Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh/lib merge conflicts between 9.0 ...
details: https://anonhg.NetBSD.org/src/rev/05a287476ba7
branches: trunk
changeset: 371748:05a287476ba7
user: christos <christos%NetBSD.org@localhost>
date: Wed Oct 05 22:39:36 2022 +0000
description:
merge conflicts between 9.0 and 9.1
diffstat:
crypto/external/bsd/openssh/bin/sftp/Makefile | 4 +-
crypto/external/bsd/openssh/bin/ssh/Makefile | 4 +-
crypto/external/bsd/openssh/bin/sshd/Makefile | 4 +-
crypto/external/bsd/openssh/dist/PROTOCOL | 67 ++-
crypto/external/bsd/openssh/dist/PROTOCOL.agent | 8 +-
crypto/external/bsd/openssh/dist/addr.c | 8 +-
crypto/external/bsd/openssh/dist/auth.c | 162 +-----
crypto/external/bsd/openssh/dist/auth.h | 28 +-
crypto/external/bsd/openssh/dist/auth2-hostbased.c | 11 +-
crypto/external/bsd/openssh/dist/auth2-passwd.c | 15 +-
crypto/external/bsd/openssh/dist/auth2-pubkey.c | 440 +--------------
crypto/external/bsd/openssh/dist/auth2-pubkeyfile.c | 90 +++-
crypto/external/bsd/openssh/dist/authfd.c | 8 +-
crypto/external/bsd/openssh/dist/authfile.c | 24 +-
crypto/external/bsd/openssh/dist/channels.c | 50 +-
crypto/external/bsd/openssh/dist/channels.h | 4 +-
crypto/external/bsd/openssh/dist/clientloop.c | 19 +-
crypto/external/bsd/openssh/dist/compat.c | 27 +-
crypto/external/bsd/openssh/dist/compat.h | 6 +-
crypto/external/bsd/openssh/dist/krl.c | 8 +-
crypto/external/bsd/openssh/dist/misc.c | 49 +-
crypto/external/bsd/openssh/dist/misc.h | 6 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 | 146 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 | 129 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 | 141 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 | 129 ++-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 | 138 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 | 116 ++-
crypto/external/bsd/openssh/dist/moduli.c | 19 +-
crypto/external/bsd/openssh/dist/monitor.c | 7 +-
crypto/external/bsd/openssh/dist/monitor_wrap.c | 6 +-
crypto/external/bsd/openssh/dist/monitor_wrap.h | 6 +-
crypto/external/bsd/openssh/dist/mux.c | 16 +-
crypto/external/bsd/openssh/dist/packet.c | 9 +-
crypto/external/bsd/openssh/dist/readconf.c | 65 +-
crypto/external/bsd/openssh/dist/readconf.h | 14 +-
crypto/external/bsd/openssh/dist/readpass.c | 9 +-
crypto/external/bsd/openssh/dist/scp.1 | 11 +-
crypto/external/bsd/openssh/dist/scp.c | 15 +-
crypto/external/bsd/openssh/dist/servconf.c | 23 +-
crypto/external/bsd/openssh/dist/servconf.h | 5 +-
crypto/external/bsd/openssh/dist/serverloop.c | 10 +-
crypto/external/bsd/openssh/dist/sftp-client.c | 220 ++++++-
crypto/external/bsd/openssh/dist/sftp-client.h | 28 +-
crypto/external/bsd/openssh/dist/sftp-common.c | 22 +-
crypto/external/bsd/openssh/dist/sftp-common.h | 7 +-
crypto/external/bsd/openssh/dist/sftp-server.c | 99 +++-
crypto/external/bsd/openssh/dist/sftp-usergroup.c | 22 +-
crypto/external/bsd/openssh/dist/sftp.1 | 13 +-
crypto/external/bsd/openssh/dist/sftp.c | 209 ++++--
crypto/external/bsd/openssh/dist/sk-usbhid.c | 100 +++-
crypto/external/bsd/openssh/dist/ssh-add.c | 11 +-
crypto/external/bsd/openssh/dist/ssh-agent.c | 29 +-
crypto/external/bsd/openssh/dist/ssh-ed25519.c | 10 +-
crypto/external/bsd/openssh/dist/ssh-keygen.1 | 226 +++++--
crypto/external/bsd/openssh/dist/ssh-keygen.c | 199 ++++--
crypto/external/bsd/openssh/dist/ssh-keyscan.1 | 12 +-
crypto/external/bsd/openssh/dist/ssh-keyscan.c | 21 +-
crypto/external/bsd/openssh/dist/ssh-keysign.c | 11 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8 | 26 +-
crypto/external/bsd/openssh/dist/ssh-sk-helper.c | 8 +-
crypto/external/bsd/openssh/dist/ssh-sk.c | 9 +-
crypto/external/bsd/openssh/dist/ssh-xmss.c | 8 +-
crypto/external/bsd/openssh/dist/ssh.1 | 14 +-
crypto/external/bsd/openssh/dist/ssh.c | 35 +-
crypto/external/bsd/openssh/dist/ssh_config.5 | 27 +-
crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c | 4 +-
crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c | 4 +-
crypto/external/bsd/openssh/dist/sshbuf.c | 11 +-
crypto/external/bsd/openssh/dist/sshbuf.h | 5 +-
crypto/external/bsd/openssh/dist/sshconnect.c | 11 +-
crypto/external/bsd/openssh/dist/sshconnect2.c | 80 +-
crypto/external/bsd/openssh/dist/sshd.8 | 14 +-
crypto/external/bsd/openssh/dist/sshd.c | 39 +-
crypto/external/bsd/openssh/dist/sshd_config.5 | 24 +-
crypto/external/bsd/openssh/dist/sshkey.c | 103 +-
crypto/external/bsd/openssh/dist/sshkey.h | 5 +-
crypto/external/bsd/openssh/dist/sshsig.c | 12 +-
crypto/external/bsd/openssh/dist/version.h | 8 +-
crypto/external/bsd/openssh/dist/xmss_hash.c | 8 +-
crypto/external/bsd/openssh/lib/shlib_version | 4 +-
81 files changed, 2088 insertions(+), 1666 deletions(-)
diffs (truncated from 6765 to 300 lines):
diff -r c20d9271b702 -r 05a287476ba7 crypto/external/bsd/openssh/bin/sftp/Makefile
--- a/crypto/external/bsd/openssh/bin/sftp/Makefile Wed Oct 05 22:35:32 2022 +0000
+++ b/crypto/external/bsd/openssh/bin/sftp/Makefile Wed Oct 05 22:39:36 2022 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.9 2020/03/01 20:59:52 christos Exp $
+# $NetBSD: Makefile,v 1.10 2022/10/05 22:39:36 christos Exp $
BINDIR= /usr/bin
PROG= sftp
-SRCS= sftp.c sftp-client.c sftp-common.c sftp-glob.c
+SRCS= sftp.c sftp-client.c sftp-common.c sftp-glob.c sftp-usergroup.c
MAN= sftp.1
LDADD+= -ledit -lterminfo
diff -r c20d9271b702 -r 05a287476ba7 crypto/external/bsd/openssh/bin/ssh/Makefile
--- a/crypto/external/bsd/openssh/bin/ssh/Makefile Wed Oct 05 22:35:32 2022 +0000
+++ b/crypto/external/bsd/openssh/bin/ssh/Makefile Wed Oct 05 22:39:36 2022 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.17 2020/03/01 20:59:53 christos Exp $
+# $NetBSD: Makefile,v 1.18 2022/10/05 22:39:36 christos Exp $
.include <bsd.own.mk>
@@ -6,7 +6,7 @@
PROG= ssh
SRCS= ssh.c readconf.c clientloop.c sshtty.c \
- sshconnect.c sshconnect2.c mux.c auth.c
+ sshconnect.c sshconnect2.c mux.c auth.c auth-options.c
COPTS.auth.c= -DHOST_ONLY
COPTS.mux.c= -Wno-pointer-sign
diff -r c20d9271b702 -r 05a287476ba7 crypto/external/bsd/openssh/bin/sshd/Makefile
--- a/crypto/external/bsd/openssh/bin/sshd/Makefile Wed Oct 05 22:35:32 2022 +0000
+++ b/crypto/external/bsd/openssh/bin/sshd/Makefile Wed Oct 05 22:39:36 2022 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.24 2021/08/14 16:17:57 christos Exp $
+# $NetBSD: Makefile,v 1.25 2022/10/05 22:39:36 christos Exp $
.include <bsd.own.mk>
@@ -7,7 +7,7 @@
BINDIR= /usr/sbin
-SRCS= sshd.c auth-rhosts.c auth-passwd.c \
+SRCS= sshd.c auth-rhosts.c auth-passwd.c auth2-pubkeyfile.c \
sshpty.c sshlogin.c servconf.c serverloop.c \
auth.c auth2.c auth-options.c session.c \
auth-krb5.c auth2-chall.c groupaccess.c \
diff -r c20d9271b702 -r 05a287476ba7 crypto/external/bsd/openssh/dist/PROTOCOL
--- a/crypto/external/bsd/openssh/dist/PROTOCOL Wed Oct 05 22:35:32 2022 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL Wed Oct 05 22:39:36 2022 +0000
@@ -102,6 +102,8 @@
described at:
http://git.libssh.org/users/aris/libssh.git/plain/doc/curve25519-sha256%libssh.org.txt@localhost?h=curve25519
+This is identical to curve25519-sha256 as later published in RFC8731.
