Hi, OpenSSH 7.2 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains many bugfixes and several new features. The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is available via Git at https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at https://github.com/openssh/openssh-portable Running the regression tests supplied with Portable OpenSSH does not require installation and is a simply: $ autoreconf && ./configure && make tests Live testing on suitable non-production systems is also appreciated. Please send reports of success or failure to openssh-unix-dev at mindrot.org. Below is a summary of changes. More detail may be found in the git revision log. Thanks to the many people who contributed to this release. Future deprecation notice ======================== We plan on retiring more legacy cryptography in a near-future release, specifically: * Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits) This list reflects our current intentions, but please check the final release notes for future releases. Potentially-incompatible changes =============================== This release disables a number of legacy cryptographic algorithms by default in ssh: * Several ciphers blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES. * MD5-based and truncated HMAC algorithms. These algorithms are already disabled by default in sshd. Changes since OpenSSH 7.1p2 ========================== This is primarily a bugfix release. Security -------- * ssh(1), sshd(8): remove unfinished and unused roaming code (was already forcibly disabled in OpenSSH 7.1p2). * ssh(1): eliminate fallback from untrusted X11 forwarding to trusted forwarding when the X server disables the SECURITY extension. * ssh(1), sshd(8): increase the minimum modulus size supported for diffie-hellman-group-exchange to 2048 bits. New Features ------------ * all: add support for RSA signatures using SHA-256/512 hash algorithms based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt. * ssh(1): Add an AddKeysToAgent client option which can be set to 'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a private key that is used during authentication will be added to ssh-agent if it is running (with confirmation enabled if set to 'confirm'). * sshd(8): add a new authorized_keys option "restrict" that includes all current and future key restrictions (no-*-forwarding, etc.). Also add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty". This simplifies the task of setting up restricted keys and ensures they are maximally-restricted, regardless of any permissions we might implement in the future. * ssh(1): add ssh_config CertificateFile option to explicitly list certificates. bz#2436 * ssh-keygen(1): allow ssh-keygen to change the key comment for all supported formats. * ssh-keygen(1): allow fingerprinting from standard input, e.g. "ssh-keygen -lf -" * ssh-keygen(1): allow fingerprinting multiple public keys in a file, e.g. "ssh-keygen -lf ~/.ssh/authorized_keys" bz#1319 * sshd(8): support "none" as an argument for sshd_config Foreground and ChrootDirectory. Useful inside Match blocks to override a global default. bz#2486 * ssh-keygen(1): support multiple certificates (one per line) and reading from standard input (using "-f -") for "ssh-keygen -L" * ssh-keyscan(1): add "ssh-keyscan -c ..." flag to allow fetching certificates instead of plain keys. * ssh(1): better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in hostname canonicalisation - treat them as already canonical and trailing '.' before matching ssh_config. Bugfixes -------- * sftp(1): existing destination directories should not terminate recursive uploads (regression in openssh 6.8) bz#2528 * ssh(1), sshd(8): correctly send back SSH2_MSG_UNIMPLEMENTED replies to unexpected messages during key exchange. bz#2949 * ssh(1): refuse attempts to set ConnectionAttempts=0, which does not make sense and would cause ssh to print an uninitialised stack variable. bz#2500 * ssh(1): fix errors when attempting to connect to scoped IPv6 addresses with hostname canonicalisation enabled. * sshd_config(5): list a couple more options usable in Match blocks. bz#2489 * sshd(8): fix "PubkeyAcceptedKeyTypes +..." inside a Match block. * ssh(1): expand tilde characters in filenames passed to -i options before checking whether or not the identity file exists. Avoids confusion for cases where shell doesn't expand (e.g. "-i ~/file" vs. "-i~/file"). bz#2481 * ssh(1): do not prepend "exec" to the shell command run by "Match exec" in a config file, which could cause some commands to fail in certain environments. bz#2471 * ssh-keyscan(1): fix output for multiple hosts/addrs on one line when host hashing or a non standard port is in use bz#2479 * sshd(8): skip "Could not chdir to home directory" message when ChrootDirectory is active. bz#2485 * ssh(1): include PubkeyAcceptedKeyTypes in ssh -G config dump. * sshd(8): avoid changing TunnelForwarding device flags if they are already what is needed; makes it possible to use tun/tap networking as non-root user if device permissions and interface flags are pre-established * ssh(1), sshd(8): RekeyLimits could be exceeded by one packet. bz#2521 * ssh(1): fix multiplexing master failure to notice client exit. * ssh(1), ssh-agent(1): avoid fatal() for PKCS11 tokens that present empty key IDs. bz#1773 * sshd(8): avoid printf of NULL argument. bz#2535 * ssh(1), sshd(8): allow RekeyLimits larger than 4GB. bz#2521 * ssh-keygen(1): sshd(8): fix several bugs in (unused) KRL signature support. * ssh(1), sshd(8): fix connections with peers that use the key exchange guess feature of the protocol. bz#2515 * sshd(8): include remote port number in log messages. bz#2503 * ssh(1): don't try to load SSHv1 private key when compiled without SSHv1 support. bz#2505 * ssh-agent(1), ssh(1): fix incorrect error messages during key loading and signing errors. bz#2507 * ssh-keygen(1): don't leave empty temporary files when performing known_hosts file edits when known_hosts doesn't exist. * sshd(8): correct packet format for tcpip-forward replies for requests that don't allocate a port bz#2509 * ssh(1), sshd(8): fix possible hang on closed output. bz#2469 * ssh(1): expand %i in ControlPath to UID. bz#2449 * ssh(1), sshd(8): fix return type of openssh_RSA_verify. bz#2460 * ssh(1), sshd(8): fix some option parsing memory leaks. bz#2182 * ssh(1): add a some debug output before DNS resolution; it's a place where ssh could previously silently stall in cases of unresponsive DNS servers. bz#2433 * ssh(1): remove spurious newline in visual hostkey. bz#2686 * ssh(1): fix printing (ssh -G ...) of HostKeyAlgorithms=+... * ssh(1): fix expansion of HostkeyAlgorithms=+... Documentation ------------- * ssh_config(5), sshd_config(5): update default algorithm lists to match current reality. bz#2527 * ssh(1): mention -Q key-plain and -Q key-cert query options. bz#2455 * sshd_config(8): more clearly describe what AuthorizedKeysFile=none does. * ssh_config(5): better document ExitOnForwardFailure. bz#2444 * sshd(5): mention internal DH-GEX fallback groups in manual. bz#2302 * sshd_config(5): better description for MaxSessions option. bz#2531 Portability ----------- * ssh(1), sftp-server(8), ssh-agent(1), sshd(8): Support Illumos/ Solaris fine-grained privileges. Including a pre-auth privsep sandbox and several pledge() emulations. bz#2511 * Renovate redhat/openssh.spec, removing deprecated options and syntax. * configure: allow --without-ssl-engine with --without-openssl * sshd(8): fix multiple authentication using S/Key. bz#2502 * sshd(8): read back from libcrypto RAND_* before dropping privileges. Avoids sandboxing violations with BoringSSL. * Fix name collision with system-provided glob(3) functions. bz#2463 * Adapt Makefile to use ssh-keygen -A when generating host keys. bz#2459 * configure: correct default value for --with-ssh1 bz#2457 * configure: better detection of _res symbol bz#2259 * support getrandom() syscall on Linux Reporting Bugs: ============== - Please read http://www.openssh.com/report.html Security bugs should be reported directly to openssh at openssh.com OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom.
On February 11, 2016 10:57 PM, Damien Miller wrote> To: openssh-unix-dev at mindrot.org > Subject: Call for testing: OpenSSH 7.2 > OpenSSH 7.2 is almost ready for release, so we would appreciate testing on > as many platforms and systems as possible. This release contains many > bugfixes and several new features.[snip[ Hi Damien, I am porting 7.1 P2 to HPE NonStop NSE. Once that is done, I would be happy to test on that platform. Regards, Randall
> > * ssh(1): refuse attempts to set ConnectionAttempts=0, which does > not make sense and would cause ssh to print an uninitialised stack > variable. bz#2500When using connection multiplexing, I sometimes set ConnectionAttempts to 0 in order to avoid opening a new connection when the remote side refuses to create new sessions after the top defined by MaxSessions is reached. Having a way to avoid that fall-back behavior is important when writing automation scripts. Otherwise, authentication prompts may appear at any time, and scripts would have to cope with it.
Hi Damien, On Feb 12 14:56, Damien Miller wrote:> Hi, > > OpenSSH 7.2 is almost ready for release, so we would appreciate > testing on as many platforms and systems as possible. This release > contains many bugfixes and several new features. > > The OpenBSD version is available in CVS HEAD: > http://www.openbsd.org/anoncvs.html > > Portable OpenSSH is available via Git at > https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at > https://github.com/openssh/openssh-portable > > Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ autoreconf && ./configure && make testsBuilt and tested on current Cygwin 2.4.1 x86_64. Builds OOTB, all tests pass. Thanks, Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20160212/7bc39da1/attachment.bin>
On Fri, Feb 12, 2016 at 02:56:30PM +1100, Damien Miller wrote:> OpenSSH 7.2 is almost ready for release, so we would appreciate > testing on as many platforms and systems as possible. This release > contains many bugfixes and several new features.[...]> Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ autoreconf && ./configure && make testsDebian unstable i386 and Ubuntu 16.04 (development branch) amd64; all tests passed on both. I noticed a warning in my Debian environment which might be worth cleaning up: packet.c: In function ?ssh_packet_need_rekeying?: packet.c:1068:48: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] state->rekey_time + state->rekey_interval <= monotime()) ^ Thanks, -- Colin Watson [cjwatson at debian.org]
On 02/12/2016 04:56 AM, Damien Miller wrote:> * all: add support for RSA signatures using SHA-256/512 hash > algorithms based on draft-rsa-dsa-sha2-256-03.txt and > draft-ssh-ext-info-04.txt.So far I hit one memory leak in HostKey signing code (see attached patch). There might be more that were not hit in our use case. Regards, -- Jakub Jelen Security Technologies Red Hat -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh-7.2p1-memleak.patch Type: text/x-patch Size: 302 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20160215/29878c7d/attachment.bin>
On 02/15/2016 10:26 AM, Jakub Jelen wrote:> On 02/12/2016 04:56 AM, Damien Miller wrote: >> * all: add support for RSA signatures using SHA-256/512 hash >> algorithms based on draft-rsa-dsa-sha2-256-03.txt and >> draft-ssh-ext-info-04.txt. > So far I hit one memory leak in HostKey signing code (see attached > patch). There might be more that were not hit in our use case. >Of course there should have been `alg` instead of `sig` in the patch. Otherwise all the tests passes (without downstream patches) on recent Fedora 23. -- Jakub Jelen Security Technologies Red Hat
On 02/12/2016 04:56 AM, Damien Miller wrote:> Hi, > > OpenSSH 7.2 is almost ready for release, so we would appreciate > testing on as many platforms and systems as possible. This release > contains many bugfixes and several new features.Hi there, Would it be possible to cover also ssh-copy-id with recent fixes in this release? The accepted patches went to the Philip Hands repo so far: http://git.hands.com/?p=ssh-copy-id.git; Regards, -- Jakub Jelen Security Technologies Red Hat
Just tested this on the old BSD/OS machine works with openssl 1.0.2X Openssl 1.1.X issues cipher.h in openssl 1.1 needs to read struct sshcipher; struct sshcipher_ctx { int plaintext; int encrypt; struct evp_cipher_ctx_st *evp; struct chachapoly_ctx cp_ctx; /* XXX union with evp? */ struct aesctr_ctx ac_ctx; /* XXX union with evp? */ const struct sshcipher *cipher; }; I am running into issues with sshkey.c gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -I. -I. -I/usr/contrib//include -DSSHDIR=\"/etc\" -D_PATH_SSH_PROGRAM=\"/usr/contrib/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/contrib/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/contrib/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/contrib/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/contrib/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c sshkey.c -o sshkey.o sshkey.c: In function `fingerprint_b64': sshkey.c:936: warning: implicit declaration of function `strlcpy' sshkey.c:937: warning: implicit declaration of function `strlcat' sshkey.c: In function `sshkey_ecdsa_key_to_nid': sshkey.c:1574: warning: `eg' might be used uninitialized in this function sshkey.c: In function `sshkey_private_to_blob2': sshkey.c:3026: warning: `keylen' might be used uninitialized in this function sshkey.c:3026: warning: `ivlen' might be used uninitialized in this function sshkey.c: In function `sshkey_parse_private_pem_fileblob': sshkey.c:3787: dereferencing pointer to incomplete type sshkey.c:3802: dereferencing pointer to incomplete type sshkey.c:3814: dereferencing pointer to incomplete type line 3787 if (pk->type == EVP_PKEY_RSA && line 3802 } else if (pk->type == EVP_PKEY_DSA && line 3814 } else if (pk->type == EVP_PKEY_EC && Now EVP_PKEY *pk = NULL; and /usr/contrib/include/openssl/ossl_typ.h:typedef struct evp_pkey_st EVP_PKEY; Any issue? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Broadcasting the truth for 25 years
On Mon, 15 Feb 2016, Jakub Jelen wrote:> On 02/12/2016 04:56 AM, Damien Miller wrote: > > Hi, > > > > OpenSSH 7.2 is almost ready for release, so we would appreciate > > testing on as many platforms and systems as possible. This release > > contains many bugfixes and several new features. > Hi there, > > Would it be possible to cover also ssh-copy-id with recent fixes in this > release? The accepted patches went to the Philip Hands repo so far: > http://git.hands.com/?p=ssh-copy-id.git;Done - thanks. -d
On Mon, 15 Feb 2016, The Doctor wrote:> Just tested this on the old BSD/OS machine > > works with openssl 1.0.2X > > Openssl 1.1.X issuesThanks for testing. OpenSSH won't work with OpenSSL until someone ports it and writes compat shims to make it work with both OpenSSL 1.0.x and 1.1.x. The 1.1.x series breaks source compatibility by making a heap of structures opaque, including EVP_PKEY which is causing your compile problems in sshkey.c Porting is a fair bit of work, since at least some of the the newly- opaque structs have not previously had accessor functions available, so I have no intention of starting the effort until 1.1.x is at least in beta (no point in wasting time on a moving target). It would help if OpenSSL publish more detailed migration information than is currently present in https://www.openssl.org/news/openssl-1.1.0-notes.html - including a full list of things that have been made opaque and some links to the accessor functions for things that were previously only reachable directly. -d
The Solaris privilege code breaks building on Solaris 10. If you let configure just do its thing, you get the following error when compiling: "sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used with the Solaris sandbox" So, I did add "--with-solaris-privs" to the command line for configure, but then I got the following error messages: Undefined first referenced symbol in file priv_basicset openbsd-compat//libopenbsd-compat.a(port-solaris.o) ld: fatal: symbol referencing errors. No output written to ssh The function priv_basicset doesn't appear to exist on Solaris 10. If I set --with-sandbox=none, the compile and "make tests" succeed (except for the SUDO test, since sudo isn't in the path, and it wouldn't work without munging the config anyway). Damien Miller wrote:> Hi, > > OpenSSH 7.2 is almost ready for release, so we would appreciate > testing on as many platforms and systems as possible. This release > contains many bugfixes and several new features. > > The OpenBSD version is available in CVS HEAD: > http://www.openbsd.org/anoncvs.html > > Portable OpenSSH is available via Git at > https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at > https://github.com/openssh/openssh-portable > > Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ autoreconf && ./configure && make tests > > Live testing on suitable non-production systems is also > appreciated. Please send reports of success or failure to > openssh-unix-dev at mindrot.org. > > Below is a summary of changes. More detail may be found in the git > revision log. > > Thanks to the many people who contributed to this release. > > Future deprecation notice > ========================> > We plan on retiring more legacy cryptography in a near-future > release, specifically: > > * Refusing all RSA keys smaller than 1024 bits (the current minimum > is 768 bits) > > This list reflects our current intentions, but please check the final > release notes for future releases. > > Potentially-incompatible changes > ===============================> > This release disables a number of legacy cryptographic algorithms > by default in ssh: > > * Several ciphers blowfish-cbc, cast128-cbc, all arcfour variants > and the rijndael-cbc aliases for AES. > > * MD5-based and truncated HMAC algorithms. > > These algorithms are already disabled by default in sshd. > > Changes since OpenSSH 7.1p2 > ==========================> > This is primarily a bugfix release. > > Security > -------- > > * ssh(1), sshd(8): remove unfinished and unused roaming code (was > already forcibly disabled in OpenSSH 7.1p2). > > * ssh(1): eliminate fallback from untrusted X11 forwarding to > trusted forwarding when the X server disables the SECURITY > extension. > > * ssh(1), sshd(8): increase the minimum modulus size supported for > diffie-hellman-group-exchange to 2048 bits. > > New Features > ------------ > > * all: add support for RSA signatures using SHA-256/512 hash > algorithms based on draft-rsa-dsa-sha2-256-03.txt and > draft-ssh-ext-info-04.txt. > > * ssh(1): Add an AddKeysToAgent client option which can be set to > 'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When > enabled, a private key that is used during authentication will be > added to ssh-agent if it is running (with confirmation enabled if > set to 'confirm'). > > * sshd(8): add a new authorized_keys option "restrict" that includes > all current and future key restrictions (no-*-forwarding, etc.). > Also add permissive versions of the existing restrictions, e.g. > "no-pty" -> "pty". This simplifies the task of setting up > restricted keys and ensures they are maximally-restricted, > regardless of any permissions we might implement in the future. > > * ssh(1): add ssh_config CertificateFile option to explicitly list > certificates. bz#2436 > > * ssh-keygen(1): allow ssh-keygen to change the key comment for all > supported formats. > > * ssh-keygen(1): allow fingerprinting from standard input, e.g. > "ssh-keygen -lf -" > > * ssh-keygen(1): allow fingerprinting multiple public keys in a > file, e.g. "ssh-keygen -lf ~/.ssh/authorized_keys" bz#1319 > > * sshd(8): support "none" as an argument for sshd_config > Foreground and ChrootDirectory. Useful inside Match blocks to > override a global default. bz#2486 > > * ssh-keygen(1): support multiple certificates (one per line) and > reading from standard input (using "-f -") for "ssh-keygen -L" > > * ssh-keyscan(1): add "ssh-keyscan -c ..." flag to allow fetching > certificates instead of plain keys. > > * ssh(1): better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in > hostname canonicalisation - treat them as already canonical and > trailing '.' before matching ssh_config. > > Bugfixes > -------- > > * sftp(1): existing destination directories should not terminate > recursive uploads (regression in openssh 6.8) bz#2528 > > * ssh(1), sshd(8): correctly send back SSH2_MSG_UNIMPLEMENTED > replies to unexpected messages during key exchange. bz#2949 > > * ssh(1): refuse attempts to set ConnectionAttempts=0, which does > not make sense and would cause ssh to print an uninitialised stack > variable. bz#2500 > > * ssh(1): fix errors when attempting to connect to scoped IPv6 > addresses with