Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/crypto/external/bsd/openssh/dist Merge conflicts between Ope...



details:   https://anonhg.NetBSD.org/src/rev/0f6e6dcf9938
branches:  trunk
changeset: 1023837:0f6e6dcf9938
user:      christos <christos%NetBSD.org@localhost>
date:      Mon Sep 27 17:03:13 2021 +0000

description:
Merge conflicts between OpenSSH 8.7 and 8.8

diffstat:

 crypto/external/bsd/openssh/dist/channels.c      |  12 ++-
 crypto/external/bsd/openssh/dist/clientloop.c    |   9 +-
 crypto/external/bsd/openssh/dist/compat.c        |   7 +-
 crypto/external/bsd/openssh/dist/log.c           |  17 +++--
 crypto/external/bsd/openssh/dist/misc.c          |  12 +++-
 crypto/external/bsd/openssh/dist/myproposal.h    |   8 +-
 crypto/external/bsd/openssh/dist/readconf.c      |  63 +++++++++++++++++++----
 crypto/external/bsd/openssh/dist/readconf.h      |   5 +-
 crypto/external/bsd/openssh/dist/scp.1           |  44 ++++++++--------
 crypto/external/bsd/openssh/dist/scp.c           |  44 ++++++++--------
 crypto/external/bsd/openssh/dist/servconf.c      |  10 +-
 crypto/external/bsd/openssh/dist/sftp-client.c   |   7 +-
 crypto/external/bsd/openssh/dist/sftp-realpath.c |   5 +-
 crypto/external/bsd/openssh/dist/sftp.c          |  28 +++++-----
 crypto/external/bsd/openssh/dist/ssh-keygen.c    |   9 +-
 crypto/external/bsd/openssh/dist/ssh.1           |  19 +++++-
 crypto/external/bsd/openssh/dist/ssh.c           |  16 +++--
 crypto/external/bsd/openssh/dist/ssh_config.5    |  32 ++++++-----
 crypto/external/bsd/openssh/dist/sshd.8          |  13 +++-
 crypto/external/bsd/openssh/dist/sshd_config.5   |  12 ++--
 crypto/external/bsd/openssh/dist/version.h       |   8 +-
 21 files changed, 222 insertions(+), 158 deletions(-)

diffs (truncated from 1077 to 300 lines):

diff -r ab14a02778e3 -r 0f6e6dcf9938 crypto/external/bsd/openssh/dist/channels.c
--- a/crypto/external/bsd/openssh/dist/channels.c       Mon Sep 27 16:56:35 2021 +0000
+++ b/crypto/external/bsd/openssh/dist/channels.c       Mon Sep 27 17:03:13 2021 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: channels.c,v 1.31 2021/09/02 11:26:17 christos Exp $   */
-/* $OpenBSD: channels.c,v 1.407 2021/05/19 01:24:05 djm Exp $ */
+/*     $NetBSD: channels.c,v 1.32 2021/09/27 17:03:13 christos Exp $   */
+/* $OpenBSD: channels.c,v 1.408 2021/09/14 11:04:21 mbuhl Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: channels.c,v 1.31 2021/09/02 11:26:17 christos Exp $");
+__RCSID("$NetBSD: channels.c,v 1.32 2021/09/27 17:03:13 christos Exp $");
 #include <sys/param.h>
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -632,9 +632,11 @@
        debug("channel %d: free: %s, nchannels %u", c->self,
            c->remote_name ? c->remote_name : "???", n);
 
