Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh Merge conflicts
details: https://anonhg.NetBSD.org/src/rev/488091a8f9af
branches: trunk
changeset: 933697:488091a8f9af
user: christos <christos%NetBSD.org@localhost>
date: Thu May 28 17:05:49 2020 +0000
description:
Merge conflicts
diffstat:
crypto/external/bsd/openssh/dist/PROTOCOL | 8 +-
crypto/external/bsd/openssh/dist/PROTOCOL.mux | 6 +-
crypto/external/bsd/openssh/dist/auth-options.c | 17 +-
crypto/external/bsd/openssh/dist/auth-rhosts.c | 11 +-
crypto/external/bsd/openssh/dist/auth2-chall.c | 9 +-
crypto/external/bsd/openssh/dist/auth2-passwd.c | 9 +-
crypto/external/bsd/openssh/dist/auth2.c | 8 +-
crypto/external/bsd/openssh/dist/authfd.c | 14 +-
crypto/external/bsd/openssh/dist/authfile.c | 107 +-
crypto/external/bsd/openssh/dist/channels.c | 21 +-
crypto/external/bsd/openssh/dist/cipher-chachapoly.c | 27 +-
crypto/external/bsd/openssh/dist/cipher-chachapoly.h | 15 +-
crypto/external/bsd/openssh/dist/cipher.c | 30 +-
crypto/external/bsd/openssh/dist/clientloop.c | 32 +-
crypto/external/bsd/openssh/dist/clientloop.h | 7 +-
crypto/external/bsd/openssh/dist/digest-libc.c | 7 +-
crypto/external/bsd/openssh/dist/gss-serv.c | 8 +-
crypto/external/bsd/openssh/dist/hmac.c | 7 +-
crypto/external/bsd/openssh/dist/hostfile.c | 11 +-
crypto/external/bsd/openssh/dist/kex.c | 21 +-
crypto/external/bsd/openssh/dist/krl.c | 101 +++-
crypto/external/bsd/openssh/dist/krl.h | 5 +-
crypto/external/bsd/openssh/dist/misc.c | 8 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 | 151 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 | 150 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 | 123 ++-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 | 141 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 | 122 +--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 | 130 ++-
crypto/external/bsd/openssh/dist/monitor.c | 11 +-
crypto/external/bsd/openssh/dist/mux.c | 7 +-
crypto/external/bsd/openssh/dist/packet.c | 14 +-
crypto/external/bsd/openssh/dist/packet.h | 7 +-
crypto/external/bsd/openssh/dist/readconf.c | 32 +-
crypto/external/bsd/openssh/dist/readconf.h | 6 +-
crypto/external/bsd/openssh/dist/scp.1 | 11 +-
crypto/external/bsd/openssh/dist/scp.c | 108 ++-
crypto/external/bsd/openssh/dist/servconf.c | 27 +-
crypto/external/bsd/openssh/dist/servconf.h | 9 +-
crypto/external/bsd/openssh/dist/session.c | 10 +-
crypto/external/bsd/openssh/dist/sftp.1 | 16 +-
crypto/external/bsd/openssh/dist/sftp.c | 27 +-
crypto/external/bsd/openssh/dist/sk-usbhid.c | 39 +-
crypto/external/bsd/openssh/dist/ssh-add.c | 26 +-
crypto/external/bsd/openssh/dist/ssh-agent.c | 11 +-
crypto/external/bsd/openssh/dist/ssh-dss.c | 12 +-
crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c | 12 +-
crypto/external/bsd/openssh/dist/ssh-ed25519.c | 22 +-
crypto/external/bsd/openssh/dist/ssh-keygen.1 | 12 +-
crypto/external/bsd/openssh/dist/ssh-keygen.c | 161 ++--
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c | 14 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11.c | 29 +-
crypto/external/bsd/openssh/dist/ssh-sk.c | 24 +-
crypto/external/bsd/openssh/dist/ssh-xmss.c | 24 +-
crypto/external/bsd/openssh/dist/ssh.1 | 11 +-
crypto/external/bsd/openssh/dist/ssh.c | 278 +++++---
crypto/external/bsd/openssh/dist/ssh_config.5 | 55 +-
crypto/external/bsd/openssh/dist/sshbuf-misc.c | 13 +-
crypto/external/bsd/openssh/dist/sshbuf.c | 7 +-
crypto/external/bsd/openssh/dist/sshbuf.h | 8 +-
crypto/external/bsd/openssh/dist/sshconnect.c | 11 +-
crypto/external/bsd/openssh/dist/sshconnect2.c | 8 +-
crypto/external/bsd/openssh/dist/sshd.c | 21 +-
crypto/external/bsd/openssh/dist/sshd_config.5 | 38 +-
crypto/external/bsd/openssh/dist/sshkey.c | 511 ++++++++-------
crypto/external/bsd/openssh/dist/sshkey.h | 6 +-
crypto/external/bsd/openssh/dist/sshsig.c | 30 +-
crypto/external/bsd/openssh/dist/umac.c | 12 +-
crypto/external/bsd/openssh/dist/utf8.c | 33 +-
crypto/external/bsd/openssh/dist/utf8.h | 8 +-
crypto/external/bsd/openssh/dist/version.h | 8 +-
crypto/external/bsd/openssh/lib/shlib_version | 4 +-
72 files changed, 1659 insertions(+), 1380 deletions(-)
diffs (truncated from 5834 to 300 lines):
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/PROTOCOL
--- a/crypto/external/bsd/openssh/dist/PROTOCOL Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL Thu May 28 17:05:49 2020 +0000
@@ -194,7 +194,7 @@
SSH_TUNMODE_ETHERNET 2 /* layer 2 frames */
The "tunnel unit number" specifies the remote interface number, or may
-be 0x7fffffff to allow the server to automatically chose an interface. A
+be 0x7fffffff to allow the server to automatically choose an interface. A
server that is not willing to open a client-specified unit should refuse
the request with a SSH_MSG_CHANNEL_OPEN_FAILURE error. On successful
open, the server should reply with SSH_MSG_CHANNEL_OPEN_SUCCESS.
@@ -298,7 +298,7 @@
supplied host keys are present in known_hosts.
Note that the server may send key types that the client does not
-support. The client should disgregard such keys if they are received.
+support. The client should disregard such keys if they are received.
If the client identifies any keys that are not present for the host,
it should send a "hostkeys-prove%openssh.com@localhost" message to request the
@@ -496,5 +496,5 @@
PROTOCOL.mux over a Unix domain socket for communications between a
master instance and later clients.
-$OpenBSD: PROTOCOL,v 1.36 2018/10/02 12:51:58 djm Exp $
-$NetBSD: PROTOCOL,v 1.13 2019/04/20 17:16:40 christos Exp $
+$OpenBSD: PROTOCOL,v 1.37 2020/02/21 00:04:43 dtucker Exp $
+$NetBSD: PROTOCOL,v 1.14 2020/05/28 17:05:49 christos Exp $
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/PROTOCOL.mux
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.mux Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.mux Thu May 28 17:05:49 2020 +0000
@@ -39,7 +39,7 @@
speak a significant subset of the SSH protocol, but in return is able
to access basically the full suite of connection protocol features.
Moreover, as no file descriptor passing is required, the connection
-supporting a proxy client may iteself be forwarded or relayed to another
+supporting a proxy client may itself be forwarded or relayed to another
host if necessary.
1. Connection setup
@@ -295,5 +295,5 @@
XXX signals via mux request
XXX list active connections via mux
-$OpenBSD: PROTOCOL.mux,v 1.11 2018/09/26 07:30:05 djm Exp $
-$NetBSD: PROTOCOL.mux,v 1.10 2019/04/20 17:16:40 christos Exp $
+$OpenBSD: PROTOCOL.mux,v 1.12 2020/03/13 03:17:07 djm Exp $
+$NetBSD: PROTOCOL.mux,v 1.11 2020/05/28 17:05:49 christos Exp $
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/auth-options.c
--- a/crypto/external/bsd/openssh/dist/auth-options.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-options.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth-options.c,v 1.22 2020/02/27 00:24:40 christos Exp $ */
-/* $OpenBSD: auth-options.c,v 1.90 2019/11/25 00:54:23 djm Exp $ */
+/* $NetBSD: auth-options.c,v 1.23 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth-options.c,v 1.92 2020/03/06 18:15:38 markus Exp $ */
/*
* Copyright (c) 2018 Damien Miller <djm%mindrot.org@localhost>
*
@@ -17,7 +17,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-options.c,v 1.22 2020/02/27 00:24:40 christos Exp $");
+__RCSID("$NetBSD: auth-options.c,v 1.23 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/queue.h>
@@ -223,8 +223,7 @@
free(opts->permitlisten[i]);
free(opts->permitlisten);
- explicit_bzero(opts, sizeof(*opts));
- free(opts);
+ freezero(opts, sizeof(*opts));
}
struct sshauthopt *
@@ -736,9 +735,11 @@
*np = n;
n = 0;
out:
- for (i = 0; i < n; i++)
- free(a[i]);
- free(a);
+ if (a != NULL) {
+ for (i = 0; i < n; i++)
+ free(a[i]);
+ free(a);
+ }
sshbuf_free(b);
return r;
}
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/auth-rhosts.c
--- a/crypto/external/bsd/openssh/dist/auth-rhosts.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-rhosts.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth-rhosts.c,v 1.11 2019/10/12 18:32:22 christos Exp $ */
-/* $OpenBSD: auth-rhosts.c,v 1.51 2019/10/02 00:42:30 djm Exp $ */
+/* $NetBSD: auth-rhosts.c,v 1.12 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth-rhosts.c,v 1.52 2020/04/17 03:30:05 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -16,7 +16,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-rhosts.c,v 1.11 2019/10/12 18:32:22 christos Exp $");
+__RCSID("$NetBSD: auth-rhosts.c,v 1.12 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
@@ -297,8 +297,9 @@
* Check if we have been configured to ignore .rhosts
* and .shosts files.
*/
- if ((pw->pw_uid == 0 && options.ignore_root_rhosts) ||
- (pw->pw_uid != 0 && options.ignore_rhosts)) {
+ if (options.ignore_rhosts == IGNORE_RHOSTS_YES ||
+ (options.ignore_rhosts == IGNORE_RHOSTS_SHOSTS &&
+ strcmp(rhosts_files[rhosts_file_index], ".shosts") != 0)) {
auth_debug_add("Server has been configured to "
"ignore %.100s.", rhosts_files[rhosts_file_index]);
continue;
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/auth2-chall.c
--- a/crypto/external/bsd/openssh/dist/auth2-chall.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth2-chall.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth2-chall.c,v 1.17 2020/02/27 00:24:40 christos Exp $ */
-/* $OpenBSD: auth2-chall.c,v 1.52 2019/11/13 04:47:52 deraadt Exp $ */
+/* $NetBSD: auth2-chall.c,v 1.18 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.53 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2001 Per Allansson. All rights reserved.
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth2-chall.c,v 1.17 2020/02/27 00:24:40 christos Exp $");
+__RCSID("$NetBSD: auth2-chall.c,v 1.18 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <stdlib.h>
@@ -155,8 +155,7 @@
if (kbdintctxt->device)
kbdint_reset_device(kbdintctxt);
free(kbdintctxt->devices);
- explicit_bzero(kbdintctxt, sizeof(*kbdintctxt));
- free(kbdintctxt);
+ freezero(kbdintctxt, sizeof(*kbdintctxt));
}
/* get next device */
static int
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/auth2-passwd.c
--- a/crypto/external/bsd/openssh/dist/auth2-passwd.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth2-passwd.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth2-passwd.c,v 1.12 2019/10/12 18:32:22 christos Exp $ */
-/* $OpenBSD: auth2-passwd.c,v 1.17 2019/09/06 04:53:27 djm Exp $ */
+/* $NetBSD: auth2-passwd.c,v 1.13 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.18 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth2-passwd.c,v 1.12 2019/10/12 18:32:22 christos Exp $");
+__RCSID("$NetBSD: auth2-passwd.c,v 1.13 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <stdlib.h>
@@ -67,8 +67,7 @@
logit("password change not supported");
else if (PRIVSEP(auth_password(ssh, password)) == 1)
authenticated = 1;
- explicit_bzero(password, len);
- free(password);
+ freezero(password, len);
return authenticated;
}
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/auth2.c
--- a/crypto/external/bsd/openssh/dist/auth2.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth2.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth2.c,v 1.21 2019/12/07 16:32:22 christos Exp $ */
-/* $OpenBSD: auth2.c,v 1.157 2019/09/06 04:53:27 djm Exp $ */
+/* $NetBSD: auth2.c,v 1.22 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth2.c,v 1.158 2020/03/06 18:16:21 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth2.c,v 1.21 2019/12/07 16:32:22 christos Exp $");
+__RCSID("$NetBSD: auth2.c,v 1.22 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
@@ -231,7 +231,7 @@
r = 0;
out:
free(service);
- return 0;
+ return r;
}
#define MIN_FAIL_DELAY_SECONDS 0.005
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/authfd.c
--- a/crypto/external/bsd/openssh/dist/authfd.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/authfd.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: authfd.c,v 1.20 2020/02/27 00:24:40 christos Exp $ */
-/* $OpenBSD: authfd.c,v 1.121 2019/12/21 02:19:13 djm Exp $ */
+/* $NetBSD: authfd.c,v 1.21 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: authfd.c,v 1.123 2020/03/06 18:24:39 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -37,7 +37,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: authfd.c,v 1.20 2020/02/27 00:24:40 christos Exp $");
+__RCSID("$NetBSD: authfd.c,v 1.21 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/un.h>
#include <sys/socket.h>
@@ -343,7 +343,7 @@
size_t i;
struct ssh_identitylist *idlist = NULL;
- if ((r = ssh_fetch_identitylist(sock, &idlist)) < 0) {
+ if ((r = ssh_fetch_identitylist(sock, &idlist)) != 0) {
return r;
}
@@ -562,10 +562,8 @@
goto out;
r = decode_reply(type);
out:
- if (blob != NULL) {
- explicit_bzero(blob, blen);
- free(blob);
- }
+ if (blob != NULL)
+ freezero(blob, blen);
sshbuf_free(msg);
return r;
}
diff -r 2dbcf6cf2511 -r 488091a8f9af crypto/external/bsd/openssh/dist/authfile.c
--- a/crypto/external/bsd/openssh/dist/authfile.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/authfile.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: authfile.c,v 1.23 2020/02/27 00:24:40 christos Exp $ */
-/* $OpenBSD: authfile.c,v 1.137 2020/01/25 23:02:13 djm Exp $ */
+/* $NetBSD: authfile.c,v 1.24 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: authfile.c,v 1.140 2020/04/17 07:15:11 djm Exp $ */
/*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
*
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: authfile.c,v 1.23 2020/02/27 00:24:40 christos Exp $");
+__RCSID("$NetBSD: authfile.c,v 1.24 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/uio.h>
@@ -138,6 +138,14 @@
}
int
+sshkey_load_private(const char *filename, const char *passphrase,
+ struct sshkey **keyp, char **commentp)
+{
+ return sshkey_load_private_type(KEY_UNSPEC, filename, passphrase,
+ keyp, commentp);
+}
+
+int
sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
struct sshkey **keyp, char **commentp)
{
@@ -158,51 +166,57 @@
return r;
}
-/* XXX this is almost identical to sshkey_load_private_type() */
-int
-sshkey_load_private(const char *filename, const char *passphrase,
- struct sshkey **keyp, char **commentp)
Home |
Main Index |
Thread Index |
Old Index