Hi, OpenSSH 8.3p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at http://www.openssh.com/portable.html#cvs At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github: https://github.com/openssh/openssh-portable Running the regression tests supplied with Portable OpenSSH does not require installation and is a simply: $ ./configure && make tests Live testing on suitable non-production systems is also appreciated. Please send reports of success or failure to openssh-unix-dev at mindrot.org. Security bugs should be reported directly to openssh at openssh.com. Below is a summary of changes. More detail may be found in the ChangeLog in the portable OpenSSH tarballs. Thanks to the many people who contributed to this release. Security ======= * scp(1): when receiving files, scp(1) could be become desynchronised if a utimes(2) system call failed. This could allow file contents to be interpreted as file metadata and thereby permit an adversary to craft a file system that, when copied with scp(1) in a configuration that caused utimes(2) to fail (e.g. under a SELinux policy or syscall sandbox), transferred different file names and contents to the actual file system layout. Exploitation of this is not likely as utimes(2) does not fail under normal circumstances. Successful exploitation is not silent - the output of scp(1) would show transfer errors followed by the actual file(s) that were received. Finally, filenames returned from the peer are (since openssh-8.0) matched against the user's requested destination, thereby disallowing a successful exploit from writing files outside the user's selected target glob (or directory, in the case of a recursive transfer). This ensures that this attack can achieve no more than a hostile peer is already able to do within the scp protocol. Potentially-incompatible changes =============================== This release includes a number of changes that may affect existing configurations: * sftp(1): reject an argument of "-1" in the same way as ssh(1) and scp(1) do instead of accepting and silently ignoring it. Changes since OpenSSH 8.2 ======================== The focus of this release is bug fixing. New Features ------------ * sshd(8): make IgnoreRhosts a tri-state option: "yes" to ignore rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow .shosts files but not .rhosts. * sshd(8): allow the IgnoreRhosts directive to appear anywhere in a sshd_config, not just before any Match blocks; bz3148 * ssh(1): add %TOKEN percent expansion for the LocalFoward and RemoteForward keywords when used for Unix domain socket forwarding. bz#3014 * all: allow loading public keys from the unencrypted envelope of a private key file if no corresponding public key file is present. * ssh(1), sshd(8): prefer to use chacha20 from libcrypto where possible instead of the (slower) portable C implementation included in OpenSSH. * ssh-keygen(1): add ability to dump the contents of a binary key revocation list via "ssh-keygen -lQf /path" bz#3132 Bugfixes -------- * ssh(1): fix IdentitiesOnly=yes to also apply to keys loaded from a PKCS11Provider; bz#3141 * ssh-keygen(1): avoid NULL dereference when trying to convert an invalid RFC4716 private key. * scp(2): when performing remote-to-remote copies using "scp -3", start the second ssh(1) channel with BatchMode=yes enabled to avoid confusing and non-deterministic ordering of prompts. * ssh(1), ssh-keygen(1): when signing a challenge using a FIDO token, perform hashing of the message to be signed in the middleware layer rather than in OpenSSH code. This permits the use of security key middlewares that perform the hashing implicitly, such as Windows Hello. * ssh(1): fix incorrect error message for "too many known hosts files." bz#3149 * ssh(1): make failures when establishing "Tunnel" forwarding terminate the connection when ExitOnForwardFailure is enabled; bz#3116 * ssh-keygen(1): fix printing of fingerprints on private keys and add a regression test for same. * sshd(8): document order of checking AuthorizedKeysFile (first) and AuthorizedKeysCommand (subsequently, if the file doesn't match); bz#3134 * sshd(8): document that /etc/hosts.equiv and /etc/shosts.equiv are not considered for HostbasedAuthentication when the target user is root; bz#3148 * ssh(1), ssh-keygen(1): fix NULL dereference in private certificate key parsing (oss-fuzz #20074). * ssh(1), sshd(8): more consistency between sets of %TOKENS are accepted in various configuration options. * ssh(1), ssh-keygen(1): improve error messages for some common PKCS#11 C_Login failure cases; bz#3130 * ssh(1), sshd(8): make error messages for problems during SSH banner exchange consistent with other SSH transport-layer error messages and ensure they include the relevant IP addresses bz#3129 * various: fix a number of spelling errors in comments and debug/error messages * ssh-keygen(1), ssh-add(1): when downloading FIDO2 resident keys from a token, don't prompt for a PIN until the token has told us that it needs one. Avoids double-prompting on devices that implement on-device authentication. * sshd(8), ssh-keygen(1): no-touch-required FIDO certificate option should be an extension, not a critical option. * ssh(1), ssh-keygen(1), ssh-add(1): offer a better error message when trying to use a FIDO key function and SecurityKeyProvider is empty. * ssh-add(1), ssh-agent(8): ensure that a key lifetime fits within the values allowed by the wire format (u32). Prevents integer wraparound of the timeout values. bz#3119 * ssh(1): detect and prevent trivial configuration loops when using ProxyJump. bz#3057. Portability ----------- * Detect systems where signals flagged with SA_RESTART will interrupt select(2). POSIX permits implementations to choose whether select(2) will return when interrupted with a SA_RESTART-flagged signal, but OpenSSH requires interrupting behaviour. * Several compilation fixes for HP/UX and AIX. * On platforms that do not support setting process-wide routing domains (all excepting OpenBSD at present), fail to accept a configuration attempts to set one at process start time rather than fatally erroring at run time. bz#3126 * Improve detection of egrep (used in regression tests) on platforms that offer a poor default one (e.g. Solaris). * A number of shell portability fixes for the regression tests. * Fix theoretical infinite loop in the glob(3) replacement implementation. * Fix seccomp sandbox compilation problems for some Linux configurations bz#3085 * Improved detection of libfido2 and some compilation fixes for some configurations when --with-security-key-builtin is selected. OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom.
On 5/11/20 8:24 PM, Damien Miller wrote:> Hi, > > OpenSSH 8.3p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. > > Snapshot releases for portable OpenSSH are available from > http://www.mindrot.org/openssh_snap/Latest snapshot is openssh-SNAP-20200502.tar.gz 02-May-2020 00:30 - is this the 8.3p1 candidate?> Portable OpenSSH is also available via git using the > instructions at http://www.openssh.com/portable.html#cvs > At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github: > https://github.com/openssh/openssh-portable > > Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ ./configure && make tests >Using git-clone: *Linux Mint 19.3 / gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0 ** fail tests here:* ssh-add -l with different agent did not fail with exit code 1 (exit code 0) failed simple agent test Makefile:213: recipe for target 't-exec' failed make[1]: *** [t-exec] Error 1 make[1]: Leaving directory '/home/brottk/sandbox/openssh-portable/regress' Makefile:673: recipe for target 't-exec' failed make: *** [t-exec] Error 2 *Debian 10.3 (buster)? / gcc (Debian 8.3.0-6) 8.3.0 / **All tests passed ** RHEL 7.2 /? gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-4) / **All tests passed* *AIX 7200-04-01-1939 / gcc (GCC) 8.3.0 fails out here ...* ... key option expiry-time invalid key option expiry-time expired key option expiry-time valid failed key options gmake[1]: *** [Makefile:213: t-exec] Error 1 gmake[1]: Leaving directory '/home/brottk/sandbox/openssh-portable/regress' make: *** [Makefile:673: t-exec] Error 2 *Using the xlc_r compiler fails to compile enough to get to the tests ...* ??????? xlc_r -O2 -qarch=ppc -qalloca -I/usr/include -I/opt/freeware/include?? -I. -I. -O2 -qarch=ppc -qalloca -I/usr/include -I/opt/freeware/include -DSSHDIR=\"/usr/local/etc\"? -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"? -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"? -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"? -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"? -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"? -D_PATH_SSH_SK_HELPER=\"/usr/local/libexec/ssh-sk-helper\"? -D_PATH_SSH_PIDDIR=\"/var/run\"? -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -fPIC -shared -o regress/misc/sk-dummy/sk-dummy.so regress/misc/sk-dummy/sk-dummy.lo? regress/misc/sk-dummy/fatal.lo? ed25519.lo hash.lo ge25519.lo fe25519.lo sc25519.lo verify.lo? -L. -Lopenbsd-compat -lopenbsd-compat -L. -Lopenbsd-compat/ -L/usr/lib -L/usr/ccs/lib -blibpath:/usr/lib:/lib? -lcrypto -lz -lpthread xlc_r: 1501-218 (W) file regress/misc/sk-dummy/sk-dummy.lo contains an incorrect file suffix xlc_r: 1501-218 (W) file regress/misc/sk-dummy/fatal.lo contains an incorrect file suffix xlc_r: 1501-218 (W) file ed25519.lo contains an incorrect file suffix xlc_r: 1501-218 (W) file hash.lo contains an incorrect file suffix xlc_r: 1501-218 (W) file ge25519.lo contains an incorrect file suffix xlc_r: 1501-218 (W) file fe25519.lo contains an incorrect file suffix xlc_r: 1501-218 (W) file sc25519.lo contains an incorrect file suffix xlc_r: 1501-218 (W) file verify.lo contains an incorrect file suffix ld: 0706-005 Cannot find or open file: PIC ??????? ld:fopen(): No such file or directory ld: 0706-012 The -h flag is not recognized. ld: 0706-012 The -a flag is not recognized. make: The error code from the last command is 255. Stop. -- # include <stddisclaimer.h> /* Kevin Brott <Kevin.Brott at GMail.com> */
All test passed on NetBSD-current amd64, NetBSD-9 amd64, and NetBSD-9 i386. MacOS 10.15.4 is asking for libcrypto. -- Hisashi T Fujinaka - htodd at twofifty.com BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee
On Wed, 13 May 2020 at 02:00, Kevin Brott <kevin.brott at gmail.com> wrote: [...]> Latest snapshot is openssh-SNAP-20200502.tar.gz 02-May-2020 00:30 - is this the 8.3p1 candidate?No, it looks like the snapshot updater stopped updating. Damien's onto it. [...]> Using git-clone: > > *Linux Mint 19.3 / gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0 ** > fail tests here:* > ssh-add -l with different agent did not fail with exit code 1 (exit code 0) > failed simple agent test > Makefile:213: recipe for target 't-exec' failed > make[1]: *** [t-exec] Error 1 > make[1]: Leaving directory '/home/brottk/sandbox/openssh-portable/regress' > Makefile:673: recipe for target 't-exec' failed > make: *** [t-exec] Error 2This one I'm not sure about. [...]> *AIX 7200-04-01-1939 / gcc (GCC) 8.3.0 > fails out here ...* > ... > key option expiry-time invalid > key option expiry-time expired > key option expiry-time valid > failed key optionsThe individual test that failed should be a further back in the log. The debug logs for the failing invocations of ssh and sshd should be in regress/failed-ssh*.log, could you please send those (off-list if you prefer).> *Using the xlc_r compiler fails to compile enough to get to the tests ...*[...] The Makefile doesn't know how to make shared libraries with xlc so it can't build the sk-dummy library. We don't actually use it if you're not building with security key support, I'll see if I can make it skip building it too. Thanks for the thorough testing! -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Wed, 13 May 2020 at 02:00, Kevin Brott <kevin.brott at gmail.com> wrote: [...]> *AIX 7200-04-01-1939 / gcc (GCC) 8.3.0 > fails out here ...* > ... > key option expiry-time invalid > key option expiry-time expired > key option expiry-time valid > failed key options > gmake[1]: *** [Makefile:213: t-exec] Error 1 > gmake[1]: Leaving directory '/home/brottk/sandbox/openssh-portable/regress' > make: *** [Makefile:673: t-exec] Error 2I've reproduced this one. The reason is that allocating a pty on AIX requires root privileges, and the test sshd is failing with the following: debug1: pty_setowner: no tty group chown(/dev/pts/2, 500, 0) failed: Not owner debug1: do_cleanup debug1: session_pty_cleanup2: session 0 release /dev/pts/2 Attempt to write login records by non-root user (aborting) debug1: do_cleanup FAIL: key option failed restrict,pty You can run the test with SUDO=sudo (assuming you have sudo and it's configured to allow passwordless commands). I'll see if we can skip these tests in that case. -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Hi Damien, Failure in t-exec using the 2020-05-13 snapshot. Host OS: macOS Mojave (10.14.6) Host HW: MacBook Pro (Retina, 15-inch, Mid 2014) Snapshot: openssh-SNAP-20200513.tar.gz $ ./configure --with-ssl-dir='/usr/local/Cellar/openssl at 1.1/1.1.1g' $ make tests OpenSSL 1.1.1g installed via homebrew. Attachment contains: build.log regress/failed-regress.log regress/failed-ssh.log regress/failed-sshd.log Be safe, stay healthy, -- Mark -------------- next part -------------- A non-text attachment was scrubbed... Name: failed-20200513-logs.tar.bz2 Type: application/x-bzip2 Size: 17035 bytes Desc: failed-20200513-logs.tar.bz2 URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20200512/ec4c14e4/attachment-0001.bz2>
On 5/11/20 8:24 PM, Damien Miller wrote:> Hi, > > OpenSSH 8.3p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. > > Snapshot releases for portable OpenSSH are available from > http://www.mindrot.org/openssh_snap/ >Using: openssh-SNAP-20200513.tar.gz * Debian 10.4 / gcc 8.3.0 / OpenSSL 1.1.1d / all tests passed * RHEL 7.2 / gcc 4.8.5 / OpenSSL 1.0.2k-fips / all tests passed * Linux Mint 19.3 / gcc 7.5.0 / OpenSSL 1.1.1 / make tests failed ? ... ? ok try ciphers ? run test yes-head.sh ... ? ok yes pipe head ? run test login-timeout.sh ... ? ok connect after login grace timeout ? run test agent.sh ... ? Identity added: openssh/regress/ssh-ed25519-agent (user at host) ? Certificate added: openssh/regress/ssh-ed25519-agent-cert.pub (ssh-ed25519 cert) ? Identity added: openssh/regress/ssh-ed25519-agent (user at host) ? Certificate added: openssh/regress/ssh-ed25519-agent-cert.pub (ssh-ed25519 cert) ? Identity added: openssh/regress/sk-ssh-ed25519 at openssh.com-agent (user at host) ? Certificate added: openssh/regress/sk-ssh-ed25519 at openssh.com-agent-cert.pub (sk-ssh-ed25519 at openssh.com cert) ? Identity added: openssh/regress/sk-ssh-ed25519 at openssh.com-agent (user at host) ? Certificate added: openssh/regress/sk-ssh-ed25519 at openssh.com-agent-cert.pub (sk-ssh-ed25519 at openssh.com cert) ? Identity added: openssh/regress/ssh-rsa-agent (user at host) ? Certificate added: openssh/regress/ssh-rsa-agent-cert.pub (ssh-rsa cert) ? Identity added: openssh/regress/ssh-rsa-agent (user at host) ? Certificate added: openssh/regress/ssh-rsa-agent-cert.pub (ssh-rsa cert) ? Identity added: openssh/regress/ssh-dss-agent (user at host) ? Certificate added: openssh/regress/ssh-dss-agent-cert.pub (ssh-dss cert) ? Identity added: openssh/regress/ssh-dss-agent (user at host) ? Certificate added: openssh/reg ress/ssh-dss-agent-cert.pub (ssh-dss cert) ? Identity added: openssh/regress/ecdsa-sha2-nistp256-agent (user at host) ? Certificate added: openssh/regress/ecdsa-sha2-nistp256-agent-cert.pub (ecdsa-sha2-nistp256 cert) ? Identity added: openssh/regress/ecdsa-sha2-nistp256-agent (user at host) ? Certificate added: openssh/regress/ecdsa-sha2-nistp256-agent-cert.pub (ecdsa-sha2-nistp256 cert) ? Identity added: openssh/regress/ecdsa-sha2-nistp384-agent (user at host) ? Certificate added: openssh/regress/ecdsa-sha2-nistp384-agent-cert.pub (ecdsa-sha2-nistp384 cert) ? Identity added: openssh/regress/ecdsa-sha2-nistp384-agent (user at host) ? Certificate added: openssh/regress/ecdsa-sha2-nistp384-agent-cert.pub (ecdsa-sha2-nistp384 cert) ? Identity added: openssh/regress/ecdsa-sha2-nistp521-agent (user at host) ? Certificate added: openssh/regress/ecdsa-sha2-nistp521-agent-cert.pub (ecdsa-sha2-nistp521 cert) ? Identity added: openssh/regress/ecdsa-sha2-nistp521-agent (user at host) ? Certificate added: openssh/regress/ecdsa-sha2-nistp521-agent-cert.pub (ecdsa-sha2-nistp521 cert) ? Identity added: openssh/regress/sk-ecdsa-sha2-nistp256 at openssh.com-agent (user at host) ? Certificate added: openssh/regress/sk-ecdsa-sha2-nistp256 at openssh.com-agent-cert.pub (sk-ecdsa-sha2-nistp256 at openssh.com cert) ? Identity added: openssh/regress/sk-ecdsa-sha2-nistp256 at openssh.com-agent (user at host) ? Certificate added: openssh/regress/sk-ecdsa-sha2-nistp256 at openssh.com-agent-cert.pub (sk-ecdsa-sha2-nistp256 at openssh.com cert) ? ssh-add -l with different agent did not fail with exit code 1 (exit code 0) ? failed simple agent test ? Makefile:213: recipe for target 't-exec' failed ? make[1]: *** [t-exec] Error 1 ? make[1]: Leaving directory 'openssh/regress' ? Makefile:676: recipe for target 't-exec' failed ? make: *** [t-exec] Error 2 ? ? Sent regress/failed-ssh.log and regress/failed-sshd.log to Darren off-list for eval. ? -- # include <stddisclaimer.h> /* Kevin Brott <Kevin.Brott at GMail.com> */
On Tue, 12 May 2020, Mark D. Baushke wrote:> Hi Damien, > > Failure in t-exec using the 2020-05-13 snapshot. > > Host OS: macOS Mojave (10.14.6) > Host HW: MacBook Pro (Retina, 15-inch, Mid 2014) > > Snapshot: openssh-SNAP-20200513.tar.gz > > $ ./configure --with-ssl-dir='/usr/local/Cellar/openssl at 1.1/1.1.1g' > $ make tests > > OpenSSL 1.1.1g installed via homebrew. > > Attachment contains: > > build.log > regress/failed-regress.log > regress/failed-ssh.log > regress/failed-sshd.logI replied privately, but I can't replicate this on the OS X that I have available (19.4.0) and I suspect that his might be a collision between the ports used in the test and something listening on locally. The relevant section of your log seems consistent with this. openssh/regress/failed-ssh.log:> debug1: Requesting forwarding of local forward 127.0.0.1:4244 -> 127.0.0.1:4243 > mux_client_forward: forwarding request failed: Port forwarding failed > muxclient: master forward request failedYou should be able to override the default port number using $TEST_SSH_PORT, e.g. "make tests TEST_SSH_PORT=23456" -d
On Tue, 2020-05-12 at 13:24 +1000, Damien Miller wrote:> Hi, > > OpenSSH 8.3p1 is almost ready for release, so we would appreciate > testing > on as many platforms and systems as possible. This is a bugfix > release.Tested with openssh-SNAP-20200519.tar.gz on Fedora 32 and all tests passed. If possible, I would like to have the server include bug addressed for this release as it quite hard to use. I spent already some time to pinpoint the problem and propose a solution so addressing it should not take that much work: https://bugzilla.mindrot.org/show_bug.cgi?id=3122 Regards, -- Jakub Jelen Senior Software Engineer Security Technologies Red Hat, Inc.
On May 12 13:24, Damien Miller wrote:> Hi, > > OpenSSH 8.3p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release.Builds OOTB on current Cygwin, all tests pass. Thanks, Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat