[openssh-commits] [openssh] branch master updated (8663e51 -> 1cfd5c0)

Thu Sep 29 03:20:31 AEST 2016

This is an automated email from the git hooks/post-receive script.

djm pushed a change to branch master
in repository openssh.

      from  8663e51   fix mdoc2man.awk formatting for top-level lists
       new  27c3a9c   upstream commit
       new  0082fba   upstream commit
       new  1cfd5c0   Remove portability support for mmap

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.

Detailed log of new commits:

commit 1cfd5c06efb121e58e8b6671548fda77ef4b4455
Author: Damien Miller <djm at mindrot.org>
Date:   Thu Sep 29 03:19:23 2016 +1000

    Remove portability support for mmap

    We no longer need to wrap/replace mmap for portability now that
    pre-auth compression has been removed from OpenSSH.

commit 0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Wed Sep 28 16:33:06 2016 +0000

    upstream commit

    Remove support for pre-authentication compression. Doing
    compression early in the protocol probably seemed reasonable in the 1990s,
    but today it's clearly a bad idea in terms of both cryptography (cf. multiple
    compression oracle attacks in TLS) and attack surface.

    Moreover, to support it across privilege-separation zlib needed
    the assistance of a complex shared-memory manager that made the
    required attack surface considerably larger.

    Prompted by Guido Vranken pointing out a compiler-elided security
    check in the shared memory manager found by Stack
    (http://css.csail.mit.edu/stack/); ok deraadt@ markus@

    NB. pre-auth authentication has been disabled by default in sshd
    for >10 years.

    Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf

commit 27c3a9c2aede2184856b5de1e6eca414bb751c38
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Mon Sep 26 21:16:11 2016 +0000

    upstream commit

    Avoid a theoretical signed integer overflow should
    BN_num_bytes() ever violate its manpage and return a negative value. Improve
    order of tests to avoid confusing increasingly pedantic compilers.

    Reported by Guido Vranken from stack (css.csail.mit.edu/stack)
    unstable optimisation analyser output.  ok deraadt@

    Upstream-ID: f8508c830c86d8f36c113985e52bf8eedae23505

Summary of changes:
 Makefile.in                     |   2 +-
 README.privsep                  |   7 -
 TODO                            |   4 -
 configure.ac                    |   2 -
 monitor.c                       |  48 +-----
 monitor.h                       |   6 +-
 monitor_mm.c                    | 357 ----------------------------------------
 monitor_mm.h                    |  62 -------
 monitor_wrap.h                  |   5 +-
 myproposal.h                    |   4 +-
 opacket.h                       |   3 -
 openbsd-compat/Makefile.in      |   2 +-
 openbsd-compat/openbsd-compat.h |   1 -
 openbsd-compat/xmmap.c          |  86 ----------
 packet.c                        | 104 +-----------
 packet.h                        |   7 +-
 servconf.c                      |   4 +-
 sshconnect2.c                   |   4 +-
 sshd.c                          |  10 +-
 sshkey.c                        |   9 +-
 20 files changed, 25 insertions(+), 702 deletions(-)
 delete mode 100644 monitor_mm.c
 delete mode 100644 monitor_mm.h
 delete mode 100644 openbsd-compat/xmmap.c

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.