Hi, OpenSSH 7.8p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at http://www.openssh.com/portable.html#cvs At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github: https://github.com/openssh/openssh-portable Running the regression tests supplied with Portable OpenSSH does not require installation and is a simply: $ ./configure && make tests Live testing on suitable non-production systems is also appreciated. Please send reports of success or failure to openssh-unix-dev at mindrot.org. Security bugs should be reported directly to openssh at openssh.com. Below is a summary of changes. More detail may be found in the ChangeLog in the portable OpenSSH tarballs. Thanks to the many people who contributed to this release. Potentially-incompatible changes =============================== This release includes a number of changes that may affect existing configurations: * ssh-keygen(1): write OpenSSH format private keys by default instead of using OpenSSL's PEM format. The OpenSSH format, supported in OpenSSH releases since 2014 and described in the PROTOCOL.key file in the source distribution, offers substantially better protection against offline password guessing and supports key comments in private keys. If necessary, it is possible to write old PEM-style keys by adding "-m PEM" to ssh-keygen's arguments when generating or updating a key. * sshd(8): remove internal support for S/Key multiple factor authentication. S/Key may still be used via PAM or BSD auth. * ssh(1): remove vestigal support for running ssh(1) as setuid. This used to be required for hostbased authentication and the (long gone) rhosts-style authentication, but has not been necessary for a long time. Attempting to execute ssh as a setuid binary, or with uid != effective uid will now yield a fatal error at runtime. * sshd(8): the semantics of PubkeyAcceptedKeyTypes and the similar HostbasedAcceptedKeyTypes options have changed. These now specify signature algorithms that are accepted for their respective authentication mechanism, where previously they specified accepted key types. This distinction matters when using the RSA/SHA2 signature algorithms "rsa-sha2-256", "rsa-sha2-512" and their certificate counterparts. Configurations that override these options but omit these algorithm names may cause unexpected authentication failures (no action is required for configurations that accept the default for these options). * sshd(8): the precedence of session environment variables has changed. ~/.ssh/environment and environment="..." options in authorized_keys files can no longer override SSH_* variables set implicitly by sshd. * ssh(1)/sshd(8): the default IPQoS used by ssh/sshd has changed. They will now use DSCP AF21 for interactive traffic and CS1 for bulk. For a detailed rationale, please see the commit message: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/readconf.c#rev1.284 Changes since OpenSSH 7.7 ======================== This is primarily a bugfix release. New Features ------------ * ssh(1)/sshd(8): add new signature algorithms "rsa-sha2-256-cert- v01 at openssh.com" and "rsa-sha2-512-cert-v01 at openssh.com" to explicitly force use of RSA/SHA2 signatures in authentication. * sshd(8): extend the PermitUserEnvironment option to accept a whitelist of environment variable names in addition to global "yes" or "no" settings. * sshd(8): add a PermitListen directive to sshd_config(5) and a corresponding permitlisten= authorized_keys option that control which listen addresses and port numbers may be used by remote forwarding (ssh -R ...). * sshd(8): add some countermeasures against timing attacks used for account validation/enumeration. sshd will enforce a minimum time or each failed authentication attempt consisting of a global 5ms minimum plus an additional per-user 0-4ms delay derived from a host secret. * sshd(8): add a SetEnv directive to allow an administrator to explicitly specify environment variables in sshd_config. Variables set by SetEnv override the default and client-specified environment. * ssh(1): add a SetEnv directive to request that the server sets an environment variable in the session. Similar to the existing SendEnv option, these variables are set subject to server configuration. * ssh(1): allow "SendEnv -PATTERN" to clear environment variables previously marked for sending to the server. bz#1285 * ssh(1)/sshd(8): make UID available as a %-expansion everywhere that the username is available currently. bz#2870 * ssh(1): allow setting ProxyJump=none to disable ProxyJump functionality. bz#2869 Bugfixes -------- * all: substantial internal refactoring * sshd(8): avoid observable differences in request parsing that could be used to determine whether a target user is valid. * ssh(1)/sshd(8): fix some memory leaks; bz#2366 * ssh(1): fix a pwent clobber (introduced in openssh-7.7) that could occur during key loading, manifesting as crash on some platforms. * sshd_config(5): clarify documentation for AuthenticationMethods option; bz#2663 * ssh(1): ensure that the public key algorithm sent in a public key SSH_MSG_USERAUTH_REQUEST matches the content of the signature blob. Previously, these could be inconsistent when a legacy or non-OpenSSH ssh-agent returned a RSA/SHA1 signature when asked to make a RSA/SHA2 signature. * sshd(8): fix failures to read authorized_keys caused by faulty supplemental group caching. bz#2873 * scp(1): apply umask to directories, fixing potential mkdir/chmod race when copying directory trees bz#2839 * ssh-keygen(1): return correct exit code when searching for and hashing known_hosts entries in a single operation; bz#2772 * ssh(1): prefer the ssh binary pointed to via argv[0] to $PATH when re-executing ssh for ProxyJump. bz#2831 * sshd(8): do not ban PTY allocation when a sshd session is restricted because the user password is expired as it breaks password change dialog. (regression in openssh-7.7). * ssh(1)/sshd(8): fix error reporting from select() failures. * ssh(1): improve documentation for -w (tunnel) flag, emphasising that -w implicitly sets Tunnel=point-to-point. bz#2365 * ssh-agent(1): implement EMFILE mitigation for ssh-agent. ssh-agent will no longer spin when its file descriptor limit is exceeded. bz#2576 * ssh(1)/sshd(8): disable SSH2_MSG_DEBUG messages for Twisted Conch clients. Twisted Conch versions that lack a version number in their identification strings will mishandle these messages when running on Python 2.x (https://twistedmatrix.com/trac/ticket/9422) * sftp(1): notify user immediately when underlying ssh process dies expectedly. bz#2719 * ssh(1)/sshd(8): fix tunnel forwarding; regression in 7.7 release. bz#2855 * ssh-agent(1): don't kill ssh-agent's listening socket entirely if it fails to accept(2) a connection. bz#2837 * sshd(8): relax checking of authorized_keys environment="..." options to allow underscores in variable names (regression introduced in 7.7). bz#2851 * ssh(1): add some missing options in the configuration dump output (ssh -G). bz#2835 Portability ----------- * sshd(8): Expose details of completed authentication to PAM auth modules via SSH_AUTH_INFO_0 in the PAM environment. bz#2408 * Fix compilation problems caused by fights between zlib and OpenSSL colliding uses of "free_func" * Improve detection of unsupported compiler options. Recently these may have manifested as "unsupported -Wl,-z,retpoline" warnings during linking. * sshd(8): some sandbox support for Linux/s390 bz#2752. * regress tests: unbreak key-options.sh test on platforms without openpty(3). bz#2856 * use getrandom(2) for PRNG seeding when built without OpenSSL. OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom.
On Thu, Aug 09, 2018 at 08:16:34PM CDT, Damien Miller wrote:>Hi, > >OpenSSH 7.8p1 is almost ready for release, so we would appreciate testing >on as many platforms and systems as possible. This is a bugfix release. > >Snapshot releases for portable OpenSSH are available from >http://www.mindrot.org/openssh_snap/ > >The OpenBSD version is available in CVS HEAD: >http://www.openbsd.org/anoncvs.html > >Portable OpenSSH is also available via git using the >instructions at http://www.openssh.com/portable.html#cvs >At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github: >https://github.com/openssh/openssh-portable > >Running the regression tests supplied with Portable OpenSSH does not >require installation and is a simply: > >$ ./configure && make tests > >Live testing on suitable non-production systems is also appreciated. >Please send reports of success or failure to >openssh-unix-dev at mindrot.org. Security bugs should be reported >directly to openssh at openssh.com. >On Void Linux (kernel 4.14, glibc 2.26, gcc 7.3) I'm seeing a failure in the test_kex unit test: $ git rev-parse HEAD e1b26ce504662a5d5b991091228984ccfd25f280 $ ./configure --with-pam --with-pie --with-sandbox=seccomp_filter <...snip...> $ make tests <...snip...