[openssh-commits] [openssh] annotated tag V_9_9_P1 created (now d74a91a2)
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Sep 20 11:32:31 AEST 2024
This is an automated email from the git hooks/post-receive script.
djm pushed a change to annotated tag V_9_9_P1
in repository openssh.
at d74a91a2 (tag)
tagging 53a80baaebda180f46e6e8571f3ff800e1f5c496 (commit)
replaces V_9_7_P1
by Damien Miller
on Fri Sep 20 08:24:58 2024 +1000
- Log -----------------------------------------------------------------
openssh-9.9p1
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAH8AAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQ
AAAAhuaXN0cDI1NgAAAEEEucmjdlUMQ1hkZebm472VTtvSIMWrmAelO7Uxoc9ZMR892/D4
CMVBD+rliLO4wmRcawx1iZuUkQllgemb0hLtmQAAAARzc2g6AAAAA2dpdAAAAAAAAAAGc2
hhNTEyAAAAeQAAACJzay1lY2RzYS1zaGEyLW5pc3RwMjU2QG9wZW5zc2guY29tAAAASgAA
ACEAiry2hLKJvwURfme6sbbefPXTxdjyq/UUUunE/4MZH8UAAAAhAIakfG5nnqUUDirRec
x/Y/sxFdOWTIG7DDs0TwCkm6jLAAAACJ8=
-----END SSH SIGNATURE-----
90 (1):
Fix missing header for systemd notification
Alkaid (1):
Fix OpenSSL ED25519 support detection
Antonio Larrosa (1):
Don't skip audit before exitting cleanup_exit
Damien Miller (46):
add new token-based signing key for dtucker@
notify systemd on listen and reload
depend
sync getrrsetbyname.c with recent upstream changes
Makefile support for sshd-session
attempt at updating RPM specs for sshd-session
remove remaining use_privsep mention
rename need_privsep to need_chroot
depend
remove PRIVSEP macros for osx
whitespace
missing file for PerSourcePenalties regress test
delay lookup of privsep user until config loaded
fix PTY allocation on Cygwin, broken by sshd split
typo in comment
prepare for checking in autogenerated files
sshd: don't use argv[0] as PAM service name
add a sshd_config PamServiceName option
skip penalty-expire test in valgrind test env
minix doesn't have loopback, so skip penalty tests
propagate PAM crashes to PerSourcePenalties
DSA support is disabled, so remove from fuzzers
missed a bit of DSA in the fuzzer
PAMServiceName may appear in a Match block
version numbers
remove gratuitious difference from OpenBSD
sync TEST_MALLOC_OPTIONS for OpenBSD
retire testing aginst older LibreSSL versions
missed OPENSSL_HAS_ECC case
fix merge botch that broke !OPENSSL_HAS_ECC
more OPENSSL_HAS_ECC
private key coredump protection for Linux/FreeBSD
simplify sshkey_prekey_alloc(); always use mmap
fix incorrect default for PasswordAuthentication
add basic fuzzers for our import of sntrup761
test for compiler feature needed for ML-KEM
fix previous; check for C99 compound literals
declare defeat trying to detect C89 compilers
stubs for ML-KEM KEX functions
use construct_utmp to construct btmp records
avoid gcc warning in fuzz test
fix bug in recently-added sntrup761 fuzzer
conditionally include mman.h in arc4random code
include openbsd-compat/base64.c license in LICENSE
update version numbers
autogenerated files for release
Darren Tucker (33):
Improve detection of -fzero-call-used-regs=used.
Update branches shown on ci-status to 9.7 and 9.6.
Move xpg4 'id' handling into test-exec.sh.
Add Mac OS X 14 test targets.
If we're using xpg4's id, remember to pass args.
Add short names for test jobs on github CI.
Be more specific about when to rerun workflows.
Ensure /usr/local/etc exists before using in tests.
Better short name for OpenBSD upstream CI jobs too.
Really mkdir /usr/local/etc in CI tests.
Resync with upstream: ${} around DATAFILE.
Fix name of OpenBSD upstream CI jobs.
Rearrange selfhosted VM scheduling.
Check if OpenSSL implementation supports DSA.
Port changes from selfhosted to upstream tests.
Update LibreSSL and OpenSSL versions tested.
Remove 9.6 branch from status page.
Merge flags for OpenSSL 3.x versions.
Remove macos-11 runner.
Restart sshd after installing it for testing.
Need to supply "-f" to restart sshd.
Move -f to the place needed to restart sshd.
Rerun upstream tests on .sh file changes too.
Add 9.8 branch to ci-status page.
Cast to sockaddr * in systemd interface.
Check for SA_RESTART before using it.
Explicitly install libssl-devel cygwin.
Add compat functions for EVP_Digest{Sign,Verify}.
Move rekey test into valgrind-2.
Also test PAM on dfly64.
Wrap stdint.h in ifdef.
Add omnios test target.
Spell omnios test host correctly.
Eero Häkkinen (1):
Expose SSH_AUTH_INFO_0 always to PAM auth modules.