-       if (c->type == SSH_CHANNEL_MUX_CLIENT)
+       if (c->type == SSH_CHANNEL_MUX_CLIENT) {
                mux_remove_remote_forwardings(ssh, c);
-       else if (c->type == SSH_CHANNEL_MUX_LISTENER) {
+               free(c->mux_ctx);
+               c->mux_ctx = NULL;
+       } else if (c->type == SSH_CHANNEL_MUX_LISTENER) {
                free(c->mux_ctx);
                c->mux_ctx = NULL;
        }
diff -r ab14a02778e3 -r 0f6e6dcf9938 crypto/external/bsd/openssh/dist/clientloop.c
--- a/crypto/external/bsd/openssh/dist/clientloop.c     Mon Sep 27 16:56:35 2021 +0000
+++ b/crypto/external/bsd/openssh/dist/clientloop.c     Mon Sep 27 17:03:13 2021 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: clientloop.c,v 1.33 2021/09/02 11:26:17 christos Exp $ */
-/* $OpenBSD: clientloop.c,v 1.369 2021/07/23 04:04:52 djm Exp $ */
+/*     $NetBSD: clientloop.c,v 1.34 2021/09/27 17:03:13 christos Exp $ */
+/* $OpenBSD: clientloop.c,v 1.370 2021/08/29 23:44:07 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -62,7 +62,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: clientloop.c,v 1.33 2021/09/02 11:26:17 christos Exp $");
+__RCSID("$NetBSD: clientloop.c,v 1.34 2021/09/27 17:03:13 christos Exp $");
 
 #include <sys/types.h>
 #include <sys/ioctl.h>
@@ -1405,7 +1405,8 @@
         * exit status to be returned.  In that case, clear error code if the
         * connection was deliberately terminated at this end.
         */
-       if (options.session_type == SESSION_TYPE_NONE && received_signal == SIGTERM) {
+       if (options.session_type == SESSION_TYPE_NONE &&
+           received_signal == SIGTERM) {
                received_signal = 0;
                exit_status = 0;
        }
diff -r ab14a02778e3 -r 0f6e6dcf9938 crypto/external/bsd/openssh/dist/compat.c
--- a/crypto/external/bsd/openssh/dist/compat.c Mon Sep 27 16:56:35 2021 +0000
+++ b/crypto/external/bsd/openssh/dist/compat.c Mon Sep 27 17:03:13 2021 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: compat.c,v 1.23 2021/09/02 11:26:17 christos Exp $     */
-/* $OpenBSD: compat.c,v 1.118 2021/06/06 03:40:39 djm Exp $ */
+/*     $NetBSD: compat.c,v 1.24 2021/09/27 17:03:13 christos Exp $     */
+/* $OpenBSD: compat.c,v 1.119 2021/09/10 05:46:09 djm Exp $ */
 
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: compat.c,v 1.23 2021/09/02 11:26:17 christos Exp $");
+__RCSID("$NetBSD: compat.c,v 1.24 2021/09/27 17:03:13 christos Exp $");
 #include <sys/types.h>
 
 #include <stdlib.h>
@@ -71,7 +71,6 @@
                  "OpenSSH_7.1*,"
                  "OpenSSH_7.2*,"
                  "OpenSSH_7.3*,"
-                 "OpenSSH_7.4*,"
                  "OpenSSH_7.5*,"
                  "OpenSSH_7.6*,"
                  "OpenSSH_7.7*",       SSH_NEW_OPENSSH|SSH_BUG_SIGTYPE},
diff -r ab14a02778e3 -r 0f6e6dcf9938 crypto/external/bsd/openssh/dist/log.c
--- a/crypto/external/bsd/openssh/dist/log.c    Mon Sep 27 16:56:35 2021 +0000
+++ b/crypto/external/bsd/openssh/dist/log.c    Mon Sep 27 17:03:13 2021 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: log.c,v 1.24 2021/09/02 11:26:18 christos Exp $        */
-/* $OpenBSD: log.c,v 1.59 2021/05/07 04:11:51 djm Exp $ */
+/*     $NetBSD: log.c,v 1.25 2021/09/27 17:03:13 christos Exp $        */
+/* $OpenBSD: log.c,v 1.60 2021/09/16 15:11:19 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: log.c,v 1.24 2021/09/02 11:26:18 christos Exp $");
+__RCSID("$NetBSD: log.c,v 1.25 2021/09/27 17:03:13 christos Exp $");
 #include <sys/types.h>
 #include <sys/uio.h>
 
@@ -319,6 +319,7 @@
        int pri = LOG_INFO;
        int saved_errno = errno;
        log_handler_fn *tmp_handler;
+       const char *progname = argv0 != NULL ? argv0 : __progname;
 
        if (!force && level > log_level)
                return;
@@ -382,16 +383,18 @@
                tmp_handler(level, force, visbuf, log_handler_ctx);
                log_handler = tmp_handler;
        } else if (log_on_stderr) {
-               snprintf(msgbuf, sizeof msgbuf, "%.*s\r\n",
-                   (int)sizeof msgbuf - 3, visbuf);
+               snprintf(msgbuf, sizeof msgbuf, "%s%s%.*s\r\n",
+                   (log_on_stderr > 1) ? progname : "",
+                   (log_on_stderr > 1) ? ": " : "",
+                   (int)sizeof msgbuf - 10, visbuf);
                (void)write(log_stderr_fd, msgbuf, strlen(msgbuf));
        } else {
 #ifdef SYSLOG_DATA_INIT
-               openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
+               openlog_r(progname, LOG_PID, log_facility, &sdata);
                syslog_r(pri, &sdata, "%.500s", visbuf);
                closelog_r(&sdata);
 #else
-               openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility);
+               openlog(progname, LOG_PID, log_facility);
                syslog(pri, "%.500s", visbuf);
                closelog();
 #endif
diff -r ab14a02778e3 -r 0f6e6dcf9938 crypto/external/bsd/openssh/dist/misc.c
--- a/crypto/external/bsd/openssh/dist/misc.c   Mon Sep 27 16:56:35 2021 +0000
+++ b/crypto/external/bsd/openssh/dist/misc.c   Mon Sep 27 17:03:13 2021 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: misc.c,v 1.27 2021/09/02 11:26:18 christos Exp $       */
-/* $OpenBSD: misc.c,v 1.169 2021/08/09 23:47:44 djm Exp $ */
+/*     $NetBSD: misc.c,v 1.28 2021/09/27 17:03:13 christos Exp $       */
+/* $OpenBSD: misc.c,v 1.170 2021/09/26 14:01:03 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -20,7 +20,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: misc.c,v 1.27 2021/09/02 11:26:18 christos Exp $");
+__RCSID("$NetBSD: misc.c,v 1.28 2021/09/27 17:03:13 christos Exp $");
 
 #include <sys/types.h>
 #include <sys/ioctl.h>
@@ -2634,6 +2634,12 @@
 #define setresuid(a, b, c)      setuid(a)
 #endif
 
+               if (geteuid() == 0 &&
+                   initgroups(pw->pw_name, pw->pw_gid) == -1) {
+                       error("%s: initgroups(%s, %u): %s", tag,
+                           pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
+                       _exit(1);
+               }
                if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
                        error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
                            strerror(errno));
diff -r ab14a02778e3 -r 0f6e6dcf9938 crypto/external/bsd/openssh/dist/myproposal.h
--- a/crypto/external/bsd/openssh/dist/myproposal.h     Mon Sep 27 16:56:35 2021 +0000
+++ b/crypto/external/bsd/openssh/dist/myproposal.h     Mon Sep 27 17:03:13 2021 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: myproposal.h,v 1.21 2021/03/05 17:47:16 christos Exp $ */
-/* $OpenBSD: myproposal.h,v 1.68 2020/10/03 04:15:06 djm Exp $ */
+/*     $NetBSD: myproposal.h,v 1.22 2021/09/27 17:03:13 christos Exp $ */
+/* $OpenBSD: myproposal.h,v 1.69 2021/08/29 23:53:10 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -47,7 +47,6 @@
        "sk-ecdsa-sha2-nistp256-cert-v01%openssh.com@localhost," \
        "rsa-sha2-512-cert-v01%openssh.com@localhost," \
        "rsa-sha2-256-cert-v01%openssh.com@localhost," \
-       "ssh-rsa-cert-v01%openssh.com@localhost," \
        "ssh-ed25519," \
        "ecdsa-sha2-nistp256," \
        "ecdsa-sha2-nistp384," \
@@ -55,8 +54,7 @@
        "sk-ssh-ed25519%openssh.com@localhost," \
        "sk-ecdsa-sha2-nistp256%openssh.com@localhost," \
        "rsa-sha2-512," \
-       "rsa-sha2-256," \
-       "ssh-rsa"
+       "rsa-sha2-256"
 
 #define        KEX_SERVER_ENCRYPT \
        "chacha20-poly1305%openssh.com@localhost," \
diff -r ab14a02778e3 -r 0f6e6dcf9938 crypto/external/bsd/openssh/dist/readconf.c
--- a/crypto/external/bsd/openssh/dist/readconf.c       Mon Sep 27 16:56:35 2021 +0000
+++ b/crypto/external/bsd/openssh/dist/readconf.c       Mon Sep 27 17:03:13 2021 +0000
@@ -1,5 +1,5 @@
-/*     $NetBSD: readconf.c,v 1.36 2021/09/27 11:05:50 kim Exp $        */
-/* $OpenBSD: readconf.c,v 1.361 2021/07/23 04:04:52 djm Exp $ */
+/*     $NetBSD: readconf.c,v 1.37 2021/09/27 17:03:13 christos Exp $   */
+/* $OpenBSD: readconf.c,v 1.363 2021/09/16 05:36:03 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -15,7 +15,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.36 2021/09/27 11:05:50 kim Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.37 2021/09/27 17:03:13 christos Exp $");
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/socket.h>
@@ -2101,11 +2101,24 @@
 
        case oCanonicalizePermittedCNAMEs:
                value = options->num_permitted_cnames != 0;
+               i = 0;
                while ((arg = argv_next(&ac, &av)) != NULL) {
-                       /* Either '*' for everything or 'list:list' */
-                       if (strcmp(arg, "*") == 0)
+                       char empty[] = "";
+                       /*
+                        * Either 'none' (only in first position), '*' for
+                        * everything or 'list:list'
+                        */
+                       if (strcasecmp(arg, "none") == 0) {
+                               if (i > 0 || ac > 0) {
+                                       error("%s line %d: keyword %s \"none\" "
+                                           "argument must appear alone.",
+                                           filename, linenum, keyword);
+                                       goto out;
+                               }
+                               arg2 = empty;
+                       } else if (strcmp(arg, "*") == 0) {
                                arg2 = arg;
-                       else {
+                       } else {
                                lowercase(arg);
                                if ((arg2 = strchr(arg, ':')) == NULL ||
                                    arg2[1] == '\0') {
@@ -2117,6 +2130,7 @@
                                *arg2 = '\0';
                                arg2++;
                        }
+                       i++;
                        if (!*activep || value)
                                continue;
                        if (options->num_permitted_cnames >=
@@ -2371,6 +2385,20 @@
 }
 
 /*
+ * Returns 1 if CanonicalizePermittedCNAMEs have been specified, 0 otherwise.
+ * Allowed to be called on non-final configuration.
+ */
+int
+config_has_permitted_cnames(Options *options)
+{
+       if (options->num_permitted_cnames == 1 &&
+           strcasecmp(options->permitted_cnames[0].source_list, "none") == 0 &&
+           strcmp(options->permitted_cnames[0].target_list, "") == 0)
+               return 0;
+       return options->num_permitted_cnames > 0;
+}
+
+/*
  * Initializes options to special values that indicate that they have not yet
  * been set.  Read_config_file will only set options with this value. Options
  * are processed in the following order: command line, user config file,
@@ -2784,6 +2812,15 @@
                free(options->jump_host);
                options->jump_host = NULL;
        }
+       if (options->num_permitted_cnames == 1 &&
+           !config_has_permitted_cnames(options)) {
+               /* clean up CanonicalizePermittedCNAMEs=none */
+               free(options->permitted_cnames[0].source_list);
+               free(options->permitted_cnames[0].target_list);
+               memset(options->permitted_cnames, '\0',
+                   sizeof(*options->permitted_cnames));
+               options->num_permitted_cnames = 0;
+       }
        /* options->identity_agent distinguishes NULL from 'none' */
        /* options->user will be set in the main program if appropriate */
        /* options->hostname will be set in the main program if appropriate */
@@ -3499,14 +3536,14 @@
        printf("\n");



Home | Main Index | Thread Index | Old Index