[openssh-commits] [openssh] annotated tag V_9_1_P1 created (now 0658795f)

git+noreply at mindrot.org git+noreply at mindrot.org
Tue Oct 4 21:45:49 AEDT 2022

This is an automated email from the git hooks/post-receive script.

djm pushed a change to annotated tag V_9_1_P1
in repository openssh.

        at  0658795f  (tag)
   tagging  0ffb46f2ee2ffcc4daf45ee679e484da8fcf338c (commit)
  replaces  V_9_0_P1
 tagged by  Damien Miller
        on  Tue Oct 4 01:55:37 2022 +1100

- Log -----------------------------------------------------------------

Corinna Vinschen (5):
      compat code for fido_dev_is_winhello()
      check_sk_options: add temporary WinHello workaround
      sk_sign: set FIDO2 uv attribute explicitely for WinHello
      fido_dev_is_winhello: return 0, not "false"
      Revert "check_sk_options: add temporary WinHello workaround"

Damien Miller (19):
      update build-aux files to match autoconf-2.71
      Revert "update build-aux files to match autoconf-2.71"
      fuzzer for authorized_keys parsing
      fix some bugs in the fuzzer
      fix possible NULL deref when built without FIDO
      automatically enable built-in FIDO support
      request 1.1x API compatibility for OpenSSL >=3.x
      fix broken case statement in previous
      crank SSH_SK_VERSION_MAJOR in sk-dummy.so
      on Cygwin, prefer WinHello FIDO device
      initial list of allowed signers
      cross-sign allowed_signers with PGP key
      additional keys
      avoid Wuninitialized false positive in gcc-12ish
      no need for glob.h here
      crank versions in RPM spec files
      update release notes URL
      update .depend

Darren Tucker (71):
      Retire fbsd6 test VM.
      Resync moduli.5 with upstream.
      Cache timezone data in capsicum sandbox.
      Include stdlib.h for free() prototype.
      Update OpenSSL and LibreSSL versions in tests.
      Add debian-riscv64 test target.
      Remove now-empty int32_minmax.inc.
      Only run tests when source files change.
      Add Mac OS X 12 test target.
      Add ubsan minimal testcase on OpenBSD.
      Note that, for now, we need variadic macros.
      Also retest OpenBSD upstream on .yml changes.
      Test against LibreSSL 3.5.3.
      Test against OpenSSL 1.1.1o and 3.0.3.
      Disable SK support if FIDO libs not found.
      Zero out LIBFIDO2 when SK support not usable.
      Update OpenSSL tests to the most recent releases.
      Skip select+rlimit check if sandboxing is disabled
      Move checks for pollfd.fd and nfds_t.
      Skip all rlimit tests when sandboxing disabled.
      Add clang sanitizer tests.
      Move sanitizer logs into regress for collection.
      Add GCC address sanitizer build/test.
      Update sanitizer test targets:
      Test against openssl-3.0.5.
      Move unset to before we set anything.
      Refuse to use OpenSSL 3.0.4 due to potential RCE.
      Capture stderr output from configure.
      Only refuse to use OpenSSL 3.0.4 on x86_64.
      Remove special casing of crypt().
      Clarify README.md text.
      Split README.platform into its own line.
      Return ERANGE from getcwd() if buffer size is 1.
      Remove unintended changes.
      Add AUDIT_ARCH_PPC to supported seccomp arches.
      Rename bbone test target to ARM.
      Move vmshutdown to first step.
      Skip scp3 test if there's no scp on remote path.
      Convert "have_prog" function into "which".
      Remove workarounds for OpenSSL missing AES-GCM.
      Remove workarounds for OpenSSL missing AES-CTR.
      Do not link scp, sftp and sftp-server w/ zlib.
      Group libcrypto and PRNGD checks together.
      Remove seed_rng calls from scp, sftp, sftp-server.
      Move libcrypto into CHANNELLIBS.
      Move stale-configure check as early as possible.
      Remove deprecated MacOS 10.15 runners.
      Include CHANNEL and FIDO2 libs in configure output
      Factor out getrnd() and rename to getentropy().
      Give unused param a name.
      Actually put HAVE_STDINT_H around the stdint.h.
      Rename our getentropy to prevent possible loops.
      Test hostbased auth on github runners.
      Fix conditional for running hostbased tests.
      Skip hostbased during Valgrind tests.
      Rerun tests if any .github config file changes.
      Add a timegm implementation from Heimdal via Samba.
      Replace deprecated ubuntu-18.04 runners with 22.04
      Check for perms to run agent-getpeereid test.
      Add Cygwin (on windows-2019) test target.
      Add a bit more debug output.
      Fix cygwin conditional steps.
      Install Cygwin packages based on OS not config.
      Add cygwin-release test target.
      Add Windows 2022 test targets.
      Add libcrypt-devel to cygwin-release deps.
      Move sftp from valgrind-2 to 3 to rebalance.
      Remove arc4random_uniform from arc4random.c
      Move OPENBSD ORIGINAL marker.
      Resync arc4random with OpenBSD.
      Remove DEF_WEAK, it's already in defines.h.