+
2. Connection protocol changes
2.1. connection: Channel write close extension "eow%openssh.com@localhost"
@@ -613,6 +615,67 @@
https://tools.ietf.org/html/draft-ietf-secsh-filexfer-extensions-00#section-7
+4.11. sftp: Extension request "home-directory"
+
+This request asks the server to expand the specified user's home directory.
+An empty username implies the current user. This can be used by the client
+to expand ~/ type paths locally.
+
+ byte SSH_FXP_EXTENDED
+ uint32 id
+ string "home-directory"
+ string username
+
+This extension is advertised in the SSH_FXP_VERSION hello with version
+"1".
+
+This provides similar information as the "expand-path%openssh.com@localhost" extension.
+
+This request is identical to the "home-directory" request documented in:
+
+https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-extensions-00#section-5
+
+4.12. sftp: Extension request "users-groups-by-id%openssh.com@localhost"
+
+This request asks the server to returns user and/or group names that
+correspond to one or more IDs (e.g. as returned from a SSH_FXP_STAT
+request). This may be used by the client to provide usernames in
+directory listings.
+
+ byte SSH_FXP_EXTENDED
+ uint32 id
+ string "users-groups-by-id%openssh.com@localhost"
+ string uids
+ string gids
+
+Where "uids" and "gids" consists of one or more integer user or group
+identifiers:
+
+ uint32 id-0
+ ...
+
+The server will reply with a SSH_FXP_EXTENDED_REPLY:
+
+ byte SSH_FXP_EXTENDED_REPLY
+ string usernames
+ string groupnames
+
+Where "username" and "groupnames" consists of names in identical request
+order to "uids" and "gids" respectively:
+
+ string name-0
+ ...
+
+If a name cannot be identified for a given user or group ID, an empty
+string will be returned in its place.
+
+It is acceptable for either "uids" or "gids" to be an empty set, in
+which case the respective "usernames" or "groupnames" list will also
+be empty.
+
+This extension is advertised in the SSH_FXP_VERSION hello with version
+"1".
+
5. Miscellaneous changes
5.1 Public key format
@@ -649,5 +712,5 @@
OpenSSH extends the usual agent protocol. These changes are documented
in the PROTOCOL.agent file.
-$OpenBSD: PROTOCOL,v 1.44 2022/03/31 03:05:49 djm Exp $
-$NetBSD: PROTOCOL,v 1.19 2022/04/15 14:00:06 christos Exp $
+$OpenBSD: PROTOCOL,v 1.47 2022/09/19 10:40:52 djm Exp $
+$NetBSD: PROTOCOL,v 1.20 2022/10/05 22:39:36 christos Exp $
diff -r c20d9271b702 -r 05a287476ba7 crypto/external/bsd/openssh/dist/PROTOCOL.agent
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.agent Wed Oct 05 22:35:32 2022 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.agent Wed Oct 05 22:39:36 2022 +0000
@@ -1,8 +1,8 @@
-$NetBSD: PROTOCOL.agent,v 1.12 2022/02/23 19:07:20 christos Exp $
+$NetBSD: PROTOCOL.agent,v 1.13 2022/10/05 22:39:36 christos Exp $
The SSH agent protocol is described in
https://tools.ietf.org/html/draft-miller-ssh-agent-04
-This file document's OpenSSH's extensions to the agent protocol.
+This file documents OpenSSH's extensions to the agent protocol.
1. session-bind%openssh.com@localhost extension
@@ -55,7 +55,7 @@
string to_hostname
keyspec[] to_hostkeys
-An a keyspec consists of:
+And a keyspec consists of:
string keyblob
bool is_ca
@@ -82,4 +82,4 @@
This option is only valid for XMSS keys.