hostname canonicalisation enabled. > > * sshd_config(5): list a couple more options usable in Match blocks. > bz#2489 > > * sshd(8): fix "PubkeyAcceptedKeyTypes +..." inside a Match block. > > * ssh(1): expand tilde characters in filenames passed to -i options > before checking whether or not the identity file exists. Avoids > confusion for cases where shell doesn't expand (e.g. "-i ~/file" > vs. "-i~/file"). bz#2481 > > * ssh(1): do not prepend "exec" to the shell command run by "Match > exec" in a config file, which could cause some commands to fail > in certain environments. bz#2471 > > * ssh-keyscan(1): fix output for multiple hosts/addrs on one line > when host hashing or a non standard port is in use bz#2479 > > * sshd(8): skip "Could not chdir to home directory" message when > ChrootDirectory is active. bz#2485 > > * ssh(1): include PubkeyAcceptedKeyTypes in ssh -G config dump. > > * sshd(8): avoid changing TunnelForwarding device flags if they are > already what is needed; makes it possible to use tun/tap > networking as non-root user if device permissions and interface > flags are pre-established > > * ssh(1), sshd(8): RekeyLimits could be exceeded by one packet. > bz#2521 > > * ssh(1): fix multiplexing master failure to notice client exit. > > * ssh(1), ssh-agent(1): avoid fatal() for PKCS11 tokens that present > empty key IDs. bz#1773 > > * sshd(8): avoid printf of NULL argument. bz#2535 > > * ssh(1), sshd(8): allow RekeyLimits larger than 4GB. bz#2521 > > * ssh-keygen(1): sshd(8): fix several bugs in (unused) KRL signature > support. > > * ssh(1), sshd(8): fix connections with peers that use the key > exchange guess feature of the protocol. bz#2515 > > * sshd(8): include remote port number in log messages. bz#2503 > > * ssh(1): don't try to load SSHv1 private key when compiled without > SSHv1 support. bz#2505 > > * ssh-agent(1), ssh(1): fix incorrect error messages during key > loading and signing errors. bz#2507 > > * ssh-keygen(1): don't leave empty temporary files when performing > known_hosts file edits when known_hosts doesn't exist. > > * sshd(8): correct packet format for tcpip-forward replies for > requests that don't allocate a port bz#2509 > > * ssh(1), sshd(8): fix possible hang on closed output. bz#2469 > > * ssh(1): expand %i in ControlPath to UID. bz#2449 > > * ssh(1), sshd(8): fix return type of openssh_RSA_verify. bz#2460 > > * ssh(1), sshd(8): fix some option parsing memory leaks. bz#2182 > > * ssh(1): add a some debug output before DNS resolution; it's a > place where ssh could previously silently stall in cases of > unresponsive DNS servers. bz#2433 > > * ssh(1): remove spurious newline in visual hostkey. bz#2686 > > * ssh(1): fix printing (ssh -G ...) of HostKeyAlgorithms=+... > > * ssh(1): fix expansion of HostkeyAlgorithms=+... > > Documentation > ------------- > > * ssh_config(5), sshd_config(5): update default algorithm lists to > match current reality. bz#2527 > > * ssh(1): mention -Q key-plain and -Q key-cert query options. > bz#2455 > > * sshd_config(8): more clearly describe what AuthorizedKeysFile=none > does. > > * ssh_config(5): better document ExitOnForwardFailure. bz#2444 > > * sshd(5): mention internal DH-GEX fallback groups in manual. > bz#2302 > > * sshd_config(5): better description for MaxSessions option. > bz#2531 > > Portability > ----------- > > * ssh(1), sftp-server(8), ssh-agent(1), sshd(8): Support Illumos/ > Solaris fine-grained privileges. Including a pre-auth privsep > sandbox and several pledge() emulations. bz#2511 > > * Renovate redhat/openssh.spec, removing deprecated options and > syntax. > > * configure: allow --without-ssl-engine with --without-openssl > > * sshd(8): fix multiple authentication using S/Key. bz#2502 > > * sshd(8): read back from libcrypto RAND_* before dropping > privileges. Avoids sandboxing violations with BoringSSL. > > * Fix name collision with system-provided glob(3) functions. > bz#2463 > > * Adapt Makefile to use ssh-keygen -A when generating host keys. > bz#2459 > > * configure: correct default value for --with-ssh1 bz#2457 > > * configure: better detection of _res symbol bz#2259 > > * support getrandom() syscall on Linux > > Reporting Bugs: > ==============> > - Please read http://www.openssh.com/report.html > Security bugs should be reported directly to openssh at openssh.com > > OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de > Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, > Tim Rice and Ben Lindstrom. > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >-- Jeff Wieland | Purdue University Network Systems Administrator | ITIS UNIX Platforms Voice: (765)496-8234 | 155 S. Grant Street FAX: (765)496-1380 | West Lafayette, IN 47907
Hi, On Fri, Feb 12, 2016 at 02:56:30PM +1100, Damien Miller wrote:> OpenSSH 7.2 is almost ready for release, so we would appreciate > testing on as many platforms and systems as possible. This release > contains many bugfixes and several new features.According to bdcb7:sshd_config.5, UsePrivilegeSeparation is set to "sandbox" by default. But default in servconf.c is PRIVSEP_NOSANDBOX. I suppose, we should sync servconf.c and sshd_config with documentation: --- a/servconf.c +++ b/servconf.c @@ -362,7 +362,7 @@ fill_default_server_options(ServerOptions *options) /* Turn privilege separation on by default */ if (use_privsep == -1) - use_privsep = PRIVSEP_NOSANDBOX; + use_privsep = PRIVSEP_ON; #define CLEAR_ON_NONE(v) \ do { \ --- a/sshd_config +++ b/sshd_config @@ -107,7 +107,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PrintLastLog yes #TCPKeepAlive yes #UseLogin no -UsePrivilegeSeparation sandbox # Default for new installations. +#UsePrivilegeSeparation sandbox #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 -- glebfm
