Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh Merge conflicts
details: https://anonhg.NetBSD.org/src/rev/e6d9a951d155
branches: trunk
changeset: 1010546:e6d9a951d155
user: christos <christos%NetBSD.org@localhost>
date: Thu May 28 17:05:49 2020 +0000
description:
Merge conflicts
diffstat:
crypto/external/bsd/openssh/dist/PROTOCOL | 8 +-
crypto/external/bsd/openssh/dist/PROTOCOL.mux | 6 +-
crypto/external/bsd/openssh/dist/auth-options.c | 17 +-
crypto/external/bsd/openssh/dist/auth-rhosts.c | 11 +-
crypto/external/bsd/openssh/dist/auth2-chall.c | 9 +-
crypto/external/bsd/openssh/dist/auth2-passwd.c | 9 +-
crypto/external/bsd/openssh/dist/auth2.c | 8 +-
crypto/external/bsd/openssh/dist/authfd.c | 14 +-
crypto/external/bsd/openssh/dist/authfile.c | 107 +-
crypto/external/bsd/openssh/dist/channels.c | 21 +-
crypto/external/bsd/openssh/dist/cipher-chachapoly.c | 27 +-
crypto/external/bsd/openssh/dist/cipher-chachapoly.h | 15 +-
crypto/external/bsd/openssh/dist/cipher.c | 30 +-
crypto/external/bsd/openssh/dist/clientloop.c | 32 +-
crypto/external/bsd/openssh/dist/clientloop.h | 7 +-
crypto/external/bsd/openssh/dist/digest-libc.c | 7 +-
crypto/external/bsd/openssh/dist/gss-serv.c | 8 +-
crypto/external/bsd/openssh/dist/hmac.c | 7 +-
crypto/external/bsd/openssh/dist/hostfile.c | 11 +-
crypto/external/bsd/openssh/dist/kex.c | 21 +-
crypto/external/bsd/openssh/dist/krl.c | 101 +++-
crypto/external/bsd/openssh/dist/krl.h | 5 +-
crypto/external/bsd/openssh/dist/misc.c | 8 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 | 151 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 | 150 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 | 123 ++-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 | 141 ++--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 | 122 +--
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 | 130 ++-
crypto/external/bsd/openssh/dist/monitor.c | 11 +-
crypto/external/bsd/openssh/dist/mux.c | 7 +-
crypto/external/bsd/openssh/dist/packet.c | 14 +-
crypto/external/bsd/openssh/dist/packet.h | 7 +-
crypto/external/bsd/openssh/dist/readconf.c | 32 +-
crypto/external/bsd/openssh/dist/readconf.h | 6 +-
crypto/external/bsd/openssh/dist/scp.1 | 11 +-
crypto/external/bsd/openssh/dist/scp.c | 108 ++-
crypto/external/bsd/openssh/dist/servconf.c | 27 +-
crypto/external/bsd/openssh/dist/servconf.h | 9 +-
crypto/external/bsd/openssh/dist/session.c | 10 +-
crypto/external/bsd/openssh/dist/sftp.1 | 16 +-
crypto/external/bsd/openssh/dist/sftp.c | 27 +-
crypto/external/bsd/openssh/dist/sk-usbhid.c | 39 +-
crypto/external/bsd/openssh/dist/ssh-add.c | 26 +-
crypto/external/bsd/openssh/dist/ssh-agent.c | 11 +-
crypto/external/bsd/openssh/dist/ssh-dss.c | 12 +-
crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c | 12 +-
crypto/external/bsd/openssh/dist/ssh-ed25519.c | 22 +-
crypto/external/bsd/openssh/dist/ssh-keygen.1 | 12 +-
crypto/external/bsd/openssh/dist/ssh-keygen.c | 161 ++--
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c | 14 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11.c | 29 +-
crypto/external/bsd/openssh/dist/ssh-sk.c | 24 +-