-$OpenBSD: PROTOCOL.agent,v 1.16 2022/01/01 01:55:30 jsg Exp $
+$OpenBSD: PROTOCOL.agent,v 1.18 2022/09/21 22:26:50 dtucker Exp $
diff -r c20d9271b702 -r 05a287476ba7 crypto/external/bsd/openssh/dist/addr.c
--- a/crypto/external/bsd/openssh/dist/addr.c Wed Oct 05 22:35:32 2022 +0000
+++ b/crypto/external/bsd/openssh/dist/addr.c Wed Oct 05 22:39:36 2022 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: addr.c,v 1.3 2022/02/23 19:07:20 christos Exp $ */
-/* $OpenBSD: addr.c,v 1.4 2021/10/22 10:51:57 dtucker Exp $ */
+/* $NetBSD: addr.c,v 1.4 2022/10/05 22:39:36 christos Exp $ */
+/* $OpenBSD: addr.c,v 1.5 2022/04/29 04:55:07 djm Exp $ */
/*
* Copyright (c) 2004-2008 Damien Miller <djm%mindrot.org@localhost>
@@ -18,7 +18,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: addr.c,v 1.3 2022/02/23 19:07:20 christos Exp $");
+__RCSID("$NetBSD: addr.c,v 1.4 2022/10/05 22:39:36 christos Exp $");
#include <sys/types.h>
#include <sys/socket.h>
@@ -397,7 +397,7 @@
*mp = '\0';
mp++;
masklen = strtoul(mp, &cp, 10);
- if (*mp == '\0' || *cp != '\0' || masklen > 128)
+ if (*mp < '0' || *mp > '9' || *cp != '\0' || masklen > 128)
return -1;
}
diff -r c20d9271b702 -r 05a287476ba7 crypto/external/bsd/openssh/dist/auth.c
--- a/crypto/external/bsd/openssh/dist/auth.c Wed Oct 05 22:35:32 2022 +0000
+++ b/crypto/external/bsd/openssh/dist/auth.c Wed Oct 05 22:39:36 2022 +0000
@@ -1,5 +1,6 @@
-/* $NetBSD: auth.c,v 1.32 2022/02/23 19:07:20 christos Exp $ */
-/* $OpenBSD: auth.c,v 1.154 2022/02/23 11:17:10 djm Exp $ */
+/* $NetBSD: auth.c,v 1.33 2022/10/05 22:39:36 christos Exp $ */
+/* $OpenBSD: auth.c,v 1.158 2022/06/03 04:47:21 djm Exp $ */
+
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -25,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth.c,v 1.32 2022/02/23 19:07:20 christos Exp $");
+__RCSID("$NetBSD: auth.c,v 1.33 2022/10/05 22:39:36 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
@@ -540,62 +541,6 @@
return host_status;
}
-static FILE *
-auth_openfile(const char *file, struct passwd *pw, int strict_modes,
- int log_missing, const char *file_type)
-{
- char line[1024];
- struct stat st;
- int fd;
- FILE *f;
-
- if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) {
- if (log_missing || errno != ENOENT)
- debug("Could not open %s '%s': %s", file_type, file,
- strerror(errno));
- return NULL;
- }
-
- if (fstat(fd, &st) == -1) {
- close(fd);
- return NULL;
- }
- if (!S_ISREG(st.st_mode)) {
- logit("User %s %s %s is not a regular file",
- pw->pw_name, file_type, file);
- close(fd);
- return NULL;
- }
- unset_nonblock(fd);
- if ((f = fdopen(fd, "r")) == NULL) {
- close(fd);
- return NULL;
- }
- if (strict_modes &&
- safe_path_fd(fileno(f), file, pw, line, sizeof(line)) != 0) {
- fclose(f);
- logit("Authentication refused: %s", line);
- auth_debug_add("Ignored %s: %s", file_type, line);
- return NULL;
- }
-
- return f;
-}
-
-
-FILE *
-auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes)
-{
- return auth_openfile(file, pw, strict_modes, 1, "authorized keys");
-}
-
-FILE *
-auth_openprincipals(const char *file, struct passwd *pw, int strict_modes)
-{
- return auth_openfile(file, pw, strict_modes, 0,
- "authorized principals");
-}
-
struct passwd *
getpwnamallow(struct ssh *ssh, const char *user)
{
@@ -938,7 +883,6 @@
}
}
-#ifndef HOST_ONLY
/* Activate a new set of key/cert options; merging with what is there. */
int
auth_activate_options(struct ssh *ssh, struct sshauthopt *opts)
@@ -963,7 +907,8 @@
debug_f("restricting session");
/* A blank sshauthopt defaults to permitting nothing */
- restricted = sshauthopt_new();
+ if ((restricted = sshauthopt_new()) == NULL)
+ fatal_f("sshauthopt_new failed");
restricted->permit_pty_flag = 1;
restricted->restricted = 1;
@@ -971,98 +916,3 @@
Home |
Main Index |
Thread Index |
Old Index