Philip Hands (11):
put the -i before -[pP] (matching man pages)
avoid extra space when no arg given to -i option
ensure ERROR output goes to STDERR
quote to avoid potential for word splitting
assert that SCRATCH_DIR is a writable directory
add $HOME to ERROR if one cannot write to ~/.ssh
ensure that we're always told the source of keys
avoid exploring .ssh/id*.pub subdirectories
restore optionality of -i's argument
update copyright notices
make sure that usage & man page match
Samuel Thibault (1):
Fix detection of setres*id on GNU/Hurd
Shreyas Mahangade (2):
Show identity file in 'ssh' command
Minor space issue fixed
Wu Weixin (1):
Fix without_openssl always being set to 1
Yuichiro Naito (1):
Class-imposed login restrictions
anton at openbsd.org (3):
upstream: Since ssh-agent(1) is only readable by root by now, use
upstream: Add missing kex-names.c source file required since the
upstream: Stop using DSA in dropbear interop tests.
claudio at openbsd.org (1):
upstream: Remove unused ptr[3] char array in pkcs11_decode_hex.
deraadt at openbsd.org (15):
upstream: new-style relink kit for sshd. The old scheme created
upstream: also create a relink kit for ssh-agent, since it is a
upstream: Use strtonum() instead of severely non-idomatic
upstream: Replace non-idiomatic strtoul(, 16) to parse a region
upstream: rewrite convtime() to use a isdigit-scanner and
upstream: can shortcut by returning strtonum() value directly; ok
upstream: for parse_ipqos(), use strtonum() instead of mostly
upstream: Oops, incorrect hex conversion spotted by claudio.
upstream: construct and install a relink-kit for sshd-session ok
upstream: -Werror was turned on (probably just for development),
upstream: enable -fret-clean on amd64, for libc libcrypto ld.so
upstream: avoid shadowing issues which some compilers won't accept
upstream: save_errno wrappers inside two small signal handlers that
upstream: Instead of using possibly complex ssh_signal(), write all
upstream: As defined in the RFC, the SSH protocol has negotiable
djm at openbsd.org (97):
upstream: optional debugging
upstream: allow WAYLAND_DISPLAY to enable SSH_ASKPASS
upstream: in OpenSSH private key format, correct type for subsequent
upstream: add explict check for server hostkey type against
upstream: correctly restore sigprocmask around ppoll() reported
upstream: add missing reserved fields to key constraint protocol
upstream: stricter validation of messaging socket fd number; disallow
upstream: flush stdout after writing "sftp>" prompt when not using
upstream: fix home-directory extension implementation, it always
upstream: simplify exit message handling, which was more complicated
upstream: Start the process of splitting sshd into separate
upstream: missing files from previous
upstream: fix incorrect debug option name introduce in previous
upstream: allow overriding the sshd-session binary path
upstream: g/c unused variable
upstream: this test has been broken since 2014, and has been
upstream: don't need sys/queue.h here
upstream: typos
upstream: warn when -r (deprecated option to disable re-exec) is
upstream: be really strict with fds reserved for communication with the
upstream: Add a facility to sshd(8) to penalise particular
upstream: disable stderr redirection before closing fds
upstream: prepare for PerSourcePenalties being enabled by default
upstream: simplify
upstream: make sure logs are saved from sshd run via start_sshd
upstream: regress test for PerSourcePenalties
upstream: mention that PerSourcePenalties don't affect concurrent
upstream: enable PerSourcePenalties by default.
upstream: correct error message
upstream: log waitpid() status for abnormal exits
upstream: reap the [net] child if it hangs up while writing privsep
upstream: update to mention that PerSourcePenalties default to
upstream: move tree init before possible early return
upstream: fix off-by-one comparison for PerSourcePenalty
upstream: a little more RB_TREE paranoia
upstream: reap the pre-auth [net] child if it hangs up during privsep
upstream: fix PIDFILE handling, broken for SUDO=doas in last commit
upstream: reap preauth net child if it hangs up during privsep message
upstream: split PerSourcePenalties address tracking. Previously it
upstream: specify an algorithm for ssh-keyscan, otherwise it will make
upstream: make host/banner comments go to stderr instead of stdout,
upstream: don't redirect stderr for ssh-keyscan we expect to succeed
upstream: split the PerSourcePenalties test in two: one tests penalty
upstream: ssh-keyscan -q man bits
upstream: clarify KEXAlgorithms supported vs available. Inspired by
upstream: crank up penalty timeouts so this should work on even the
upstream: penalty test is still a bit racy
upstream: same treatment for this test
upstream: promote connection-closed messages from verbose to info
upstream: disable the DSA signature algorithm by default; ok
upstream: put back reaping of preauth child process when writes
upstream: stricter check for overfull tables in penalty record path
upstream: mention SshdSessionPath option
upstream: move child process waitpid() loop out of SIGCHLD handler;
upstream: retire unused API
upstream: delete obsolete comment
upstream: use "lcd" to change directory before "lls" rather then "cd",
upstream: when sending ObscureKeystrokeTiming chaff packets, we
upstream: openssh-9.8
upstream: fix grammar: "a pattern lists" -> "one or more pattern
upstream: don't need return at end of void function
upstream: correct keyword; from Yatao Su via GHPR509
upstream: mention mux proxy mode
upstream: Fix proxy multiplexing (-O proxy) bug
upstream: reduce logingrace penalty.
upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API.
upstream: test transfers in mux proxy mode too
upstream: adapt to EVP_PKEY conversion
upstream: fix swapping of source and destination addresses in some sshd
upstream: fix minor memory leak in Subsystem option parsing; from
upstream: mention that ed25519 is the default key type generated and
upstream: place shielded keys (i.e. keys at rest in RAM) into memory
upstream: actually use the length parameter that was passed in rather
upstream: sntrup761x25519-sha512 now has an IANA codepoint assigned, so
upstream: fix test: -F is the argument to specify a non-default
upstream: Add experimental support for hybrid post-quantum key exchange
upstream: missing ifdef
upstream: allow the "Include" directive to expand the same set of
upstream: regression test for Include variable expansion
upstream: fix RCSID in output
upstream: be more strict in parsing key type names. Only allow
upstream: make parsing user at host consistently look for the last '@' in
upstream: pull post-quantum ML-KEM/x25519 key exchange out from
upstream: test mlkem768x25519-sha256
upstream: Relax absolute path requirement back to what it was prior to
upstream: Do not apply authorized_keys options when signature
upstream: include pathname in some of the ssh-keygen passphrase
upstream: switch "Match" directive processing over to the argv
upstream: switch sshd_config Match processing to the argv tokeniser
upstream: Add a sshd_config "RefuseConnection" option
upstream: Add a "refuseconnection" penalty class to sshd_config
upstream: add a "Match invalid-user" predicate to sshd_config Match
upstream: document Match invalid-user
upstream: update the Streamlined NTRU Prime code from the "ref"
upstream: bad whitespace in config dump output
upstream: use 64 bit math to avoid signed underflow. upstream code
upstream: openssh-9.9
dlg at openbsd.org (1):
upstream: add a random amount of time (up to 4 seconds) to the
dtucker at openbsd.org (24):
upstream: Import regenerated moduli.
upstream: In PuTTY interop test, don't assume the PuTTY major
upstream: Increase timeout. Resyncs with portable where some of
upstream: Save error code from SSH for use inside case statement,
upstream: Improve shell portability: grep -q is not portable so
upstream: Verify string returned from local shell command.
upstream: test -h is the POSIXly way of testing for a symlink. Reduces
upstream: Use egrep instead of grep -E.
upstream: Re-enable ssh-dss tests
upstream: Rework dropbear key setup
upstream: Use ed25519 keys for kex tests
upstream: Provide defaults for ciphers and macs
upstream: Remove dropbear key types not supported
upstream: Work around dbclient cipher/mac query bug.
upstream: Unnest rekey param parsing test and use ssh not sshd.
upstream: Remove duplicate curve25519-sha256 kex.
upstream: Add Compression=no to default ssh_config.
upstream: Set a default RekeyLimit of 256k.
upstream: Merge AEAD test into main test loop.
upstream: Send only as much data as needed to trigger rekeying. Speeds
upstream: Use curve25519-sha256 kex where possible.
upstream: Import regenerated moduli.
upstream: Some awks won't match on the \r so delete it instead. Fixes
upstream: Use aes128-ctr for MAC tests since default has implicit MAC.
jmc at openbsd.org (7):
upstream: escape the final dot at eol in "e.g." to avoid double
upstream: do not mark up "(default: 20ms)";
upstream: sort -q in the options list;
upstream: - uppercase start of sentence - correct sentence grammar
upstream: ssl(8) no longer contains a HISTORY section;
upstream: envrionment -> environment;
upstream: minor grammar/sort fixes for refuseconnection; ok djm
job at openbsd.org (1):
upstream: Clarify how literal IPv6 addresses can be used in -J mode
jsg at openbsd.org (6):
upstream: correct indentation; no functional change ok tb@
upstream: spelling; ok djm@
upstream: remove externs for removed vars; ok djm@
upstream: remove prototypes with no matching function; ok djm@
upstream: remove unused struct fwd_perm_list, no decl with complete
upstream: fix double word; ok dtucker@
miod at openbsd.org (1):
upstream: Do not pass -Werror if building with gcc 3, for asn1.h
naddy at openbsd.org (7):
upstream: remove duplicate copy of relink kit for sshd-session
upstream: Do not pass -Werror twice when building with clang.
upstream: remove references to SSH1 and DSA server keys
upstream: separate keywords with comma
upstream: remove one more mention of DSA
upstream: document the reduced logingrace penalty
upstream: document the mlkem768x25519-sha256 key exchange algorithm
renmingshuai (1):
Shell syntax fix (leftover from a sync).
semarie at openbsd.org (1):
upstream: set right mode on ssh-agent at boot-time
tobias at openbsd.org (6):
upstream: never close stdin
upstream: remove SSH1 leftovers
upstream: Fix typo in comment
upstream: Use freezero for better readability
upstream: Extend sshbuf validation
upstream: Reorder calloc arguments
-----------------------------------------------------------------------
No new revisions were added by this update.
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list