)]
Add leading zero so it'll work when rhel not set.
When rhel is not set it will error out with "bad if". Add leading zero
as per https://fedoraproject.org/wiki/Packaging:DistTag so it'll work
on non-RHEL.
Darren Tucker [Thu, 8 Feb 2018 01:36:22 +0000 (12:36 +1100)]
Set SO_REUSEADDR in regression test netcat.
Sometimes multiplex tests fail on Solaris with "netcat: local_listen:
Address already in use" which is likely due to previous invocations
leaving the port in TIME_WAIT. Set SO_REUSEADDR (in addition to
SO_REUSEPORT which is alread set on platforms that support it). ok djm@
tb@openbsd.org [Mon, 5 Feb 2018 05:36:49 +0000 (05:36 +0000)]
upstream commit
The file descriptors for socket, stdin, stdout and stderr
aren't necessarily distinct, so check if they are the same to avoid closing
the same fd several times.
djm@openbsd.org [Tue, 23 Jan 2018 05:27:21 +0000 (05:27 +0000)]
upstream commit
Drop compatibility hacks for some ancient SSH
implementations, including ssh.com <=2.* and OpenSSH <= 3.*.
These versions were all released in or before 2001 and predate the
final SSH RFCs. The hacks in question aren't necessary for RFC-
compliant SSH implementations.
djm@openbsd.org [Tue, 23 Jan 2018 05:12:12 +0000 (05:12 +0000)]
upstream commit
unbreak support for clients that advertise a protocol
version of "1.99" (indicating both v2 and v1 support). Busted by me during
SSHv1 purge in r1.358; bz2810, ok dtucker
djm@openbsd.org [Tue, 23 Jan 2018 05:06:25 +0000 (05:06 +0000)]
upstream commit
don't attempt to force hostnames that are addresses to
lowercase, but instead canonicalise them through getnameinfo/getaddrinfo to
remove ambiguities (e.g. ::0001 => ::1) before they are matched against
known_hosts; bz#2763, ok dtucker@
projects / thirdparty / openssh-portable.git / log