Sam James (1):
      openbsd-compat/bsd-asprintf: add <stdio.h> include for vsnprintf

Tim Rice (1):
      configure.ac: Add missing AC_DEFINE for caph_cache_tzdata test causing

Tobias Heider (1):
      Remove duplicate bcrypt_pbkdf.o from Makefile

anton at openbsd.org (1):
      upstream: Only run agent-ptrace.sh if gdb is available as all

djm at openbsd.org (66):
      upstream: two defensive changes from Tobias Stoeckmann via GHPR287
      upstream: clear io_want/io_ready flags at start of poll() cycle;
      upstream: Try to continue running local I/O for channels in state
      upstream: regression test for sftp cp command
      upstream: avoid printing hash algorithm twice; from lucas AT sexy.is
      upstream: fix memleak on session-bind path; from Pedro Martelletto, ok
      upstream: mention that the helpers are used by ssh(1), ssh-agent(1)
      upstream: be stricter in which characters will be accepted in
      upstream: fix some integer overflows in sieve_large() that show up when
      upstream: mux.c: mark argument as const; from Martin Vahlensieck
      upstream: channel_new no longer frees remote_name. So update the
      upstream: sshkey_unshield_private() contains a exact duplicate of
      upstream: When performing operations that glob(3) a remote path, ensure
      upstream: improve error message when 'ssh-keygen -Y sign' is unable to
      upstream: Allow existing -U (use agent) flag to work with "-Y sign"
      upstream: arrange for scp, when in sftp mode, to not ftruncate(3) files
      upstream: fix in-place copies; r1.163 incorrectly skipped truncation in
      upstream: regress test for in-place transfers and clobbering larger
      upstream: make SSHBUF_DBG/SSHBUF_TELL (off by default and only enabled
      upstream: revert previous; it was broken (spotted by Theo)
      upstream: refactor authorized_keys/principals handling
      upstream: split the low-level file handling functions out from
      upstream: Make SetEnv directives first-match-wins in both
      upstream: test setenv in both client and server, test first-match-wins
      upstream: move auth_openprincipals() and auth_openkeyfile() over to
      upstream: make sure that UseDNS hostname lookup happens in the monitor
      upstream: make it clear that RekeyLimit applies to both transmitted
      upstream: allow arguments to sftp -D option, e.g. sftp -D
      upstream: ignore SIGPIPE earlier in main(), specifically before
      upstream: bump up loglevel from debug to info when unable to open
      upstream: use consistent field names (s/char/byte)
      upstream: pull passphrase reading and confirmation into a separate
      upstream: when enrolling a resident key on a security token, check
      upstream: sk-usbhid: preserve error code returned by key_lookup()
      upstream: ssh-keygen: fix touch prompt, pin retries;
      upstream: avoid double-free in error path introduced in r1.70; report
      upstream: don't prompt for FIDO passphrase before attempting to enroll
      upstream: allow certificate validity intervals, sshsig verification
      upstream: add some tests for parse_absolute_time(), including cases
      upstream: sftp-server: support home-directory request
      upstream: add an extra flag to sk_probe() to indicate whether we're
      upstream: double free() in error path; from Eusgor via GHPR333
      upstream: remove incorrect check that can break enrolling a
      upstream: attemp FIDO key signing without PIN and use the error
      upstream: whitespace
      upstream: whitespace
      upstream: whitespace
      upstream: sk-usbhid: fix key_lookup() on tokens with built-in UV
      upstream: notifier_complete(NULL, ...) is a noop, so no need to test
      upstream: ssh-agent: attempt FIDO key signing without PIN and use
      upstream: a little extra debugging
      upstream: sk_enroll: never drop SSH_SK_USER_VERIFICATION_REQD flag
      upstream: sftp: Don't attempt to complete arguments for
      upstream: sftp: Be a bit more clever about completions
      upstream: correct error value
      upstream: actually hook up restrict_websafe; the command-line flag
      upstream: Add a sshkey_check_rsa_length() call for checking the
      upstream: add a RequiredRSASize for checking RSA key length in
      upstream: Add RequiredRSASize for sshd(8); RSA keys that fall
      upstream: better debugging for connect_next()
      upstream: sftp-server(8): add a "users-groups-by-id at openssh.com"
      upstream: extend sftp-common.c:extend ls_file() to support supplied
      upstream: sftp client library support for
      upstream: use users-groups-by-id at openssh.com sftp-server extension
      upstream: add RequiredRSASize to the list of keywords accepted by
      upstream: openssh-9.1

dtucker at openbsd.org (29):
      upstream: Note that curve25519-sha256 was later published in
      upstream: Correct path for system known hosts file in description
      upstream: Import regenerated moduli
      upstream: Import regenerated moduli
      upstream: Simplify forward-control test.
      upstream: Use ssh -f and ControlPersist ..
      upstream: It looks like we can't completely avoid
      upstream: Check sshauthopt_new() for NULL. bz#3425, from
      upstream: Add authfd path to debug output. ok markus@
      upstream: Don't leak SK device. Patch from Pedro Martelletto via
      upstream: Remove errant apostrophe. From haruyama at queen-ml org.
      upstream: Note that ProxyJump also accepts the same tokens as
      upstream: Avoid kill with -1 argument. The out_ctx label can be
      upstream: f sshpkt functions fail, then password is not cleared
      upstream: ssh-keygen -A: do not generate DSA keys by default.
      upstream: Add period at end of "not known by any other names"
      upstream: Add missing *-sk types to ssh-keyscan manpage. From
      upstream: Log an error if pipe() fails while accepting a
      upstream: Don't attempt to fprintf a null identity comment. From
      upstream: Don't leak the strings allocated by order_hostkeyalgs()
      upstream: Roll back previous KEX changes as they aren't safe until
      upstream: Always return allocated strings from the kex filtering so
      upstream: Don't leak the strings allocated by order_hostkeyalgs()
      upstream: Remove leftover line.
      upstream: Add TEST_REGRESS_CACHE_DIR.
      upstream: Test TEST_SSH_ELAPSED_TIMES for empty string not
      upstream: Restore missing "!" in TEST_SSH_ELAPSED_TIMES test.
      upstream: Strictly enforce the maximum allowed SSH2 banner size in
      upstream: Fix typo. From AlexanderStohr via github PR#343.

florian at openbsd.org (1):
      upstream: Add FIDO AUTHENTICATOR section and explain a bit how FIDO

jmc at openbsd.org (5):
      upstream: remove an obsolete rsa1 format example from an example;
      upstream: keywords ref ssh_config.5;
      upstream: reflect the update to -D arg name in usage();
      upstream: use .Cm for "sign"; from josiah frentsos
      upstream: .Li -> .Vt where appropriate; from josiah frentsos,

jsg at openbsd.org (1):
      upstream: fix repeated words ok miod@ jmc@

markus at openbsd.org (1):
      upstream: make sure stdout is non-blocking; ok djm@

millert at openbsd.org (3):
      upstream: Avoid an unnecessary xstrdup in rm_env() when matching
      upstream: Add missing includes of stdlib.h and stdint.h. We need
      upstream: Remove unnecessary includes: openssl/hmac.h and

naddy at openbsd.org (1):
      upstream: ssh-keygen: implement "verify-required" certificate option.

tj at openbsd.org (1):
      upstream: list the correct version number

tobhe at openbsd.org (1):
      upstream: Make sure not to fclose() the same fd twice in case of an


No new revisions were added by this update.

To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list