crypto/external/bsd/openssh/dist/ssh-xmss.c | 24 +-
crypto/external/bsd/openssh/dist/ssh.1 | 11 +-
crypto/external/bsd/openssh/dist/ssh.c | 278 +++++---
crypto/external/bsd/openssh/dist/ssh_config.5 | 55 +-
crypto/external/bsd/openssh/dist/sshbuf-misc.c | 13 +-
crypto/external/bsd/openssh/dist/sshbuf.c | 7 +-
crypto/external/bsd/openssh/dist/sshbuf.h | 8 +-
crypto/external/bsd/openssh/dist/sshconnect.c | 11 +-
crypto/external/bsd/openssh/dist/sshconnect2.c | 8 +-
crypto/external/bsd/openssh/dist/sshd.c | 21 +-
crypto/external/bsd/openssh/dist/sshd_config.5 | 38 +-
crypto/external/bsd/openssh/dist/sshkey.c | 511 ++++++++-------
crypto/external/bsd/openssh/dist/sshkey.h | 6 +-
crypto/external/bsd/openssh/dist/sshsig.c | 30 +-
crypto/external/bsd/openssh/dist/umac.c | 12 +-
crypto/external/bsd/openssh/dist/utf8.c | 33 +-
crypto/external/bsd/openssh/dist/utf8.h | 8 +-
crypto/external/bsd/openssh/dist/version.h | 8 +-
crypto/external/bsd/openssh/lib/shlib_version | 4 +-
72 files changed, 1659 insertions(+), 1380 deletions(-)
diffs (truncated from 5834 to 300 lines):
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/PROTOCOL
--- a/crypto/external/bsd/openssh/dist/PROTOCOL Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL Thu May 28 17:05:49 2020 +0000
@@ -194,7 +194,7 @@
SSH_TUNMODE_ETHERNET 2 /* layer 2 frames */
The "tunnel unit number" specifies the remote interface number, or may
-be 0x7fffffff to allow the server to automatically chose an interface. A
+be 0x7fffffff to allow the server to automatically choose an interface. A
server that is not willing to open a client-specified unit should refuse
the request with a SSH_MSG_CHANNEL_OPEN_FAILURE error. On successful
open, the server should reply with SSH_MSG_CHANNEL_OPEN_SUCCESS.
@@ -298,7 +298,7 @@
supplied host keys are present in known_hosts.
Note that the server may send key types that the client does not
-support. The client should disgregard such keys if they are received.
+support. The client should disregard such keys if they are received.
If the client identifies any keys that are not present for the host,
it should send a "hostkeys-prove%openssh.com@localhost" message to request the
@@ -496,5 +496,5 @@
PROTOCOL.mux over a Unix domain socket for communications between a
master instance and later clients.
-$OpenBSD: PROTOCOL,v 1.36 2018/10/02 12:51:58 djm Exp $
-$NetBSD: PROTOCOL,v 1.13 2019/04/20 17:16:40 christos Exp $
+$OpenBSD: PROTOCOL,v 1.37 2020/02/21 00:04:43 dtucker Exp $
+$NetBSD: PROTOCOL,v 1.14 2020/05/28 17:05:49 christos Exp $
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/PROTOCOL.mux
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.mux Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.mux Thu May 28 17:05:49 2020 +0000
@@ -39,7 +39,7 @@
speak a significant subset of the SSH protocol, but in return is able
to access basically the full suite of connection protocol features.
Moreover, as no file descriptor passing is required, the connection
-supporting a proxy client may iteself be forwarded or relayed to another
+supporting a proxy client may itself be forwarded or relayed to another
host if necessary.
1. Connection setup
@@ -295,5 +295,5 @@
XXX signals via mux request
XXX list active connections via mux
-$OpenBSD: PROTOCOL.mux,v 1.11 2018/09/26 07:30:05 djm Exp $
-$NetBSD: PROTOCOL.mux,v 1.10 2019/04/20 17:16:40 christos Exp $
+$OpenBSD: PROTOCOL.mux,v 1.12 2020/03/13 03:17:07 djm Exp $
+$NetBSD: PROTOCOL.mux,v 1.11 2020/05/28 17:05:49 christos Exp $
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/auth-options.c
--- a/crypto/external/bsd/openssh/dist/auth-options.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-options.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth-options.c,v 1.22 2020/02/27 00:24:40 christos Exp $ */
-/* $OpenBSD: auth-options.c,v 1.90 2019/11/25 00:54:23 djm Exp $ */
+/* $NetBSD: auth-options.c,v 1.23 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth-options.c,v 1.92 2020/03/06 18:15:38 markus Exp $ */
/*
* Copyright (c) 2018 Damien Miller <djm%mindrot.org@localhost>
*
@@ -17,7 +17,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-options.c,v 1.22 2020/02/27 00:24:40 christos Exp $");
+__RCSID("$NetBSD: auth-options.c,v 1.23 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/queue.h>
@@ -223,8 +223,7 @@
free(opts->permitlisten[i]);
free(opts->permitlisten);
- explicit_bzero(opts, sizeof(*opts));
- free(opts);
+ freezero(opts, sizeof(*opts));
}
struct sshauthopt *
@@ -736,9 +735,11 @@
*np = n;
n = 0;
out:
- for (i = 0; i < n; i++)
- free(a[i]);
- free(a);
+ if (a != NULL) {
+ for (i = 0; i < n; i++)
+ free(a[i]);
+ free(a);
+ }
sshbuf_free(b);
return r;
}
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/auth-rhosts.c
--- a/crypto/external/bsd/openssh/dist/auth-rhosts.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-rhosts.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth-rhosts.c,v 1.11 2019/10/12 18:32:22 christos Exp $ */
-/* $OpenBSD: auth-rhosts.c,v 1.51 2019/10/02 00:42:30 djm Exp $ */
+/* $NetBSD: auth-rhosts.c,v 1.12 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth-rhosts.c,v 1.52 2020/04/17 03:30:05 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -16,7 +16,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-rhosts.c,v 1.11 2019/10/12 18:32:22 christos Exp $");
+__RCSID("$NetBSD: auth-rhosts.c,v 1.12 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
@@ -297,8 +297,9 @@
* Check if we have been configured to ignore .rhosts
* and .shosts files.
*/
- if ((pw->pw_uid == 0 && options.ignore_root_rhosts) ||
- (pw->pw_uid != 0 && options.ignore_rhosts)) {
+ if (options.ignore_rhosts == IGNORE_RHOSTS_YES ||
+ (options.ignore_rhosts == IGNORE_RHOSTS_SHOSTS &&
+ strcmp(rhosts_files[rhosts_file_index], ".shosts") != 0)) {
auth_debug_add("Server has been configured to "
"ignore %.100s.", rhosts_files[rhosts_file_index]);
continue;
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/auth2-chall.c
--- a/crypto/external/bsd/openssh/dist/auth2-chall.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth2-chall.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth2-chall.c,v 1.17 2020/02/27 00:24:40 christos Exp $ */
-/* $OpenBSD: auth2-chall.c,v 1.52 2019/11/13 04:47:52 deraadt Exp $ */
+/* $NetBSD: auth2-chall.c,v 1.18 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.53 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2001 Per Allansson. All rights reserved.
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth2-chall.c,v 1.17 2020/02/27 00:24:40 christos Exp $");
+__RCSID("$NetBSD: auth2-chall.c,v 1.18 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <stdlib.h>
@@ -155,8 +155,7 @@
if (kbdintctxt->device)
kbdint_reset_device(kbdintctxt);
free(kbdintctxt->devices);
- explicit_bzero(kbdintctxt, sizeof(*kbdintctxt));
- free(kbdintctxt);
+ freezero(kbdintctxt, sizeof(*kbdintctxt));
}
/* get next device */
static int
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/auth2-passwd.c
--- a/crypto/external/bsd/openssh/dist/auth2-passwd.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth2-passwd.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth2-passwd.c,v 1.12 2019/10/12 18:32:22 christos Exp $ */
-/* $OpenBSD: auth2-passwd.c,v 1.17 2019/09/06 04:53:27 djm Exp $ */
+/* $NetBSD: auth2-passwd.c,v 1.13 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.18 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth2-passwd.c,v 1.12 2019/10/12 18:32:22 christos Exp $");
+__RCSID("$NetBSD: auth2-passwd.c,v 1.13 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <stdlib.h>
@@ -67,8 +67,7 @@
logit("password change not supported");
else if (PRIVSEP(auth_password(ssh, password)) == 1)
authenticated = 1;
- explicit_bzero(password, len);
- free(password);
+ freezero(password, len);
return authenticated;
}
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/auth2.c
--- a/crypto/external/bsd/openssh/dist/auth2.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/auth2.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth2.c,v 1.21 2019/12/07 16:32:22 christos Exp $ */
-/* $OpenBSD: auth2.c,v 1.157 2019/09/06 04:53:27 djm Exp $ */
+/* $NetBSD: auth2.c,v 1.22 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: auth2.c,v 1.158 2020/03/06 18:16:21 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth2.c,v 1.21 2019/12/07 16:32:22 christos Exp $");
+__RCSID("$NetBSD: auth2.c,v 1.22 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
@@ -231,7 +231,7 @@
r = 0;
out:
free(service);
- return 0;
+ return r;
}
#define MIN_FAIL_DELAY_SECONDS 0.005
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/authfd.c
--- a/crypto/external/bsd/openssh/dist/authfd.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/authfd.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: authfd.c,v 1.20 2020/02/27 00:24:40 christos Exp $ */
-/* $OpenBSD: authfd.c,v 1.121 2019/12/21 02:19:13 djm Exp $ */
+/* $NetBSD: authfd.c,v 1.21 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: authfd.c,v 1.123 2020/03/06 18:24:39 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -37,7 +37,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: authfd.c,v 1.20 2020/02/27 00:24:40 christos Exp $");
+__RCSID("$NetBSD: authfd.c,v 1.21 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/un.h>
#include <sys/socket.h>
@@ -343,7 +343,7 @@
size_t i;
struct ssh_identitylist *idlist = NULL;
- if ((r = ssh_fetch_identitylist(sock, &idlist)) < 0) {
+ if ((r = ssh_fetch_identitylist(sock, &idlist)) != 0) {
return r;
}
@@ -562,10 +562,8 @@
goto out;
r = decode_reply(type);
out:
- if (blob != NULL) {
- explicit_bzero(blob, blen);
- free(blob);
- }
+ if (blob != NULL)
+ freezero(blob, blen);
sshbuf_free(msg);
return r;
}
diff -r 6a7470f57283 -r e6d9a951d155 crypto/external/bsd/openssh/dist/authfile.c
--- a/crypto/external/bsd/openssh/dist/authfile.c Thu May 28 17:02:58 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/authfile.c Thu May 28 17:05:49 2020 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: authfile.c,v 1.23 2020/02/27 00:24:40 christos Exp $ */
-/* $OpenBSD: authfile.c,v 1.137 2020/01/25 23:02:13 djm Exp $ */
+/* $NetBSD: authfile.c,v 1.24 2020/05/28 17:05:49 christos Exp $ */
+/* $OpenBSD: authfile.c,v 1.140 2020/04/17 07:15:11 djm Exp $ */
/*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
*
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: authfile.c,v 1.23 2020/02/27 00:24:40 christos Exp $");
+__RCSID("$NetBSD: authfile.c,v 1.24 2020/05/28 17:05:49 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/uio.h>
@@ -138,6 +138,14 @@
}
int
+sshkey_load_private(const char *filename, const char *passphrase,
+ struct sshkey **keyp, char **commentp)
+{
+ return sshkey_load_private_type(KEY_UNSPEC, filename, passphrase,
+ keyp, commentp);
+}
+
+int
sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
struct sshkey **keyp, char **commentp)
{
@@ -158,51 +166,57 @@
return r;
}
-/* XXX this is almost identical to sshkey_load_private_type() */
-int
-sshkey_load_private(const char *filename, const char *passphrase,
- struct sshkey **keyp, char **commentp)
Home |
Main Index |
Thread Index |
Old Index