Sorry, I haven't been paying too much attention here, but I'm having repeated failures when I tried this morning. NetBSD-current: test_sshkey: ..................................[1] Segmentation fault (core dumped) ${V} /home/htodd... *** Error code 139 NetBSD-7: test_hostkeys: regress/unittests/hostkeys/test_iterate.c:163 test #1 "hostkeys_iterate all with key parse" ASSERT_INT_EQ(sshkey_load_public( test_data_file(expected[i].key_file), &expected[i].l.key, NULL), 0) failed: sshkey_load_public( test_data_file(expected[i].key_file), &expected[i].l.key, NULL) = -24 0 = 0 [1] Abort trap (core dumped) ${V} /home/htodd... *** Error code 134 MacOS whatever it is that's current El Capitan: checking OpenSSL header version... not found configure: error: OpenSSL version header not found. -- Hisashi T Fujinaka - htodd at twofifty.com BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee
On 12/02/16 04:56, Damien Miller wrote:> Portable OpenSSH is available via Git at > https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at > https://github.com/openssh/openssh-portable >Building V_7_1_P1-189-g5ac712d on Solaris 2.6 fails: make[1]: Entering directory `/export/home/tgc/buildpkg/openssh/src/openssh-git/openbsd-compat' gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-all -I. -I.. -I. -I./.. -I/usr/tgcware/include -DHAVE_CONFIG_H -c bsd-asprintf.c bsd-asprintf.c:50:13: error: macro "va_start" requires 2 arguments, but only 1 given bsd-asprintf.c: In function 'vasprintf': bsd-asprintf.c:50: error: 'va_start' undeclared (first use in this function) bsd-asprintf.c:50: error: (Each undeclared identifier is reported only once bsd-asprintf.c:50: error: for each function it appears in.) make[1]: *** [bsd-asprintf.o] Error 1 make[1]: Leaving directory `/export/home/tgc/buildpkg/openssh/src/openssh-git/openbsd-compat' make: *** [openbsd-compat/libopenbsd-compat.a] Error 2 I removed the call to va_start just to see if there would be any other errors lurking and there is: gcc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o mux.o -L. -Lopenbsd-compat/ -R/usr/tgcware/lib -L/usr/tgcware/lib -Wl,-z,now -fstack-protector-all -lssh -lopenbsd-compat -lcrypto -lposix4 -ldl -lresolv -lz -lsocket ld: warning: symbol `umac_ctx' has differing sizes: (file ./libssh.a(umac.o) value=0x5ec; file ./libssh.a(umac128.o) value=0x684); ./libssh.a(umac128.o) definition taken Undefined first referenced symbol in file gethostbyname openbsd-compat//libopenbsd-compat.a(fake-rfc2553.o) (symbol belongs to implicit dependency /usr/lib/libnsl.so.1) gethostbyaddr openbsd-compat//libopenbsd-compat.a(fake-rfc2553.o) (symbol belongs to implicit dependency /usr/lib/libnsl.so.1) ld: fatal: Symbol referencing errors. No output written to ssh collect2: ld returned 1 exit status make: *** [ssh] Error 1 It looks like the check for yp_match previously ensured that -lnsl was added. -tgc
On Tue, Feb 16, 2016 at 10:42:37PM +0100, Tom G. Christensen wrote: [...]> gethostbyname openbsd-compat//libopenbsd-compat.a(fake-rfc2553.o) (symbol > belongs to implicit dependency /usr/lib/libnsl.so.1)I think this should fix this problem after applying and running autoreconf to rebuild configure. I'll look at the other problems shortly. diff --git a/configure.ac b/configure.ac index 0b399ce..b4c0aaa 100644 --- a/configure.ac +++ b/configure.ac @@ -1314,8 +1314,10 @@ AC_SEARCH_LIBS([openpty], [util bsd]) AC_SEARCH_LIBS([updwtmp], [util bsd]) AC_CHECK_FUNCS([fmt_scaled scan_scaled login logout openpty updwtmp logwtmp]) -# On some platforms, inet_ntop may be found in libresolv or libnsl. +# On some platforms, inet_ntop and gethostbyname may be found in libresolv +# or libnsl. AC_SEARCH_LIBS([inet_ntop], [resolv nsl]) +AC_SEARCH_LIBS([gethostbyname], [resolv nsl]) AC_FUNC_STRFTIME -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Tue, Feb 16, 2016 at 10:42:37PM +0100, Tom G. Christensen wrote:> bsd-asprintf.c:50:13: error: macro "va_start" requires 2 arguments, but only > 1 givenI think it's a problem with this commit: https://anongit.mindrot.org/openssh.git/commit/openbsd-compat/bsd-asprintf.c?id=0f754e29dd3760fc0b172c1220f18b753fb0957e Author: Damien Miller <djm at mindrot.org> Date: Fri Oct 16 10:53:14 2015 +1100 need va_copy before va_start diff --git a/openbsd-compat/bsd-asprintf.c b/openbsd-compat/bsd-asprintf.c index db57acc..d393dfc 100644 --- a/openbsd-compat/bsd-asprintf.c +++ b/openbsd-compat/bsd-asprintf.c @@ -47,7 +47,7 @@ vasprintf(char **str, const char *fmt, va_list ap) char *string, *newstr; size_t len; - va_start(ap); + va_start(ap, fmt); VA_COPY(ap2, ap); if ((string = malloc(INIT_SZ)) == NULL) goto fail; -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Tue, Feb 16, 2016 at 01:28:42AM -0500, Jeff Wieland wrote:> The Solaris privilege code breaks building on Solaris 10. If > you let configure just do its thing, you get the following error > when compiling: > > "sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used > with the Solaris sandbox"Could you please try this patch? It adds priv_basicset to the test for whether or not we have usable solaris privs support. Note that you will need to run "autoreconf" after applying the patch to rebuild configure. Thanks. diff --git a/configure.ac b/configure.ac index b4c0aaa..5b50b9e 100644 --- a/configure.ac +++ b/configure.ac @@ -897,8 +897,10 @@ mips-sony-bsd|mips-sony-newsos4) AC_MSG_RESULT([no]) fi AC_CHECK_FUNC([setppriv], - [ AC_CHECK_HEADERS([priv.h], [ - SOLARIS_PRIVS="yes" + AC_CHECK_FUNC([priv_basicset], + [ AC_CHECK_HEADERS([priv.h], [ + SOLARIS_PRIVS="yes" + ]) ]) ]) AC_ARG_WITH([solaris-contracts], -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Wed, Feb 17, 2016 at 3:51 AM, Hisashi T Fujinaka <htodd at twofifty.com> wrote:> Sorry, I haven't been paying too much attention here, but I'm having > repeated failures when I tried this morning. > > NetBSD-current: > test_sshkey: ..................................[1] Segmentation fault > (core dumped) ${V} /home/htodd... > *** Error code 139did it produce a core dump? if so, could you feed it to gdb and get a backtrace?> NetBSD-7: > test_hostkeys: > regress/unittests/hostkeys/test_iterate.c:163 test #1 "hostkeys_iterate all > with key parse"I just installed NetBSD 7.0 on a VM ("7.0 NetBSD 7.0 (GENERIC.201509250726Z) amd64") tp try to reproduce this however the tests passed. What architecture is this, and have any changes been made to the system (eg, patches applied)? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Tue, 16 Feb 2016, Jeff Wieland wrote:> The Solaris privilege code breaks building on Solaris 10. If > you let configure just do its thing, you get the following error > when compiling: > > "sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used with > the Solaris sandbox" > > So, I did add "--with-solaris-privs" to the command line for > configure, but then I got the following error messages:I think this should fix it. It would be good if someone with recent Solaris/ Illumos that does have the fine-grained privilege support could test it too. diff --git a/configure.ac b/configure.ac index b4c0aaa..f614edf 100644 --- a/configure.ac +++ b/configure.ac @@ -896,11 +896,8 @@ mips-sony-bsd|mips-sony-newsos4) else AC_MSG_RESULT([no]) fi - AC_CHECK_FUNC([setppriv], - [ AC_CHECK_HEADERS([priv.h], [ - SOLARIS_PRIVS="yes" - ]) - ]) + AC_CHECK_FUNC([setppriv]) + AC_CHECK_HEADERS([priv.h]) AC_ARG_WITH([solaris-contracts], [ --with-solaris-contracts Enable Solaris process contracts (experimental)], [ @@ -925,7 +922,9 @@ mips-sony-bsd|mips-sony-newsos4) [ --with-solaris-privs Enable Solaris/Illumos privileges (experimental)], [ AC_MSG_CHECKING([for Solaris/Illumos privilege support]) - if test "x$SOLARIS_PRIVS" = "xyes" ; then + if test "x$ac_cv_func_setppriv" = "xyes" -a \ + "x$ac_cv_header_priv_h" = "xyes" ; then + SOLARIS_PRIVS=yes AC_MSG_RESULT([found]) AC_DEFINE([NO_UID_RESTORATION_TEST], [1], [Define to disable UID restoration test])
On Tue, 16 Feb 2016, Gleb Fotengauer-Malinovskiy wrote:> Hi, > > On Fri, Feb 12, 2016 at 02:56:30PM +1100, Damien Miller wrote: > > OpenSSH 7.2 is almost ready for release, so we would appreciate > > testing on as many platforms and systems as possible. This release > > contains many bugfixes and several new features. > > According to bdcb7:sshd_config.5, UsePrivilegeSeparation is set to > "sandbox" by default. > But default in servconf.c is PRIVSEP_NOSANDBOX. > > I suppose, we should sync servconf.c and sshd_config with documentation:thanks; done
On 12/02/16 04:56, Damien Miller wrote:> Portable OpenSSH is available via Git at > https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at > https://github.com/openssh/openssh-portable >I'm seeing a hang in the testsuite on Solaris: run test transfer.sh ... transfer data: proto 1 <hangs here> I've tested on 2.6, 7 and 9, x86 only for now. I bisected it on Solaris 2.6 and the culprit is: 19bcf2ea2d17413f2d9730dd2a19575ff86b9b6a Reverting it gets rid of the hang and the testsuite runs to completion with no errors. I've inserted the logs from Solaris 9/x86 below. -tgc failed-regress.log: trace: proto 1 dd-size 10 FATAL: trace: proto 1 dd-size 10 FATAL: FAIL: failed-ssh.log: trace: proto 1 dd-size 10 FATAL: trace: proto 1 dd-size 10 FATAL: FAIL: failed-sshd.log: trace: proto 1 dd-size 10 debug1: inetd sockets after dupping: 5, 6 Connection from UNKNOWN port 65535 on UNKNOWN port 65535 debug1: Client protocol version 1.5; client software version OpenSSH_7.1 debug1: match: OpenSSH_7.1 pat OpenSSH* compat 0x04000000 debug1: Local version string SSH-1.99-OpenSSH_7.1 Generating 1024 bit RSA key. RSA key generation complete. debug2: fd 5 setting O_NONBLOCK debug2: fd 6 setting O_NONBLOCK debug2: Network child is on pid 27122 debug3: preauth child monitor started debug1: Sent 1024 bit server key and 2048 bit host key. [preauth] debug1: Encryption type: 3des [preauth] debug3: mm_request_send entering: type 32 [preauth] debug3: mm_request_receive_expect entering: type 33 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 32 debug3: mm_request_send entering: type 33 debug2: monitor_read: 32 used once, disabling now debug3: mm_ssh1_session_id entering [preauth] debug3: mm_request_send entering: type 34 [preauth] debug1: Received session key; encryption turned on. [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 34 debug3: mm_answer_sessid entering debug2: monitor_read: 34 used once, disabling now debug3: mm_getpwnamallow entering [preauth] debug3: mm_request_send entering: type 8 [preauth] debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth] debug3: mm_request_receive_expect entering: type 9 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 8 debug3: mm_answer_pwnamallow debug2: parse_server_config: config reprocess config len 555 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 debug3: mm_request_send entering: type 9 debug2: monitor_read: 8 used once, disabling now debug1: Attempting authentication for tgc. [preauth] debug3: mm_auth_rsa_key_allowed entering [preauth] debug3: mm_request_send entering: type 36 [preauth] debug3: mm_request_receive_expect entering: type 37 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 36 debug3: mm_answer_rsa_keyallowed entering debug1: temporarily_use_uid: 500/500 (e=500/500) debug1: trying public RSA key file /export/home/tgc/buildpkg/openssh/src/openssh-git/regress/authorized_keys_tgc debug1: fd 9 clearing O_NONBLOCK debug1: /export/home/tgc/buildpkg/openssh/src/openssh-git/regress/authorized_keys_tgc, line 1: non ssh1 key syntax debug1: matching key found: file /export/home/tgc/buildpkg/openssh/src/openssh-git/regress/authorized_keys_tgc, line 2 RSA1 SHA256:T373CbnNP2xxI+dYn8iGW/IUdoGB0RyZQd+TEhFbz3k debug1: restore_uid: (unprivileged) debug3: mm_request_send entering: type 37 Failed rsa for tgc from UNKNOWN port 65535 ssh1 debug3: mm_auth_rsa_generate_challenge entering [preauth] debug3: mm_request_send entering: type 38 [preauth] debug3: mm_request_receive_expect entering: type 39 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 38 debug3: mm_answer_rsa_challenge entering debug3: mm_answer_rsa_challenge sending reply debug3: mm_request_send entering: type 39 debug2: monitor_read: 38 used once, disabling now debug3: mm_auth_rsa_verify_response entering [preauth] debug3: mm_request_send entering: type 40 [preauth] debug3: mm_request_receive_expect entering: type 41 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 40 debug3: mm_answer_rsa_response entering debug3: mm_request_send entering: type 41 debug2: monitor_read: 40 used once, disabling now Accepted rsa for tgc from UNKNOWN port 65535 ssh1 debug1: monitor_child_preauth: tgc has been authenticated by privileged process debug3: mm_get_keystate: Waiting for new keys debug3: mm_request_receive_expect entering: type 26 debug3: mm_request_receive entering debug3: mm_get_keystate: GOT new keys debug3: mm_request_send entering: type 26 [preauth] debug3: mm_send_keystate: Finished sending state [preauth] debug1: monitor_read_log: child log fd closed debug3: mm_share_sync: Share sync debug3: mm_share_sync: Share sync end debug3: monitor_apply_keystate: packet_set_state debug1: ssh_packet_set_postauth: called debug3: ssh_packet_set_state: done debug2: session_new: allocate (allocated 0 max 10) debug3: session_unused: session id 0 unused debug1: session_new: session 0 debug1: Exec command 'cat > /export/home/tgc/buildpkg/openssh/src/openssh-git/regress/copy' Starting session: command for tgc from UNKNOWN port 65535 id 0 User child is on pid 27123 debug1: Entering interactive session. debug2: fd 8 setting O_NONBLOCK debug2: fd 10 setting O_NONBLOCK debug2: fd 12 setting O_NONBLOCK debug2: fd 7 setting O_NONBLOCK debug2: fd 11 setting O_NONBLOCK debug1: server_init_dispatch_13 debug1: server_init_dispatch_15 debug3: mm_request_receive entering debug1: do_cleanup FATAL: FAIL:
On Wed, 17 Feb 2016, Tom G. Christensen wrote:> On 12/02/16 04:56, Damien Miller wrote: > > Portable OpenSSH is available via Git at > > https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at > > https://github.com/openssh/openssh-portable > > > > I'm seeing a hang in the testsuite on Solaris: > run test transfer.sh ... > transfer data: proto 1 > <hangs here> > > I've tested on 2.6, 7 and 9, x86 only for now. > > I bisected it on Solaris 2.6 and the culprit is: > 19bcf2ea2d17413f2d9730dd2a19575ff86b9b6a > > Reverting it gets rid of the hang and the testsuite runs to completion > with no errors.Thanks for the analysis. I think this fixes it. diff --git a/packet.c b/packet.c index 7ddebeb..6755e74 100644 --- a/packet.c +++ b/packet.c @@ -263,8 +263,8 @@ ssh_alloc_session_state(void) int ssh_packet_is_rekeying(struct ssh *ssh) { - return ssh->state->rekeying || - (ssh->kex != NULL && ssh->kex->done == 0); + return compat20 && + (ssh->state->rekeying || (ssh->kex != NULL && ssh->kex->done == 0)); } /*
Reasonably Related Threads
- Call for testing: OpenSSH 7.6
- [Bug 2370] New: make fails with "rmd160.c", line 35.10: 1506-296 (S) #include file <endian.h> not found. when using --without-openssl on AIX
- vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
- Call for testing: OpenSSH 6.8
- Call for testing: OpenSSH 6.8