> test_kex: .... regress/unittests/kex/test_kex.c:76 test #5 "kex" ASSERT_INT_EQ(server->kex->done, 1) failed: server->kex->done = -649425904 1 = 1 Aborted make[1]: *** [Makefile:225: unit] Error 134 make[1]: *** Waiting for unfinished jobs.... Manually invoking regress/unittests/kex/test_kex, I see the value printed for server->kex->done changing from one run to the next, which made me suspect some sort of memory corruption or lack of initialization, but running under valgrind doesn't show anything of the sort: $ valgrind ./regress/unittests/kex/test_kex ==12365== Memcheck, a memory error detector ==12365== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==12365== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info ==12365== Command: ./regress/unittests/kex/test_kex ==12365== test_kex: .... regress/unittests/kex/test_kex.c:76 test #5 "kex" ASSERT_INT_EQ(server->kex->done, 1) failed: server->kex->done = 103646864 1 = 1 ==12365== ==12365== Process terminating with default action of signal 6 (SIGABRT) ==12365== at 0x5CAF920: raise (raise.c:51) ==12365== by 0x5CB0FFC: abort (abort.c:90) ==12365== by 0x10E33E: test_die (test_helper.c:302) ==12365== by 0x10FDD3: assert_int (test_helper.c:431) ==12365== by 0x10E9C6: run_kex (test_kex.c:76) ==12365== by 0x10ED27: do_kex_with_key (test_kex.c:117) ==12365== by 0x10F1CF: do_kex (test_kex.c:181) ==12365== by 0x10F21F: kex_tests (test_kex.c:192) ==12365== by 0x10E65D: main (test_helper.c:162) ==12365== ==12365== HEAP SUMMARY: ==12365== in use at exit: 66,964 bytes in 1,732 blocks ==12365== total heap usage: 2,350 allocs, 618 frees, 401,681 bytes allocated ==12365== ==12365== LEAK SUMMARY: ==12365== definitely lost: 0 bytes in 0 blocks ==12365== indirectly lost: 0 bytes in 0 blocks ==12365== possibly lost: 0 bytes in 0 blocks ==12365== still reachable: 66,964 bytes in 1,732 blocks ==12365== suppressed: 0 bytes in 0 blocks ==12365== Rerun with --leak-check=full to see details of leaked memory ==12365== ==12365== For counts of detected and suppressed errors, rerun with: -v ==12365== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) Aborted Let me know if there's any additional information that would be useful... Zev
All checks out on FreeBsd 11.2 -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism We cannot direct the wind, but we can adjust the sails. -Bertha Calloway
On Fri, 10 Aug 2018, Zev Weiss wrote:> On Void Linux (kernel 4.14, glibc 2.26, gcc 7.3) I'm seeing a failure > in the test_kex unit test:[snip] Thanks for testing! I tried to recreate this by installing void x64_64 to a VM, but couldn't - the test passes for me.a My system ended up with a slightly newer kernel (4.17 IIRC). What hardware platform are you using? -d
On 10/08/2018 03:16, Damien Miller wrote:> OpenSSH 7.8p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release.I am getting a build error. But this is also a new build system - based on AIX 6.1 rather than AIX 5.3. Will research asap. configure: WARNING: Please check and edit blibpath in LDFLAGS in Makefile + /opt/bin/make > .buildaix/make.out "kludge-fd_set.c", line 28.1: 1506-356 (W) Compilation unit is empty. "glob.c", line 94.9: 1506-236 (W) Macro name TILDE has been redefined. "glob.c", line 94.9: 1506-358 (I) "TILDE" is defined on line 271 of /usr/include/sys/ioctl.h. "/usr/include/syms.h", line 290.9: 1506-236 (W) Macro name T_NULL has been redefined. "/usr/include/syms.h", line 290.9: 1506-358 (I) "T_NULL" is defined on line 150 of /usr/include/arpa/onameser_compat.h. "/usr/include/sys/file.h", line 128.9: 1506-236 (W) Macro name LOCK_SH has been redefined. "/usr/include/sys/file.h", line 128.9: 1506-358 (I) "LOCK_SH" is defined on line 149 of ../openbsd-compat/bsd-misc.h. "/usr/include/sys/file.h", line 129.9: 1506-236 (W) Macro name LOCK_EX has been redefined. "/usr/include/sys/file.h", line 129.9: 1506-358 (I) "LOCK_EX" is defined on line 150 of ../openbsd-compat/bsd-misc.h. "/usr/include/sys/file.h", line 130.9: 1506-236 (W) Macro name LOCK_NB has been redefined. "/usr/include/sys/file.h", line 130.9: 1506-358 (I) "LOCK_NB" is defined on line 151 of ../openbsd-compat/bsd-misc.h. "/usr/include/sys/file.h", line 131.9: 1506-236 (W) Macro name LOCK_UN has been redefined. "/usr/include/sys/file.h", line 131.9: 1506-358 (I) "LOCK_UN" is defined on line 152 of ../openbsd-compat/bsd-misc.h. "port-aix.c", line 207.45: 1506-045 (S) Undeclared identifier ctx. "port-aix.c", line 268.22: 1506-045 (S) Undeclared identifier r. "port-aix.c", line 479.18: 1506-204 (S) Unexpected end of file. make[1]: *** [Makefile:98: port-aix.o] Error 1 make: *** [Makefile:164: openbsd-compat/libopenbsd-compat.a] Error 2 /opt/bin/make returned an error> Snapshot releases for portable OpenSSH are available from > http://www.mindrot.org/openssh_snap/
On Fri, 10 Aug 2018, Michael Felt wrote:> On 10/08/2018 03:16, Damien Miller wrote: > > OpenSSH 7.8p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a bugfix release. > I am getting a build error. But this is also a new build system - based > on AIX 6.1 rather than AIX 5.3. > Will research asap.[snip]> "port-aix.c", line 207.45: 1506-045 (S) Undeclared identifier ctx. > "port-aix.c", line 268.22: 1506-045 (S) Undeclared identifier r. > "port-aix.c", line 479.18: 1506-204 (S) Unexpected end of file.these look like real errors. Please try this: diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index eabb5249..943177c7 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -204,7 +204,7 @@ sys_auth_passwd(struct ssh *ssh, const char *password) */ expired = passwdexpired(name, &msg); if (msg && *msg) { - if ((r = sshbuf_put(ctx->loginmsg, + if ((r = sshbuf_put(ctxt->loginmsg, msg, strlen(msg))) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); @@ -241,7 +241,7 @@ int sys_auth_allowed_user(struct passwd *pw, struct sshbuf *loginmsg) { char *msg = NULL; - int result, permitted = 0; + int r, result, permitted = 0; struct stat st; /* @@ -267,6 +267,7 @@ sys_auth_allowed_user(struct passwd *pw, struct sshbuf *loginmsg) else if (msg != NULL) { if ((r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); + } if (msg == NULL) msg = xstrdup("(none)"); aix_remove_embedded_newlines(msg);
NetBSD-8 amd64
2 -pipe -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security
-Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result
-fno-strict-aliasing -mfunction-return=thunk -mindirect-branch=thunk
-D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-me
mset -fstack-protector-strong -I. -I.. -I. -I./.. -D_OPENBSD_SOURCE
-DHAVE_CONFIG_H -c bsd-getline.c
bsd-getline.c:50:1: error: static declaration of 'getdelim' follows
non-static declaration
getdelim(char **buf, size_t *bufsiz, int delimiter, FILE *fp)
^
In file included from /usr/include/resolv.h:65:0,
from ../openbsd-compat/getrrsetbyname.h:59,
from ../openbsd-compat/openbsd-compat.h:44,
from ../includes.h:174,
from bsd-getline.c:36:
/usr/include/stdio.h:535:10: note: previous declaration of 'getdelim'
was here
ssize_t getdelim(char ** __restrict, size_t * __restrict, int,
^
*** Error code 1
Stop.
make[1]: stopped in /home/htodd/openssh-portable/openbsd-compat
*** Error code 1
Stop.
make: stopped in /home/htodd/openssh-portable
--
Hisashi T Fujinaka - htodd at twofifty.com
BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee
On 13 August 2018 at 02:39, Hisashi T Fujinaka <htodd at twofifty.com> wrote: [...]> /usr/include/stdio.h:535:10: note: previous declaration of 'getdelim' was > hereDid you run "autoreconf" to rebuild configure after updating and before running ./configure? That has been the cause once before: https://bugzilla.mindrot.org/show_bug.cgi?id=2881 -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Aug 10 11:16, Damien Miller wrote:> Hi, > > OpenSSH 7.8p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release.Problems building on Cygwin, partially a result of a new GCC version. I'm still collecting and fixing. I hope I have a few days to create a useful report with patches? Thanks, Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20180813/7bb79cfb/attachment.asc>
On Aug 13 13:19, Corinna Vinschen wrote:> On Aug 10 11:16, Damien Miller wrote: > > Hi, > > > > OpenSSH 7.8p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a bugfix release. > > Problems building on Cygwin, partially a result of a new GCC version. > I'm still collecting and fixing. I hope I have a few days to create a > useful report with patches?Ok, it was less tragic than anticipated. I attached two patches which are required to make this build work on Cygwin. With these two patches OpenSSH builds and all tests pass. Thanks, Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat -------------- next part --------------
On Fri, 2018-08-10 at 11:16 +1000, Damien Miller wrote:> Hi, > > OpenSSH 7.8p1 is almost ready for release, so we would appreciate > testing > on as many platforms and systems as possible. This is a bugfix > release. > > Snapshot releases for portable OpenSSH are available from > http://www.mindrot.org/openssh_snap/ > > The OpenBSD version is available in CVS HEAD: > http://www.openbsd.org/anoncvs.htmlDuring rebasing I noticed, there is wrong file path in the Makefile target: diff --git a/Makefile.in b/Makefile.in index 591d1955..64c9c518 100644 --- a/Makefile.in +++ b/Makefile.in @@ -281,7 +281,7 @@ distclean: regressclean rm -f regress/unittests/utf8/*.o rm -f regress/unittests/utf8/test_utf8 rm -f regress/misc/kexfuzz/*.o - rm -f regress/unittests/misc/kexfuzz + rm -f regress/misc/kexfuzz (cd openbsd-compat && $(MAKE) distclean) if test -d pkg ; then \ rm -fr pkg ; \ I will continue with the tests soon. Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc.