--- a/components/openssh/Makefile Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/Makefile Thu Jun 18 07:01:42 2015 -0700
@@ -23,22 +23,22 @@
include ../../make-rules/shared-macros.mk
COMPONENT_NAME= openssh
-COMPONENT_VERSION= 6.5p1
+COMPONENT_VERSION= 6.8p1
HUMAN_VERSION= $(COMPONENT_VERSION)
COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION)
# Version for IPS. The encoding rules are:
# OpenSSH <x>.<y>p<n> => IPS <x>.<y>.0.<n>
# OpenSSH <x>.<y>.<z>p<n> => IPS <x>.<y>.<z>.<n>
-IPS_COMPONENT_VERSION= 6.5.0.1
+IPS_COMPONENT_VERSION= 6.8.0.1
COMPONENT_PROJECT_URL= http://www.openssh.org/
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz
-COMPONENT_ARCHIVE_HASH= sha256:a1195ed55db945252d5a1730d4a2a2a5c1c9a6aa01ef2e5af750a962623d9027
+COMPONENT_ARCHIVE_HASH= sha256:3ff64ce73ee124480b5bf767b9830d7d3c03bbcb6abe716b78f0192c37ce160e
COMPONENT_ARCHIVE_URL= http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/portable/$(COMPONENT_ARCHIVE)
COMPONENT_BUGDB=utility/openssh
-TPNO_OPENSSH= 16633
+TPNO_OPENSSH= 21980
TPNO_GSSKEX= 20377
include $(WS_MAKE_RULES)/prep.mk
@@ -118,7 +118,7 @@
REQUIRED_PACKAGES += library/zlib
REQUIRED_PACKAGES += service/security/kerberos-5
REQUIRED_PACKAGES += system/library
-REQUIRED_PACKAGES += system/library/gcc-45-runtime
+REQUIRED_PACKAGES += system/library/gcc-48-runtime
REQUIRED_PACKAGES += system/library/gcc/gcc-c-runtime
REQUIRED_PACKAGES += system/library/security/gss
REQUIRED_PACKAGES += system/linker
--- a/components/openssh/patches/005-openssh_krb5_build_fix.patch Wed Jun 17 14:55:22 2015 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,102 +0,0 @@
-#
-# This is to work around an unresloved symbol problem with the Kerberos
-# build option. Unlike MIT Kerberos, the gss_krb5_copy_ccache() function
-# is not supported on Solaris, because it violates API abstraction. This
-# workaround disables delegated credentials storing on server side.
-#
-# The long term goal is to replace Solaris Kerberos libraries with MIT Kerberos
-# delivered from Userland gate (The Solaris MIT Kerberos Drop in Project).
-# After that, function gss_krb5_copy_ccache() will be available in Solaris and
-# the delegating credentials functionality will be made available using the
-# upstream code.
-#
---- orig/auth2-gss.c Fri Mar 21 10:41:03 2014
-+++ new/auth2-gss.c Fri Mar 21 11:13:57 2014
-@@ -47,6 +47,10 @@
-
- extern ServerOptions options;
-
-+#ifdef KRB5_BUILD_FIX
-+ extern gss_OID_set g_supported;
-+#endif
-+
- static void input_gssapi_token(int type, u_int32_t plen, void *ctxt);
- static void input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
- static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
-@@ -77,7 +81,13 @@
- return (0);
- }
-
-+#ifdef KRB5_BUILD_FIX
-+ /* use value obtained in privileged parent */
-+ supported = g_supported;
-+#else
- ssh_gssapi_supported_oids(&supported);
-+#endif
-+
- do {
- mechs--;
-
---- orig/configure Fri Mar 21 10:41:03 2014
-+++ new/configure Fri Mar 21 11:02:11 2014
-@@ -16634,6 +16634,12 @@
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
- $as_echo "no" >&6; }
- fi
-+
-+ # Oracle Solaris
-+ # OpenSSH is mixed-up gssapi AND krb5 aplication
-+ K5CFLAGS="$K5CFLAGS `$KRB5CONF --cflags krb5`"
-+ K5LIBS="$K5LIBS `$KRB5CONF --libs krb5`"
-+
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using Heimdal" >&5
- $as_echo_n "checking whether we are using Heimdal... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
---- orig/sshd.c Fri Mar 21 10:41:03 2014
-+++ new/sshd.c Fri Mar 21 11:09:30 2014
-@@ -259,6 +259,11 @@
- /* Unprivileged user */
- struct passwd *privsep_pw = NULL;
-
-+#if defined(KRB5_BUILD_FIX) && defined(GSSAPI)
-+/* Temporary storing supported GSS mechs */
-+gss_OID_set g_supported;
-+#endif
-+
- /* Prototypes for various functions defined later in this file. */
- void destroy_sensitive_data(void);
- void demote_sensitive_data(void);
-@@ -1407,6 +1412,10 @@
- av = saved_argv;
- #endif
-
-+#if defined(KRB5_BUILD_FIX) && defined(GSSAPI)
-+ OM_uint32 ms;
-+#endif
-+
- if (geteuid() == 0 && setgroups(0, NULL) == -1)
- debug("setgroups(): %.200s", strerror(errno));
-
-@@ -2083,6 +2092,11 @@
- buffer_init(&loginmsg);
- auth_debug_reset();
-
-+#if defined(KRB5_BUILD_FIX) && defined(GSSAPI)
-+ /* collect gss mechs for later use in privsep child */
-+ ssh_gssapi_supported_oids(&g_supported);
-+#endif
-+
- if (use_privsep) {
- if (privsep_preauth(authctxt) == 1)
- goto authenticated;
-@@ -2120,6 +2134,10 @@
- startup_pipe = -1;
- }
-
-+#if defined(KRB5_BUILD_FIX) && defined(GSSAPI)
-+ gss_release_oid_set(&ms, &g_supported);
-+#endif
-+
- #ifdef SSH_AUDIT_EVENTS
- audit_event(SSH_AUTH_SUCCESS);
- #endif
--- a/components/openssh/patches/007-manpages.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/007-manpages.patch Thu Jun 18 07:01:42 2015 -0700
@@ -7,8 +7,9 @@
# pages, the section numbers of some OpenSSH man pages are changed to be the
# same as their corresponding ones in SunSSH.
#
---- orig/moduli.5 Thu Feb 6 10:00:17 2014
-+++ new/moduli.5 Thu Feb 6 10:08:07 2014
+diff -pur old/moduli.5 new/moduli.5
+--- old/moduli.5 2015-03-17 06:49:20.000000000 +0100
++++ new/moduli.5 2015-03-28 05:37:09.205577491 +0100
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
@@ -27,7 +28,7 @@
in the Diffie-Hellman Group Exchange key exchange method.
.Pp
New moduli may be generated with
-@@ -40,7 +40,7 @@
+@@ -40,7 +40,7 @@ pass, using
.Ic ssh-keygen -T ,
provides a high degree of assurance that the numbers are prime and are
safe for use in Diffie-Hellman operations by
@@ -36,7 +37,7 @@
This
.Nm
format is used as the output from each pass.
-@@ -70,7 +70,7 @@
+@@ -70,7 +70,7 @@ are Sophie Germain primes (type 4).
Further primality testing with
.Xr ssh-keygen 1
produces safe prime moduli (type 2) that are ready for use in
@@ -45,7 +46,7 @@
Other types are not used by OpenSSH.
.It tests
Decimal number indicating the type of primality tests that the number
-@@ -105,16 +105,16 @@
+@@ -105,16 +105,16 @@ The modulus itself in hexadecimal.
.El
.Pp
When performing Diffie-Hellman Group Exchange,
@@ -65,18 +66,19 @@
.Sh STANDARDS
.Rs
.%A M. Friedl
---- orig/sftp-server.8 Thu Feb 6 10:01:20 2014
-+++ new/sftp-server.8 Thu Feb 6 10:09:59 2014
+diff -pur old/sftp-server.8 new/sftp-server.8
+--- old/sftp-server.8 2015-03-17 06:49:20.000000000 +0100
++++ new/sftp-server.8 2015-03-28 05:38:55.972453415 +0100
@@ -23,7 +23,7 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
- .Dd $Mdocdate: October 14 2013 $
+ .Dd $Mdocdate: December 11 2014 $
-.Dt SFTP-SERVER 8
+.Dt SFTP-SERVER 1M
.Os
.Sh NAME
.Nm sftp-server
-@@ -47,7 +47,7 @@
+@@ -47,7 +47,7 @@ is a program that speaks the server side
to stdout and expects client requests from stdin.
.Nm
is not intended to be called directly, but from
@@ -85,7 +87,7 @@
using the
.Cm Subsystem
option.
-@@ -58,7 +58,7 @@
+@@ -58,7 +58,7 @@ should be specified in the
.Cm Subsystem
declaration.
See
@@ -94,7 +96,7 @@
for more information.
.Pp
Valid options are:
-@@ -71,7 +71,7 @@
+@@ -71,7 +71,7 @@ The pathname may contain the following t
and %u is replaced by the username of that user.
The default is to use the user's home directory.
This option is useful in conjunction with the
@@ -103,7 +105,7 @@
.Cm ChrootDirectory
option.
.It Fl e
-@@ -152,8 +152,8 @@
+@@ -152,8 +152,8 @@ establish a logging socket inside the ch
.Sh SEE ALSO
.Xr sftp 1 ,
.Xr ssh 1 ,
@@ -114,73 +116,9 @@
.Rs
.%A T. Ylonen
.%A S. Lehtinen
---- orig/ssh_config.5 Thu Feb 6 10:01:20 2014
-+++ new/ssh_config.5 Thu Mar 27 16:37:50 2014
-@@ -35,7 +35,7 @@
- .\"
- .\" $OpenBSD: ssh_config.5,v 1.184 2014/01/19 04:48:08 djm Exp $
- .Dd $Mdocdate: January 19 2014 $
--.Dt SSH_CONFIG 5
-+.Dt SSH_CONFIG 4
- .Os
- .Sh NAME
- .Nm ssh_config
-@@ -503,7 +503,7 @@
- .Dq Fl O No exit
- option).
- If set to a time in seconds, or a time in any of the formats documented in
--.Xr sshd_config 5 ,
-+.Xr sshd_config 4 ,
- then the backgrounded master connection will automatically terminate
- after it has remained idle (with no client connections) for the
- specified time.
-@@ -622,7 +622,7 @@
- Specify a timeout for untrusted X11 forwarding
- using the format described in the
- TIME FORMATS section of
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
- X11 connections received by
- .Xr ssh 1
- after this time will be refused.
-@@ -689,7 +689,7 @@
- These hashed names may be used normally by
- .Xr ssh 1
- and
--.Xr sshd 8 ,
-+.Xr sshd 1M ,
- but they do not reveal identifying information should the file's contents
- be disclosed.
- The default is
-@@ -1122,7 +1122,7 @@
- The optional second value is specified in seconds and may use any of the
- units documented in the
- TIME FORMATS section of
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
- The default value for
- .Cm RekeyLimit
- is
-@@ -1166,7 +1166,7 @@
- will only succeed if the server's
- .Cm GatewayPorts
- option is enabled (see
--.Xr sshd_config 5 ) .
-+.Xr sshd_config 4 ) .
- .It Cm RequestTTY
- Specifies whether to request a pseudo-tty for the session.
- The argument may be one of:
-@@ -1218,7 +1218,7 @@
- Refer to
- .Cm AcceptEnv
- in
--.Xr sshd_config 5
-+.Xr sshd_config 4
- for how to configure the server.
- Variables are specified by name, which may contain wildcard characters.
- Multiple environment variables may be separated by whitespace or spread
---- orig/ssh-keysign.8 Thu Feb 6 10:01:20 2014
-+++ new/ssh-keysign.8 Thu Feb 6 10:13:05 2014
+diff -pur old/ssh-keysign.8 new/ssh-keysign.8
+--- old/ssh-keysign.8 2015-03-17 06:49:20.000000000 +0100
++++ new/ssh-keysign.8 2015-03-28 05:37:09.206625270 +0100
@@ -23,7 +23,7 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
@@ -190,7 +128,7 @@
.Os
.Sh NAME
.Nm ssh-keysign
-@@ -52,7 +52,7 @@
+@@ -52,7 +52,7 @@ is not intended to be invoked by the use
See
.Xr ssh 1
and
@@ -199,7 +137,7 @@
for more information about host-based authentication.
.Sh FILES
.Bl -tag -width Ds -compact
-@@ -83,8 +83,8 @@
+@@ -83,8 +83,8 @@ information corresponding with the priva
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-keygen 1 ,
@@ -210,8 +148,9 @@
.Sh HISTORY
.Nm
first appeared in
---- orig/ssh-pkcs11-helper.8 Thu Feb 6 10:01:20 2014
-+++ new/ssh-pkcs11-helper.8 Thu Feb 6 10:14:40 2014
+diff -pur old/ssh-pkcs11-helper.8 new/ssh-pkcs11-helper.8
+--- old/ssh-pkcs11-helper.8 2015-03-17 06:49:20.000000000 +0100
++++ new/ssh-pkcs11-helper.8 2015-03-28 05:37:09.206699277 +0100
@@ -15,7 +15,7 @@
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
@@ -221,12 +160,178 @@
.Os
.Sh NAME
.Nm ssh-pkcs11-helper
---- orig/sshd_config.5 Thu Feb 6 10:01:20 2014
-+++ new/sshd_config.5 Thu Feb 6 10:17:21 2014
+diff -pur old/ssh_config.5 new/ssh_config.5
+--- old/ssh_config.5 2015-03-17 06:49:20.000000000 +0100
++++ new/ssh_config.5 2015-03-28 05:39:45.895250783 +0100
+@@ -35,7 +35,7 @@
+ .\"
+ .\" $OpenBSD: ssh_config.5,v 1.205 2015/02/20 22:17:21 djm Exp $
+ .Dd $Mdocdate: February 20 2015 $
+-.Dt SSH_CONFIG 5
++.Dt SSH_CONFIG 4
+ .Os
+ .Sh NAME
+ .Nm ssh_config
+@@ -562,7 +562,7 @@ then the master connection will remain i
+ .Dq Fl O No exit
+ option).
+ If set to a time in seconds, or a time in any of the formats documented in
+-.Xr sshd_config 5 ,
++.Xr sshd_config 4 ,
+ then the backgrounded master connection will automatically terminate
+ after it has remained idle (with no client connections) for the
+ specified time.
+@@ -689,7 +689,7 @@ option is also enabled.
+ Specify a timeout for untrusted X11 forwarding
+ using the format described in the
+ TIME FORMATS section of
+-.Xr sshd_config 5 .
++.Xr sshd_config 4 .
+ X11 connections received by
+ .Xr ssh 1
+ after this time will be refused.
+@@ -756,7 +756,7 @@ should hash host names and addresses whe
+ These hashed names may be used normally by
+ .Xr ssh 1
+ and
+-.Xr sshd 8 ,
++.Xr sshd 1M ,
+ but they do not reveal identifying information should the file's contents
+ be disclosed.
+ The default is
+@@ -1233,7 +1233,7 @@ depending on the cipher.
+ The optional second value is specified in seconds and may use any of the
+ units documented in the
+ TIME FORMATS section of
+-.Xr sshd_config 5 .
++.Xr sshd_config 4 .
+ The default value for
+ .Cm RekeyLimit
+ is
+@@ -1277,7 +1277,7 @@ Specifying a remote
+ will only succeed if the server's
+ .Cm GatewayPorts
+ option is enabled (see
+-.Xr sshd_config 5 ) .
++.Xr sshd_config 4 ) .
+ .It Cm RequestTTY
+ Specifies whether to request a pseudo-tty for the session.
+ The argument may be one of:
+@@ -1339,7 +1339,7 @@ accept these environment variables.
+ Refer to
+ .Cm AcceptEnv
+ in
+-.Xr sshd_config 5
++.Xr sshd_config 4
+ for how to configure the server.
+ Variables are specified by name, which may contain wildcard characters.
+ Multiple environment variables may be separated by whitespace or spread
+diff -pur old/sshd.8 new/sshd.8
+--- old/sshd.8 2015-03-17 06:49:20.000000000 +0100
++++ new/sshd.8 2015-03-28 05:41:50.762749417 +0100
@@ -35,7 +35,7 @@
.\"
- .\" $OpenBSD: sshd_config.5,v 1.170 2013/12/08 09:53:27 dtucker Exp $
- .Dd $Mdocdate: December 8 2013 $
+ .\" $OpenBSD: sshd.8,v 1.278 2014/11/15 14:41:03 bentley Exp $
+ .Dd $Mdocdate: November 15 2014 $
+-.Dt SSHD 8
++.Dt SSHD 1M
+ .Os
+ .Sh NAME
+ .Nm sshd
+@@ -77,7 +77,7 @@ and data exchange.
+ .Nm
+ can be configured using command-line options or a configuration file
+ (by default
+-.Xr sshd_config 5 ) ;
++.Xr sshd_config 4 ) ;
+ command-line options override values specified in the
+ configuration file.
+ .Nm
+@@ -207,7 +207,7 @@ Can be used to give options in the forma
+ This is useful for specifying options for which there is no separate
+ command-line flag.
+ For full details of the options, and their values, see
+-.Xr sshd_config 5 .
++.Xr sshd_config 4 .
+ .It Fl p Ar port
+ Specifies the port on which the server listens for connections
+ (default 22).
+@@ -277,7 +277,7 @@ The default is to use protocol 2 only,
+ though this can be changed via the
+ .Cm Protocol
+ option in
+-.Xr sshd_config 5 .
++.Xr sshd_config 4 .
+ Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys;
+ protocol 1 only supports RSA keys.
+ For both protocols,
+@@ -402,7 +402,7 @@ if it exists, and users are allowed to c
+ See the
+ .Cm PermitUserEnvironment
+ option in
+-.Xr sshd_config 5 .
++.Xr sshd_config 4 .
+ .It
+ Changes to user's home directory.
+ .It
+@@ -550,7 +550,7 @@ The command originally supplied by the c
+ environment variable.
+ Note that this option applies to shell, command or subsystem execution.
+ Also note that this command may be superseded by either a
+-.Xr sshd_config 5
++.Xr sshd_config 4
+ .Cm ForceCommand
+ directive or a command embedded in a certificate.
+ .It Cm environment="NAME=value"
+@@ -571,7 +571,7 @@ Specifies that in addition to public key
+ name of the remote host or its IP address must be present in the
+ comma-separated list of patterns.
+ See PATTERNS in
+-.Xr ssh_config 5
++.Xr ssh_config 4
+ for more information on patterns.
+ .Pp
+ In addition to the wildcard matching that may be applied to hostnames or
+@@ -859,7 +859,7 @@ It should only be writable by root.
+ .It Pa /etc/moduli
+ Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
+ The file format is described in
+-.Xr moduli 5 .
++.Xr moduli 4 .
+ .Pp
+ .It Pa /etc/motd
+ See
+@@ -920,7 +920,7 @@ should be world-readable.
+ Contains configuration data for
+ .Nm sshd .
+ The file format and configuration options are described in
+-.Xr sshd_config 5 .
++.Xr sshd_config 4 .
+ .Pp
+ .It Pa /etc/ssh/sshrc
+ Similar to
+@@ -955,10 +955,10 @@ The content of this file is not sensitiv
+ .Xr ssh-keyscan 1 ,
+ .Xr chroot 2 ,
+ .Xr login.conf 5 ,
+-.Xr moduli 5 ,
+-.Xr sshd_config 5 ,
+-.Xr inetd 8 ,
+-.Xr sftp-server 8
++.Xr moduli 4 ,
++.Xr sshd_config 4 ,
++.Xr inetd 1M ,
++.Xr sftp-server 1M
+ .Sh AUTHORS
+ OpenSSH is a derivative of the original and free
+ ssh 1.2.12 release by Tatu Ylonen.
+diff -pur old/sshd_config.5 new/sshd_config.5
+--- old/sshd_config.5 2015-03-28 05:37:09.175994877 +0100
++++ new/sshd_config.5 2015-03-28 05:42:07.245709990 +0100
+@@ -35,7 +35,7 @@
+ .\"
+ .\" $OpenBSD: sshd_config.5,v 1.194 2015/02/20 23:46:01 djm Exp $
+ .Dd $Mdocdate: February 20 2015 $
-.Dt SSHD_CONFIG 5
+.Dt SSHD_CONFIG 4
.Os
@@ -241,7 +346,7 @@
reads configuration data from
.Pa /etc/ssh/sshd_config
(or the file specified with
-@@ -68,7 +68,7 @@
+@@ -68,7 +68,7 @@ the session's
See
.Cm SendEnv
in
@@ -250,7 +355,7 @@
for how to configure the client.
Note that environment passing is only supported for protocol 2.
Variables are specified by name, which may contain the wildcard characters
-@@ -85,7 +85,7 @@
+@@ -85,7 +85,7 @@ For this reason, care should be taken in
The default is not to accept any environment variables.
.It Cm AddressFamily
Specifies which address family should be used by
@@ -259,7 +364,7 @@
Valid arguments are
.Dq any ,
.Dq inet
-@@ -118,7 +118,7 @@
+@@ -118,7 +118,7 @@ and finally
.Cm AllowGroups .
.Pp
See PATTERNS in
@@ -268,7 +373,7 @@
for more information on patterns.
.It Cm AllowTcpForwarding
Specifies whether TCP forwarding is permitted.
-@@ -158,7 +158,7 @@
+@@ -178,7 +178,7 @@ and finally
.Cm AllowGroups .
.Pp
See PATTERNS in
@@ -277,7 +382,7 @@
for more information on patterns.
.It Cm AuthenticationMethods
Specifies the authentication methods that must be successfully completed
-@@ -202,7 +202,7 @@
+@@ -234,7 +234,7 @@ The program must be owned by root and no
It will be invoked with a single argument of the username
being authenticated, and should produce on standard output zero or
more lines of authorized_keys output (see AUTHORIZED_KEYS in
@@ -286,7 +391,7 @@
If a key supplied by AuthorizedKeysCommand does not successfully authenticate
and authorize the user then public key authentication continues using the usual
.Cm AuthorizedKeysFile
-@@ -218,7 +218,7 @@
+@@ -257,7 +257,7 @@ for user authentication.
The format is described in the
AUTHORIZED_KEYS FILE FORMAT
section of
@@ -295,7 +400,7 @@
.Cm AuthorizedKeysFile
may contain tokens of the form %T which are substituted during connection
setup.
-@@ -241,7 +241,7 @@
+@@ -280,7 +280,7 @@ this file lists names, one of which must
to be accepted for authentication.
Names are listed one per line preceded by key options (as described
in AUTHORIZED_KEYS FILE FORMAT in
@@ -304,7 +409,7 @@
Empty lines and comments starting with
.Ql #
are ignored.
-@@ -271,7 +271,7 @@
+@@ -310,7 +310,7 @@ and is not consulted for certification a
though the
.Cm principals=
key option offers a similar facility (see
@@ -313,16 +418,16 @@
for details).
.It Cm Banner
The contents of the specified file are sent to the remote user before
-@@ -294,7 +294,7 @@
- All components of the pathname must be root-owned directories that are
- not writable by any other user or group.
+@@ -335,7 +335,7 @@ At session startup
+ checks that all components of the pathname are root-owned directories
+ which are not writable by any other user or group.
After the chroot,
-.Xr sshd 8
+.Xr sshd 1M
changes the working directory to the user's home directory.
.Pp
The pathname may contain the following tokens that are expanded at runtime once
-@@ -370,7 +370,7 @@
+@@ -433,7 +433,7 @@ with an argument of
.It Cm ClientAliveCountMax
Sets the number of client alive messages (see below) which may be
sent without
@@ -331,7 +436,7 @@
receiving any messages back from the client.
If this threshold is reached while client alive messages are being sent,
sshd will disconnect the client, terminating the session.
-@@ -397,7 +397,7 @@
+@@ -460,7 +460,7 @@ This option applies to protocol version
.It Cm ClientAliveInterval
Sets a timeout interval in seconds after which if no data has been received
from the client,
@@ -340,7 +445,7 @@
will send a message through the encrypted
channel to request a response from the client.
The default
-@@ -428,7 +428,7 @@
+@@ -491,7 +491,7 @@ and finally
.Cm AllowGroups .
.Pp
See PATTERNS in
@@ -349,16 +454,16 @@
for more information on patterns.
.It Cm DenyUsers
This keyword can be followed by a list of user name patterns, separated
-@@ -447,7 +447,7 @@
+@@ -510,7 +510,7 @@ and finally
.Cm AllowGroups .
.Pp
See PATTERNS in
-.Xr ssh_config 5
+.Xr ssh_config 4
for more information on patterns.
- .It Cm ForceCommand
- Forces the execution of the command specified by
-@@ -472,7 +472,7 @@
+ .It Cm FingerprintHash
+ Specifies the hash algorithm used when logging key fingerprints.
+@@ -543,7 +543,7 @@ files when used with
Specifies whether remote hosts are allowed to connect to ports
forwarded for the client.
By default,
@@ -367,7 +472,7 @@
binds remote port forwardings to the loopback address.
This prevents other remote hosts from connecting to forwarded ports.
.Cm GatewayPorts
-@@ -520,7 +520,7 @@
+@@ -602,7 +602,7 @@ files during
A setting of
.Dq yes
means that
@@ -376,7 +481,7 @@
uses the name supplied by the client rather than
attempting to resolve the name from the TCP connection itself.
The default is
-@@ -531,7 +531,7 @@
+@@ -613,7 +613,7 @@ The certificate's public key must match
by
.Cm HostKey .
The default behaviour of
@@ -385,7 +490,7 @@
is not to load any certificates.
.It Cm HostKey
Specifies a file containing a private host key
-@@ -546,7 +546,7 @@
+@@ -628,7 +628,7 @@ and
.Pa /etc/ssh/ssh_host_rsa_key
for protocol version 2.
Note that
@@ -394,7 +499,7 @@
will refuse to use a file if it is group/world-accessible.
It is possible to have multiple host key files.
.Dq rsa1
-@@ -587,7 +587,7 @@
+@@ -669,7 +669,7 @@ The default is
.Dq yes .
.It Cm IgnoreUserKnownHosts
Specifies whether
@@ -403,7 +508,7 @@
should ignore the user's
.Pa ~/.ssh/known_hosts
during
-@@ -681,7 +681,7 @@
+@@ -800,7 +800,7 @@ If the value is 0, the key is never rege
The default is 3600 (seconds).
.It Cm ListenAddress
Specifies the local addresses
@@ -412,7 +517,7 @@
should listen on.
The following forms may be used:
.Pp
-@@ -724,7 +724,7 @@
+@@ -843,7 +843,7 @@ If the value is 0, there is no time limi
The default is 120 seconds.
.It Cm LogLevel
Gives the verbosity level that is used when logging messages from
@@ -421,7 +526,7 @@
The possible values are:
QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
The default is INFO.
-@@ -776,7 +776,7 @@
+@@ -943,7 +943,7 @@ and
The match patterns may consist of single entries or comma-separated
lists and may use the wildcard and negation operators described in the
PATTERNS section of
@@ -430,7 +535,7 @@
.Pp
The patterns in an
.Cm Address
-@@ -856,7 +856,7 @@
+@@ -1032,7 +1032,7 @@ Alternatively, random early drop can be
the three colon separated values
.Dq start:rate:full
(e.g. "10:30:60").
@@ -439,7 +544,7 @@
will refuse connection attempts with a probability of
.Dq rate/100
(30%)
-@@ -969,7 +969,7 @@
+@@ -1149,7 +1149,7 @@ and
options in
.Pa ~/.ssh/authorized_keys
are processed by
@@ -448,7 +553,7 @@
The default is
.Dq no .
Enabling environment processing may enable users to bypass access
-@@ -982,7 +982,7 @@
+@@ -1168,7 +1168,7 @@ The default is
.Pa /var/run/sshd.pid .
.It Cm Port
Specifies the port number that
@@ -457,7 +562,7 @@
listens on.
The default is 22.
Multiple options of this type are permitted.
-@@ -990,7 +990,7 @@
+@@ -1176,14 +1176,14 @@ See also
.Cm ListenAddress .
.It Cm PrintLastLog
Specifies whether
@@ -465,9 +570,8 @@
+.Xr sshd 1M
should print the date and time of the last user login when a user logs
in interactively.
- The default is
-@@ -997,7 +997,7 @@
- .Dq yes .
+ On Solaris this option is always ignored since pam_unix_session(5)
+ reports the last login time.
.It Cm PrintMotd
Specifies whether
-.Xr sshd 8
@@ -475,7 +579,7 @@
should print
.Pa /etc/motd
when a user logs in interactively.
-@@ -1008,7 +1008,7 @@
+@@ -1194,7 +1194,7 @@ The default is
.Dq yes .
.It Cm Protocol
Specifies the protocol versions
@@ -484,8 +588,8 @@
supports.
The possible values are
.Sq 1
-@@ -1081,7 +1081,7 @@
- The minimum value is 512, and the default is 1024.
+@@ -1305,7 +1305,7 @@ The default is
+ .Dq no .
.It Cm StrictModes
Specifies whether
-.Xr sshd 8
@@ -493,7 +597,7 @@
should check file modes and ownership of the
user's files and home directory before accepting login.
This is normally desirable because novices sometimes accidentally leave their
-@@ -1115,7 +1115,7 @@
+@@ -1339,7 +1339,7 @@ By default no subsystems are defined.
Note that this option applies to protocol version 2 only.
.It Cm SyslogFacility
Gives the facility code that is used when logging messages from
@@ -502,7 +606,7 @@
The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
The default is AUTH.
-@@ -1156,7 +1156,7 @@
+@@ -1380,7 +1380,7 @@ For more details on certificates, see th
.Xr ssh-keygen 1 .
.It Cm UseDNS
Specifies whether
@@ -511,7 +615,7 @@
should look up the remote host name and check that
the resolved host name for the remote IP address maps back to the
very same IP address.
-@@ -1201,13 +1201,13 @@
+@@ -1425,13 +1425,13 @@ or
If
.Cm UsePAM
is enabled, you will not be able to run
@@ -527,7 +631,7 @@
separates privileges by creating an unprivileged child process
to deal with incoming network traffic.
After successful authentication, another process will be created that has
-@@ -1229,7 +1229,7 @@
+@@ -1453,7 +1453,7 @@ The default is
.Dq none .
.It Cm X11DisplayOffset
Specifies the first display number available for
@@ -536,7 +640,7 @@
X11 forwarding.
This prevents sshd from interfering with real X11 servers.
The default is 10.
-@@ -1244,7 +1244,7 @@
+@@ -1468,7 +1468,7 @@ The default is
.Pp
When X11 forwarding is enabled, there may be additional exposure to
the server and to client displays if the
@@ -545,7 +649,7 @@
proxy display is configured to listen on the wildcard address (see
.Cm X11UseLocalhost
below), though this is not the default.
-@@ -1255,7 +1255,7 @@
+@@ -1479,7 +1479,7 @@ display server may be exposed to attack
forwarding (see the warnings for
.Cm ForwardX11
in
@@ -554,7 +658,7 @@
A system administrator may have a stance in which they want to
protect clients that may expose themselves to attack by unwittingly
requesting X11 forwarding, which can warrant a
-@@ -1269,7 +1269,7 @@
+@@ -1493,7 +1493,7 @@ X11 forwarding is automatically disabled
is enabled.
.It Cm X11UseLocalhost
Specifies whether
@@ -563,7 +667,7 @@
should bind the X11 forwarding server to the loopback address or to
the wildcard address.
By default,
-@@ -1300,7 +1300,7 @@
+@@ -1524,7 +1524,7 @@ The default is
.Pa /usr/X11R6/bin/xauth .
.El
.Sh TIME FORMATS
@@ -572,7 +676,7 @@
command-line arguments and configuration file options that specify time
may be expressed using a sequence of the form:
.Sm off
-@@ -1344,12 +1344,12 @@
+@@ -1568,12 +1568,12 @@ Time format examples:
.Bl -tag -width Ds
.It Pa /etc/ssh/sshd_config
Contains configuration data for
@@ -587,102 +691,3 @@
.Xr pam_unix_session 5
.Sh AUTHORS
OpenSSH is a derivative of the original and free
- ssh 1.2.12 release by Tatu Ylonen.
---- orig/sshd.8 Thu Feb 6 10:01:20 2014
-+++ new/sshd.8 Thu Feb 6 10:22:35 2014
-@@ -35,7 +35,7 @@
- .\"
- .\" $OpenBSD: sshd.8,v 1.273 2013/12/07 11:58:46 naddy Exp $
- .Dd $Mdocdate: December 7 2013 $
--.Dt SSHD 8
-+.Dt SSHD 1M
- .Os
- .Sh NAME
- .Nm sshd
-@@ -80,7 +80,7 @@
- .Nm
- can be configured using command-line options or a configuration file
- (by default
--.Xr sshd_config 5 ) ;
-+.Xr sshd_config 4 ) ;
- command-line options override values specified in the
- configuration file.
- .Nm
-@@ -210,7 +210,7 @@
- This is useful for specifying options for which there is no separate
- command-line flag.
- For full details of the options, and their values, see
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
- .It Fl p Ar port
- Specifies the port on which the server listens for connections
- (default 22).
-@@ -280,7 +280,7 @@
- though this can be changed via the
- .Cm Protocol
- option in
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
- Protocol 2 supports DSA, ECDSA, ED25519 and RSA keys;
- protocol 1 only supports RSA keys.
- For both protocols,
-@@ -405,7 +405,7 @@
- See the
- .Cm PermitUserEnvironment
- option in
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
- .It
- Changes to user's home directory.
- .It
-@@ -550,7 +550,7 @@
- environment variable.
- Note that this option applies to shell, command or subsystem execution.
- Also note that this command may be superseded by either a
--.Xr sshd_config 5
-+.Xr sshd_config 4
- .Cm ForceCommand
- directive or a command embedded in a certificate.
- .It Cm environment="NAME=value"
-@@ -571,7 +571,7 @@
- name of the remote host or its IP address must be present in the
- comma-separated list of patterns.
- See PATTERNS in
--.Xr ssh_config 5
-+.Xr ssh_config 4
- for more information on patterns.
- .Pp
- In addition to the wildcard matching that may be applied to hostnames or
-@@ -865,7 +865,7 @@
- .It Pa /etc/moduli
- Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
- The file format is described in
--.Xr moduli 5 .
-+.Xr moduli 4 .
- .Pp
- .It Pa /etc/motd
- See
-@@ -926,7 +926,7 @@
- Contains configuration data for
- .Nm sshd .
- The file format and configuration options are described in
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
- .Pp
- .It Pa /etc/ssh/sshrc
- Similar to
-@@ -962,10 +962,10 @@
- .Xr chroot 2 ,
- .Xr hosts_access 5 ,
- .Xr login.conf 5 ,
--.Xr moduli 5 ,
--.Xr sshd_config 5 ,
--.Xr inetd 8 ,
--.Xr sftp-server 8
-+.Xr moduli 4 ,
-+.Xr sshd_config 4 ,
-+.Xr inetd 1M ,
-+.Xr sftp-server 1M
- .Sh AUTHORS
- OpenSSH is a derivative of the original and free
- ssh 1.2.12 release by Tatu Ylonen.
--- a/components/openssh/patches/011-useprivilegedport_regression.patch Wed Jun 17 14:55:22 2015 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,62 +0,0 @@
-#
-# This is to fix a regression in OpenSSH6.5p1 for UsePrivilegedPort=yes. The
-# bug fix code came from OpenSSH.org. When we upgrade OpenSSH to version 6.6
-# or later, we will remove this patch file.
-#
---- orig/sshconnect.c Mon Feb 10 13:56:07 2014
-+++ new/sshconnect.c Mon Feb 10 17:10:54 2014
-@@ -269,7 +269,7 @@
- ssh_create_socket(int privileged, struct addrinfo *ai)
- {
- int sock, r, gaierr;
-- struct addrinfo hints, *res;
-+ struct addrinfo hints, *res = NULL;
-
- sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (sock < 0) {
-@@ -282,17 +282,19 @@
- if (options.bind_address == NULL && !privileged)
- return sock;
-
-- memset(&hints, 0, sizeof(hints));
-- hints.ai_family = ai->ai_family;
-- hints.ai_socktype = ai->ai_socktype;
-- hints.ai_protocol = ai->ai_protocol;
-- hints.ai_flags = AI_PASSIVE;
-- gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res);
-- if (gaierr) {
-+ if (options.bind_address) {
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = ai->ai_family;
-+ hints.ai_socktype = ai->ai_socktype;
-+ hints.ai_protocol = ai->ai_protocol;
-+ hints.ai_flags = AI_PASSIVE;
-+ gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res);
-+ if (gaierr) {
- error("getaddrinfo: %s: %s", options.bind_address,
- ssh_gai_strerror(gaierr));
- close(sock);
- return -1;
-+ }
- }
- /*
- * If we are running as root and want to connect to a privileged
-@@ -300,7 +302,7 @@
- */
- if (privileged) {
- PRIV_START;
-- r = bindresvport_sa(sock, res->ai_addr);
-+ r = bindresvport_sa(sock, res ? res->ai_addr : NULL);
- PRIV_END;
- if (r < 0) {
- error("bindresvport_sa: af=%d %s", ai->ai_family,
-@@ -317,7 +319,8 @@
- return -1;
- }
- }
-- freeaddrinfo(res);
-+ if (res != NULL)
-+ freeaddrinfo(res);
- return sock;
- }
-
--- a/components/openssh/patches/012-acceptenv.patch Wed Jun 17 14:55:22 2015 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,33 +0,0 @@
-#
-# This is to fix a security bug (CVE-2014-2532) when using environment passing
-# with a sshd_config(5) AcceptEnv pattern with a wildcard. OpenSSH prior to 6.6
-# could be tricked into accepting any enviornment variable that contains the
-# characters before the wildcard character. The bug fix code came from
-# OpenSSH.org. When we upgrade OpenSSH to version 6.6 or later, we will remove
-# this patch file.
-#
---- orig/session.c Tue Mar 18 18:37:57 2014
-+++ new/session.c Tue Mar 18 18:41:17 2014
-@@ -978,6 +978,11 @@
- u_int envsize;
- u_int i, namelen;
-
-+ if (strchr(name, '=') != NULL) {
-+ error("Invalid environment variable \"%.100s\"", name);
-+ return;
-+ }
-+
- /*
- * If we're passed an uninitialized list, allocate a single null
- * entry before continuing.
-@@ -2225,8 +2230,8 @@
- char *name, *val;
- u_int name_len, val_len, i;
-
-- name = packet_get_string(&name_len);
-- val = packet_get_string(&val_len);
-+ name = packet_get_cstring(&name_len);
-+ val = packet_get_cstring(&val_len);
- packet_check_eom();
-
- /* Don't set too many environment variables */
--- a/components/openssh/patches/013-dtrace_sftp.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/013-dtrace_sftp.patch Thu Jun 18 07:01:42 2015 -0700
@@ -4,9 +4,10 @@
# Because this is Solaris-specific and not suitable for upstream, we will not
# contribute the changes to the upstream community.
#
---- orig/Makefile.in Wed Apr 16 17:10:03 2014
-+++ new/Makefile.in Wed Apr 23 11:00:05 2014
-@@ -26,6 +26,7 @@
+diff -pur old/Makefile.in new/Makefile.in
+--- old/Makefile.in 2015-03-28 14:10:39.426859283 +0100
++++ new/Makefile.in 2015-03-28 14:16:12.472203388 +0100
+@@ -26,6 +26,7 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpas
SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
@@ -14,17 +15,15 @@
PRIVSEP_PATH=@PRIVSEP_PATH@
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
STRIP_OPT=@STRIP_OPT@
-@@ -76,7 +76,8 @@
- jpake.o schnorr.o ssh-pkcs11.o krl.o smult_curve25519_ref.o \
- kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \
- ssh-ed25519.o digest.o \
-- sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o
-+ sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \
-+ sftp_provider.o
-
- SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
- sshconnect.o sshconnect1.o sshconnect2.o mux.o \
-@@ -96,7 +97,7 @@
+@@ -85,6 +86,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
+ atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o \
+ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
+ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
++ sftp_provider.o \
+ ssh-pkcs11.o smult_curve25519_ref.o \
+ poly1305.o chacha.o cipher-chachapoly.o \
+ ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
+@@ -110,7 +112,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
sftp-server.o sftp-common.o \
roaming_common.o roaming_serv.o \
sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
@@ -33,7 +32,7 @@
MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5
-@@ -173,8 +174,8 @@
+@@ -187,8 +189,8 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
$(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
@@ -44,7 +43,7 @@
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
-@@ -211,9 +212,18 @@
+@@ -225,9 +227,18 @@ umac128.o: umac.c
-Dumac_update=umac128_update -Dumac_final=umac128_final \
-Dumac_delete=umac128_delete
@@ -55,16 +54,16 @@
+
+sftp_provider.o: sftp_provider.d sftp_provider.h sftp-server.o
+ /usr/sbin/dtrace -G -64 -xnolibs -s $(srcdir)/sftp_provider.d \
-+ sftp-server.o -o sftp_provider.o
++ sftp-server.o -o sftp_provider.o
+
clean: regressclean
rm -f *.o *.a $(TARGETS) logintest config.cache config.log
- rm -f *.out core survey
+ rm -f *.out core survey sftp_provider.h
- (cd openbsd-compat && $(MAKE) clean)
-
- distclean: regressclean
-@@ -313,6 +314,7 @@
+ rm -f regress/unittests/test_helper/*.a
+ rm -f regress/unittests/test_helper/*.o
+ rm -f regress/unittests/sshbuf/*.o
+@@ -340,6 +351,7 @@ install-files:
ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
@@ -72,9 +71,10 @@
install-sysconf:
if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
---- orig/sftp-server.c Wed Apr 16 18:44:37 2014
-+++ new/sftp-server.c Thu Apr 17 11:53:54 2014
-@@ -51,6 +51,9 @@
+diff -pur old/sftp-server.c new/sftp-server.c
+--- old/sftp-server.c 2015-03-17 06:49:20.000000000 +0100
++++ new/sftp-server.c 2015-03-28 14:27:55.661510029 +0100
+@@ -55,6 +55,9 @@
#include "sftp.h"
#include "sftp-common.h"
@@ -82,34 +82,29 @@
+#include "sftp_provider_impl.h"
+#endif
- /* helper */
- #define get_int64() buffer_get_int64(&iqueue);
-@@ -721,13 +724,24 @@
+ /* Our verbosity */
+ static LogLevel log_level = SYSLOG_LEVEL_ERROR;
+@@ -741,14 +744,17 @@ process_read(u_int32_t id)
u_int32_t len;
- int handle, fd, ret, status = SSH2_FX_FAILURE;
+ int r, handle, fd, ret, status = SSH2_FX_FAILURE;
u_int64_t off;
-+#ifdef DTRACE_SFTP
+ char *fpath;
-+#endif
- handle = get_handle();
- off = get_int64();
- len = get_int();
-+#ifdef DTRACE_SFTP
-+ fpath = handle_to_name(handle);
-+#endif
+ if ((r = get_handle(iqueue, &handle)) != 0 ||
+ (r = sshbuf_get_u64(iqueue, &off)) != 0 ||
+ (r = sshbuf_get_u32(iqueue, &len)) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
-+#ifdef DTRACE_SFTP
- debug("request %u: read \"%s\" (handle %d) off %llu len %d",
+- debug("request %u: read \"%s\" (handle %d) off %llu len %d",
+- id, handle_to_name(handle), handle, (unsigned long long)off, len);
++ fpath = handle_to_name(handle);
++
++ debug("request %u: read \"%s\" (handle %d) off %llu len %d",
+ id, fpath, handle, (unsigned long long)off, len);
-+#else
-+ debug("request %u: read \"%s\" (handle %d) off %llu len %d",
- id, handle_to_name(handle), handle, (unsigned long long)off, len);
-+#endif
if (len > sizeof buf) {
len = sizeof buf;
debug2("read change len %d", len);
-@@ -738,7 +752,13 @@
+@@ -759,7 +765,13 @@ process_read(u_int32_t id)
error("process_read: seek failed");
status = errno_to_portable(errno);
} else {
@@ -123,31 +118,25 @@
if (ret < 0) {
status = errno_to_portable(errno);
} else if (ret == 0) {
-@@ -761,13 +781,22 @@
- u_int len;
- int handle, fd, ret, status;
- char *data;
-+#ifdef DTRACE_SFTP
+@@ -782,14 +794,16 @@ process_write(u_int32_t id)
+ size_t len;
+ int r, handle, fd, ret, status;
+ u_char *data;
+ char *fpath;
-+#endif
- handle = get_handle();
- off = get_int64();
- data = get_string(&len);
--
-+#ifdef DTRACE_SFTP
+ if ((r = get_handle(iqueue, &handle)) != 0 ||
+ (r = sshbuf_get_u64(iqueue, &off)) != 0 ||
+ (r = sshbuf_get_string(iqueue, &data, &len)) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
+
+ fpath = handle_to_name(handle);
- debug("request %u: write \"%s\" (handle %d) off %llu len %d",
+ debug("request %u: write \"%s\" (handle %d) off %llu len %zu",
+- id, handle_to_name(handle), handle, (unsigned long long)off, len);
+ id, fpath, handle, (unsigned long long)off, len);
-+#else
-+ debug("request %u: write \"%s\" (handle %d) off %llu len %d",
- id, handle_to_name(handle), handle, (unsigned long long)off, len);
-+#endif
-+
fd = handle_to_fd(handle);
-
+
if (fd < 0)
-@@ -779,7 +808,14 @@
+@@ -801,7 +815,14 @@ process_write(u_int32_t id)
error("process_write: seek failed");
} else {
/* XXX ATOMICIO ? */
--- a/components/openssh/patches/014-disable_banner.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/014-disable_banner.patch Thu Jun 18 07:01:42 2015 -0700
@@ -6,31 +6,30 @@
# In the future, if this feature is accepted by the upsteam in a later release,
# we will remove this patch when we upgrade to that release.
#
---- orig/readconf.c Wed May 21 15:04:21 2014
-+++ new/readconf.c Wed May 28 11:56:04 2014
-@@ -148,7 +148,11 @@
+diff -pur old/readconf.c new/readconf.c
+--- old/readconf.c 2015-03-28 21:57:35.551727235 +0100
++++ new/readconf.c 2015-03-28 22:06:01.694836272 +0100
+@@ -150,6 +150,9 @@ typedef enum {
+ oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
+ oSendEnv, oControlPath, oControlMaster, oControlPersist,
+ oHashKnownHosts,
++#ifdef DISABLE_BANNER
++ oDisableBanner,
++#endif
+ oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
+ oVisualHostKey, oUseRoaming,
oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass,
- oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots,
- oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,
-+#ifdef DISABLE_BANNER
-+ oDisableBanner, oIgnoredUnknownOption, oDeprecated, oUnsupported
-+#else
- oIgnoredUnknownOption, oDeprecated, oUnsupported
-+#endif
- } OpCodes;
-
- /* Textual representations of the tokens. */
-@@ -266,6 +270,9 @@
- { "canonicalizehostname", oCanonicalizeHostname },
- { "canonicalizemaxdots", oCanonicalizeMaxDots },
- { "canonicalizepermittedcnames", oCanonicalizePermittedCNAMEs },
+@@ -254,6 +257,9 @@ static struct {
+ { "controlmaster", oControlMaster },
+ { "controlpersist", oControlPersist },
+ { "hashknownhosts", oHashKnownHosts },
+#ifdef DISABLE_BANNER
+ { "disablebanner", oDisableBanner },
+#endif
- { "ignoreunknown", oIgnoreUnknown },
-
- { NULL, oBadOption }
-@@ -682,6 +689,17 @@
+ { "tunnel", oTunnel },
+ { "tunneldevice", oTunnelDevice },
+ { "localcommand", oLocalCommand },
+@@ -754,6 +760,17 @@ static const struct multistate multistat
{ NULL, -1 }
};
@@ -48,9 +47,9 @@
/*
* Processes a single option line as used in the configuration files. This
* only sets those values that have not already been set.
-@@ -1392,6 +1410,13 @@
- intptr = &options->canonicalize_fallback_local;
- goto parse_flag;
+@@ -1514,6 +1531,13 @@ parse_int:
+ *charptr = xstrdup(arg);
+ break;
+#ifdef DISABLE_BANNER
+ case oDisableBanner:
@@ -62,7 +61,7 @@
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
filename, linenum, keyword);
-@@ -1554,6 +1579,9 @@
+@@ -1684,6 +1708,9 @@ initialize_options(Options * options)
options->ip_qos_bulk = -1;
options->request_tty = -1;
options->proxy_use_fdpass = -1;
@@ -72,23 +71,22 @@
options->ignored_unknown = NULL;
options->num_canonical_domains = 0;
options->num_permitted_cnames = 0;
-@@ -1721,6 +1749,12 @@
+@@ -1871,6 +1898,10 @@ fill_default_options(Options * options)
options->canonicalize_fallback_local = 1;
if (options->canonicalize_hostname == -1)
options->canonicalize_hostname = SSH_CANONICALISE_NO;
-+
+#ifdef DISABLE_BANNER
+ if (options->disable_banner == -1)
+ options->disable_banner = 0;
+#endif
-+
- #define CLEAR_ON_NONE(v) \
- do { \
- if (v != NULL && strcasecmp(v, "none") == 0) { \
---- orig/readconf.h Wed May 21 15:04:35 2014
-+++ new/readconf.h Wed May 28 11:08:53 2014
-@@ -155,6 +155,9 @@
- struct allowed_cname permitted_cnames[MAX_CANON_DOMAINS];
+ if (options->fingerprint_hash == -1)
+ options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
+ if (options->update_hostkeys == -1)
+diff -pur old/readconf.h new/readconf.h
+--- old/readconf.h 2015-03-17 06:49:20.000000000 +0100
++++ new/readconf.h 2015-03-28 21:57:35.684348892 +0100
+@@ -153,6 +153,9 @@ typedef struct {
+ char *hostbased_key_types;
char *ignored_unknown; /* Pattern list of unknown tokens to ignore */
+#ifdef DISABLE_BANNER
@@ -97,9 +95,9 @@
} Options;
#define SSH_CANONICALISE_NO 0
-@@ -175,6 +178,12 @@
- #define SSHCONF_CHECKPERM 1 /* check permissions on config file */
- #define SSHCONF_USERCONF 2 /* user provided config file not system */
+@@ -178,6 +181,12 @@ typedef struct {
+ #define SSH_UPDATE_HOSTKEYS_YES 1
+ #define SSH_UPDATE_HOSTKEYS_ASK 2
+#ifdef DISABLE_BANNER
+#define SSH_DISABLEBANNER_NO 0
@@ -109,10 +107,11 @@
+
void initialize_options(Options *);
void fill_default_options(Options *);
- int process_config_line(Options *, struct passwd *, const char *, char *,
---- orig/ssh_config.5 Thu May 22 15:05:04 2014
-+++ new/ssh_config.5 Fri May 23 09:36:52 2014
-@@ -507,6 +507,14 @@
+ void fill_default_options_for_canonicalization(Options *);
+diff -pur old/ssh_config.5 new/ssh_config.5
+--- old/ssh_config.5 2015-03-28 21:57:35.544033907 +0100
++++ new/ssh_config.5 2015-03-28 21:57:35.684635985 +0100
+@@ -566,6 +566,14 @@ If set to a time in seconds, or a time i
then the backgrounded master connection will automatically terminate
after it has remained idle (with no client connections) for the
specified time.
@@ -127,9 +126,10 @@
.It Cm DynamicForward
Specifies that a TCP port on the local machine be forwarded
over the secure channel, and the application
---- orig/sshconnect2.c Wed May 21 15:05:27 2014
-+++ new/sshconnect2.c Thu May 29 17:33:56 2014
-@@ -82,6 +82,10 @@
+diff -pur old/sshconnect2.c new/sshconnect2.c
+--- old/sshconnect2.c 2015-03-17 06:49:20.000000000 +0100
++++ new/sshconnect2.c 2015-03-28 21:57:35.684940995 +0100
+@@ -81,6 +81,10 @@ extern char *client_version_string;
extern char *server_version_string;
extern Options options;
@@ -140,7 +140,7 @@
/*
* SSH2 key exchange
*/
-@@ -480,7 +484,20 @@
+@@ -480,7 +484,20 @@ input_userauth_banner(int type, u_int32_
debug3("input_userauth_banner");
raw = packet_get_string(&len);
lang = packet_get_string(NULL);
--- a/components/openssh/patches/016-pam_enhancement.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/016-pam_enhancement.patch Thu Jun 18 07:01:42 2015 -0700
@@ -9,9 +9,10 @@
# In the future, if these enhancements are accepted by the upsteam in a
# later release, we will remove this patch when we upgrade to that release.
#
---- orig/auth-pam.c Mon Jan 26 18:02:09 2015
-+++ new/auth-pam.c Mon Mar 30 15:24:11 2015
-@@ -617,6 +617,72 @@
+diff -pur old/auth-pam.c new/auth-pam.c
+--- old/auth-pam.c 2015-04-28 06:15:57.335765454 -0700
++++ new/auth-pam.c 2015-04-28 06:15:57.417753483 -0700
+@@ -617,6 +617,72 @@ sshpam_cleanup(void)
sshpam_handle = NULL;
}
@@ -84,7 +85,7 @@
static int
sshpam_init(Authctxt *authctxt)
{
-@@ -624,18 +690,71 @@
+@@ -624,18 +690,71 @@ sshpam_init(Authctxt *authctxt)
const char *pam_rhost, *pam_user, *user = authctxt->user;
const char **ptr_pam_user = &pam_user;
@@ -146,31 +147,33 @@
+#ifdef PAM_ENHANCEMENT
+ debug3("Starting PAM service %s for user %s method %s", svc, user,
+ authctxt->authmethod_name);
- sshpam_err =
++ sshpam_err =
+ pam_start(svc, user, &store_conv, &sshpam_handle);
+ free(svc);
+#else /* Original */
-+ sshpam_err =
+ sshpam_err =
pam_start(SSHD_PAM_SERVICE, user, &store_conv, &sshpam_handle);
+#endif
sshpam_authctxt = authctxt;
if (sshpam_err != PAM_SUCCESS) {
---- orig/auth.h Mon Jan 26 18:02:11 2015
-+++ new/auth.h Mon Jan 26 18:02:11 2015
-@@ -76,6 +76,9 @@
- #endif
- Buffer *loginmsg;
- void *methoddata;
+diff -pur old/auth.h new/auth.h
+--- old/auth.h 2015-03-16 22:49:20.000000000 -0700
++++ new/auth.h 2015-04-28 06:18:25.719914272 -0700
+@@ -81,6 +81,9 @@ struct Authctxt {
+
+ struct sshkey **prev_userkeys;
+ u_int nprev_userkeys;
+#ifdef PAM_ENHANCEMENT
+ char *authmethod_name;
+#endif
};
/*
* Every authentication method has to handle authentication requests for
---- orig/auth2.c Mon Jan 26 18:02:10 2015
-+++ new/auth2.c Tue Mar 31 15:19:10 2015
-@@ -249,10 +249,21 @@
+diff -pur old/auth2.c new/auth2.c
+--- old/auth2.c 2015-03-16 22:49:20.000000000 -0700
++++ new/auth2.c 2015-04-28 06:15:57.419262466 -0700
+@@ -243,10 +243,21 @@ input_userauth_request(int type, u_int32
PRIVSEP(audit_event(SSH_INVALID_USER));
#endif
}
@@ -192,7 +195,7 @@
setproctitle("%s%s", authctxt->valid ? user : "unknown",
use_privsep ? " [net]" : "");
authctxt->service = xstrdup(service);
-@@ -286,6 +297,18 @@
+@@ -277,6 +288,18 @@ input_userauth_request(int type, u_int32
/* try to authenticate user */
m = authmethod_lookup(authctxt, method);
if (m != NULL && authctxt->failures < options.max_authtries) {
@@ -211,7 +214,7 @@
debug2("input_userauth_request: try method %s", method);
authenticated = m->userauth(authctxt);
}
-@@ -303,6 +326,10 @@
+@@ -295,6 +318,10 @@ userauth_finish(Authctxt *authctxt, int
char *methods;
int partial = 0;
@@ -222,7 +225,7 @@
if (!authctxt->valid && authenticated)
fatal("INTERNAL ERROR: authenticated invalid user %s",
authctxt->user);
-@@ -319,6 +346,25 @@
+@@ -311,6 +338,25 @@ userauth_finish(Authctxt *authctxt, int
}
if (authenticated && options.num_auth_methods != 0) {
@@ -248,7 +251,7 @@
if (!auth2_update_methods_lists(authctxt, method, submethod)) {
authenticated = 0;
partial = 1;
-@@ -332,7 +378,20 @@
+@@ -324,7 +370,20 @@ userauth_finish(Authctxt *authctxt, int
return;
#ifdef USE_PAM
@@ -269,42 +272,16 @@
if (!PRIVSEP(do_pam_account())) {
/* if PAM returned a message, send it to the user */
if (buffer_len(&loginmsg) > 0) {
-@@ -623,5 +682,3 @@
+@@ -615,5 +674,3 @@ auth2_update_methods_lists(Authctxt *aut
fatal("%s: method not in AuthenticationMethods", __func__);
return 0;
}
-
-
---- orig/monitor_wrap.c Mon Jan 26 18:02:09 2015
-+++ new/monitor_wrap.c Mon Jan 26 18:02:11 2015
-@@ -338,6 +338,24 @@
- buffer_free(&m);
- }
-
-+#ifdef PAM_ENHANCEMENT
-+/* Inform the privileged process about the authentication method */
-+void
-+mm_inform_authmethod(char *authmethod)
-+{
-+ Buffer m;
-+
-+ debug3("%s entering", __func__);
-+
-+ buffer_init(&m);
-+ buffer_put_cstring(&m, authmethod);
-+
-+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHMETHOD, &m);
-+
-+ buffer_free(&m);
-+}
-+#endif
-+
- /* Do the password authentication */
- int
- mm_auth_password(Authctxt *authctxt, char *password)
---- orig/monitor.c Mon Jan 26 18:02:10 2015
-+++ new/monitor.c Tue Mar 31 16:10:50 2015
-@@ -146,6 +146,9 @@
+diff -pur old/monitor.c new/monitor.c
+--- old/monitor.c 2015-03-16 22:49:20.000000000 -0700
++++ new/monitor.c 2015-04-28 06:15:57.421294814 -0700
+@@ -127,6 +127,9 @@ int mm_answer_sign(int, Buffer *);
int mm_answer_pwnamallow(int, Buffer *);
int mm_answer_auth2_read_banner(int, Buffer *);
int mm_answer_authserv(int, Buffer *);
@@ -314,7 +291,7 @@
int mm_answer_authpassword(int, Buffer *);
int mm_answer_bsdauthquery(int, Buffer *);
int mm_answer_bsdauthrespond(int, Buffer *);
-@@ -225,10 +228,17 @@
+@@ -206,10 +209,17 @@ struct mon_table mon_dispatch_proto20[]
{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
@@ -332,7 +309,7 @@
{MONITOR_REQ_PAM_ACCOUNT, 0, mm_answer_pam_account},
{MONITOR_REQ_PAM_INIT_CTX, MON_ISAUTH, mm_answer_pam_init_ctx},
{MONITOR_REQ_PAM_QUERY, MON_ISAUTH, mm_answer_pam_query},
-@@ -391,6 +401,24 @@
+@@ -371,6 +381,24 @@ monitor_child_preauth(Authctxt *_authctx
if (!compat20)
fatal("AuthenticationMethods is not supported"
"with SSH protocol 1");
@@ -357,7 +334,7 @@
if (authenticated &&
!auth2_update_methods_lists(authctxt,
auth_method, auth_submethod)) {
-@@ -409,8 +437,21 @@
+@@ -389,8 +417,21 @@ monitor_child_preauth(Authctxt *_authctx
!auth_root_allowed(auth_method))
authenticated = 0;
#ifdef USE_PAM
@@ -379,7 +356,7 @@
Buffer m;
buffer_init(&m);
-@@ -828,6 +869,10 @@
+@@ -863,6 +904,10 @@ mm_answer_pwnamallow(int sock, Buffer *m
/* Allow service/style information on the auth context */
monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
@@ -390,12 +367,12 @@
}
#ifdef USE_PAM
if (options.use_pam)
-@@ -868,7 +913,25 @@
+@@ -903,6 +948,24 @@ mm_answer_authserv(int sock, Buffer *m)
return (0);
}
+#ifdef PAM_ENHANCEMENT
- int
++int
+mm_answer_authmethod(int sock, Buffer *m)
+{
+ monitor_permit_authentications(1);
@@ -412,13 +389,13 @@
+}
+#endif
+
-+int
+ int
mm_answer_authpassword(int sock, Buffer *m)
{
- static int call_count;
---- orig/monitor.h Mon Jan 26 18:02:10 2015
-+++ new/monitor.h Mon Jan 26 18:02:11 2015
-@@ -70,6 +70,9 @@
+diff -pur old/monitor.h new/monitor.h
+--- old/monitor.h 2015-03-16 22:49:20.000000000 -0700
++++ new/monitor.h 2015-04-28 06:15:57.421684373 -0700
+@@ -65,6 +65,9 @@ enum monitor_reqtype {
MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111,
MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113,
@@ -428,12 +405,41 @@
};
struct mm_master;
---- orig/servconf.c Mon Jan 26 18:02:09 2015
-+++ new/servconf.c Tue Mar 31 16:24:59 2015
-@@ -154,6 +154,18 @@
- options->ip_qos_interactive = -1;
+diff -pur old/monitor_wrap.c new/monitor_wrap.c
+--- old/monitor_wrap.c 2015-03-16 22:49:20.000000000 -0700
++++ new/monitor_wrap.c 2015-04-28 06:15:57.419906674 -0700
+@@ -347,6 +347,24 @@ mm_inform_authserv(char *service, char *
+ buffer_free(&m);
+ }
+
++#ifdef PAM_ENHANCEMENT
++/* Inform the privileged process about the authentication method */
++void
++mm_inform_authmethod(char *authmethod)
++{
++ Buffer m;
++
++ debug3("%s entering", __func__);
++
++ buffer_init(&m);
++ buffer_put_cstring(&m, authmethod);
++
++ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHMETHOD, &m);
++
++ buffer_free(&m);
++}
++#endif
++
+ /* Do the password authentication */
+ int
+ mm_auth_password(Authctxt *authctxt, char *password)
+diff -pur old/servconf.c new/servconf.c
+--- old/servconf.c 2015-04-28 06:15:57.300968063 -0700
++++ new/servconf.c 2015-04-28 06:27:06.330272555 -0700
+@@ -163,6 +163,18 @@ initialize_server_options(ServerOptions
options->ip_qos_bulk = -1;
options->version_addendum = NULL;
+ options->fingerprint_hash = -1;
+#ifdef PAM_ENHANCEMENT
+ options->pam_service_name = NULL;
+ options->pam_service_prefix = NULL;
@@ -444,48 +450,48 @@
+ * is not compat20, then there will be only one PAM service for the
+ * entire user authentication.
+ */
-+ options->pam_service_per_authmethod = 1;
++ options->pam_service_per_authmethod = 1;
+#endif
}
- void
-@@ -303,6 +315,12 @@
+ /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */
+@@ -332,6 +344,12 @@ fill_default_server_options(ServerOption
options->ip_qos_bulk = IPTOS_THROUGHPUT;
if (options->version_addendum == NULL)
options->version_addendum = xstrdup("");
+
+#ifdef PAM_ENHANCEMENT
-+ if (options->pam_service_prefix == NULL)
-+ options->pam_service_prefix = _SSH_PAM_SERVICE_PREFIX;
++ if (options->pam_service_prefix == NULL)
++ options->pam_service_prefix = _SSH_PAM_SERVICE_PREFIX;
+#endif
+
- /* Turn privilege separation on by default */
- if (use_privsep == -1)
- use_privsep = PRIVSEP_NOSANDBOX;
-@@ -351,6 +369,9 @@
- sKexAlgorithms, sIPQoS, sVersionAddendum,
- sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
- sAuthenticationMethods, sHostKeyAgent,
+ if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
+ options->fwd_opts.streamlocal_bind_mask = 0177;
+ if (options->fwd_opts.streamlocal_bind_unlink == -1)
+@@ -400,6 +418,9 @@ typedef enum {
+ sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
+ sUsePrivilegeSeparation, sAllowAgentForwarding,
+ sHostCertificate,
+#ifdef PAM_ENHANCEMENT
+ sPAMServicePrefix, sPAMServiceName,
+#endif
- sDeprecated, sUnsupported
- } ServerOpCodes;
-
-@@ -482,6 +503,10 @@
- { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
- { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
- { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
+ sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
+ sKexAlgorithms, sIPQoS, sVersionAddendum,
+ sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
+@@ -534,6 +555,10 @@ static struct {
+ { "forcecommand", sForceCommand, SSHCFG_ALL },
+ { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
+ { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
+#ifdef PAM_ENHANCEMENT
-+ { "pamserviceprefix", sPAMServicePrefix, SSHCFG_GLOBAL },
-+ { "pamservicename", sPAMServiceName, SSHCFG_GLOBAL },
++ { "pamserviceprefix", sPAMServicePrefix, SSHCFG_GLOBAL },
++ { "pamservicename", sPAMServiceName, SSHCFG_GLOBAL },
+#endif
- { NULL, sBadOption, 0 }
- };
-
-@@ -1632,6 +1657,37 @@
- }
- return 0;
+ { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
+ { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
+ { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
+@@ -1765,6 +1790,37 @@ process_server_config_line(ServerOptions
+ options->fingerprint_hash = value;
+ break;
+ case sPAMServicePrefix:
+ arg = strdelim(&cp);
@@ -521,8 +527,9 @@
case sDeprecated:
logit("%s line %d: Deprecated option %s",
filename, linenum, arg);
---- orig/servconf.h Mon Jan 26 18:02:10 2015
-+++ new/servconf.h Tue Mar 31 15:07:14 2015
+diff -pur old/servconf.h new/servconf.h
+--- old/servconf.h 2015-03-16 22:49:20.000000000 -0700
++++ new/servconf.h 2015-04-28 06:28:25.181429777 -0700
@@ -54,6 +54,10 @@
/* Magic name for internal sftp-server */
#define INTERNAL_SFTP_NAME "internal-sftp"
@@ -534,57 +541,23 @@
typedef struct {
u_int num_ports;
u_int ports_from_cmdline;
-@@ -185,6 +189,13 @@
-
+@@ -188,6 +192,12 @@ typedef struct {
u_int num_auth_methods;
char *auth_methods[MAX_AUTH_METHODS];
-+
+
+#ifdef PAM_ENHANCEMENT
+ char *pam_service_prefix;
+ char *pam_service_name;
+ int pam_service_per_authmethod;
+#endif
+
+ int fingerprint_hash;
} ServerOptions;
- /* Information about the incoming connection as used by Match */
---- orig/sshd_config.5 Mon Jan 26 18:02:10 2015
-+++ new/sshd_config.5 Mon Jan 26 18:03:45 2015
-@@ -868,6 +868,21 @@
- are refused if the number of unauthenticated connections reaches
- .Dq full
- (60).
-+.It Cm PAMServiceName
-+Specifies the PAM service name for the PAM session. The PAMServiceName and
-+PAMServicePrefix options are mutually exclusive and if both set, sshd does not
-+start. If this option is set the service name is the same for all user
-+authentication methods. The option has no default value. See PAMServicePrefix
-+for more information.
-+.It Cm PAMServicePrefix
-+Specifies the PAM service name prefix for service names used for individual
-+user authentication methods. The default is sshd. The PAMServiceName and
-+PAMServicePrefix options are mutually exclusive and if both set, sshd does not
-+start.
-+.Pp
-+For example, if this option is set to admincli, the service name for the
-+keyboard-interactive authentication method is admincli-kbdint instead of the
-+default sshd-kbdint.
- .It Cm PasswordAuthentication
- Specifies whether password authentication is allowed.
- The default is
-@@ -1203,8 +1218,7 @@
- is enabled, you will not be able to run
- .Xr sshd 8
- as a non-root user.
--The default is
--.Dq no .
-+On Solaris, the option is always enabled.
- .It Cm UsePrivilegeSeparation
- Specifies whether
- .Xr sshd 8
---- orig/sshd.8 Mon Jan 26 18:02:09 2015
-+++ new/sshd.8 Mon Jan 26 18:02:11 2015
-@@ -951,6 +951,33 @@
+diff -pur old/sshd.8 new/sshd.8
+--- old/sshd.8 2015-04-28 06:15:57.254681499 -0700
++++ new/sshd.8 2015-04-28 06:15:57.426325504 -0700
+@@ -945,6 +945,33 @@ concurrently for different ports, this c
started last).
The content of this file is not sensitive; it can be world-readable.
.El
@@ -618,9 +591,10 @@
.Sh SEE ALSO
.Xr scp 1 ,
.Xr sftp 1 ,
---- orig/sshd.c Tue Mar 31 18:12:33 2015
-+++ new/sshd.c Tue Mar 31 18:42:28 2015
-@@ -2065,6 +2065,11 @@
+diff -pur old/sshd.c new/sshd.c
+--- old/sshd.c 2015-04-28 06:15:57.302106750 -0700
++++ new/sshd.c 2015-04-28 06:15:57.427449259 -0700
+@@ -2146,6 +2146,11 @@ main(int ac, char **av)
sshd_exchange_identification(sock_in, sock_out);
@@ -632,3 +606,38 @@
/* In inetd mode, generate ephemeral key only for proto 1 connections */
if (!compat20 && inetd_flag && sensitive_data.server_key == NULL)
generate_ephemeral_server_key();
+diff -pur old/sshd_config.5 new/sshd_config.5
+--- old/sshd_config.5 2015-04-28 06:15:57.256560985 -0700
++++ new/sshd_config.5 2015-04-28 06:15:57.425661853 -0700
+@@ -1044,6 +1044,21 @@ The probability increases linearly and a
+ are refused if the number of unauthenticated connections reaches
+ .Dq full
+ (60).
++.It Cm PAMServiceName
++Specifies the PAM service name for the PAM session. The PAMServiceName and
++PAMServicePrefix options are mutually exclusive and if both set, sshd does not
++start. If this option is set the service name is the same for all user
++authentication methods. The option has no default value. See PAMServicePrefix
++for more information.
++.It Cm PAMServicePrefix
++Specifies the PAM service name prefix for service names used for individual
++user authentication methods. The default is sshd. The PAMServiceName and
++PAMServicePrefix options are mutually exclusive and if both set, sshd does not
++start.
++.Pp
++For example, if this option is set to admincli, the service name for the
++keyboard-interactive authentication method is admincli-kbdint instead of the
++default sshd-kbdint.
+ .It Cm PasswordAuthentication
+ Specifies whether password authentication is allowed.
+ The default is
+@@ -1427,8 +1442,7 @@ If
+ is enabled, you will not be able to run
+ .Xr sshd 1M
+ as a non-root user.
+-The default is
+-.Dq no .
++On Solaris, the option is always enabled.
+ .It Cm UsePrivilegeSeparation
+ Specifies whether
+ .Xr sshd 1M
--- a/components/openssh/patches/020-deprecate_sunssh_sshd_config_opts.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/020-deprecate_sunssh_sshd_config_opts.patch Thu Jun 18 07:01:42 2015 -0700
@@ -13,10 +13,10 @@
# This is a Solaris specific change to ease the transition and will not be
# offered upstream.
#
-diff -ur old/servconf.c new/servconf.c
---- old/servconf.c 2014-10-29 07:27:34.549410967 -0700
-+++ new/servconf.c 2014-10-29 07:27:58.775996557 -0700
-@@ -516,6 +516,28 @@
+diff -pur old/servconf.c new/servconf.c
+--- old/servconf.c 2015-03-28 22:31:16.652020119 +0100
++++ new/servconf.c 2015-03-28 22:34:36.569887785 +0100
+@@ -557,6 +557,28 @@ static struct {
{ "pamserviceprefix", sPAMServicePrefix, SSHCFG_GLOBAL },
{ "pamservicename", sPAMServiceName, SSHCFG_GLOBAL },
#endif
@@ -42,6 +42,6 @@
+ { "useunsupportedsshv1", sDeprecated, SSHCFG_GLOBAL },
+ { "usefips140", sDeprecated, SSHCFG_ALL},
+#endif
- { NULL, sBadOption, 0 }
- };
-
+ { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
+ { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
+ { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
--- a/components/openssh/patches/021-CVE-2014-2653.patch Wed Jun 17 14:55:22 2015 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,63 +0,0 @@
-#
-# This is to fix the CVE-2014-2653 security bug. The bug fix code came from
-# OpenSSH. When we upgrade OpenSSH to version 6.7 or later, we will remove
-# this patch file.
-#
---- orig/sshconnect.c Mon Jun 16 10:31:17 2014
-+++ new/sshconnect.c Mon Jun 16 10:44:16 2014
-@@ -1216,29 +1216,39 @@
- {
- int flags = 0;
- char *fp;
-+ Key *plain = NULL;
-
- fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- debug("Server host key: %s %s", key_type(host_key), fp);
- free(fp);
-
-- /* XXX certs are not yet supported for DNS */
-- if (!key_is_cert(host_key) && options.verify_host_key_dns &&
-- verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) {
-- if (flags & DNS_VERIFY_FOUND) {
--
-- if (options.verify_host_key_dns == 1 &&
-- flags & DNS_VERIFY_MATCH &&
-- flags & DNS_VERIFY_SECURE)
-- return 0;
--
-- if (flags & DNS_VERIFY_MATCH) {
-- matching_host_key_dns = 1;
-- } else {
-- warn_changed_key(host_key);
-- error("Update the SSHFP RR in DNS with the new "
-- "host key to get rid of this message.");
-+ if (options.verify_host_key_dns) {
-+ /*
-+ * XXX certs are not yet supported for DNS, so downgrade
-+ * them and try the plain key.
-+ */
-+ plain = key_from_private(host_key);
-+ if (key_is_cert(plain))
-+ key_drop_cert(plain);
-+ if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) {
-+ if (flags & DNS_VERIFY_FOUND) {
-+ if (options.verify_host_key_dns == 1 &&
-+ flags & DNS_VERIFY_MATCH &&
-+ flags & DNS_VERIFY_SECURE) {
-+ key_free(plain);
-+ return 0;
-+ }
-+ if (flags & DNS_VERIFY_MATCH) {
-+ matching_host_key_dns = 1;
-+ } else {
-+ warn_changed_key(plain);
-+ error("Update the SSHFP RR in DNS "
-+ "with the new host key to get rid "
-+ "of this message.");
-+ }
- }
- }
-+ key_free(plain);
- }
-
- return check_host_key(host, hostaddr, options.port, host_key, RDRW,
--- a/components/openssh/patches/022-solaris_audit.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/022-solaris_audit.patch Thu Jun 18 07:01:42 2015 -0700
@@ -20,74 +20,10 @@
# An additional patch relying on the --with-audit=solaris configuration
# should/will be created for sftp Solaris Audit and password change.
#
---- orig/config.h.in 2014-11-05 13:11:59.968745838 -0800
-+++ new/config.h.in 2014-10-13 14:00:31.117475979 -0700
-@@ -1628,6 +1628,9 @@
- /* Use Linux audit module */
- #undef USE_LINUX_AUDIT
-
-+/* Use Solaris audit module */
-+#undef USE_SOLARIS_AUDIT
-+
- /* Enable OpenSSL engine support */
- #undef USE_OPENSSL_ENGINE
-
---- orig/configure 2014-11-05 13:11:59.971959419 -0800
-+++ new/configure 2014-12-04 08:43:59.945675841 -0800
-@@ -1420,7 +1420,7 @@
- --with-tcp-wrappers[=PATH] Enable tcpwrappers support (optionally in PATH)
- --with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH)
- --with-libedit[=PATH] Enable libedit support for sftp
-- --with-audit=module Enable audit support (modules=debug,bsm,linux)
-+ --with-audit=module Enable audit support (modules=debug,bsm,linux,solaris)
- --with-pie Build Position Independent Executables if possible
- --with-ssl-dir=PATH Specify path to OpenSSL installation
- --without-openssl-header-check Disable OpenSSL version consistency check
-@@ -10185,6 +10185,27 @@
- $as_echo "#define USE_LINUX_AUDIT 1" >>confdefs.h
-
- ;;
-+ solaris)
-+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: solaris" >&5
-+$as_echo "solaris" >&6; }
-+ AUDIT_MODULE=solaris
-+ for ac_header in bsm/adt.h
-+do :
-+ ac_fn_c_check_header_compile "$LINENO" "bsm/adt.h" "ac_cv_header_bsm_adt_h" ""
-+if test "x$ac_cv_header_bsm_adt_h" = xyes; then :
-+ cat >>confdefs.h <<_ACEOF
-+#define HAVE_ADT_H 1
-+_ACEOF
-+
-+else
-+ as_fn_error $? "Solaris Audit enabled and bsm/adt.h not found" "$LINENO" 5
-+fi
-+
-+done
-+
-+ SSHDLIBS="$SSHDLIBS -lbsm"
-+$as_echo "#define USE_SOLARIS_AUDIT 1" >>confdefs.h
-+ ;;
- debug)
- AUDIT_MODULE=debug
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: debug" >&5
---- orig/defines.h 2014-01-17 05:12:38.000000000 -0800
-+++ new/defines.h 2014-09-12 10:09:27.000000000 -0700
-@@ -622,6 +622,11 @@
- # define CUSTOM_SSH_AUDIT_EVENTS
- #endif
-
-+#ifdef USE_SOLARIS_AUDIT
-+# define SSH_AUDIT_EVENTS
-+# define CUSTOM_SSH_AUDIT_EVENTS
-+#endif
-+
- #if !defined(HAVE___func__) && defined(HAVE___FUNCTION__)
- # define __func__ __FUNCTION__
- #elif !defined(HAVE___func__)
---- orig/INSTALL 2013-03-06 17:33:35.000000000 -0800
-+++ new/INSTALL 2014-12-04 08:41:24.369920230 -0800
-@@ -97,9 +97,13 @@
+diff -pur old/INSTALL new/INSTALL
+--- old/INSTALL 2015-03-16 22:49:20.000000000 -0700
++++ new/INSTALL 2015-05-21 03:54:29.120932630 -0700
+@@ -92,9 +92,13 @@ http://www.gnu.org/software/autoconf/
Basic Security Module (BSM):
@@ -104,7 +40,7 @@
2. Building / Installation
-@@ -152,8 +156,9 @@
+@@ -147,8 +151,9 @@ name).
There are a few other options to the configure script:
--with-audit=[module] enable additional auditing via the specified module.
@@ -116,9 +52,10 @@
--with-pam enables PAM support. If PAM support is compiled in, it must
also be enabled in sshd_config (refer to the UsePAM directive).
---- orig/Makefile.in 2014-11-12 15:18:05.366726810 -0800
-+++ new/Makefile.in 2014-11-12 15:22:36.825227512 -0800
-@@ -84,7 +84,7 @@
+diff -pur old/Makefile.in new/Makefile.in
+--- old/Makefile.in 2015-05-21 03:54:29.058280375 -0700
++++ new/Makefile.in 2015-05-21 03:54:29.121196577 -0700
+@@ -100,7 +100,7 @@ SSHOBJS= ssh.o readconf.o clientloop.o s
roaming_common.o roaming_client.o
SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
@@ -127,9 +64,10 @@
sshpty.o sshlogin.o servconf.o serverloop.o \
auth.o auth1.o auth2.o auth-options.o session.o \
auth-chall.o auth2-chall.o groupaccess.o \
---- orig/README.platform 2009-08-28 16:14:48.000000000 -0700
-+++ new/README.platform 2014-09-12 09:45:50.000000000 -0700
-@@ -68,8 +68,8 @@
+diff -pur old/README.platform new/README.platform
+--- old/README.platform 2015-03-16 22:49:20.000000000 -0700
++++ new/README.platform 2015-05-21 03:54:29.121331205 -0700
+@@ -68,8 +68,8 @@ zlib-devel and pam-devel, on Debian base
libssl-dev, libz-dev and libpam-dev.
@@ -140,7 +78,7 @@
If you enable BSM auditing on Solaris, you need to update audit_event(4)
for praudit(1m) to give sensible output. The following line needs to be
added to /etc/security/audit_event:
-@@ -82,6 +82,9 @@
+@@ -82,6 +82,9 @@ There is no official registry of 3rd par
number is already in use on your system, you may change it at build time
by configure'ing --with-cflags=-DAUE_openssh=32801 then rebuilding.
@@ -150,10 +88,212 @@
Platforms using PAM
-------------------
---- orig/sshd.c 2014-11-05 13:11:59.974945893 -0800
-+++ new/sshd.c 2014-11-10 13:33:12.279354856 -0800
-@@ -2139,7 +2139,9 @@
- #endif
+diff -pur old/config.h.in new/config.h.in
+--- old/config.h.in 2015-05-21 03:54:29.047656051 -0700
++++ new/config.h.in 2015-05-21 03:54:29.121686621 -0700
+@@ -1635,6 +1635,9 @@
+ /* Use Linux audit module */
+ #undef USE_LINUX_AUDIT
+
++/* Use Solaris audit module */
++#undef USE_SOLARIS_AUDIT
++
+ /* Enable OpenSSL engine support */
+ #undef USE_OPENSSL_ENGINE
+
+diff -pur old/configure new/configure
+--- old/configure 2015-05-21 03:54:29.053171257 -0700
++++ new/configure 2015-05-21 06:53:04.579282150 -0700
+@@ -1336,7 +1336,7 @@ Optional Packages:
+ --with-skey[=PATH] Enable S/Key support (optionally in PATH)
+ --with-ldns[=PATH] Use ldns for DNSSEC support (optionally in PATH)
+ --with-libedit[=PATH] Enable libedit support for sftp
+- --with-audit=module Enable audit support (modules=debug,bsm,linux)
++ --with-audit=module Enable audit support (modules=debug,bsm,linux,solaris)
+ --with-pie Build Position Independent Executables if possible
+ --with-ssl-dir=PATH Specify path to OpenSSL installation
+ --without-openssl-header-check Disable OpenSSL version consistency check
+@@ -16106,6 +16106,160 @@ cat >>confdefs.h <<\_ACEOF
+ _ACEOF
+
+ ;;
++ solaris)
++ { echo "$as_me:$LINENO: result: solaris" >&5
++echo "${ECHO_T}solaris" >&6; }
++ AUDIT_MODULE=solaris
++
++for ac_header in bsm/adt.h
++do
++as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
++if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
++ { echo "$as_me:$LINENO: checking for $ac_header" >&5
++echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
++if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
++ echo $ECHO_N "(cached) $ECHO_C" >&6
++fi
++ac_res=`eval echo '${'$as_ac_Header'}'`
++ { echo "$as_me:$LINENO: result: $ac_res" >&5
++echo "${ECHO_T}$ac_res" >&6; }
++else
++ # Is the header compilable?
++{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
++echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
++cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h. */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h. */
++$ac_includes_default
++#include <$ac_header>
++_ACEOF
++rm -f conftest.$ac_objext
++if { (ac_try="$ac_compile"
++case "(($ac_try" in
++ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++ *) ac_try_echo=$ac_try;;
++esac
++eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++ (eval "$ac_compile") 2>conftest.er1
++ ac_status=$?
++ grep -v '^ *+' conftest.er1 >conftest.err
++ rm -f conftest.er1
++ cat conftest.err >&5
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); } && {
++ test -z "$ac_c_werror_flag" ||
++ test ! -s conftest.err
++ } && test -s conftest.$ac_objext; then
++ ac_header_compiler=yes
++else
++ echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++ ac_header_compiler=no
++fi
++
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
++echo "${ECHO_T}$ac_header_compiler" >&6; }
++
++# Is the header present?
++{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
++echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
++cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h. */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h. */
++#include <$ac_header>
++_ACEOF
++if { (ac_try="$ac_cpp conftest.$ac_ext"
++case "(($ac_try" in
++ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++ *) ac_try_echo=$ac_try;;
++esac
++eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
++ ac_status=$?
++ grep -v '^ *+' conftest.er1 >conftest.err
++ rm -f conftest.er1
++ cat conftest.err >&5
++ echo "$as_me:$LINENO: \$? = $ac_status" >&5
++ (exit $ac_status); } >/dev/null && {
++ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
++ test ! -s conftest.err
++ }; then
++ ac_header_preproc=yes
++else
++ echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++ ac_header_preproc=no
++fi
++
++rm -f conftest.err conftest.$ac_ext
++{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
++echo "${ECHO_T}$ac_header_preproc" >&6; }
++
++# So? What about this header?
++case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
++ yes:no: )
++ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
++echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
++ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
++echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
++ ac_header_preproc=yes
++ ;;
++ no:yes:* )
++ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
++echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
++ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
++echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
++ { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
++echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
++ { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
++echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
++ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
++echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
++ { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
++echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
++ ( cat <<\_ASBOX
++## ------------------------------------------- ##
++## Report this to [email protected] ##
++## ------------------------------------------- ##
++_ASBOX
++ ) | sed "s/^/$as_me: WARNING: /" >&2
++ ;;
++esac
++{ echo "$as_me:$LINENO: checking for $ac_header" >&5
++echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
++if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
++ echo $ECHO_N "(cached) $ECHO_C" >&6
++else
++ eval "$as_ac_Header=\$ac_header_preproc"
++fi
++ac_res=`eval echo '${'$as_ac_Header'}'`
++ { echo "$as_me:$LINENO: result: $ac_res" >&5
++echo "${ECHO_T}$ac_res" >&6; }
++
++fi
++if test `eval echo '${'$as_ac_Header'}'` = yes; then
++ cat >>confdefs.h <<_ACEOF
++#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
++_ACEOF
++
++fi
++
++done
++
++ SSHDLIBS="$SSHDLIBS -lbsm"
++cat >>confdefs.h <<\_ACEOF
++#define USE_SOLARIS_AUDIT 1
++_ACEOF
++ ;;
+ debug)
+ AUDIT_MODULE=debug
+ { echo "$as_me:$LINENO: result: debug" >&5
+diff -pur old/defines.h new/defines.h
+--- old/defines.h 2015-03-16 22:49:20.000000000 -0700
++++ new/defines.h 2015-05-21 03:54:29.127386034 -0700
+@@ -635,6 +635,11 @@ struct winsize {
+ # define CUSTOM_SSH_AUDIT_EVENTS
+ #endif
+
++#ifdef USE_SOLARIS_AUDIT
++# define SSH_AUDIT_EVENTS
++# define CUSTOM_SSH_AUDIT_EVENTS
++#endif
++
+ #if !defined(HAVE___func__) && defined(HAVE___FUNCTION__)
+ # define __func__ __FUNCTION__
+ #elif !defined(HAVE___func__)
+diff -pur old/sshd.c new/sshd.c
+--- old/sshd.c 2015-05-21 03:54:29.070139157 -0700
++++ new/sshd.c 2015-05-21 03:54:29.127803176 -0700
+@@ -2215,7 +2215,9 @@ main(int ac, char **av)
+ }
#ifdef SSH_AUDIT_EVENTS
+#ifndef USE_SOLARIS_AUDIT
@@ -162,7 +302,7 @@
#endif
#ifdef GSSAPI
-@@ -2169,6 +2171,10 @@
+@@ -2245,6 +2247,10 @@ main(int ac, char **av)
do_pam_session();
}
#endif
--- a/components/openssh/patches/023-gsskex.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/023-gsskex.patch Thu Jun 18 07:01:42 2015 -0700
@@ -9,32 +9,30 @@
# Upstream rejected GSS-API key exchange several times before.
#
diff -pur old/Makefile.in new/Makefile.in
---- old/Makefile.in 2014-11-19 08:19:53.525006324 -0800
-+++ new/Makefile.in 2014-11-19 08:28:29.235999361 -0800
-@@ -72,6 +72,7 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o
- atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \
+--- old/Makefile.in 2015-05-21 02:51:54.413234716 -0700
++++ new/Makefile.in 2015-05-21 02:51:54.513293268 -0700
+@@ -87,6 +87,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
- kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \
+ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
+ sftp_provider.o \
+ kexgssc.o \
- msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
- jpake.o schnorr.o ssh-pkcs11.o krl.o smult_curve25519_ref.o \
- kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \
-@@ -92,7 +93,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
- auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-jpake.o \
- monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \
- kexc25519s.o auth-krb5.o \
+ ssh-pkcs11.o smult_curve25519_ref.o \
+ poly1305.o chacha.o cipher-chachapoly.o \
+ ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
+@@ -107,7 +108,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
+ auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
+ auth2-none.o auth2-passwd.o auth2-pubkey.o \
+ monitor_mm.o monitor.o monitor_wrap.o auth-krb5.o \
- auth2-gss.o gss-serv.o gss-serv-krb5.o \
+ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \
loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
sftp-server.o sftp-common.o \
roaming_common.o roaming_serv.o \
-Only in new/: Makefile.in.orig
-Only in new/: Makefile.in.rej
diff -pur old/auth2-gss.c new/auth2-gss.c
---- old/auth2-gss.c 2014-11-19 08:19:53.432431374 -0800
-+++ new/auth2-gss.c 2014-11-20 07:46:37.640415003 -0800
+--- old/auth2-gss.c 2015-03-16 22:49:20.000000000 -0700
++++ new/auth2-gss.c 2015-05-21 02:51:54.513863282 -0700
@@ -1,7 +1,7 @@
- /* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */
+ /* $OpenBSD: auth2-gss.c,v 1.22 2015/01/19 20:07:45 markus Exp $ */
/*
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -42,9 +40,9 @@
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
-@@ -56,6 +56,39 @@ static void input_gssapi_mic(int type, u
- static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
- static void input_gssapi_errtok(int, u_int32_t, void *);
+@@ -53,6 +53,39 @@ static int input_gssapi_mic(int type, u_
+ static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
+ static int input_gssapi_errtok(int, u_int32_t, void *);
+/*
+ * The 'gssapi_keyex' userauth mechanism.
@@ -82,8 +80,8 @@
/*
* We only support those mechanisms that we know about (ie ones that we know
* how to check local user kuserok and the like)
-@@ -300,6 +333,12 @@ input_gssapi_mic(int type, u_int32_t ple
- userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
+@@ -290,6 +323,12 @@ input_gssapi_mic(int type, u_int32_t ple
+ return 0;
}
+Authmethod method_gsskeyex = {
@@ -95,32 +93,46 @@
Authmethod method_gssapi = {
"gssapi-with-mic",
userauth_gssapi,
-Only in new/: auth2-gss.c.orig
-Only in new/: auth2-gss.c~
diff -pur old/auth2.c new/auth2.c
---- old/auth2.c 2014-11-19 08:19:53.555080638 -0800
-+++ new/auth2.c 2014-11-19 08:19:53.614409503 -0800
-@@ -69,6 +69,7 @@ extern Authmethod method_passwd;
+--- old/auth2.c 2015-05-21 02:51:54.362963450 -0700
++++ new/auth2.c 2015-05-21 02:51:54.514409021 -0700
+@@ -70,6 +70,7 @@ extern Authmethod method_passwd;
extern Authmethod method_kbdint;
extern Authmethod method_hostbased;
#ifdef GSSAPI
+extern Authmethod method_gsskeyex;
extern Authmethod method_gssapi;
#endif
- #ifdef JPAKE
-@@ -79,6 +80,7 @@ Authmethod *authmethods[] = {
+
+@@ -77,6 +78,7 @@ Authmethod *authmethods[] = {
&method_none,
&method_pubkey,
#ifdef GSSAPI
+ &method_gsskeyex,
&method_gssapi,
#endif
- #ifdef JPAKE
+ &method_passwd,
+diff -pur old/configure new/configure
+--- old/configure 2015-05-21 02:51:54.418977239 -0700
++++ new/configure 2015-05-21 04:08:21.689628474 -0700
+@@ -10869,8 +10869,10 @@ fi
+
+ fi
+
+- $as_echo "#define USE_GSS_STORE_CRED 1" >>confdefs.h
+- $as_echo "#define GSSAPI_STORECREDS_NEEDS_RUID 1" >>confdefs.h
++cat >>confdefs.h <<\_ACEOF
++#define USE_GSS_STORE_CRED 1
++#define GSSAPI_STORECREDS_NEEDS_RUID 1
++_ACEOF
+
+ TEST_SHELL=$SHELL # let configure find us a capable shell
+ ;;
diff -pur old/gss-genr.c new/gss-genr.c
---- old/gss-genr.c 2013-11-07 17:19:57.000000000 -0800
-+++ new/gss-genr.c 2014-11-20 04:06:38.323380064 -0800
+--- old/gss-genr.c 2015-03-16 22:49:20.000000000 -0700
++++ new/gss-genr.c 2015-05-21 02:51:54.515221154 -0700
@@ -1,7 +1,7 @@
- /* $OpenBSD: gss-genr.c,v 1.22 2013/11/08 00:39:15 djm Exp $ */
+ /* $OpenBSD: gss-genr.c,v 1.23 2015/01/20 23:14:00 deraadt Exp $ */
/*
- * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -128,7 +140,7 @@
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
-@@ -39,12 +39,167 @@
+@@ -40,12 +40,167 @@
#include "buffer.h"
#include "log.h"
#include "ssh2.h"
@@ -296,7 +308,7 @@
/* Check that the OID in a data stream matches that in the context */
int
ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
-@@ -229,6 +384,9 @@ ssh_gssapi_import_name(Gssctxt *ctx, con
+@@ -230,6 +385,9 @@ ssh_gssapi_import_name(Gssctxt *ctx, con
OM_uint32
ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
{
@@ -306,7 +318,7 @@
if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
GSS_C_QOP_DEFAULT, buffer, hash)))
ssh_gssapi_error(ctx);
-@@ -236,6 +394,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer
+@@ -237,6 +395,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer
return (ctx->major);
}
@@ -326,7 +338,7 @@
void
ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
const char *context)
-@@ -254,6 +425,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx
+@@ -255,6 +426,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx
gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
OM_uint32 major, minor;
gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};
@@ -337,7 +349,7 @@
/* RFC 4462 says we MUST NOT do SPNEGO */
if (oid->length == spnego_oid.length &&
-@@ -272,7 +447,7 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx
+@@ -273,7 +448,7 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx
GSS_C_NO_BUFFER);
}
@@ -346,13 +358,11 @@
ssh_gssapi_delete_ctx(ctx);
return (!GSS_ERROR(major));
-Only in new/: gss-genr.c.orig
-Only in new/: gss-genr.c~
diff -pur old/gss-serv.c new/gss-serv.c
---- old/gss-serv.c 2014-11-19 08:19:53.495994604 -0800
-+++ new/gss-serv.c 2014-11-19 08:19:53.614894916 -0800
+--- old/gss-serv.c 2015-05-21 02:51:54.328370202 -0700
++++ new/gss-serv.c 2015-05-21 02:51:54.515853684 -0700
@@ -1,7 +1,7 @@
- /* $OpenBSD: gss-serv.c,v 1.24 2013/07/20 01:55:13 djm Exp $ */
+ /* $OpenBSD: gss-serv.c,v 1.28 2015/01/20 23:14:00 deraadt Exp $ */
/*
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -360,7 +370,7 @@
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
-@@ -47,6 +47,7 @@
+@@ -46,6 +46,7 @@
#include "misc.h"
#include "ssh-gss.h"
@@ -368,7 +378,7 @@
static ssh_gssapi_client gssapi_client =
{ GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER,
-@@ -114,6 +115,28 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss
+@@ -132,6 +133,28 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss
}
/* Unprivileged */
@@ -397,7 +407,7 @@
void
ssh_gssapi_supported_oids(gss_OID_set *oidset)
{
-@@ -123,7 +146,9 @@ ssh_gssapi_supported_oids(gss_OID_set *o
+@@ -141,7 +164,9 @@ ssh_gssapi_supported_oids(gss_OID_set *o
gss_OID_set supported;
gss_create_empty_oid_set(&min_status, oidset);
@@ -408,7 +418,7 @@
while (supported_mechs[i]->name != NULL) {
if (GSS_ERROR(gss_test_oid_set_member(&min_status,
-@@ -398,14 +423,4 @@ ssh_gssapi_userok(char *user)
+@@ -417,14 +442,4 @@ ssh_gssapi_userok(char *user)
return (0);
}
@@ -423,12 +433,11 @@
-}
-
#endif
-Only in new/: gss-serv.c.orig
diff -pur old/kex.c new/kex.c
---- old/kex.c 2014-01-25 14:38:04.000000000 -0800
-+++ new/kex.c 2014-11-20 06:10:14.432397588 -0800
-@@ -51,6 +51,10 @@
- #include "roaming.h"
+--- old/kex.c 2015-03-16 22:49:20.000000000 -0700
++++ new/kex.c 2015-05-21 02:51:54.516546804 -0700
+@@ -55,6 +55,10 @@
+ #include "sshbuf.h"
#include "digest.h"
+#ifdef GSSAPI
@@ -438,10 +447,10 @@
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
# if defined(HAVE_EVP_SHA256)
# define evp_ssh_sha256 EVP_sha256
-@@ -90,6 +94,11 @@ static const struct kexalg kexalgs[] = {
- #ifdef HAVE_EVP_SHA256
+@@ -95,6 +99,11 @@ static const struct kexalg kexalgs[] = {
+ #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL)
{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
- #endif
+ #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
+#ifdef GSSAPI
+ { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 },
+ { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
@@ -450,7 +459,7 @@
{ NULL, -1, -1, -1},
};
-@@ -117,7 +126,7 @@ kex_alg_by_name(const char *name)
+@@ -126,7 +135,7 @@ kex_alg_by_name(const char *name)
const struct kexalg *k;
for (k = kexalgs; k->name != NULL; k++) {
@@ -459,13 +468,10 @@
return k;
}
return NULL;
-Only in new/: kex.c.orig
-Only in new/: kex.c.rej
-Only in new/: kex.c~
diff -pur old/kex.h new/kex.h
---- old/kex.h 2014-01-25 14:37:26.000000000 -0800
-+++ new/kex.h 2014-11-20 00:26:26.185459758 -0800
-@@ -76,6 +76,9 @@ enum kex_exchange {
+--- old/kex.h 2015-03-16 22:49:20.000000000 -0700
++++ new/kex.h 2015-05-21 04:13:55.764501761 -0700
+@@ -93,6 +93,9 @@ enum kex_exchange {
KEX_DH_GEX_SHA256,
KEX_ECDH_SHA2,
KEX_C25519_SHA256,
@@ -475,8 +481,8 @@
KEX_MAX
};
-@@ -136,6 +139,10 @@ struct Kex {
- int flags;
+@@ -139,6 +142,10 @@ struct kex {
+ u_int flags;
int hash_alg;
int ec_nid;
+#ifdef GSSAPI
@@ -485,56 +491,22 @@
+#endif
char *client_version_string;
char *server_version_string;
- int (*verify_host_key)(Key *);
-@@ -168,6 +175,11 @@ void kexecdh_server(Kex *);
- void kexc25519_client(Kex *);
- void kexc25519_server(Kex *);
-
+ int (*verify_host_key)(struct sshkey *, struct ssh *);
+@@ -183,6 +190,10 @@ int kexecdh_client(struct ssh *);
+ int kexecdh_server(struct ssh *);
+ int kexc25519_client(struct ssh *);
+ int kexc25519_server(struct ssh *);
+#ifdef GSSAPI
-+void kexgss_client(Kex *);
-+void kexgss_server(Kex *);
++int kexgss_client(struct ssh *);
++int kexgss_server(struct ssh *);
+#endif
-+
- void
- kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,
- BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *);
-Only in new/: kex.h.orig
-Only in new/: kex.h.rej
-Only in new/: kex.h~
-Only in new/: kexgssc.c
-Only in new/: kexgssc.c~
-Only in new/: kexgsss.c
-Only in new/: kexgsss.c~
-diff -pur old/key.c new/key.c
---- old/key.c 2014-01-09 15:58:53.000000000 -0800
-+++ new/key.c 2014-11-19 11:03:01.227859791 -0800
-@@ -985,6 +985,7 @@ static const struct keytype keytypes[] =
- KEY_DSA_CERT_V00, 0, 1 },
- { "[email protected]", "ED25519-CERT",
- KEY_ED25519_CERT, 0, 1 },
-+ { "null", "null", KEY_NULL, 0, 0 },
- { NULL, NULL, -1, -1, 0 }
- };
-Only in new/: key.c.orig
-Only in new/: key.c.rej
-Only in new/: key.c~
-diff -pur old/key.h new/key.h
---- old/key.h 2014-01-09 15:58:53.000000000 -0800
-+++ new/key.h 2014-11-19 08:19:53.616502306 -0800
-@@ -46,6 +46,7 @@ enum types {
- KEY_ED25519_CERT,
- KEY_RSA_CERT_V00,
- KEY_DSA_CERT_V00,
-+ KEY_NULL,
- KEY_UNSPEC
- };
- enum fp_type {
-Only in new/: key.h.orig
+ int kex_dh_hash(const char *, const char *,
+ const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
diff -pur old/monitor.c new/monitor.c
---- old/monitor.c 2014-11-19 08:19:53.555737643 -0800
-+++ new/monitor.c 2014-11-20 04:07:05.882669648 -0800
-@@ -184,6 +184,7 @@ int mm_answer_gss_setup_ctx(int, Buffer
+--- old/monitor.c 2015-05-21 02:51:54.364298135 -0700
++++ new/monitor.c 2015-05-21 02:51:54.518833104 -0700
+@@ -160,6 +160,7 @@ int mm_answer_gss_setup_ctx(int, Buffer
int mm_answer_gss_accept_ctx(int, Buffer *);
int mm_answer_gss_userok(int, Buffer *);
int mm_answer_gss_checkmic(int, Buffer *);
@@ -542,15 +514,13 @@
#endif
#ifdef SSH_AUDIT_EVENTS
-@@ -263,6 +264,7 @@ struct mon_table mon_dispatch_proto20[]
+@@ -244,11 +245,17 @@ struct mon_table mon_dispatch_proto20[]
{MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
{MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
+ {MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign},
#endif
- #ifdef JPAKE
- {MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata},
-@@ -275,6 +277,11 @@ struct mon_table mon_dispatch_proto20[]
+ {0, 0, NULL}
};
struct mon_table mon_dispatch_postauth20[] = {
@@ -559,10 +529,10 @@
+ {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
+ {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign},
+#endif
+ #ifdef WITH_OPENSSL
{MONITOR_REQ_MODULI, 0, mm_answer_moduli},
- {MONITOR_REQ_SIGN, 0, mm_answer_sign},
- {MONITOR_REQ_PTY, 0, mm_answer_pty},
-@@ -383,6 +390,10 @@ monitor_child_preauth(Authctxt *_authctx
+ #endif
+@@ -363,6 +370,10 @@ monitor_child_preauth(Authctxt *_authctx
/* Permit requests for moduli and signatures */
monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
@@ -573,7 +543,7 @@
} else {
mon_dispatch = mon_dispatch_proto15;
-@@ -497,6 +508,10 @@ monitor_child_postauth(struct monitor *p
+@@ -502,6 +513,10 @@ monitor_child_postauth(struct monitor *p
monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
@@ -584,21 +554,21 @@
} else {
mon_dispatch = mon_dispatch_postauth15;
monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
-@@ -1888,6 +1903,13 @@ mm_get_kex(Buffer *m)
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
- kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
- kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+@@ -1923,6 +1938,13 @@ monitor_apply_keystate(struct monitor *p
+ # endif
+ #endif /* WITH_OPENSSL */
+ kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+#ifdef GSSAPI
-+ if (options.gss_keyex) {
-+ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
-+ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
-+ kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
-+ }
++ if (options.gss_keyex) {
++ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
++ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
++ kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
++ }
+#endif
- kex->server = 1;
- kex->hostkey_type = buffer_get_int(m);
- kex->kex_type = buffer_get_int(m);
-@@ -2095,6 +2117,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer
+ kex->load_host_public_key=&get_hostkey_public_by_type;
+ kex->load_host_private_key=&get_hostkey_private_by_type;
+ kex->host_key_index=&get_hostkey_index;
+@@ -2022,6 +2044,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer
OM_uint32 major;
u_int len;
@@ -608,7 +578,7 @@
goid.elements = buffer_get_string(m, &len);
goid.length = len;
-@@ -2122,6 +2147,9 @@ mm_answer_gss_accept_ctx(int sock, Buffe
+@@ -2049,6 +2074,9 @@ mm_answer_gss_accept_ctx(int sock, Buffe
OM_uint32 flags = 0; /* GSI needs this */
u_int len;
@@ -618,7 +588,7 @@
in.value = buffer_get_string(m, &len);
in.length = len;
major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
-@@ -2139,6 +2167,7 @@ mm_answer_gss_accept_ctx(int sock, Buffe
+@@ -2066,6 +2094,7 @@ mm_answer_gss_accept_ctx(int sock, Buffe
monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
@@ -626,7 +596,7 @@
}
return (0);
}
-@@ -2150,6 +2179,9 @@ mm_answer_gss_checkmic(int sock, Buffer
+@@ -2077,6 +2106,9 @@ mm_answer_gss_checkmic(int sock, Buffer
OM_uint32 ret;
u_int len;
@@ -636,7 +606,7 @@
gssbuf.value = buffer_get_string(m, &len);
gssbuf.length = len;
mic.value = buffer_get_string(m, &len);
-@@ -2176,6 +2208,9 @@ mm_answer_gss_userok(int sock, Buffer *m
+@@ -2103,6 +2135,9 @@ mm_answer_gss_userok(int sock, Buffer *m
{
int authenticated;
@@ -646,7 +616,7 @@
authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user);
buffer_clear(m);
-@@ -2189,6 +2224,48 @@ mm_answer_gss_userok(int sock, Buffer *m
+@@ -2116,5 +2151,47 @@ mm_answer_gss_userok(int sock, Buffer *m
/* Monitor loop will terminate if authenticated */
return (authenticated);
}
@@ -694,14 +664,10 @@
+
#endif /* GSSAPI */
- #ifdef JPAKE
-Only in new/: monitor.c.orig
-Only in new/: monitor.c.rej
-Only in new/: monitor.c~
diff -pur old/monitor.h new/monitor.h
---- old/monitor.h 2014-11-19 08:19:53.555841204 -0800
-+++ new/monitor.h 2014-11-19 09:27:51.185925631 -0800
-@@ -73,6 +73,9 @@ enum monitor_reqtype {
+--- old/monitor.h 2015-05-21 02:51:54.364660946 -0700
++++ new/monitor.h 2015-05-21 02:51:54.519394748 -0700
+@@ -68,6 +68,9 @@ enum monitor_reqtype {
#ifdef PAM_ENHANCEMENT
MONITOR_REQ_AUTHMETHOD = 114,
#endif
@@ -711,12 +677,10 @@
};
struct mm_master;
-Only in new/: monitor.h.orig
-Only in new/: monitor.h.rej
diff -pur old/monitor_wrap.c new/monitor_wrap.c
---- old/monitor_wrap.c 2014-11-19 08:19:53.555313040 -0800
-+++ new/monitor_wrap.c 2014-11-19 08:19:53.617470451 -0800
-@@ -1308,6 +1308,29 @@ mm_ssh_gssapi_userok(char *user)
+--- old/monitor_wrap.c 2015-05-21 02:51:54.365259156 -0700
++++ new/monitor_wrap.c 2015-05-21 02:51:54.519982413 -0700
+@@ -1103,5 +1103,28 @@ mm_ssh_gssapi_userok(char *user)
debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
return (authenticated);
}
@@ -745,11 +709,9 @@
+
#endif /* GSSAPI */
- #ifdef JPAKE
-Only in new/: monitor_wrap.c.orig
diff -pur old/monitor_wrap.h new/monitor_wrap.h
---- old/monitor_wrap.h 2011-06-19 21:42:23.000000000 -0700
-+++ new/monitor_wrap.h 2014-11-19 08:19:53.617555551 -0800
+--- old/monitor_wrap.h 2015-03-16 22:49:20.000000000 -0700
++++ new/monitor_wrap.h 2015-05-21 02:51:54.520316939 -0700
@@ -60,6 +60,7 @@ OM_uint32 mm_ssh_gssapi_accept_ctx(Gssct
gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
int mm_ssh_gssapi_userok(char *user);
@@ -758,11 +720,10 @@
#endif
#ifdef USE_PAM
-Only in new/: monitor_wrap.h.orig
diff -pur old/readconf.c new/readconf.c
---- old/readconf.c 2014-11-19 08:19:53.577815170 -0800
-+++ new/readconf.c 2014-11-19 09:42:12.825342175 -0800
-@@ -140,6 +140,7 @@ typedef enum {
+--- old/readconf.c 2015-05-21 02:51:54.384748072 -0700
++++ new/readconf.c 2015-05-21 02:51:54.521602190 -0700
+@@ -147,6 +147,7 @@ typedef enum {
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
oAddressFamily, oGssAuthentication, oGssDelegateCreds,
@@ -770,7 +731,7 @@
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
oSendEnv, oControlPath, oControlMaster, oControlPersist,
oHashKnownHosts,
-@@ -187,9 +188,11 @@ static struct {
+@@ -195,9 +196,11 @@ static struct {
#if defined(GSSAPI)
{ "gssapiauthentication", oGssAuthentication },
{ "gssapidelegatecredentials", oGssDelegateCreds },
@@ -782,7 +743,7 @@
#endif
{ "fallbacktorsh", oDeprecated },
{ "usersh", oDeprecated },
-@@ -876,6 +879,10 @@ parse_time:
+@@ -927,6 +930,10 @@ parse_time:
intptr = &options->gss_authentication;
goto parse_flag;
@@ -793,7 +754,7 @@
case oGssDelegateCreds:
intptr = &options->gss_deleg_creds;
goto parse_flag;
-@@ -1532,6 +1539,7 @@ initialize_options(Options * options)
+@@ -1643,6 +1650,7 @@ initialize_options(Options * options)
options->pubkey_authentication = -1;
options->challenge_response_authentication = -1;
options->gss_authentication = -1;
@@ -801,7 +762,7 @@
options->gss_deleg_creds = -1;
options->password_authentication = -1;
options->kbd_interactive_authentication = -1;
-@@ -1645,6 +1653,12 @@ fill_default_options(Options * options)
+@@ -1781,6 +1789,12 @@ fill_default_options(Options * options)
#else
options->gss_authentication = 0;
#endif
@@ -814,12 +775,10 @@
if (options->gss_deleg_creds == -1)
options->gss_deleg_creds = 0;
if (options->password_authentication == -1)
-Only in new/: readconf.c.orig
-Only in new/: readconf.c.rej
diff -pur old/readconf.h new/readconf.h
---- old/readconf.h 2014-11-19 08:19:53.536144272 -0800
-+++ new/readconf.h 2014-11-19 08:19:53.618258278 -0800
-@@ -54,6 +54,7 @@ typedef struct {
+--- old/readconf.h 2015-05-21 02:51:54.348366942 -0700
++++ new/readconf.h 2015-05-21 02:51:54.521966549 -0700
+@@ -45,6 +45,7 @@ typedef struct {
int challenge_response_authentication;
/* Try S/Key or TIS, authentication. */
int gss_authentication; /* Try GSS authentication */
@@ -827,11 +786,10 @@
int gss_deleg_creds; /* Delegate GSS credentials */
int password_authentication; /* Try password
* authentication. */
-Only in new/: readconf.h.orig
diff -pur old/servconf.c new/servconf.c
---- old/servconf.c 2014-11-19 08:19:53.589868411 -0800
-+++ new/servconf.c 2014-11-20 04:15:47.500881329 -0800
-@@ -108,6 +108,7 @@ initialize_server_options(ServerOptions
+--- old/servconf.c 2015-05-21 02:51:54.410086670 -0700
++++ new/servconf.c 2015-05-21 02:51:54.523417320 -0700
+@@ -114,6 +114,7 @@ initialize_server_options(ServerOptions
options->kerberos_ticket_cleanup = -1;
options->kerberos_get_afs_token = -1;
options->gss_authentication=-1;
@@ -839,7 +797,7 @@
options->gss_cleanup_creds = -1;
options->password_authentication = -1;
options->kbd_interactive_authentication = -1;
-@@ -258,6 +259,12 @@ fill_default_server_options(ServerOption
+@@ -294,6 +295,12 @@ fill_default_server_options(ServerOption
#else
options->gss_authentication = 0;
#endif
@@ -852,15 +810,15 @@
if (options->gss_cleanup_creds == -1)
options->gss_cleanup_creds = 1;
if (options->password_authentication == -1)
-@@ -362,6 +369,7 @@ typedef enum {
+@@ -422,6 +429,7 @@ typedef enum {
sBanner, sUseDNS, sHostbasedAuthentication,
- sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
- sClientAliveCountMax, sAuthorizedKeysFile,
+ sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes,
+ sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
+ sGssKeyEx,
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
sUsePrivilegeSeparation, sAllowAgentForwarding,
-@@ -431,6 +439,7 @@ static struct {
+@@ -495,6 +503,7 @@ static struct {
{ "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
#ifdef GSSAPI
{ "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
@@ -868,7 +826,7 @@
#ifdef USE_GSS_STORE_CRED
{ "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
#else /* USE_GSS_STORE_CRED */
-@@ -438,6 +447,7 @@ static struct {
+@@ -502,6 +511,7 @@ static struct {
#endif /* USE_GSS_STORE_CRED */
#else
{ "gssapiauthentication", sUnsupported, SSHCFG_ALL },
@@ -876,7 +834,7 @@
{ "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
#endif
{ "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
-@@ -1159,6 +1169,10 @@ process_server_config_line(ServerOptions
+@@ -1243,6 +1253,10 @@ process_server_config_line(ServerOptions
intptr = &options->gss_authentication;
goto parse_flag;
@@ -887,21 +845,18 @@
case sGssCleanupCreds:
intptr = &options->gss_cleanup_creds;
goto parse_flag;
-@@ -2097,6 +2111,7 @@ dump_config(ServerOptions *o)
+@@ -2233,6 +2247,7 @@ dump_config(ServerOptions *o)
#endif
#ifdef GSSAPI
dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
+ dump_cfg_fmtint(sGssKeyEx, o->gss_keyex);
dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
#endif
- #ifdef JPAKE
-Only in new/: servconf.c.orig
-Only in new/: servconf.c.rej
-Only in new/: servconf.c~
+ dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
diff -pur old/servconf.h new/servconf.h
---- old/servconf.h 2014-11-19 08:19:53.556446909 -0800
-+++ new/servconf.h 2014-11-19 08:19:53.619133205 -0800
-@@ -116,6 +116,7 @@ typedef struct {
+--- old/servconf.h 2015-05-21 02:51:54.367009782 -0700
++++ new/servconf.h 2015-05-21 02:51:54.524007042 -0700
+@@ -119,6 +119,7 @@ typedef struct {
int kerberos_get_afs_token; /* If true, try to get AFS token if
* authenticated with Kerberos. */
int gss_authentication; /* If true, permit GSSAPI authentication */
@@ -909,10 +864,9 @@
int gss_cleanup_creds; /* If true, destroy cred cache on logout */
int password_authentication; /* If true, permit password
* authentication. */
-Only in new/: servconf.h.orig
diff -pur old/ssh-gss.h new/ssh-gss.h
---- old/ssh-gss.h 2013-02-24 16:24:44.000000000 -0800
-+++ new/ssh-gss.h 2014-11-19 08:19:53.619269786 -0800
+--- old/ssh-gss.h 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-gss.h 2015-05-21 02:51:54.524497644 -0700
@@ -61,6 +61,17 @@
#define SSH_GSS_OIDTYPE 0x06
@@ -939,7 +893,7 @@
int ssh_gssapi_check_oid(Gssctxt *, void *, size_t);
void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t);
-@@ -120,6 +132,11 @@ void ssh_gssapi_buildmic(Buffer *, const
+@@ -122,6 +134,11 @@ void ssh_gssapi_buildmic(Buffer *, const
int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *);
/* In the server */
@@ -951,7 +905,7 @@
OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
int ssh_gssapi_userok(char *name);
OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
-@@ -127,6 +144,8 @@ void ssh_gssapi_do_child(char ***, u_int
+@@ -129,6 +146,8 @@ void ssh_gssapi_do_child(char ***, u_int
void ssh_gssapi_cleanup_creds(void);
void ssh_gssapi_storecreds(void);
@@ -960,10 +914,9 @@
#endif /* GSSAPI */
#endif /* _SSH_GSS_H */
-Only in new/: ssh-gss.h.orig
diff -pur old/ssh_config new/ssh_config
---- old/ssh_config 2013-10-09 16:24:12.000000000 -0700
-+++ new/ssh_config 2014-11-20 08:14:10.251613588 -0800
+--- old/ssh_config 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh_config 2015-05-21 02:51:54.524781493 -0700
@@ -26,6 +26,7 @@
# HostbasedAuthentication no
# GSSAPIAuthentication no
@@ -973,9 +926,9 @@
# CheckHostIP yes
# AddressFamily any
diff -pur old/ssh_config.5 new/ssh_config.5
---- old/ssh_config.5 2014-11-19 08:19:53.578521210 -0800
-+++ new/ssh_config.5 2014-11-20 08:15:58.760019866 -0800
-@@ -684,6 +684,12 @@ Specifies whether user authentication ba
+--- old/ssh_config.5 2015-05-21 02:51:54.385795947 -0700
++++ new/ssh_config.5 2015-05-21 02:51:54.525539849 -0700
+@@ -751,6 +751,12 @@ Specifies whether user authentication ba
The default on Solaris is
.Dq yes .
Note that this option applies to protocol version 2 only.
@@ -988,15 +941,12 @@
.It Cm GSSAPIDelegateCredentials
Forward (delegate) credentials to the server.
The default is
-Only in new/: ssh_config.5.orig
-Only in new/: ssh_config.5~
-Only in new/: ssh_config~
diff -pur old/sshconnect2.c new/sshconnect2.c
---- old/sshconnect2.c 2014-11-19 08:19:53.536674289 -0800
-+++ new/sshconnect2.c 2014-11-20 04:01:10.016195028 -0800
+--- old/sshconnect2.c 2015-05-21 02:51:54.349037357 -0700
++++ new/sshconnect2.c 2015-05-21 02:51:54.526742914 -0700
@@ -164,9 +164,31 @@ ssh_kex2(char *host, struct sockaddr *ho
- {
- Kex *kex;
+ struct kex *kex;
+ int r;
+#ifdef GSSAPI
+ char *orig = NULL, *gss = NULL;
@@ -1026,9 +976,9 @@
if (options.ciphers == (char *)-1) {
logit("No valid ciphers for protocol version 2 given, using defaults.");
options.ciphers = NULL;
-@@ -202,6 +224,17 @@ ssh_kex2(char *host, struct sockaddr *ho
- if (options.kex_algorithms != NULL)
- myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms;
+@@ -204,6 +226,17 @@ ssh_kex2(char *host, struct sockaddr *ho
+ myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(
+ myproposal[PROPOSAL_KEX_ALGS]);
+#ifdef GSSAPI
+ /* If we've got GSSAPI algorithms, then we also support the
@@ -1044,9 +994,9 @@
if (options.rekey_limit || options.rekey_interval)
packet_set_rekey_limits((u_int32_t)options.rekey_limit,
(time_t)options.rekey_interval);
-@@ -214,9 +247,22 @@ ssh_kex2(char *host, struct sockaddr *ho
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
- kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+@@ -222,9 +255,22 @@ ssh_kex2(char *host, struct sockaddr *ho
+ # endif
+ #endif
kex->kex[KEX_C25519_SHA256] = kexc25519_client;
+#ifdef GSSAPI
+ if (options.gss_keyex) {
@@ -1065,17 +1015,17 @@
+ }
+#endif
- xxx_kex = kex;
+ dispatch_run(DISPATCH_BLOCK, &kex->done, active_state);
-@@ -313,6 +359,7 @@ void input_gssapi_token(int type, u_int3
- void input_gssapi_hash(int type, u_int32_t, void *);
- void input_gssapi_error(int, u_int32_t, void *);
- void input_gssapi_errtok(int, u_int32_t, void *);
+@@ -317,6 +363,7 @@ int input_gssapi_token(int type, u_int32
+ int input_gssapi_hash(int type, u_int32_t, void *);
+ int input_gssapi_error(int, u_int32_t, void *);
+ int input_gssapi_errtok(int, u_int32_t, void *);
+int userauth_gsskeyex(Authctxt *authctxt);
#endif
void userauth(Authctxt *, char *);
-@@ -328,6 +375,11 @@ static char *authmethods_get(void);
+@@ -332,6 +379,11 @@ static char *authmethods_get(void);
Authmethod authmethods[] = {
#ifdef GSSAPI
@@ -1087,7 +1037,7 @@
{"gssapi-with-mic",
userauth_gssapi,
NULL,
-@@ -649,7 +701,10 @@ userauth_gssapi(Authctxt *authctxt)
+@@ -656,7 +708,10 @@ userauth_gssapi(Authctxt *authctxt)
* once. */
if (gss_supported == NULL)
@@ -1099,7 +1049,7 @@
/* Check to see if the mechanism is usable before we offer it */
while (mech < gss_supported->count && !ok) {
-@@ -753,8 +808,8 @@ input_gssapi_response(int type, u_int32_
+@@ -760,8 +815,8 @@ input_gssapi_response(int type, u_int32_
{
Authctxt *authctxt = ctxt;
Gssctxt *gssctxt;
@@ -1110,9 +1060,9 @@
if (authctxt == NULL)
fatal("input_gssapi_response: no authentication context");
-@@ -863,6 +918,48 @@ input_gssapi_error(int type, u_int32_t p
- free(msg);
+@@ -874,6 +929,48 @@ input_gssapi_error(int type, u_int32_t p
free(lang);
+ return 0;
}
+
+int
@@ -1159,13 +1109,10 @@
#endif /* GSSAPI */
int
-Only in new/: sshconnect2.c.orig
-Only in new/: sshconnect2.c.rej
-Only in new/: sshconnect2.c~
diff -pur old/sshd.c new/sshd.c
---- old/sshd.c 2014-11-19 08:19:53.496741742 -0800
-+++ new/sshd.c 2014-11-19 10:39:10.594013263 -0800
-@@ -1730,10 +1730,13 @@ main(int ac, char **av)
+--- old/sshd.c 2015-05-21 02:51:54.419878113 -0700
++++ new/sshd.c 2015-05-21 02:51:54.528004659 -0700
+@@ -1815,10 +1815,13 @@ main(int ac, char **av)
logit("Disabling protocol version 1. Could not load host key");
options.protocol &= ~SSH_PROTO_1;
}
@@ -1179,7 +1126,7 @@
if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) {
logit("sshd: no hostkeys available -- exiting.");
exit(1);
-@@ -2488,6 +2491,48 @@ do_ssh2_kex(void)
+@@ -2586,6 +2589,48 @@ do_ssh2_kex(void)
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
list_hostkey_types());
@@ -1226,11 +1173,11 @@
+#endif
+
/* start key exchange */
- kex = kex_setup(myproposal);
- kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-@@ -2496,6 +2541,13 @@ do_ssh2_kex(void)
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
- kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+ if ((r = kex_setup(active_state, myproposal)) != 0)
+ fatal("kex_setup: %s", ssh_err(r));
+@@ -2600,6 +2645,13 @@ do_ssh2_kex(void)
+ # endif
+ #endif
kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+#ifdef GSSAPI
+ if (options.gss_keyex) {
@@ -1242,11 +1189,9 @@
kex->server = 1;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;
-Only in new/: sshd.c.orig
-Only in new/: sshd.c.rej
diff -pur old/sshd_config new/sshd_config
---- old/sshd_config 2014-01-12 00:20:47.000000000 -0800
-+++ new/sshd_config 2014-11-20 08:14:48.893785772 -0800
+--- old/sshd_config 2015-03-16 22:49:20.000000000 -0700
++++ new/sshd_config 2015-05-21 02:51:54.528526236 -0700
@@ -82,8 +82,9 @@ AuthorizedKeysFile .ssh/authorized_keys
#KerberosGetAFSToken no
@@ -1259,9 +1204,9 @@
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
diff -pur old/sshd_config.5 new/sshd_config.5
---- old/sshd_config.5 2014-11-19 08:19:53.578781556 -0800
-+++ new/sshd_config.5 2014-11-20 08:17:21.116195335 -0800
-@@ -493,6 +493,12 @@ Specifies whether user authentication ba
+--- old/sshd_config.5 2015-05-21 02:51:54.386222371 -0700
++++ new/sshd_config.5 2015-05-21 02:51:54.529252300 -0700
+@@ -564,6 +564,12 @@ Specifies whether user authentication ba
The default on Solaris is
.Dq yes .
Note that this option applies to protocol version 2 only.
@@ -1274,8 +1219,25 @@
.It Cm GSSAPICleanupCredentials
Specifies whether to automatically destroy the user's credentials cache
on logout.
-Only in new/: sshd_config.5.orig
-Only in new/: sshd_config.5~
-Only in new/: sshd_config.orig
-Only in new/: sshd_config.rej
-Only in new/: sshd_config~
+diff -pur old/sshkey.c new/sshkey.c
+--- old/sshkey.c 2015-03-16 22:49:20.000000000 -0700
++++ new/sshkey.c 2015-05-21 02:51:54.530693373 -0700
+@@ -116,6 +116,7 @@ static const struct keytype keytypes[] =
+ { "[email protected]", "DSA-CERT-V00",
+ KEY_DSA_CERT_V00, 0, 1 },
+ #endif /* WITH_OPENSSL */
++ { "null", "null", KEY_NULL, 0, 0 },
+ { NULL, NULL, -1, -1, 0 }
+ };
+
+diff -pur old/sshkey.h new/sshkey.h
+--- old/sshkey.h 2015-03-16 22:49:20.000000000 -0700
++++ new/sshkey.h 2015-05-21 02:51:54.531066246 -0700
+@@ -64,6 +64,7 @@ enum sshkey_types {
+ KEY_ED25519_CERT,
+ KEY_RSA_CERT_V00,
+ KEY_DSA_CERT_V00,
++ KEY_NULL,
+ KEY_UNSPEC
+ };
+
--- a/components/openssh/patches/024-disable_ed25519.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/024-disable_ed25519.patch Thu Jun 18 07:01:42 2015 -0700
@@ -2,14 +2,14 @@
# Per Solaris crypto team recommendation, we need to remove support for
# Curve25519 from OpenSSH.
#
-# Patch offered upstream:
+# Patch offered upstream but rejected:
# https://bugzilla.mindrot.org/show_bug.cgi?id=2376
#
diff -pur old/Makefile.in new/Makefile.in
---- old/Makefile.in 2015-03-31 21:14:02.427499635 -0700
-+++ new/Makefile.in 2015-04-02 02:30:04.830658823 -0700
-@@ -141,7 +141,7 @@ $(SSHDOBJS): Makefile.in config.h
- $(CC) $(CFLAGS) $(CPPFLAGS) -c $<
+--- old/Makefile.in 2015-05-12 06:57:55.737824435 -0700
++++ new/Makefile.in 2015-05-12 06:57:55.859410671 -0700
+@@ -155,7 +155,7 @@ $(SSHDOBJS): Makefile.in config.h
+ $(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@
LIBCOMPAT=openbsd-compat/libopenbsd-compat.a
-$(LIBCOMPAT): always
@@ -18,12 +18,12 @@
always:
diff -pur old/authfd.c new/authfd.c
---- old/authfd.c 2013-12-28 22:49:56.000000000 -0800
-+++ new/authfd.c 2015-04-01 01:53:06.534109950 -0700
-@@ -508,8 +508,10 @@ ssh_add_identity_constrained(Authenticat
- case KEY_DSA_CERT_V00:
+--- old/authfd.c 2015-03-16 22:49:20.000000000 -0700
++++ new/authfd.c 2015-05-12 06:57:55.860206664 -0700
+@@ -569,8 +569,10 @@ ssh_add_identity_constrained(int sock, s
case KEY_ECDSA:
case KEY_ECDSA_CERT:
+ #endif
+#ifndef WITHOUT_ED25519
case KEY_ED25519:
case KEY_ED25519_CERT:
@@ -32,127 +32,118 @@
SSH2_AGENTC_ADD_ID_CONSTRAINED :
SSH2_AGENTC_ADD_IDENTITY;
diff -pur old/authfile.c new/authfile.c
---- old/authfile.c 2013-12-28 22:50:15.000000000 -0800
-+++ new/authfile.c 2015-04-01 05:27:03.024708427 -0700
-@@ -597,9 +597,11 @@ key_private_to_blob(Key *key, Buffer *bl
- comment, new_format_cipher, new_format_rounds);
- }
- return key_private_pem_to_blob(key, blob, passphrase, comment);
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- return key_private_to_blob2(key, blob, passphrase,
- comment, new_format_cipher, new_format_rounds);
-+#endif /* WITHOUT_ED25519 */
- default:
- error("%s: cannot save key type %d", __func__, key->type);
- return 0;
-@@ -1005,8 +1007,10 @@ key_parse_private_type(Buffer *blob, int
- case KEY_ECDSA:
- case KEY_RSA:
- return key_parse_private_pem(blob, type, passphrase, commentp);
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- return key_parse_private2(blob, type, passphrase, commentp);
-+#endif /* WITHOUT_ED25519 */
- case KEY_UNSPEC:
- if ((k = key_parse_private2(blob, type, passphrase, commentp)))
- return k;
-@@ -1213,7 +1217,9 @@ key_load_private_cert(int type, const ch
+--- old/authfile.c 2015-03-16 22:49:20.000000000 -0700
++++ new/authfile.c 2015-05-12 06:57:55.860669228 -0700
+@@ -446,8 +446,10 @@ sshkey_load_private_cert(int type, const
case KEY_RSA:
case KEY_DSA:
case KEY_ECDSA:
+- case KEY_ED25519:
+ #endif /* WITH_OPENSSL */
+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
++ case KEY_ED25519:
+#endif /* WITHOUT_ED25519 */
+ case KEY_UNSPEC:
break;
default:
- error("%s: unsupported key type", __func__);
-diff -pur old/crypto_api.h new/crypto_api.h
---- old/crypto_api.h 2014-01-16 17:31:34.000000000 -0800
-+++ new/crypto_api.h 2015-04-02 00:35:29.952105991 -0700
-@@ -26,7 +26,7 @@ int crypto_hashblocks_sha512(unsigned ch
-
- #define crypto_hash_sha512_BYTES 64U
+diff -pur old/dns.c new/dns.c
+--- old/dns.c 2015-03-16 22:49:20.000000000 -0700
++++ new/dns.c 2015-05-12 06:57:55.861065113 -0700
+@@ -100,11 +100,13 @@ dns_read_key(u_int8_t *algorithm, u_int8
+ if (!*digest_type)
+ *digest_type = SSHFP_HASH_SHA256;
+ break;
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ *algorithm = SSHFP_KEY_ED25519;
+ if (!*digest_type)
+ *digest_type = SSHFP_HASH_SHA256;
+ break;
++#endif /* WITHOUT_ED25519 */
+ default:
+ *algorithm = SSHFP_KEY_RESERVED; /* 0 */
+ *digest_type = SSHFP_HASH_RESERVED; /* 0 */
+diff -pur old/dns.h new/dns.h
+--- old/dns.h 2015-03-16 22:49:20.000000000 -0700
++++ new/dns.h 2015-05-12 06:57:55.861358245 -0700
+@@ -33,7 +33,9 @@ enum sshfp_types {
+ SSHFP_KEY_RSA = 1,
+ SSHFP_KEY_DSA = 2,
+ SSHFP_KEY_ECDSA = 3,
++#ifndef WITHOUT_ED25519
+ SSHFP_KEY_ED25519 = 4
++#endif /* WITHOUT_ED25519 */
+ };
--int crypto_hash_sha512(unsigned char *, const unsigned char *,
-+extern int crypto_hash_sha512(unsigned char *, const unsigned char *,
- unsigned long long);
-
- int crypto_verify_32(const unsigned char *, const unsigned char *);
+ enum sshfp_hashes {
diff -pur old/ed25519.c new/ed25519.c
---- old/ed25519.c 2013-12-17 22:48:11.000000000 -0800
-+++ new/ed25519.c 2015-04-01 09:03:04.052497535 -0700
-@@ -6,6 +6,8 @@
- * Copied from supercop-20130419/crypto_sign/ed25519/ref/ed25519.c
+--- old/ed25519.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ed25519.c 2015-05-12 06:57:55.861707517 -0700
+@@ -7,6 +7,7 @@
*/
+ #include "includes.h"
+#ifndef WITHOUT_ED25519
-+
- #include "includes.h"
#include "crypto_api.h"
-@@ -142,3 +144,4 @@ int crypto_sign_ed25519_open(
+ #include "ge25519.h"
+@@ -142,3 +143,4 @@ int crypto_sign_ed25519_open(
}
return ret;
}
+#endif /* WITHOUT_ED25519 */
diff -pur old/fe25519.c new/fe25519.c
---- old/fe25519.c 2014-01-16 17:43:44.000000000 -0800
-+++ new/fe25519.c 2015-04-01 03:48:12.251955071 -0700
-@@ -6,6 +6,8 @@
- * Copied from supercop-20130419/crypto_sign/ed25519/ref/fe25519.c
- */
+--- old/fe25519.c 2015-03-16 22:49:20.000000000 -0700
++++ new/fe25519.c 2015-05-12 06:57:55.862124169 -0700
+@@ -8,6 +8,7 @@
+
+ #include "includes.h"
+#ifndef WITHOUT_ED25519
-+
- #include "includes.h"
+ #define WINDOWSIZE 1 /* Should be 1,2, or 4 */
+ #define WINDOWMASK ((1<<WINDOWSIZE)-1)
- #define WINDOWSIZE 1 /* Should be 1,2, or 4 */
-@@ -335,3 +337,5 @@ void fe25519_pow2523(fe25519 *r, const f
+@@ -335,3 +336,4 @@ void fe25519_pow2523(fe25519 *r, const f
/* 2^252 - 2^2 */ fe25519_square(&t,&t);
/* 2^252 - 3 */ fe25519_mul(r,&t,x);
}
-+
+#endif /* WITHOUT_ED25519 */
diff -pur old/fe25519.h new/fe25519.h
---- old/fe25519.h 2013-12-17 22:48:11.000000000 -0800
-+++ new/fe25519.h 2015-04-01 03:47:56.992321351 -0700
-@@ -9,6 +9,8 @@
+--- old/fe25519.h 2015-03-16 22:49:20.000000000 -0700
++++ new/fe25519.h 2015-05-12 06:57:55.862460867 -0700
+@@ -8,6 +8,7 @@
+
#ifndef FE25519_H
#define FE25519_H
++#ifndef WITHOUT_ED25519
-+#ifndef WITHOUT_ED25519
-+
#include "crypto_api.h"
- #define fe25519 crypto_sign_ed25519_ref_fe25519
-@@ -67,4 +69,5 @@ void fe25519_invert(fe25519 *r, const fe
+@@ -67,4 +68,5 @@ void fe25519_invert(fe25519 *r, const fe
void fe25519_pow2523(fe25519 *r, const fe25519 *x);
+#endif /* WITHOUT_ED25519 */
#endif
diff -pur old/ge25519.c new/ge25519.c
---- old/ge25519.c 2014-01-16 17:43:44.000000000 -0800
-+++ new/ge25519.c 2015-04-01 03:47:40.144323636 -0700
-@@ -6,6 +6,8 @@
- * Copied from supercop-20130419/crypto_sign/ed25519/ref/ge25519.c
+--- old/ge25519.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ge25519.c 2015-05-12 06:57:55.862878000 -0700
+@@ -7,6 +7,7 @@
*/
+ #include "includes.h"
+#ifndef WITHOUT_ED25519
-+
- #include "includes.h"
#include "fe25519.h"
-@@ -319,3 +321,5 @@ void ge25519_scalarmult_base(ge25519_p3
+ #include "sc25519.h"
+@@ -319,3 +320,4 @@ void ge25519_scalarmult_base(ge25519_p3
ge25519_mixadd2(r, &t);
}
}
-+
+#endif /* WITHOUT_ED25519 */
diff -pur old/ge25519.h new/ge25519.h
---- old/ge25519.h 2013-12-17 22:48:11.000000000 -0800
-+++ new/ge25519.h 2015-04-01 03:47:22.801071311 -0700
+--- old/ge25519.h 2015-03-16 22:49:20.000000000 -0700
++++ new/ge25519.h 2015-05-12 06:57:55.863212105 -0700
@@ -8,6 +8,7 @@
#ifndef GE25519_H
@@ -168,21 +159,24 @@
+#endif /* WITHOUT_ED25519 */
#endif
diff -pur old/kex.c new/kex.c
---- old/kex.c 2015-03-31 21:14:02.430475216 -0700
-+++ new/kex.c 2015-04-01 04:49:49.142934463 -0700
-@@ -91,7 +91,7 @@ static const struct kexalg kexalgs[] = {
- # endif
- #endif
- { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
--#ifdef HAVE_EVP_SHA256
-+#if defined(HAVE_EVP_SHA256) && !defined(WITHOUT_ED25519)
+--- old/kex.c 2015-05-12 06:57:55.741193024 -0700
++++ new/kex.c 2015-05-12 07:00:10.308904895 -0700
+@@ -96,9 +96,11 @@ static const struct kexalg kexalgs[] = {
+ # endif /* OPENSSL_HAS_NISTP521 */
+ #endif /* OPENSSL_HAS_ECC */
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ #if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL)
{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
- #endif
+ #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
++#endif /* WITHOUT_ED25519 */
#ifdef GSSAPI
+ { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 },
+ { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
diff -pur old/kex.h new/kex.h
---- old/kex.h 2015-03-31 21:14:02.430845488 -0700
-+++ new/kex.h 2015-04-01 04:58:55.837357472 -0700
-@@ -43,7 +43,9 @@
+--- old/kex.h 2015-05-12 06:57:55.741694192 -0700
++++ new/kex.h 2015-05-12 07:01:49.320801815 -0700
+@@ -58,13 +58,17 @@
#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256"
#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384"
#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521"
@@ -192,7 +186,15 @@
#define COMP_NONE 0
#define COMP_ZLIB 1
-@@ -75,7 +77,9 @@ enum kex_exchange {
+ #define COMP_DELAYED 2
+
++#ifndef WITHOUT_ED25519
+ #define CURVE25519_SIZE 32
++#endif /* WITHOUT_ED25519 */
+
+ enum kex_init_proposals {
+ PROPOSAL_KEX_ALGS,
+@@ -92,7 +96,9 @@ enum kex_exchange {
KEX_DH_GEX_SHA1,
KEX_DH_GEX_SHA256,
KEX_ECDH_SHA2,
@@ -202,567 +204,175 @@
KEX_GSS_GRP1_SHA1,
KEX_GSS_GRP14_SHA1,
KEX_GSS_GEX_SHA1,
-@@ -172,8 +176,10 @@ void kexgex_client(Kex *);
- void kexgex_server(Kex *);
- void kexecdh_client(Kex *);
- void kexecdh_server(Kex *);
+@@ -160,8 +166,10 @@ struct kex {
+ u_int min, max, nbits; /* GEX */
+ EC_KEY *ec_client_key; /* ECDH */
+ const EC_GROUP *ec_group; /* ECDH */
+#ifndef WITHOUT_ED25519
- void kexc25519_client(Kex *);
- void kexc25519_server(Kex *);
+ u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */
+ u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */
+#endif /* WITHOUT_ED25519 */
+ };
+ int kex_names_valid(const char *);
+@@ -188,8 +196,10 @@ int kexgex_client(struct ssh *);
+ int kexgex_server(struct ssh *);
+ int kexecdh_client(struct ssh *);
+ int kexecdh_server(struct ssh *);
++#ifndef WITHOUT_ED25519
+ int kexc25519_client(struct ssh *);
+ int kexc25519_server(struct ssh *);
++#endif /* WITHOUT_ED25519 */
#ifdef GSSAPI
- void kexgss_client(Kex *);
-@@ -193,6 +199,7 @@ kex_ecdh_hash(int, const EC_GROUP *, cha
- char *, int, u_char *, int, const EC_POINT *, const EC_POINT *,
- const BIGNUM *, u_char **, u_int *);
- #endif
+ int kexgss_client(Kex *);
+ void kexgss_server(Kex *);
+@@ -210,6 +220,7 @@ int kex_ecdh_hash(int, const EC_GROUP *,
+ const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
+ const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *);
+
+#ifndef WITHOUT_ED25519
- void
- kex_c25519_hash(int, char *, char *, char *, int,
- char *, int, u_char *, int, const u_char *, const u_char *,
-@@ -206,6 +213,7 @@ void kexc25519_shared_key(const u_char k
- const u_char pub[CURVE25519_SIZE], Buffer *out)
+ int kex_c25519_hash(int, const char *, const char *, const char *, size_t,
+ const char *, size_t, const u_char *, size_t, const u_char *, const u_char *,
+ const u_char *, size_t, u_char *, size_t *);
+@@ -221,6 +232,7 @@ int kexc25519_shared_key(const u_char ke
+ const u_char pub[CURVE25519_SIZE], struct sshbuf *out)
__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
+#endif /* WITHOUT_ED25519 */
- void
+ int
derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
diff -pur old/kexc25519.c new/kexc25519.c
---- old/kexc25519.c 2014-01-12 00:21:23.000000000 -0800
-+++ new/kexc25519.c 2015-04-01 04:52:44.039054396 -0700
-@@ -25,6 +25,8 @@
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
+--- old/kexc25519.c 2015-03-16 22:49:20.000000000 -0700
++++ new/kexc25519.c 2015-05-12 06:57:55.865837542 -0700
+@@ -27,6 +27,7 @@
+
+ #include "includes.h"
+#ifndef WITHOUT_ED25519
-+
- #include "includes.h"
+ #include <sys/types.h>
- #include <sys/types.h>
-@@ -120,3 +122,5 @@ kex_c25519_hash(
- *hash = digest;
- *hashlen = ssh_digest_bytes(hash_alg);
+ #include <signal.h>
+@@ -126,3 +127,4 @@ kex_c25519_hash(
+ #endif
+ return 0;
}
-+
+#endif /* WITHOUT_ED25519 */
diff -pur old/kexc25519c.c new/kexc25519c.c
---- old/kexc25519c.c 2014-01-12 00:21:23.000000000 -0800
-+++ new/kexc25519c.c 2015-04-01 04:52:57.326754535 -0700
-@@ -25,6 +25,8 @@
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
+--- old/kexc25519c.c 2015-03-16 22:49:20.000000000 -0700
++++ new/kexc25519c.c 2015-05-12 06:57:55.866212606 -0700
+@@ -27,6 +27,7 @@
-+#ifndef WITHOUT_ED25519
-+
#include "includes.h"
++#ifndef WITHOUT_ED25519
#include <sys/types.h>
-@@ -127,3 +129,5 @@ kexc25519_client(Kex *kex)
- buffer_free(&shared_secret);
- kex_finish(kex);
+
+ #include <stdio.h>
+@@ -168,3 +169,4 @@ out:
+ sshbuf_free(shared_secret);
+ return r;
}
-+
+#endif /* WITHOUT_ED25519 */
diff -pur old/kexc25519s.c new/kexc25519s.c
---- old/kexc25519s.c 2014-01-12 00:21:23.000000000 -0800
-+++ new/kexc25519s.c 2015-04-01 04:53:14.320854854 -0700
-@@ -24,6 +24,8 @@
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
+--- old/kexc25519s.c 2015-03-16 22:49:20.000000000 -0700
++++ new/kexc25519s.c 2015-05-12 06:57:55.866584623 -0700
+@@ -26,6 +26,8 @@
+
+ #include "includes.h"
+#ifndef WITHOUT_ED25519
+
- #include "includes.h"
-
#include <sys/types.h>
-@@ -124,3 +126,5 @@ kexc25519_server(Kex *kex)
- buffer_free(&shared_secret);
- kex_finish(kex);
+ #include <string.h>
+ #include <signal.h>
+@@ -156,3 +158,4 @@ out:
+ sshbuf_free(shared_secret);
+ return r;
}
-+
-+#endif /* WITHOUT_ED25519 */
-diff -pur old/key.c new/key.c
---- old/key.c 2015-03-31 21:14:02.432016878 -0700
-+++ new/key.c 2015-04-01 02:05:27.074044366 -0700
-@@ -89,8 +89,10 @@ key_new(int type)
- k->dsa = NULL;
- k->rsa = NULL;
- k->cert = NULL;
-+#ifndef WITHOUT_ED25519
- k->ed25519_sk = NULL;
- k->ed25519_pk = NULL;
-+#endif /* WITHOUT_ED25519 */
- switch (k->type) {
- case KEY_RSA1:
- case KEY_RSA:
-@@ -125,10 +127,12 @@ key_new(int type)
- /* Cannot do anything until we know the group */
- break;
- #endif
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- /* no need to prealloc */
- break;
-+#endif /* WITHOUT_ED25519 */
- case KEY_UNSPEC:
- break;
- default:
-@@ -173,10 +177,12 @@ key_add_private(Key *k)
- case KEY_ECDSA_CERT:
- /* Cannot do anything until we know the group */
- break;
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- /* no need to prealloc */
- break;
-+#endif /* WITHOUT_ED25519 */
- case KEY_UNSPEC:
- break;
- default:
-@@ -239,6 +245,7 @@ key_free(Key *k)
- k->ecdsa = NULL;
- break;
- #endif
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- if (k->ed25519_pk) {
-@@ -252,6 +259,7 @@ key_free(Key *k)
- k->ed25519_sk = NULL;
- }
- break;
-+#endif /* WITHOUT_ED25519 */
- case KEY_UNSPEC:
- break;
- default:
-@@ -333,10 +341,12 @@ key_equal_public(const Key *a, const Key
- BN_CTX_free(bnctx);
- return 1;
- #endif /* OPENSSL_HAS_ECC */
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- return a->ed25519_pk != NULL && b->ed25519_pk != NULL &&
- memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0;
-+#endif /* WITHOUT_ED25519 */
- default:
- fatal("key_equal: bad key type %d", a->type);
- }
-@@ -392,7 +402,9 @@ key_fingerprint_raw(const Key *k, enum f
- case KEY_DSA:
- case KEY_ECDSA:
- case KEY_RSA:
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
-+#endif /* WITHOUT_ED25519 */
- key_to_blob(k, &blob, &len);
- break;
- case KEY_DSA_CERT_V00:
-@@ -400,7 +412,9 @@ key_fingerprint_raw(const Key *k, enum f
- case KEY_DSA_CERT:
- case KEY_ECDSA_CERT:
- case KEY_RSA_CERT:
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519_CERT:
-+#endif /* WITHOUT_ED25519 */
- /* We want a fingerprint of the _key_ not of the cert */
- to_blob(k, &blob, &len, 1);
- break;
-@@ -728,13 +742,17 @@ key_read(Key *ret, char **cpp)
- case KEY_RSA:
- case KEY_DSA:
- case KEY_ECDSA:
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
-+#endif /* WITHOUT_ED25519 */
- case KEY_DSA_CERT_V00:
- case KEY_RSA_CERT_V00:
- case KEY_DSA_CERT:
- case KEY_ECDSA_CERT:
- case KEY_RSA_CERT:
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519_CERT:
-+#endif /* WITHOUT_ED25519 */
- space = strchr(cp, ' ');
- if (space == NULL) {
- debug3("key_read: missing whitespace");
-@@ -836,6 +854,7 @@ key_read(Key *ret, char **cpp)
- #endif
- }
- #endif
-+#ifndef WITHOUT_ED25519
- if (key_type_plain(ret->type) == KEY_ED25519) {
- free(ret->ed25519_pk);
- ret->ed25519_pk = k->ed25519_pk;
-@@ -844,6 +863,7 @@ key_read(Key *ret, char **cpp)
- /* XXX */
- #endif
- }
-+#endif /* WITHOUT_ED25519 */
- success = 1;
- /*XXXX*/
- key_free(k);
-@@ -907,11 +927,13 @@ key_write(const Key *key, FILE *f)
- return 0;
- break;
- #endif
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- if (key->ed25519_pk == NULL)
- return 0;
- break;
-+#endif /* WITHOUT_ED25519 */
- case KEY_RSA:
- case KEY_RSA_CERT_V00:
- case KEY_RSA_CERT:
-@@ -959,7 +981,9 @@ static const struct keytype keytypes[] =
- { NULL, "RSA1", KEY_RSA1, 0, 0 },
- { "ssh-rsa", "RSA", KEY_RSA, 0, 0 },
- { "ssh-dss", "DSA", KEY_DSA, 0, 0 },
-+#ifndef WITHOUT_ED25519
- { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 },
-+#endif /* WITHOUT_ED25519 */
- #ifdef OPENSSL_HAS_ECC
- { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 },
- { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 },
-@@ -983,8 +1007,10 @@ static const struct keytype keytypes[] =
- KEY_RSA_CERT_V00, 0, 1 },
- { "[email protected]", "DSA-CERT-V00",
- KEY_DSA_CERT_V00, 0, 1 },
-+#ifndef WITHOUT_ED25519
- { "[email protected]", "ED25519-CERT",
- KEY_ED25519_CERT, 0, 1 },
-+#endif /* WITHOUT_ED25519 */
- { "null", "null", KEY_NULL, 0, 0 },
- { NULL, NULL, -1, -1, 0 }
- };
-@@ -1097,7 +1123,9 @@ key_type_is_valid_ca(int type)
- case KEY_RSA:
- case KEY_DSA:
- case KEY_ECDSA:
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
-+#endif /* WITHOUT_ED25519 */
- return 1;
- default:
- return 0;
-@@ -1117,8 +1145,10 @@ key_size(const Key *k)
- case KEY_DSA_CERT_V00:
- case KEY_DSA_CERT:
- return BN_num_bits(k->dsa->p);
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- return 256; /* XXX */
-+#endif /* WITHOUT_ED25519 */
- #ifdef OPENSSL_HAS_ECC
- case KEY_ECDSA:
- case KEY_ECDSA_CERT:
-@@ -1262,11 +1292,13 @@ key_generate(int type, u_int bits)
- case KEY_RSA1:
- k->rsa = rsa_generate_private_key(bits);
- break;
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- k->ed25519_pk = xmalloc(ED25519_PK_SZ);
- k->ed25519_sk = xmalloc(ED25519_SK_SZ);
- crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk);
- break;
+#endif /* WITHOUT_ED25519 */
- case KEY_RSA_CERT_V00:
- case KEY_DSA_CERT_V00:
- case KEY_RSA_CERT:
-@@ -1360,6 +1392,7 @@ key_from_private(const Key *k)
- (BN_copy(n->rsa->e, k->rsa->e) == NULL))
- fatal("key_from_private: BN_copy failed");
- break;
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- n = key_new(k->type);
-@@ -1368,6 +1401,7 @@ key_from_private(const Key *k)
- memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);
- }
- break;
-+#endif /* WITHOUT_ED25519 */
- default:
- fatal("key_from_private: unknown type %d", k->type);
- break;
-@@ -1629,6 +1663,7 @@ key_from_blob2(const u_char *blob, u_int
- #endif
- break;
- #endif /* OPENSSL_HAS_ECC */
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519_CERT:
- (void)buffer_get_string_ptr_ret(&b, NULL); /* Skip nonce */
- /* FALLTHROUGH */
-@@ -1646,6 +1681,7 @@ key_from_blob2(const u_char *blob, u_int
- key->ed25519_pk = pk;
- pk = NULL;
- break;
-+#endif /* WITHOUT_ED25519 */
- case KEY_UNSPEC:
- key = key_new(type);
- break;
-@@ -1700,7 +1736,9 @@ to_blob(const Key *key, u_char **blobp,
- case KEY_DSA_CERT:
- case KEY_ECDSA_CERT:
- case KEY_RSA_CERT:
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519_CERT:
-+#endif /* WITHOUT_ED25519 */
- /* Use the existing blob */
- buffer_append(&b, buffer_ptr(&key->cert->certblob),
- buffer_len(&key->cert->certblob));
-@@ -1728,11 +1766,13 @@ to_blob(const Key *key, u_char **blobp,
- buffer_put_bignum2(&b, key->rsa->e);
- buffer_put_bignum2(&b, key->rsa->n);
- break;
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- buffer_put_cstring(&b,
- key_ssh_name_from_type_nid(type, key->ecdsa_nid));
- buffer_put_string(&b, key->ed25519_pk, ED25519_PK_SZ);
- break;
-+#endif /* WITHOUT_ED25519 */
- default:
- error("key_to_blob: unsupported key type %d", key->type);
- buffer_free(&b);
-@@ -1776,9 +1816,11 @@ key_sign(
- case KEY_RSA_CERT:
- case KEY_RSA:
- return ssh_rsa_sign(key, sigp, lenp, data, datalen);
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- return ssh_ed25519_sign(key, sigp, lenp, data, datalen);
-+#endif /* WITHOUT_ED25519 */
- default:
- error("key_sign: invalid key type %d", key->type);
- return -1;
-@@ -1812,9 +1854,11 @@ key_verify(
- case KEY_RSA_CERT:
- case KEY_RSA:
- return ssh_rsa_verify(key, signature, signaturelen, data, datalen);
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- case KEY_ED25519_CERT:
- return ssh_ed25519_verify(key, signature, signaturelen, data, datalen);
-+#endif /* WITHOUT_ED25519 */
- default:
- error("key_verify: invalid key type %d", key->type);
- return -1;
-@@ -1834,8 +1878,10 @@ key_demote(const Key *k)
- pk->dsa = NULL;
- pk->ecdsa = NULL;
- pk->rsa = NULL;
-+#ifndef WITHOUT_ED25519
- pk->ed25519_pk = NULL;
- pk->ed25519_sk = NULL;
-+#endif /* WITHOUT_ED25519 */
-
- switch (k->type) {
- case KEY_RSA_CERT_V00:
-@@ -1879,6 +1925,7 @@ key_demote(const Key *k)
- fatal("key_demote: EC_KEY_set_public_key failed");
- break;
- #endif
+diff -pur old/monitor.c new/monitor.c
+--- old/monitor.c 2015-05-12 06:57:55.743678816 -0700
++++ new/monitor.c 2015-05-12 07:02:27.111640142 -0700
+@@ -1937,7 +1937,9 @@ monitor_apply_keystate(struct monitor *p
+ kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+ # endif
+ #endif /* WITH_OPENSSL */
+#ifndef WITHOUT_ED25519
- case KEY_ED25519_CERT:
- key_cert_copy(k, pk);
- /* FALLTHROUGH */
-@@ -1888,6 +1935,7 @@ key_demote(const Key *k)
- memcpy(pk->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);
- }
- break;
-+#endif /* WITHOUT_ED25519 */
- default:
- fatal("key_demote: bad key type %d", k->type);
- break;
-@@ -1917,8 +1965,10 @@ key_type_plain(int type)
- return KEY_DSA;
- case KEY_ECDSA_CERT:
- return KEY_ECDSA;
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519_CERT:
- return KEY_ED25519;
-+#endif /* WITHOUT_ED25519 */
- default:
- return type;
- }
-@@ -1944,6 +1994,7 @@ key_to_certified(Key *k, int legacy)
- k->cert = cert_new();
- k->type = KEY_ECDSA_CERT;
- return 0;
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- if (legacy)
- fatal("%s: legacy ED25519 certificates are not "
-@@ -1951,6 +2002,7 @@ key_to_certified(Key *k, int legacy)
- k->cert = cert_new();
- k->type = KEY_ED25519_CERT;
- return 0;
-+#endif /* WITHOUT_ED25519 */
- default:
- error("%s: key has incorrect type %s", __func__, key_type(k));
- return -1;
-@@ -2029,10 +2081,12 @@ key_certify(Key *k, Key *ca)
- buffer_put_bignum2(&k->cert->certblob, k->rsa->e);
- buffer_put_bignum2(&k->cert->certblob, k->rsa->n);
- break;
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519_CERT:
- buffer_put_string(&k->cert->certblob,
- k->ed25519_pk, ED25519_PK_SZ);
- break;
+ kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+#endif /* WITHOUT_ED25519 */
- default:
- error("%s: key has incorrect type %s", __func__, key_type(k));
- buffer_clear(&k->cert->certblob);
-@@ -2450,6 +2504,7 @@ key_private_serialize(const Key *key, Bu
- buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa));
- break;
- #endif /* OPENSSL_HAS_ECC */
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- buffer_put_string(b, key->ed25519_pk, ED25519_PK_SZ);
- buffer_put_string(b, key->ed25519_sk, ED25519_SK_SZ);
-@@ -2462,6 +2517,7 @@ key_private_serialize(const Key *key, Bu
- buffer_put_string(b, key->ed25519_pk, ED25519_PK_SZ);
- buffer_put_string(b, key->ed25519_sk, ED25519_SK_SZ);
- break;
-+#endif /* WITHOUT_ED25519 */
- }
- }
-
-@@ -2576,6 +2632,7 @@ key_private_deserialize(Buffer *blob)
- buffer_get_bignum2(blob, k->rsa->p);
- buffer_get_bignum2(blob, k->rsa->q);
- break;
-+#ifndef WITHOUT_ED25519
- case KEY_ED25519:
- k = key_new_private(type);
- k->ed25519_pk = buffer_get_string(blob, &pklen);
-@@ -2602,6 +2659,7 @@ key_private_deserialize(Buffer *blob)
- fatal("%s: ed25519 sklen %d != %d",
- __func__, sklen, ED25519_SK_SZ);
- break;
-+#endif /* WITHOUT_ED25519 */
- default:
- free(type_name);
- buffer_clear(blob);
-diff -pur old/key.h new/key.h
---- old/key.h 2015-03-31 21:14:02.432362912 -0700
-+++ new/key.h 2015-04-01 02:07:01.018270150 -0700
-@@ -39,11 +39,15 @@ enum types {
- KEY_RSA,
- KEY_DSA,
- KEY_ECDSA,
-+#ifndef WITHOUT_ED25519
- KEY_ED25519,
-+#endif /* WITHOUT_ED25519 */
- KEY_RSA_CERT,
- KEY_DSA_CERT,
- KEY_ECDSA_CERT,
-+#ifndef WITHOUT_ED25519
- KEY_ED25519_CERT,
-+#endif /* WITHOUT_ED25519 */
- KEY_RSA_CERT_V00,
- KEY_DSA_CERT_V00,
- KEY_NULL,
-@@ -89,12 +93,16 @@ struct Key {
- void *ecdsa;
+ #ifdef GSSAPI
+ if (options.gss_keyex) {
+ kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
+diff -pur old/myproposal.h new/myproposal.h
+--- old/myproposal.h 2015-03-16 22:49:20.000000000 -0700
++++ new/myproposal.h 2015-06-05 02:29:36.569958448 -0700
+@@ -59,6 +59,20 @@
+ # define HOSTKEY_ECDSA_METHODS
#endif
- struct KeyCert *cert;
-+#ifndef WITHOUT_ED25519
- u_char *ed25519_sk;
- u_char *ed25519_pk;
-+#endif /* WITHOUT_ED25519 */
- };
+#ifndef WITHOUT_ED25519
- #define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES
- #define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES
-+#endif /* WITHOUT_ED25519 */
-
- Key *key_new(int);
- void key_add_private(Key *);
-@@ -153,8 +161,10 @@ int ssh_ecdsa_sign(const Key *, u_char
- int ssh_ecdsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
- int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
- int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
-+#ifndef WITHOUT_ED25519
- int ssh_ed25519_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
- int ssh_ed25519_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
++# if defined(WITH_OPENSSL) && defined(HAVE_EVP_SHA256)
++# define KEX_CURVE25519_METHODS "[email protected],"
++# else
++# define KEX_CURVE25519_METHODS
++# endif
++# define HOSTKEY_CURVE25519_CERT_METHODS "[email protected],"
++# define HOSTKEY_CURVE25519_METHODS "ssh-ed25519,"
++#else
++# define KEX_CURVE25519_METHODS
++# define HOSTKEY_CURVE25519_CERT_METHODS
++# define HOSTKEY_CURVE25519_METHODS
+#endif /* WITHOUT_ED25519 */
-
- #if defined(OPENSSL_HAS_ECC) && (defined(DEBUG_KEXECDH) || defined(DEBUG_PK))
- void key_dump_ec_point(const EC_GROUP *, const EC_POINT *);
-diff -pur old/monitor.c new/monitor.c
---- old/monitor.c 2015-03-31 21:14:02.433735148 -0700
-+++ new/monitor.c 2015-04-01 04:54:56.314967559 -0700
-@@ -1902,7 +1902,9 @@ mm_get_kex(Buffer *m)
- kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
- kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
-+#ifndef WITHOUT_ED25519
- kex->kex[KEX_C25519_SHA256] = kexc25519_server;
-+#endif /* WITHOUT_ED25519 */
- #ifdef GSSAPI
- if (options.gss_keyex) {
- kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
-diff -pur old/myproposal.h new/myproposal.h
---- old/myproposal.h 2013-12-06 16:24:02.000000000 -0800
-+++ new/myproposal.h 2015-04-01 02:12:36.430101847 -0700
-@@ -80,6 +80,24 @@
- # define SHA2_HMAC_MODES
++
+ #ifdef OPENSSL_HAVE_EVPGCM
+ # define AESGCM_CIPHER_MODES \
+ "[email protected],[email protected],"
+@@ -78,11 +92,6 @@
#endif
-+#ifdef WITHOUT_ED25519
-+# define KEX_DEFAULT_KEX \
-+ KEX_ECDH_METHODS \
-+ KEX_SHA256_METHODS \
-+ "diffie-hellman-group-exchange-sha1," \
-+ "diffie-hellman-group14-sha1," \
-+ "diffie-hellman-group1-sha1"
-+
-+#define KEX_DEFAULT_PK_ALG \
-+ HOSTKEY_ECDSA_CERT_METHODS \
-+ "[email protected]," \
-+ "[email protected]," \
-+ "[email protected]," \
-+ "[email protected]," \
-+ HOSTKEY_ECDSA_METHODS \
-+ "ssh-rsa," \
-+ "ssh-dss"
-+#else /* WITHOUT_ED25519 */
- # define KEX_DEFAULT_KEX \
+ #ifdef WITH_OPENSSL
+-# ifdef HAVE_EVP_SHA256
+-# define KEX_CURVE25519_METHODS "[email protected],"
+-# else
+-# define KEX_CURVE25519_METHODS ""
+-# endif
+ #define KEX_SERVER_KEX \
KEX_CURVE25519_METHODS \
KEX_ECDH_METHODS \
-@@ -99,6 +117,7 @@
- "ssh-ed25519," \
+@@ -95,13 +104,13 @@
+
+ #define KEX_DEFAULT_PK_ALG \
+ HOSTKEY_ECDSA_CERT_METHODS \
+- "[email protected]," \
++ HOSTKEY_CURVE25519_CERT_METHODS \
+ "[email protected]," \
+ "[email protected]," \
+ "[email protected]," \
+ "[email protected]," \
+ HOSTKEY_ECDSA_METHODS \
+- "ssh-ed25519," \
++ HOSTKEY_CURVE25519_METHODS \
"ssh-rsa," \
"ssh-dss"
-+#endif /* WITHOUT_ED25519 */
+
+@@ -143,10 +152,10 @@
+ #else
- /* the actual algorithms */
-
+ #define KEX_SERVER_KEX \
+- "[email protected]"
++ KEX_CURVE25519_METHODS
+ #define KEX_DEFAULT_PK_ALG \
+- "[email protected]," \
+- "ssh-ed25519"
++ HOSTKEY_CURVE25519_CERT_METHODS \
++ HOSTKEY_CURVE25519_METHODS
+ #define KEX_SERVER_ENCRYPT \
+ "aes128-ctr,aes192-ctr,aes256-ctr," \
+ "[email protected]"
diff -pur old/openbsd-compat/Makefile.in new/openbsd-compat/Makefile.in
---- old/openbsd-compat/Makefile.in 2013-12-06 17:37:54.000000000 -0800
-+++ new/openbsd-compat/Makefile.in 2015-04-02 02:29:35.165103300 -0700
-@@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@
-
- OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o
-
--COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
-+COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
-
- PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o
-
+--- old/openbsd-compat/Makefile.in 2015-03-16 22:49:20.000000000 -0700
++++ new/openbsd-compat/Makefile.in 2015-05-12 06:57:55.869383953 -0700
@@ -32,7 +32,7 @@ $(OPENBSD): ../config.h
$(PORTS): ../config.h
@@ -773,8 +383,8 @@
clean:
diff -pur old/pathnames.h new/pathnames.h
---- old/pathnames.h 2013-12-06 16:24:02.000000000 -0800
-+++ new/pathnames.h 2015-04-01 02:13:45.651827507 -0700
+--- old/pathnames.h 2015-03-16 22:49:20.000000000 -0700
++++ new/pathnames.h 2015-05-12 06:57:55.869773325 -0700
@@ -39,7 +39,9 @@
#define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key"
#define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key"
@@ -796,9 +406,9 @@
/*
* Configuration file in user's home directory. This file need not be
diff -pur old/readconf.c new/readconf.c
---- old/readconf.c 2015-03-31 21:14:02.435957183 -0700
-+++ new/readconf.c 2015-04-01 02:14:22.222135058 -0700
-@@ -1715,8 +1715,10 @@ fill_default_options(Options * options)
+--- old/readconf.c 2015-05-12 06:57:55.746561528 -0700
++++ new/readconf.c 2015-05-12 06:57:55.870873194 -0700
+@@ -1848,8 +1848,10 @@ fill_default_options(Options * options)
add_identity_file(options, "~/",
_PATH_SSH_CLIENT_ID_ECDSA, 0);
#endif
@@ -809,45 +419,10 @@
}
}
if (options->escape_char == -1)
-diff -pur old/sc25519.c new/sc25519.c
---- old/sc25519.c 2014-01-16 17:43:44.000000000 -0800
-+++ new/sc25519.c 2015-04-01 03:46:19.162528358 -0700
-@@ -6,6 +6,8 @@
- * Copied from supercop-20130419/crypto_sign/ed25519/ref/sc25519.c
- */
-
-+#ifndef WITHOUT_ED25519
-+
- #include "includes.h"
-
- #include "sc25519.h"
-@@ -306,3 +308,5 @@ void sc25519_2interleave2(unsigned char
- r[125] = ((s1->v[31] >> 2) & 3) ^ (((s2->v[31] >> 2) & 3) << 2);
- r[126] = ((s1->v[31] >> 4) & 3) ^ (((s2->v[31] >> 4) & 3) << 2);
- }
-+
-+#endif /* WITHOUT_ED25519 */
-diff -pur old/sc25519.h new/sc25519.h
---- old/sc25519.h 2013-12-17 22:48:11.000000000 -0800
-+++ new/sc25519.h 2015-04-01 03:45:37.633735864 -0700
-@@ -8,6 +8,7 @@
-
- #ifndef SC25519_H
- #define SC25519_H
-+#ifndef WITHOUT_ED25519
-
- #include "crypto_api.h"
-
-@@ -77,4 +78,5 @@ void sc25519_window5(signed char r[51],
-
- void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, const sc25519 *s2);
-
-+#endif /* WITHOUT_ED25519 */
- #endif
diff -pur old/servconf.c new/servconf.c
---- old/servconf.c 2015-03-31 21:14:02.437668507 -0700
-+++ new/servconf.c 2015-04-01 02:15:09.724697791 -0700
-@@ -190,8 +190,10 @@ fill_default_server_options(ServerOption
+--- old/servconf.c 2015-05-12 06:57:55.748493685 -0700
++++ new/servconf.c 2015-05-12 06:57:55.872093181 -0700
+@@ -216,8 +216,10 @@ fill_default_server_options(ServerOption
options->host_key_files[options->num_host_key_files++] =
_PATH_HOST_ECDSA_KEY_FILE;
#endif
@@ -859,8 +434,8 @@
}
/* No certificates by default */
diff -pur old/smult_curve25519_ref.c new/smult_curve25519_ref.c
---- old/smult_curve25519_ref.c 2013-11-03 13:26:53.000000000 -0800
-+++ new/smult_curve25519_ref.c 2015-04-01 04:55:30.360761627 -0700
+--- old/smult_curve25519_ref.c 2015-03-16 22:49:20.000000000 -0700
++++ new/smult_curve25519_ref.c 2015-05-12 06:57:55.872682983 -0700
@@ -6,6 +6,8 @@ Public domain.
Derived from public domain code by D. J. Bernstein.
*/
@@ -870,25 +445,24 @@
int crypto_scalarmult_curve25519(unsigned char *, const unsigned char *, const unsigned char *);
static void add(unsigned int out[32],const unsigned int a[32],const unsigned int b[32])
-@@ -263,3 +265,5 @@ int crypto_scalarmult_curve25519(unsigne
+@@ -263,3 +265,4 @@ int crypto_scalarmult_curve25519(unsigne
for (i = 0;i < 32;++i) q[i] = work[64 + i];
return 0;
}
-+
+#endif /* WITHOUT_ED25519 */
diff -pur old/ssh-add.0 new/ssh-add.0
---- old/ssh-add.0 2014-01-29 17:52:47.000000000 -0800
-+++ new/ssh-add.0 2015-04-02 08:18:24.840811117 -0700
+--- old/ssh-add.0 2015-03-17 21:26:35.000000000 -0700
++++ new/ssh-add.0 2015-05-12 07:37:37.356166396 -0700
@@ -11,7 +11,7 @@ SYNOPSIS
DESCRIPTION
ssh-add adds private key identities to the authentication agent,
ssh-agent(1). When run without arguments, it adds the files
- ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and
-+ ~/.ssh/id_rsa, ~/.ssh/id_dsa and
++ ~/.ssh/id_rsa, ~/.ssh/id_dsa, and
~/.ssh/identity. After loading a private key, ssh-add will try to load
corresponding certificate information from the filename obtained by
appending -cert.pub to the name of the private key file. Alternative
-@@ -91,14 +91,6 @@ FILES
+@@ -96,14 +96,6 @@ FILES
Contains the protocol version 2 DSA authentication identity of
the user.
@@ -897,16 +471,16 @@
- the user.
-
- ~/.ssh/id_ed25519
-- Contains the protocol version 2 ED25519 authentication identity
+- Contains the protocol version 2 Ed25519 authentication identity
- of the user.
-
~/.ssh/id_rsa
Contains the protocol version 2 RSA authentication identity of
the user.
diff -pur old/ssh-add.1 new/ssh-add.1
---- old/ssh-add.1 2013-12-17 22:46:28.000000000 -0800
-+++ new/ssh-add.1 2015-04-02 08:11:00.150982710 -0700
-@@ -57,8 +57,6 @@ adds private key identities to the authe
+--- old/ssh-add.1 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-add.1 2015-05-12 07:47:42.099918141 -0700
+@@ -58,8 +58,6 @@ adds private key identities to the authe
When run without arguments, it adds the files
.Pa ~/.ssh/id_rsa ,
.Pa ~/.ssh/id_dsa ,
@@ -915,24 +489,24 @@
and
.Pa ~/.ssh/identity .
After loading a private key,
-@@ -168,10 +166,6 @@ socket used to communicate with the agen
+@@ -177,10 +175,6 @@ socket used to communicate with the agen
Contains the protocol version 1 RSA authentication identity of the user.
.It Pa ~/.ssh/id_dsa
Contains the protocol version 2 DSA authentication identity of the user.
-.It Pa ~/.ssh/id_ecdsa
-Contains the protocol version 2 ECDSA authentication identity of the user.
-.It Pa ~/.ssh/id_ed25519
--Contains the protocol version 2 ED25519 authentication identity of the user.
+-Contains the protocol version 2 Ed25519 authentication identity of the user.
.It Pa ~/.ssh/id_rsa
Contains the protocol version 2 RSA authentication identity of the user.
.El
diff -pur old/ssh-add.c new/ssh-add.c
---- old/ssh-add.c 2013-12-28 22:44:07.000000000 -0800
-+++ new/ssh-add.c 2015-04-01 04:55:52.619415360 -0700
-@@ -73,7 +73,9 @@ static char *default_files[] = {
- #ifdef OPENSSL_HAS_ECC
+--- old/ssh-add.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-add.c 2015-05-12 06:57:55.873128238 -0700
+@@ -78,7 +78,9 @@ static char *default_files[] = {
_PATH_SSH_CLIENT_ID_ECDSA,
#endif
+ #endif /* WITH_OPENSSL */
+#ifndef WITHOUT_ED25519
_PATH_SSH_CLIENT_ID_ED25519,
+#endif /* WITHOUT_ED25519 */
@@ -940,103 +514,63 @@
NULL
};
diff -pur old/ssh-agent.0 new/ssh-agent.0
---- old/ssh-agent.0 2014-01-29 17:52:47.000000000 -0800
-+++ new/ssh-agent.0 2015-04-02 08:18:54.504859476 -0700
-@@ -9,7 +9,7 @@ SYNOPSIS
+--- old/ssh-agent.0 2015-03-17 21:26:35.000000000 -0700
++++ new/ssh-agent.0 2015-05-12 07:37:55.617194120 -0700
+@@ -10,7 +10,7 @@ SYNOPSIS
DESCRIPTION
ssh-agent is a program to hold private keys used for public key
-- authentication (RSA, DSA, ECDSA, ED25519). The idea is that ssh-agent is
-+ authentication (RSA, DSA). The idea is that ssh-agent is
- started in the beginning of an X-session or a login session, and all
- other windows or programs are started as clients to the ssh-agent
- program. Through use of environment variables the agent can be located
-@@ -46,8 +46,8 @@ DESCRIPTION
-
- The agent initially does not have any private keys. Keys are added using
- ssh-add(1). When executed without arguments, ssh-add(1) adds the files
-- ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and
-- ~/.ssh/identity. If the identity has a passphrase, ssh-add(1) asks for
-+ ~/.ssh/id_rsa, ~/.ssh/id_dsa ~/.ssh/identity.
-+ If the identity has a passphrase, ssh-add(1) asks for
- the passphrase on the terminal if it has one or from a small X11 program
- if running under X11. If neither of these is the case then the
- authentication will fail. It then sends the identity to the agent.
-@@ -97,14 +97,6 @@ FILES
- Contains the protocol version 2 DSA authentication identity of
- the user.
-
-- ~/.ssh/id_ecdsa
-- Contains the protocol version 2 ECDSA authentication identity of
-- the user.
--
-- ~/.ssh/id_ed25519
-- Contains the protocol version 2 ED25519 authentication identity
-- of the user.
--
- ~/.ssh/id_rsa
- Contains the protocol version 2 RSA authentication identity of
- the user.
+- authentication (RSA, DSA, ECDSA, Ed25519). ssh-agent is usually started
++ authentication (RSA, DSA). ssh-agent is usually started
+ in the beginning of an X-session or a login session, and all other
+ windows or programs are started as clients to the ssh-agent program.
+ Through use of environment variables the agent can be located and
diff -pur old/ssh-agent.1 new/ssh-agent.1
---- old/ssh-agent.1 2013-12-17 22:46:28.000000000 -0800
-+++ new/ssh-agent.1 2015-04-02 08:11:35.139725778 -0700
-@@ -53,7 +53,7 @@
+--- old/ssh-agent.1 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-agent.1 2015-05-12 07:47:53.707510271 -0700
+@@ -54,7 +54,7 @@
.Sh DESCRIPTION
.Nm
is a program to hold private keys used for public key authentication
--(RSA, DSA, ECDSA, ED25519).
+-(RSA, DSA, ECDSA, Ed25519).
+(RSA, DSA).
- The idea is that
.Nm
- is started in the beginning of an X-session or a login session, and
-@@ -114,9 +114,7 @@ When executed without arguments,
- .Xr ssh-add 1
- adds the files
- .Pa ~/.ssh/id_rsa ,
--.Pa ~/.ssh/id_dsa ,
--.Pa ~/.ssh/id_ecdsa ,
--.Pa ~/.ssh/id_ed25519
-+.Pa ~/.ssh/id_dsa
- and
- .Pa ~/.ssh/identity .
- If the identity has a passphrase,
-@@ -189,10 +187,6 @@ line terminates.
- Contains the protocol version 1 RSA authentication identity of the user.
- .It Pa ~/.ssh/id_dsa
- Contains the protocol version 2 DSA authentication identity of the user.
--.It Pa ~/.ssh/id_ecdsa
--Contains the protocol version 2 ECDSA authentication identity of the user.
--.It Pa ~/.ssh/id_ed25519
--Contains the protocol version 2 ED25519 authentication identity of the user.
- .It Pa ~/.ssh/id_rsa
- Contains the protocol version 2 RSA authentication identity of the user.
- .It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt
+ is usually started in the beginning of an X-session or a login session, and
+ all other windows or programs are started as clients to the ssh-agent
diff -pur old/ssh-ed25519.c new/ssh-ed25519.c
---- old/ssh-ed25519.c 2013-12-06 17:37:54.000000000 -0800
-+++ new/ssh-ed25519.c 2015-04-01 03:45:52.747724716 -0700
-@@ -15,6 +15,8 @@
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
+--- old/ssh-ed25519.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-ed25519.c 2015-05-12 06:57:55.873512963 -0700
+@@ -17,6 +17,8 @@
+
+ #include "includes.h"
+#ifndef WITHOUT_ED25519
+
- #include "includes.h"
+ #include <sys/types.h>
+ #include <limits.h>
- #include <sys/types.h>
-@@ -141,3 +143,5 @@ ssh_ed25519_verify(const Key *key, const
- /* translate return code carefully */
- return (ret == 0) ? 1 : -1;
+@@ -164,3 +166,4 @@ ssh_ed25519_verify(const struct sshkey *
+ free(ktype);
+ return r;
}
-+
+#endif /* WITHOUT_ED25519 */
diff -pur old/ssh-keygen.0 new/ssh-keygen.0
---- old/ssh-keygen.0 2014-01-29 17:52:47.000000000 -0800
-+++ new/ssh-keygen.0 2015-04-02 08:01:54.866988427 -0700
+--- old/ssh-keygen.0 2015-03-17 21:26:35.000000000 -0700
++++ new/ssh-keygen.0 2015-05-12 07:40:51.445122062 -0700
+@@ -4,7 +4,7 @@ NAME
+ ssh-keygen M-bM-^@M-^S authentication key generation, management and conversion
+
+ SYNOPSIS
+- ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
++ ssh-keygen [-q] [-b bits] [-t dsa | rsa | rsa1]
+ [-N new_passphrase] [-C comment] [-f output_keyfile]
+ ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
+ ssh-keygen -i [-m key_format] [-f input_keyfile]
@@ -32,7 +32,7 @@ SYNOPSIS
DESCRIPTION
ssh-keygen generates, manages and converts authentication keys for
ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1
-- and DSA, ECDSA, ED25519 or RSA keys for use by SSH protocol version 2.
+- and DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2.
+ and DSA or RSA keys for use by SSH protocol version 2.
The type of key to be generated is specified with the -t option. If
invoked without any arguments, ssh-keygen will generate an RSA key for
@@ -1055,7 +589,7 @@
The options are as follows:
- -A For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) for
-+ -A For each of the key types (rsa1, rsa, and dsa) for
++ -A For each of the key types (rsa1, rsa and dsa) for
which host keys do not exist, generate the host keys with the
default key file path, an empty passphrase, default bits for the
key type, and default comment. This is used by /etc/rc to
@@ -1063,7 +597,7 @@
-a rounds
- When saving a new-format private key (i.e. an ed25519 key or any
-+ When saving a new-format private key (i.e. any
++ When saving a new-format private key (i.e.
SSH protocol 2 key when the -o flag is set), this option
specifies the number of KDF (key derivation function) rounds
used. Higher numbers result in slower passphrase verification
@@ -1075,13 +609,13 @@
- the -b flag determines the key length by selecting from one of
- three elliptic curve sizes: 256, 384 or 521 bits. Attempting to
- use bit lengths other than these three values for ECDSA keys will
-- fail. ED25519 keys have a fixed length and the -b flag will be
+- fail. Ed25519 keys have a fixed length and the -b flag will be
- ignored.
+ exactly 1024 bits as specified by FIPS 186-2.
-C comment
Provides a new comment.
-@@ -274,7 +269,7 @@ DESCRIPTION
+@@ -279,7 +274,7 @@ DESCRIPTION
new OpenSSH format rather than the more compatible PEM format.
The new format has increased resistance to brute-force password
cracking but is not supported by versions of OpenSSH prior to
@@ -1090,54 +624,64 @@
-P passphrase
Provides the (old) passphrase.
-@@ -315,8 +310,8 @@ DESCRIPTION
+@@ -318,9 +313,9 @@ DESCRIPTION
+ Test DH group exchange candidate primes (generated using the -G
+ option) for safety.
- -t type
+- -t dsa | ecdsa | ed25519 | rsa | rsa1
++ -t dsa | rsa | rsa1
Specifies the type of key to create. The possible values are
-- ``rsa1'' for protocol version 1 and ``dsa'', ``ecdsa'',
-- ``ed25519'', or ``rsa'' for protocol version 2.
-+ ``rsa1'' for protocol version 1 and ``dsa'' or ``rsa'' for
-+ protocol version 2.
+- M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or
++ M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], or
+ M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2.
-u Update a KRL. When specified with -k, keys listed via the
- command line are added to the existing KRL rather than a new KRL
-@@ -521,10 +516,8 @@ FILES
+@@ -525,10 +520,8 @@ FILES
contents of this file secret.
~/.ssh/id_dsa
- ~/.ssh/id_ecdsa
- ~/.ssh/id_ed25519
~/.ssh/id_rsa
-- Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA
+- Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA
+ Contains the protocol version 2 DSA or RSA
authentication identity of the user. This file should not be
readable by anyone but the user. It is possible to specify a
passphrase when generating the key; that passphrase will be used
-@@ -534,10 +527,8 @@ FILES
+@@ -538,10 +531,8 @@ FILES
read this file when a login attempt is made.
~/.ssh/id_dsa.pub
- ~/.ssh/id_ecdsa.pub
- ~/.ssh/id_ed25519.pub
~/.ssh/id_rsa.pub
-- Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA public
+- Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA public
+ Contains the protocol version 2 DSA or RSA public
key for authentication. The contents of this file should be
added to ~/.ssh/authorized_keys on all machines where the user
wishes to log in using public key authentication. There is no
diff -pur old/ssh-keygen.1 new/ssh-keygen.1
---- old/ssh-keygen.1 2013-12-28 22:47:14.000000000 -0800
-+++ new/ssh-keygen.1 2015-04-02 08:13:41.714356008 -0700
-@@ -140,7 +140,7 @@ generates, manages and converts authenti
+--- old/ssh-keygen.1 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-keygen.1 2015-05-12 07:49:52.125219558 -0700
+@@ -46,7 +46,7 @@
+ .Nm ssh-keygen
+ .Op Fl q
+ .Op Fl b Ar bits
+-.Op Fl t Cm dsa | ecdsa | ed25519 | rsa | rsa1
++.Op Fl t Cm dsa | rsa | rsa1
+ .Op Fl N Ar new_passphrase
+ .Op Fl C Ar comment
+ .Op Fl f Ar output_keyfile
+@@ -142,7 +142,7 @@ generates, manages and converts authenti
.Xr ssh 1 .
.Nm
can create RSA keys for use by SSH protocol version 1 and
--DSA, ECDSA, ED25519 or RSA keys for use by SSH protocol version 2.
+-DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2.
+DSA or RSA keys for use by SSH protocol version 2.
The type of key to be generated is specified with the
.Fl t
option.
-@@ -168,8 +168,6 @@ with public key authentication runs this
+@@ -170,8 +170,6 @@ with public key authentication runs this
key in
.Pa ~/.ssh/identity ,
.Pa ~/.ssh/id_dsa ,
@@ -1146,26 +690,25 @@
or
.Pa ~/.ssh/id_rsa .
Additionally, the system administrator may use this to generate host keys,
-@@ -217,7 +215,7 @@ should be placed to be activated.
+@@ -219,7 +217,7 @@ should be placed to be activated.
The options are as follows:
.Bl -tag -width Ds
.It Fl A
-For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519)
-+For each of the key types (rsa1, rsa, dsa)
++For each of the key types (rsa1, rsa and dsa)
for which host keys
do not exist, generate the host keys with the default key file path,
an empty passphrase, default bits for the key type, and default comment.
-@@ -225,8 +223,7 @@ This is used by
+@@ -227,7 +225,7 @@ This is used by
.Pa /etc/rc
to generate new host keys.
.It Fl a Ar rounds
-When saving a new-format private key (i.e. an ed25519 key or any SSH protocol
--2 key when the
-+When saving a new-format private key (i.e. any SSH protocol 2 key when the
++When saving a new-format private key (i.e. SSH protocol
+ 2 key when the
.Fl o
flag is set), this option specifies the number of KDF (key derivation function)
- rounds used.
-@@ -245,15 +242,6 @@ Specifies the number of bits in the key
+@@ -247,15 +245,6 @@ Specifies the number of bits in the key
For RSA keys, the minimum size is 768 bits and the default is 2048 bits.
Generally, 2048 bits is considered sufficient.
DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
@@ -1175,13 +718,13 @@
-curve sizes: 256, 384 or 521 bits.
-Attempting to use bit lengths other than these three values for ECDSA keys
-will fail.
--ED25519 keys have a fixed length and the
+-Ed25519 keys have a fixed length and the
-.Fl b
-flag will be ignored.
.It Fl C Ar comment
Provides a new comment.
.It Fl c
-@@ -468,7 +456,6 @@ to save SSH protocol 2 private keys usin
+@@ -478,7 +467,6 @@ to save SSH protocol 2 private keys usin
the more compatible PEM format.
The new format has increased resistance to brute-force password cracking
but is not supported by versions of OpenSSH prior to 6.5.
@@ -1189,7 +732,14 @@
.It Fl P Ar passphrase
Provides the (old) passphrase.
.It Fl p
-@@ -520,8 +507,6 @@ The possible values are
+@@ -524,14 +512,12 @@ section for details.
+ Test DH group exchange candidate primes (generated using the
+ .Fl G
+ option) for safety.
+-.It Fl t Cm dsa | ecdsa | ed25519 | rsa | rsa1
++.It Fl t Cm dsa | rsa | rsa1
+ Specifies the type of key to create.
+ The possible values are
.Dq rsa1
for protocol version 1 and
.Dq dsa ,
@@ -1198,46 +748,47 @@
or
.Dq rsa
for protocol version 2.
-@@ -800,10 +785,8 @@ where the user wishes to log in using RS
+@@ -810,10 +796,8 @@ where the user wishes to log in using RS
There is no need to keep the contents of this file secret.
.Pp
.It Pa ~/.ssh/id_dsa
-.It Pa ~/.ssh/id_ecdsa
-.It Pa ~/.ssh/id_ed25519
.It Pa ~/.ssh/id_rsa
--Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA
+-Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA
+Contains the protocol version 2 DSA or RSA
authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
-@@ -816,10 +799,8 @@ but it is offered as the default file fo
+@@ -826,10 +810,8 @@ but it is offered as the default file fo
will read this file when a login attempt is made.
.Pp
.It Pa ~/.ssh/id_dsa.pub
-.It Pa ~/.ssh/id_ecdsa.pub
-.It Pa ~/.ssh/id_ed25519.pub
.It Pa ~/.ssh/id_rsa.pub
--Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA
+-Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA
+Contains the protocol version 2 DSA or RSA
public key for authentication.
The contents of this file should be added to
.Pa ~/.ssh/authorized_keys
diff -pur old/ssh-keygen.c new/ssh-keygen.c
---- old/ssh-keygen.c 2013-12-06 16:24:02.000000000 -0800
-+++ new/ssh-keygen.c 2015-04-01 02:26:11.265143754 -0700
-@@ -197,7 +197,11 @@ type_bits_valid(int type, u_int32_t *bit
+--- old/ssh-keygen.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-keygen.c 2015-05-12 06:57:55.874834232 -0700
+@@ -214,7 +214,11 @@ type_bits_valid(int type, const char *na
}
if (type == KEY_DSA && *bitsp != 1024)
fatal("DSA keys must be 1024 bits");
-+#ifdef WITHOUT_ED25519
-+ else if (type != KEY_ECDSA && *bitsp < 768)
-+#else /* WITHOUT_ED25519 */
- else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
+- else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
++ else if (type != KEY_ECDSA &&
++#ifndef WITHOUT_ED25519
++ type != KEY_ED25519 &&
+#endif /* WITHOUT_ED25519 */
++ *bitsp < 768)
fatal("Key must at least be 768 bits");
- else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bitsp) == -1)
+ else if (type == KEY_ECDSA && sshkey_ecdsa_bits_to_nid(*bitsp) == -1)
fatal("Invalid ECDSA key length - valid lengths are "
-@@ -233,10 +237,12 @@ ask_filename(struct passwd *pw, const ch
+@@ -251,10 +255,12 @@ ask_filename(struct passwd *pw, const ch
case KEY_RSA:
name = _PATH_SSH_CLIENT_ID_RSA;
break;
@@ -1250,7 +801,7 @@
default:
fprintf(stderr, "bad key type\n");
exit(1);
-@@ -900,7 +906,9 @@ do_gen_all_hostkeys(struct passwd *pw)
+@@ -954,7 +960,9 @@ do_gen_all_hostkeys(struct passwd *pw)
#ifdef OPENSSL_HAS_ECC
{ "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE },
#endif
@@ -1260,30 +811,41 @@
{ NULL, NULL, NULL }
};
-@@ -1616,7 +1624,10 @@ do_ca_sign(struct passwd *pw, int argc,
- if ((public = key_load_public(tmp, &comment)) == NULL)
- fatal("%s: unable to open \"%s\"", __func__, tmp);
+@@ -1643,7 +1651,10 @@ do_ca_sign(struct passwd *pw, int argc,
+ fatal("%s: unable to open \"%s\": %s",
+ __func__, tmp, ssh_err(r));
if (public->type != KEY_RSA && public->type != KEY_DSA &&
- public->type != KEY_ECDSA && public->type != KEY_ED25519)
+#ifndef WITHOUT_ED25519
-+ public->type != KEY_ED25519 &&
++ public->type != KEY_ED25519 &&
+#endif /* WITHOUT_ED25519 */
+ public->type != KEY_ECDSA)
fatal("%s: key \"%s\" type %s cannot be certified",
- __func__, tmp, key_type(public));
+ __func__, tmp, sshkey_type(public));
+@@ -2558,8 +2569,10 @@ main(int argc, char **argv)
+ _PATH_HOST_DSA_KEY_FILE, rr_hostname);
+ n += do_print_resource_record(pw,
+ _PATH_HOST_ECDSA_KEY_FILE, rr_hostname);
++#ifndef WITHOUT_ED25519
+ n += do_print_resource_record(pw,
+ _PATH_HOST_ED25519_KEY_FILE, rr_hostname);
++#endif /* WITHOUT_ED25519 */
+ if (n == 0)
+ fatal("no keys found.");
+ exit(0);
diff -pur old/ssh-keyscan.0 new/ssh-keyscan.0
---- old/ssh-keyscan.0 2014-01-29 17:52:47.000000000 -0800
-+++ new/ssh-keyscan.0 2015-04-02 08:03:08.223476077 -0700
+--- old/ssh-keyscan.0 2015-03-17 21:26:35.000000000 -0700
++++ new/ssh-keyscan.0 2015-05-12 07:42:45.592281964 -0700
@@ -48,9 +48,9 @@ DESCRIPTION
-t type
Specifies the type of the key to fetch from the scanned hosts.
- The possible values are ``rsa1'' for protocol version 1 and
-- ``dsa'', ``ecdsa'', ``ed25519'', or ``rsa'' for protocol version
-+ ``dsa'' or ``rsa'' for protocol version
- 2. Multiple values may be specified by separating them with
-- commas. The default is to fetch ``rsa'' and ``ecdsa'' keys.
-+ commas. The default is to fetch ``rsa'' keys.
+ The possible values are M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^],
+- M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2. Multiple
++ or M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2. Multiple
+ values may be specified by separating them with commas. The
+- default is to fetch M-bM-^@M-^\rsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], and M-bM-^@M-^\ed25519M-bM-^@M-^] keys.
++ default is to fetch M-bM-^@M-^\rsaM-bM-^@M-^] keys.
-v Verbose mode. Causes ssh-keyscan to print debugging messages
about its progress.
@@ -1291,14 +853,14 @@
host-or-namelist bits exponent modulus
-- Output format for rsa, dsa and ecdsa keys:
-+ Output format for rsa and dsa keys:
+- Output format for RSA, DSA, ECDSA, and Ed25519 keys:
++ Output format for RSA, and DSA keys:
host-or-namelist keytype base64-encoded-key
-- Where keytype is either ``ecdsa-sha2-nistp256'', ``ecdsa-sha2-nistp384'',
-- ``ecdsa-sha2-nistp521'', ``ssh-ed25519'', ``ssh-dss'' or ``ssh-rsa''.
-+ Where keytype is either ``ssh-dss'' or ``ssh-rsa''.
+- Where keytype is either M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^],
+- M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^].
++ Where keytype is either M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^].
/etc/ssh/ssh_known_hosts
@@ -1306,43 +868,47 @@
Find all hosts from the file ssh_hosts which have new or different keys
from those in the sorted file ssh_known_hosts:
-- $ ssh-keyscan -t rsa,dsa,ecdsa -f ssh_hosts | \
+- $ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \
+ $ ssh-keyscan -t rsa,dsa -f ssh_hosts | \
sort -u - ssh_known_hosts | diff ssh_known_hosts -
SEE ALSO
diff -pur old/ssh-keyscan.1 new/ssh-keyscan.1
---- old/ssh-keyscan.1 2013-12-17 22:46:28.000000000 -0800
-+++ new/ssh-keyscan.1 2015-04-02 08:14:50.877137257 -0700
-@@ -89,16 +89,12 @@ The possible values are
+--- old/ssh-keyscan.1 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-keyscan.1 2015-05-12 07:50:53.173745820 -0700
+@@ -90,18 +90,13 @@ Specifies the type of the key to fetch f
+ The possible values are
.Dq rsa1
for protocol version 1 and
- .Dq dsa ,
+-.Dq dsa ,
-.Dq ecdsa ,
-.Dq ed25519 ,
++.Dq dsa
or
.Dq rsa
for protocol version 2.
Multiple values may be specified by separating them with commas.
The default is to fetch
- .Dq rsa
+-.Dq rsa ,
+-.Dq ecdsa ,
-and
--.Dq ecdsa
+-.Dq ed25519
++.Dq rsa
keys.
.It Fl v
Verbose mode.
-@@ -127,7 +123,7 @@ attacks which have begun after the ssh_k
+@@ -130,7 +125,7 @@ Output format for RSA1 keys:
host-or-namelist bits exponent modulus
.Ed
.Pp
--.Pa Output format for rsa, dsa and ecdsa keys:
-+.Pa Output format for rsa and dsa keys:
+-Output format for RSA, DSA, ECDSA, and Ed25519 keys:
++Output format for RSA and DSA keys:
.Bd -literal
host-or-namelist keytype base64-encoded-key
.Ed
-@@ -135,10 +131,6 @@ host-or-namelist keytype base64-encoded-
+@@ -138,10 +133,6 @@ host-or-namelist keytype base64-encoded-
Where
- .Pa keytype
+ .Ar keytype
is either
-.Dq ecdsa-sha2-nistp256 ,
-.Dq ecdsa-sha2-nistp384 ,
@@ -1351,61 +917,37 @@
.Dq ssh-dss
or
.Dq ssh-rsa .
-@@ -158,7 +150,7 @@ Find all hosts from the file
+@@ -159,7 +150,7 @@ Find all hosts from the file
which have new or different keys from those in the sorted file
.Pa ssh_known_hosts :
.Bd -literal
--$ ssh-keyscan -t rsa,dsa,ecdsa -f ssh_hosts | \e
+-$ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \e
+$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e
sort -u - ssh_known_hosts | diff ssh_known_hosts -
.Ed
.Sh SEE ALSO
diff -pur old/ssh-keyscan.c new/ssh-keyscan.c
---- old/ssh-keyscan.c 2013-12-06 16:24:02.000000000 -0800
-+++ new/ssh-keyscan.c 2015-04-01 02:51:28.981556385 -0700
-@@ -56,7 +56,9 @@ int ssh_port = SSH_DEFAULT_PORT;
- #define KT_DSA 2
- #define KT_RSA 4
- #define KT_ECDSA 8
-+#ifndef WITHOUT_ED25519
- #define KT_ED25519 16
-+#endif /* WITHOUT_ED25519 */
-
- int get_keytypes = KT_RSA|KT_ECDSA;/* Get RSA and ECDSA keys by default */
-
-@@ -247,9 +249,11 @@ keygrab_ssh2(con *c)
- packet_set_connection(c->c_fd, c->c_fd);
- enable_compat20();
- myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
-- c->c_keytype == KT_DSA ? "ssh-dss" :
+--- old/ssh-keyscan.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-keyscan.c 2015-05-12 06:57:55.875467494 -0700
+@@ -286,7 +286,9 @@ keygrab_ssh2(con *c)
+ c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+ # endif
+ #endif
+#ifndef WITHOUT_ED25519
-+ c->c_keytype == KT_ED25519 ? "ssh-ed25519" :
+ c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
+#endif /* WITHOUT_ED25519 */
- (c->c_keytype == KT_RSA ? "ssh-rsa" :
-- (c->c_keytype == KT_ED25519 ? "ssh-ed25519" :
-+ (c->c_keytype == KT_DSA ? "ssh-dss" :
- "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"));
- c->c_kex = kex_setup(myproposal);
- c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
-@@ -257,7 +261,9 @@ keygrab_ssh2(con *c)
- c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
- c->c_kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
- c->c_kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
-+#ifndef WITHOUT_ED25519
- c->c_kex->kex[KEX_C25519_SHA256] = kexc25519_client;
-+#endif /* WITHOUT_ED25519 */
- c->c_kex->verify_host_key = hostjump;
-
- if (!(j = setjmp(kexjmp))) {
-@@ -575,10 +581,15 @@ do_host(char *host)
+ ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper);
+ /*
+ * do the key-exchange until an error occurs or until
+@@ -609,10 +611,15 @@ do_host(char *host)
{
char *name = strnnsep(&host, " \t\n");
int j;
-+#ifdef WITHOUT_ED25519
-+ int max_kt = KT_ECDSA;
++#ifndef WITHOUT_ED25519
++ int max_kt = KT_ED25519;
+#else
-+ int max_kt = KT_ED25519;
-+#endif
++ int max_kt = KT_ECDSA;
++#endif /* WITHOUT_ED25519 */
if (name == NULL)
return;
@@ -1414,7 +956,7 @@
if (get_keytypes & j) {
while (ncon >= MAXCON)
conloop();
-@@ -685,9 +696,11 @@ main(int argc, char **argv)
+@@ -716,9 +723,11 @@ main(int argc, char **argv)
case KEY_RSA:
get_keytypes |= KT_RSA;
break;
@@ -1427,8 +969,8 @@
fatal("unknown key type %s", tname);
}
diff -pur old/ssh-keysign.0 new/ssh-keysign.0
---- old/ssh-keysign.0 2014-01-29 17:52:48.000000000 -0800
-+++ new/ssh-keysign.0 2015-04-02 08:03:28.313581826 -0700
+--- old/ssh-keysign.0 2015-03-17 21:26:36.000000000 -0700
++++ new/ssh-keysign.0 2015-05-12 07:42:57.261187576 -0700
@@ -24,8 +24,6 @@ FILES
Controls whether ssh-keysign is enabled.
@@ -1448,8 +990,8 @@
If these files exist they are assumed to contain public
certificate information corresponding with the private keys
diff -pur old/ssh-keysign.8 new/ssh-keysign.8
---- old/ssh-keysign.8 2015-03-31 21:14:02.337922491 -0700
-+++ new/ssh-keysign.8 2015-04-02 08:16:42.230595366 -0700
+--- old/ssh-keysign.8 2015-05-12 06:57:55.609219058 -0700
++++ new/ssh-keysign.8 2015-05-12 07:52:35.880504667 -0700
@@ -62,8 +62,6 @@ Controls whether
is enabled.
.Pp
@@ -1469,21 +1011,18 @@
If these files exist they are assumed to contain public certificate
information corresponding with the private keys above.
diff -pur old/ssh-keysign.c new/ssh-keysign.c
---- old/ssh-keysign.c 2013-12-06 16:24:02.000000000 -0800
-+++ new/ssh-keysign.c 2015-04-01 02:53:53.600004403 -0700
-@@ -150,7 +150,11 @@ main(int argc, char **argv)
+--- old/ssh-keysign.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh-keysign.c 2015-05-25 04:37:07.788045828 -0700
+@@ -168,7 +168,7 @@ main(int argc, char **argv)
{
- Buffer b;
+ struct sshbuf *b;
Options options;
-+#ifdef WITHOUT_ED25519
+-#define NUM_KEYTYPES 4
+#define NUM_KEYTYPES 3
-+#else
- #define NUM_KEYTYPES 4
-+#endif
- Key *keys[NUM_KEYTYPES], *key = NULL;
+ struct sshkey *keys[NUM_KEYTYPES], *key = NULL;
struct passwd *pw;
- int key_fd[NUM_KEYTYPES], i, found, version = 2, fd;
-@@ -169,7 +173,9 @@ main(int argc, char **argv)
+ int r, key_fd[NUM_KEYTYPES], i, found, version = 2, fd;
+@@ -189,7 +189,9 @@ main(int argc, char **argv)
i = 0;
key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY);
@@ -1494,53 +1033,53 @@
original_real_uid = getuid(); /* XXX readconf.c needs this */
diff -pur old/ssh.0 new/ssh.0
---- old/ssh.0 2014-01-29 17:52:47.000000000 -0800
-+++ new/ssh.0 2015-04-02 08:05:51.667197938 -0700
-@@ -142,8 +142,8 @@ DESCRIPTION
+--- old/ssh.0 2015-03-17 21:26:35.000000000 -0700
++++ new/ssh.0 2015-05-12 07:44:32.393217723 -0700
+@@ -141,8 +141,8 @@ DESCRIPTION
-i identity_file
Selects a file from which the identity (private key) for public
key authentication is read. The default is ~/.ssh/identity for
- protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa,
- ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
-+ protocol version 1, and ~/.ssh/id_dsa, and ~/.ssh/id_rsa for
-+ protocol version 2.
++ protocol version 1, and ~/.ssh/id_dsa
++ and ~/.ssh/id_rsa for protocol version 2.
Identity files may also be specified on a per-host basis in the
configuration file. It is possible to have multiple -i options
(and multiple identities specified in configuration files). ssh
-@@ -446,7 +446,7 @@ AUTHENTICATION
+@@ -451,7 +451,7 @@ AUTHENTICATION
creates a public/private key pair for authentication purposes. The
server knows the public key, and only the user knows the private key.
ssh implements public key authentication protocol automatically, using
-- one of the DSA, ECDSA, ED25519 or RSA algorithms. Protocol 1 is
+- one of the DSA, ECDSA, Ed25519 or RSA algorithms. Protocol 1 is
+ one of the DSA or RSA algorithms. Protocol 1 is
restricted to using only RSA keys, but protocol 2 may use any. The
HISTORY section of ssl(8) contains a brief discussion of the DSA and RSA
algorithms.
-@@ -459,11 +459,9 @@ AUTHENTICATION
+@@ -464,11 +464,9 @@ AUTHENTICATION
The user creates his/her key pair by running ssh-keygen(1). This stores
the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol
- 2 DSA), ~/.ssh/id_ecdsa (protocol 2 ECDSA), ~/.ssh/id_ed25519 (protocol 2
-- ED25519), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
+- Ed25519), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
- ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA),
- ~/.ssh/id_ecdsa.pub (protocol 2 ECDSA), ~/.ssh/id_ed25519.pub (protocol 2
-- ED25519), or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home
+- Ed25519), or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home
+ 2 DSA) or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
+ ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA)
+ or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home
directory. The user should then copy the public key to
~/.ssh/authorized_keys in his/her home directory on the remote machine.
The authorized_keys file corresponds to the conventional ~/.rhosts file,
-@@ -799,7 +797,7 @@ FILES
+@@ -804,7 +802,7 @@ FILES
for the user, and not accessible by others.
~/.ssh/authorized_keys
-- Lists the public keys (DSA, ECDSA, ED25519, RSA) that can be used
+- Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used
+ Lists the public keys (DSA, RSA) that can be used
for logging in as this user. The format of this file is
described in the sshd(8) manual page. This file is not highly
sensitive, but the recommended permissions are read/write for the
-@@ -817,8 +815,6 @@ FILES
+@@ -822,8 +820,6 @@ FILES
~/.ssh/identity
~/.ssh/id_dsa
@@ -1549,7 +1088,7 @@
~/.ssh/id_rsa
Contains the private key for authentication. These files contain
sensitive data and should be readable by the user but not
-@@ -830,8 +826,6 @@ FILES
+@@ -835,8 +831,6 @@ FILES
~/.ssh/identity.pub
~/.ssh/id_dsa.pub
@@ -1558,7 +1097,7 @@
~/.ssh/id_rsa.pub
Contains the public key for authentication. These files are not
sensitive and can (but need not) be readable by anyone.
-@@ -862,8 +856,6 @@ FILES
+@@ -867,8 +861,6 @@ FILES
/etc/ssh/ssh_host_key
/etc/ssh/ssh_host_dsa_key
@@ -1568,58 +1107,60 @@
These files contain the private parts of the host keys and are
used for host-based authentication. If protocol version 1 is
diff -pur old/ssh.1 new/ssh.1
---- old/ssh.1 2013-12-17 22:46:28.000000000 -0800
-+++ new/ssh.1 2015-04-02 08:15:39.041359535 -0700
-@@ -279,8 +279,6 @@ The default is
+--- old/ssh.1 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh.1 2015-05-12 07:51:38.403098490 -0700
+@@ -274,9 +274,7 @@ public key authentication is read.
+ The default is
.Pa ~/.ssh/identity
for protocol version 1, and
- .Pa ~/.ssh/id_dsa ,
+-.Pa ~/.ssh/id_dsa ,
-.Pa ~/.ssh/id_ecdsa ,
-.Pa ~/.ssh/id_ed25519
++.Pa ~/.ssh/id_dsa
and
.Pa ~/.ssh/id_rsa
for protocol version 2.
-@@ -758,7 +756,7 @@ key pair for authentication purposes.
+@@ -761,7 +759,7 @@ key pair for authentication purposes.
The server knows the public key, and only the user knows the private key.
.Nm
implements public key authentication protocol automatically,
--using one of the DSA, ECDSA, ED25519 or RSA algorithms.
+-using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
+using one of the DSA or RSA algorithms.
Protocol 1 is restricted to using only RSA keys,
but protocol 2 may use any.
The HISTORY section of
-@@ -783,10 +781,6 @@ This stores the private key in
+@@ -786,10 +784,6 @@ This stores the private key in
(protocol 1),
.Pa ~/.ssh/id_dsa
(protocol 2 DSA),
-.Pa ~/.ssh/id_ecdsa
-(protocol 2 ECDSA),
-.Pa ~/.ssh/id_ed25519
--(protocol 2 ED25519),
+-(protocol 2 Ed25519),
or
.Pa ~/.ssh/id_rsa
(protocol 2 RSA)
-@@ -795,10 +789,6 @@ and stores the public key in
+@@ -798,10 +792,6 @@ and stores the public key in
(protocol 1),
.Pa ~/.ssh/id_dsa.pub
(protocol 2 DSA),
-.Pa ~/.ssh/id_ecdsa.pub
-(protocol 2 ECDSA),
-.Pa ~/.ssh/id_ed25519.pub
--(protocol 2 ED25519),
+-(protocol 2 Ed25519),
or
.Pa ~/.ssh/id_rsa.pub
(protocol 2 RSA)
-@@ -1338,7 +1328,7 @@ secret, but the recommended permissions
+@@ -1341,7 +1331,7 @@ secret, but the recommended permissions
and not accessible by others.
.Pp
.It Pa ~/.ssh/authorized_keys
--Lists the public keys (DSA, ECDSA, ED25519, RSA)
+-Lists the public keys (DSA, ECDSA, Ed25519, RSA)
+Lists the public keys (DSA, RSA)
that can be used for logging in as this user.
The format of this file is described in the
.Xr sshd 8
-@@ -1360,8 +1350,6 @@ above.
+@@ -1363,8 +1353,6 @@ above.
.Pp
.It Pa ~/.ssh/identity
.It Pa ~/.ssh/id_dsa
@@ -1628,7 +1169,7 @@
.It Pa ~/.ssh/id_rsa
Contains the private key for authentication.
These files
-@@ -1375,8 +1363,6 @@ sensitive part of this file using 3DES.
+@@ -1378,8 +1366,6 @@ sensitive part of this file using 3DES.
.Pp
.It Pa ~/.ssh/identity.pub
.It Pa ~/.ssh/id_dsa.pub
@@ -1637,7 +1178,7 @@
.It Pa ~/.ssh/id_rsa.pub
Contains the public key for authentication.
These files are not
-@@ -1415,8 +1401,6 @@ The file format and configuration option
+@@ -1418,8 +1404,6 @@ The file format and configuration option
.Pp
.It Pa /etc/ssh/ssh_host_key
.It Pa /etc/ssh/ssh_host_dsa_key
@@ -1647,56 +1188,79 @@
These files contain the private parts of the host keys
and are used for host-based authentication.
diff -pur old/ssh.c new/ssh.c
---- old/ssh.c 2013-12-28 22:53:40.000000000 -0800
-+++ new/ssh.c 2015-04-01 03:33:55.003074053 -0700
-@@ -1010,8 +1010,10 @@ main(int ac, char **av)
+--- old/ssh.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh.c 2015-05-12 06:57:55.876878130 -0700
+@@ -1234,8 +1234,10 @@ main(int ac, char **av)
+ sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA,
+ _PATH_HOST_ECDSA_KEY_FILE, "", NULL);
#endif
- sensitive_data.keys[3] = key_load_private_cert(KEY_RSA,
- _PATH_HOST_RSA_KEY_FILE, "", NULL);
+#ifndef WITHOUT_ED25519
- sensitive_data.keys[4] = key_load_private_cert(KEY_ED25519,
+ sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519,
_PATH_HOST_ED25519_KEY_FILE, "", NULL);
+#endif /* WITHOUT_ED25519 */
- sensitive_data.keys[5] = key_load_private_type(KEY_DSA,
- _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL);
- #ifdef OPENSSL_HAS_ECC
-@@ -1020,8 +1022,10 @@ main(int ac, char **av)
+ sensitive_data.keys[3] = key_load_private_cert(KEY_RSA,
+ _PATH_HOST_RSA_KEY_FILE, "", NULL);
+ sensitive_data.keys[4] = key_load_private_cert(KEY_DSA,
+@@ -1244,8 +1246,10 @@ main(int ac, char **av)
+ sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA,
+ _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL);
#endif
- sensitive_data.keys[7] = key_load_private_type(KEY_RSA,
- _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL);
+#ifndef WITHOUT_ED25519
- sensitive_data.keys[8] = key_load_private_type(KEY_ED25519,
+ sensitive_data.keys[6] = key_load_private_type(KEY_ED25519,
_PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL);
+#endif /* WITHOUT_ED25519 */
- PRIV_END;
-
- if (options.hostbased_authentication == 1 &&
-@@ -1038,8 +1042,10 @@ main(int ac, char **av)
+ sensitive_data.keys[7] = key_load_private_type(KEY_RSA,
+ _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL);
+ sensitive_data.keys[8] = key_load_private_type(KEY_DSA,
+@@ -1262,8 +1266,10 @@ main(int ac, char **av)
+ sensitive_data.keys[1] = key_load_cert(
+ _PATH_HOST_ECDSA_KEY_FILE);
#endif
- sensitive_data.keys[3] = key_load_cert(
- _PATH_HOST_RSA_KEY_FILE);
+#ifndef WITHOUT_ED25519
- sensitive_data.keys[4] = key_load_cert(
+ sensitive_data.keys[2] = key_load_cert(
_PATH_HOST_ED25519_KEY_FILE);
+#endif /* WITHOUT_ED25519 */
+ sensitive_data.keys[3] = key_load_cert(
+ _PATH_HOST_RSA_KEY_FILE);
+ sensitive_data.keys[4] = key_load_cert(
+@@ -1272,8 +1278,10 @@ main(int ac, char **av)
sensitive_data.keys[5] = key_load_public(
- _PATH_HOST_DSA_KEY_FILE, NULL);
- #ifdef OPENSSL_HAS_ECC
-@@ -1048,8 +1054,10 @@ main(int ac, char **av)
+ _PATH_HOST_ECDSA_KEY_FILE, NULL);
#endif
++#ifndef WITHOUT_ED25519
+ sensitive_data.keys[6] = key_load_public(
+ _PATH_HOST_ED25519_KEY_FILE, NULL);
++#endif /* WITHOUT_ED25519 */
sensitive_data.keys[7] = key_load_public(
_PATH_HOST_RSA_KEY_FILE, NULL);
+ sensitive_data.keys[8] = key_load_public(
+diff -pur old/ssh_api.c new/ssh_api.c
+--- old/ssh_api.c 2015-03-16 22:49:20.000000000 -0700
++++ new/ssh_api.c 2015-05-12 06:57:55.877368137 -0700
+@@ -109,7 +109,9 @@ ssh_init(struct ssh **sshp, int is_serve
+ ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+ # endif
+ #endif /* WITH_OPENSSL */
+#ifndef WITHOUT_ED25519
- sensitive_data.keys[8] = key_load_public(
- _PATH_HOST_ED25519_KEY_FILE, NULL);
+ ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+#endif /* WITHOUT_ED25519 */
- sensitive_data.external_keysign = 1;
- }
+ ssh->kex->load_host_public_key=&_ssh_host_public_key;
+ ssh->kex->load_host_private_key=&_ssh_host_private_key;
+ ssh->kex->sign=&_ssh_host_key_sign;
+@@ -123,7 +125,9 @@ ssh_init(struct ssh **sshp, int is_serve
+ ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+ # endif
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
++#endif /* WITHOUT_ED25519 */
+ ssh->kex->verify_host_key =&_ssh_verify_host_key;
}
+ *sshp = ssh;
diff -pur old/ssh_config.0 new/ssh_config.0
---- old/ssh_config.0 2014-01-29 17:52:48.000000000 -0800
-+++ new/ssh_config.0 2015-04-02 08:07:55.171885768 -0700
-@@ -409,14 +409,9 @@ DESCRIPTION
+--- old/ssh_config.0 2015-03-17 21:26:36.000000000 -0700
++++ new/ssh_config.0 2015-05-12 07:45:14.754320503 -0700
+@@ -443,14 +443,8 @@ DESCRIPTION
client wants to use in order of preference. The default for this
option is:
@@ -1708,37 +1272,35 @@
[email protected],[email protected],
- ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
- ssh-ed25519,ssh-rsa,ssh-dss
-+ ssh-rsa,ssh-dss
If hostkeys are known for the destination host then this default
is modified to prefer their algorithms.
-@@ -446,10 +441,10 @@ DESCRIPTION
- default is ``no''.
+@@ -486,10 +480,10 @@ DESCRIPTION
+ default is M-bM-^@M-^\noM-bM-^@M-^].
IdentityFile
-- Specifies a file from which the user's DSA, ECDSA, ED25519 or RSA
+- Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA
+ Specifies a file from which the user's DSA or RSA
authentication identity is read. The default is ~/.ssh/identity
- for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa,
- ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
-+ for protocol version 1, and ~/.ssh/id_dsa and ~/.ssh/id_rsa for
-+ protocol version 2.
++ for protocol version 1, and ~/.ssh/id_dsa
++ and ~/.ssh/id_rsa for protocol version 2.
Additionally, any identities represented by the authentication
agent will be used for authentication unless IdentitiesOnly is
set. ssh(1) will try to load certificate information from the
-@@ -509,8 +504,6 @@ DESCRIPTION
+@@ -549,7 +543,6 @@ DESCRIPTION
Specifies the available KEX (Key Exchange) algorithms. Multiple
algorithms must be comma-separated. The default is:
- [email protected],
-- ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
+ ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
- diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1,
diff -pur old/ssh_config.5 new/ssh_config.5
---- old/ssh_config.5 2015-03-31 21:14:02.439364932 -0700
-+++ new/ssh_config.5 2015-04-02 08:16:12.714886637 -0700
-@@ -729,14 +729,9 @@ Specifies the protocol version 2 host ke
+--- old/ssh_config.5 2015-05-12 06:57:55.750682668 -0700
++++ new/ssh_config.5 2015-05-12 07:52:05.483411337 -0700
+@@ -807,14 +807,8 @@ Specifies the protocol version 2 host ke
that the client wants to use in order of preference.
The default for this option is:
.Bd -literal -offset 3n
@@ -1750,15 +1312,14 @@
[email protected],[email protected],
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
-ssh-ed25519,ssh-rsa,ssh-dss
-+ssh-rsa,ssh-dss
.Ed
.Pp
If hostkeys are known for the destination host then this default is modified
-@@ -778,14 +773,12 @@ offers many different identities.
+@@ -869,14 +863,12 @@ offers many different identities.
The default is
.Dq no .
.It Cm IdentityFile
--Specifies a file from which the user's DSA, ECDSA, ED25519 or RSA authentication
+-Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication
+Specifies a file from which the user's DSA or RSA authentication
identity is read.
The default is
@@ -1770,19 +1331,18 @@
and
.Pa ~/.ssh/id_rsa
for protocol version 2.
-@@ -898,8 +891,6 @@ Specifies the available KEX (Key Exchang
+@@ -989,7 +981,6 @@ Specifies the available KEX (Key Exchang
Multiple algorithms must be comma-separated.
The default is:
.Bd -literal -offset indent
[email protected],
--ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
+ ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
- diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1,
diff -pur old/sshconnect.c new/sshconnect.c
---- old/sshconnect.c 2015-03-31 21:14:02.413909705 -0700
-+++ new/sshconnect.c 2015-04-01 04:56:41.997313652 -0700
-@@ -1325,7 +1325,9 @@ show_other_keys(struct hostkeys *hostkey
+--- old/sshconnect.c 2015-03-16 22:49:20.000000000 -0700
++++ new/sshconnect.c 2015-05-12 06:57:55.878078115 -0700
+@@ -1391,7 +1391,9 @@ show_other_keys(struct hostkeys *hostkey
KEY_RSA,
KEY_DSA,
KEY_ECDSA,
@@ -1793,12 +1353,12 @@
};
int i, ret = 0;
diff -pur old/sshconnect2.c new/sshconnect2.c
---- old/sshconnect2.c 2015-03-31 21:14:02.440456459 -0700
-+++ new/sshconnect2.c 2015-04-01 04:56:58.805755301 -0700
-@@ -246,7 +246,9 @@ ssh_kex2(char *host, struct sockaddr *ho
- kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
+--- old/sshconnect2.c 2015-05-12 06:57:55.751927078 -0700
++++ new/sshconnect2.c 2015-05-12 07:03:03.597484825 -0700
+@@ -254,7 +254,9 @@ ssh_kex2(char *host, struct sockaddr *ho
kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+ # endif
+ #endif
+#ifndef WITHOUT_ED25519
kex->kex[KEX_C25519_SHA256] = kexc25519_client;
+#endif /* WITHOUT_ED25519 */
@@ -1806,9 +1366,9 @@
if (options.gss_keyex) {
kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client;
diff -pur old/sshd.0 new/sshd.0
---- old/sshd.0 2014-01-29 17:52:47.000000000 -0800
-+++ new/sshd.0 2015-04-02 08:09:18.391442884 -0700
-@@ -82,8 +82,7 @@ DESCRIPTION
+--- old/sshd.0 2015-03-17 21:26:35.000000000 -0700
++++ new/sshd.0 2015-05-12 07:46:43.700877984 -0700
+@@ -81,8 +81,7 @@ DESCRIPTION
be given if sshd is not run as root (as the normal host key files
are normally not readable by anyone but root). The default is
/etc/ssh/ssh_host_key for protocol version 1, and
@@ -1818,11 +1378,11 @@
protocol version 2. It is possible to have multiple host key
files for the different protocol versions and host key
algorithms.
-@@ -148,7 +147,7 @@ DESCRIPTION
+@@ -147,7 +146,7 @@ DESCRIPTION
AUTHENTICATION
The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to
use protocol 2 only, though this can be changed via the Protocol option
-- in sshd_config(5). Protocol 2 supports DSA, ECDSA, ED25519 and RSA keys;
+- in sshd_config(5). Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys;
+ in sshd_config(5). Protocol 2 supports DSA and RSA keys;
protocol 1 only supports RSA keys. For both protocols, each host has a
host-specific key, normally 2048 bits, used to identify the host.
@@ -1831,10 +1391,10 @@
starts with a number). The bits, exponent, modulus, and comment fields
give the RSA key for protocol version 1; the comment field is not used
for anything (but may be convenient for the user to identify the key).
-- For protocol version 2 the keytype is ``ecdsa-sha2-nistp256'',
-- ``ecdsa-sha2-nistp384'', ``ecdsa-sha2-nistp521'', ``ssh-ed25519'',
-- ``ssh-dss'' or ``ssh-rsa''.
-+ For protocol version 2 the keytype is ``ssh-dss'' or ``ssh-rsa''.
+- For protocol version 2 the keytype is M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^],
+- M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or
+- M-bM-^@M-^\ssh-rsaM-bM-^@M-^].
++ For protocol version 2 the keytype is M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^].
Note that lines in this file are usually several hundred bytes long
(because of the size of the public key encoding) up to a limit of 8
@@ -1849,12 +1409,12 @@
for the user, and not accessible by others.
~/.ssh/authorized_keys
-- Lists the public keys (DSA, ECDSA, ED25519, RSA) that can be used
+- Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used
+ Lists the public keys (DSA, RSA) that can be used
for logging in as this user. The format of this file is
described above. The content of the file is not highly
sensitive, but the recommended permissions are read/write for the
-@@ -574,8 +571,6 @@ FILES
+@@ -569,8 +566,6 @@ FILES
/etc/ssh/ssh_host_key
/etc/ssh/ssh_host_dsa_key
@@ -1863,7 +1423,7 @@
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys. These
files should only be owned by root, readable only by root, and
-@@ -584,8 +579,6 @@ FILES
+@@ -579,8 +574,6 @@ FILES
/etc/ssh/ssh_host_key.pub
/etc/ssh/ssh_host_dsa_key.pub
@@ -1873,9 +1433,9 @@
These files contain the public parts of the host keys. These
files should be world-readable but writable only by root. Their
diff -pur old/sshd.8 new/sshd.8
---- old/sshd.8 2015-03-31 21:14:02.389944452 -0700
-+++ new/sshd.8 2015-04-02 08:17:21.818430805 -0700
-@@ -175,8 +175,6 @@ The default is
+--- old/sshd.8 2015-05-12 06:57:55.682941332 -0700
++++ new/sshd.8 2015-05-12 07:53:14.229250081 -0700
+@@ -172,8 +172,6 @@ The default is
.Pa /etc/ssh/ssh_host_key
for protocol version 1, and
.Pa /etc/ssh/ssh_host_dsa_key ,
@@ -1884,11 +1444,11 @@
and
.Pa /etc/ssh/ssh_host_rsa_key
for protocol version 2.
-@@ -281,7 +279,7 @@ though this can be changed via the
+@@ -278,7 +276,7 @@ though this can be changed via the
.Cm Protocol
option in
.Xr sshd_config 4 .
--Protocol 2 supports DSA, ECDSA, ED25519 and RSA keys;
+-Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys;
+Protocol 2 supports DSA and RSA keys;
protocol 1 only supports RSA keys.
For both protocols,
@@ -1917,12 +1477,12 @@
and not accessible by others.
.Pp
.It Pa ~/.ssh/authorized_keys
--Lists the public keys (DSA, ECDSA, ED25519, RSA)
+-Lists the public keys (DSA, ECDSA, Ed25519, RSA)
+Lists the public keys (DSA, RSA)
that can be used for logging in as this user.
The format of this file is described above.
The content of the file is not highly sensitive, but the recommended
-@@ -888,8 +880,6 @@ rlogin/rsh.
+@@ -882,8 +874,6 @@ rlogin/rsh.
.Pp
.It Pa /etc/ssh/ssh_host_key
.It Pa /etc/ssh/ssh_host_dsa_key
@@ -1931,7 +1491,7 @@
.It Pa /etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys.
These files should only be owned by root, readable only by root, and not
-@@ -900,8 +890,6 @@ does not start if these files are group/
+@@ -894,8 +884,6 @@ does not start if these files are group/
.Pp
.It Pa /etc/ssh/ssh_host_key.pub
.It Pa /etc/ssh/ssh_host_dsa_key.pub
@@ -1941,9 +1501,9 @@
These files contain the public parts of the host keys.
These files should be world-readable but writable only by
diff -pur old/sshd.c new/sshd.c
---- old/sshd.c 2015-03-31 21:14:02.441576765 -0700
-+++ new/sshd.c 2015-04-01 03:42:59.569147555 -0700
-@@ -797,7 +797,9 @@ list_hostkey_types(void)
+--- old/sshd.c 2015-05-12 06:57:55.753246429 -0700
++++ new/sshd.c 2015-05-12 07:03:44.715843663 -0700
+@@ -803,7 +803,9 @@ list_hostkey_types(void)
case KEY_RSA:
case KEY_DSA:
case KEY_ECDSA:
@@ -1953,7 +1513,7 @@
if (buffer_len(&b) > 0)
buffer_append(&b, ",", 1);
p = key_ssh_name(key);
-@@ -814,7 +816,9 @@ list_hostkey_types(void)
+@@ -820,7 +822,9 @@ list_hostkey_types(void)
case KEY_RSA_CERT:
case KEY_DSA_CERT:
case KEY_ECDSA_CERT:
@@ -1963,7 +1523,7 @@
if (buffer_len(&b) > 0)
buffer_append(&b, ",", 1);
p = key_ssh_name(key);
-@@ -842,7 +846,9 @@ get_hostkey_by_type(int type, int need_p
+@@ -848,7 +852,9 @@ get_hostkey_by_type(int type, int nid, i
case KEY_RSA_CERT:
case KEY_DSA_CERT:
case KEY_ECDSA_CERT:
@@ -1973,20 +1533,20 @@
key = sensitive_data.host_certificates[i];
break;
default:
-@@ -1719,7 +1725,9 @@ main(int ac, char **av)
+@@ -1798,7 +1804,9 @@ main(int ac, char **av)
case KEY_RSA:
case KEY_DSA:
case KEY_ECDSA:
+#ifndef WITHOUT_ED25519
case KEY_ED25519:
+#endif /* WITHOUT_ED25519 */
- sensitive_data.have_ssh2_key = 1;
+ if (have_agent || key != NULL)
+ sensitive_data.have_ssh2_key = 1;
break;
- }
-@@ -2546,7 +2554,9 @@ do_ssh2_kex(void)
- kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+@@ -2644,7 +2652,9 @@ do_ssh2_kex(void)
kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+ # endif
+ #endif
+#ifndef WITHOUT_ED25519
kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+#endif /* WITHOUT_ED25519 */
@@ -1994,9 +1554,9 @@
if (options.gss_keyex) {
kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
diff -pur old/sshd_config.0 new/sshd_config.0
---- old/sshd_config.0 2014-01-29 17:52:48.000000000 -0800
-+++ new/sshd_config.0 2015-04-02 08:09:53.957389224 -0700
-@@ -332,12 +332,11 @@ DESCRIPTION
+--- old/sshd_config.0 2015-03-17 21:26:36.000000000 -0700
++++ new/sshd_config.0 2015-05-12 07:47:28.488941581 -0700
+@@ -375,12 +375,11 @@ DESCRIPTION
HostKey
Specifies a file containing a private host key used by SSH. The
default is /etc/ssh/ssh_host_key for protocol version 1, and
@@ -2005,25 +1565,33 @@
+ /etc/ssh/ssh_host_dsa_key and /etc/ssh/ssh_host_rsa_key for
protocol version 2. Note that sshd(8) will refuse to use a file
if it is group/world-accessible. It is possible to have multiple
- host key files. ``rsa1'' keys are used for version 1 and
-- ``dsa'', ``ecdsa'', ``ed25519'' or ``rsa'' are used for version 2
-+ ``dsa'' or ``rsa'' are used for version 2
- of the SSH protocol. It is also possible to specify public host
- key files instead. In this case operations on the private key
- will be delegated to an ssh-agent(1).
-@@ -399,8 +398,6 @@ DESCRIPTION
- Specifies the available KEX (Key Exchange) algorithms. Multiple
- algorithms must be comma-separated. The default is
+- host key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^],
+- M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] are used for version 2 of the SSH
++ host key files. M-bM-^@M-^\rsa1M-bM-^@M-^] keys are used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^]
++ or M-bM-^@M-^\rsaM-bM-^@M-^] are used for version 2 of the SSH
+ protocol. It is also possible to specify public host key files
+ instead. In this case operations on the private key will be
+ delegated to an ssh-agent(1).
+@@ -448,7 +447,6 @@ DESCRIPTION
+ algorithms must be comma-separated. The supported algorithms
+ are:
+
+- [email protected]
+ diffie-hellman-group1-sha1
+ diffie-hellman-group14-sha1
+ diffie-hellman-group-exchange-sha1
+@@ -459,7 +457,6 @@ DESCRIPTION
+
+ The default is:
- [email protected],
-- ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
+ ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
- diffie-hellman-group-exchange-sha1,
- diffie-hellman-group14-sha1,
+ diffie-hellman-group14-sha1
diff -pur old/sshd_config.5 new/sshd_config.5
---- old/sshd_config.5 2015-03-31 21:14:02.442624133 -0700
-+++ new/sshd_config.5 2015-04-02 08:16:29.655757790 -0700
-@@ -546,8 +546,6 @@ The default is
+--- old/sshd_config.5 2015-05-12 06:57:55.754541097 -0700
++++ new/sshd_config.5 2015-05-12 07:52:26.170307089 -0700
+@@ -628,8 +628,6 @@ The default is
.Pa /etc/ssh/ssh_host_key
for protocol version 1, and
.Pa /etc/ssh/ssh_host_dsa_key ,
@@ -2032,7 +1600,7 @@
and
.Pa /etc/ssh/ssh_host_rsa_key
for protocol version 2.
-@@ -558,8 +556,6 @@ It is possible to have multiple host key
+@@ -640,8 +638,6 @@ It is possible to have multiple host key
.Dq rsa1
keys are used for version 1 and
.Dq dsa ,
@@ -2041,29 +1609,440 @@
or
.Dq rsa
are used for version 2 of the SSH protocol.
-@@ -669,8 +665,6 @@ Specifies the available KEX (Key Exchang
- Multiple algorithms must be comma-separated.
- The default is
+@@ -764,8 +760,6 @@ The supported algorithms are:
+ .Pp
+ .Bl -item -compact -offset indent
+ .It
[email protected]
+-.It
+ diffie-hellman-group1-sha1
+ .It
+ diffie-hellman-group14-sha1
+@@ -783,7 +777,6 @@ ecdh-sha2-nistp521
+ .Pp
+ The default is:
.Bd -literal -offset indent
[email protected],
--ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
+ ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
- diffie-hellman-group-exchange-sha1,
- diffie-hellman-group14-sha1,
-diff -pur old/verify.c new/verify.c
---- old/verify.c 2014-01-16 17:43:44.000000000 -0800
-+++ new/verify.c 2015-04-01 03:43:49.962792178 -0700
-@@ -9,6 +9,8 @@
+ diffie-hellman-group14-sha1
+diff -pur old/sshkey.c new/sshkey.c
+--- old/sshkey.c 2015-05-12 06:57:55.756061267 -0700
++++ new/sshkey.c 2015-05-27 03:34:57.475875579 -0700
+@@ -85,9 +85,11 @@ struct keytype {
+ int cert;
+ };
+ static const struct keytype keytypes[] = {
++#ifndef WITHOUT_ED25519
+ { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 },
+ { "[email protected]", "ED25519-CERT",
+ KEY_ED25519_CERT, 0, 1 },
++#endif /* WITHOUT_ED25519 */
+ #ifdef WITH_OPENSSL
+ { NULL, "RSA1", KEY_RSA1, 0, 0 },
+ { "ssh-rsa", "RSA", KEY_RSA, 0, 0 },
+@@ -284,8 +286,10 @@ sshkey_size(const struct sshkey *k)
+ case KEY_ECDSA_CERT:
+ return sshkey_curve_nid_to_bits(k->ecdsa_nid);
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
++#endif /* WITHOUT_ED25519 */
+ return 256; /* XXX */
+ }
+ return 0;
+@@ -310,7 +314,9 @@ sshkey_type_is_valid_ca(int type)
+ case KEY_RSA:
+ case KEY_DSA:
+ case KEY_ECDSA:
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
++#endif /* WITHOUT_ED25519 */
+ return 1;
+ default:
+ return 0;
+@@ -338,8 +344,10 @@ sshkey_type_plain(int type)
+ return KEY_DSA;
+ case KEY_ECDSA_CERT:
+ return KEY_ECDSA;
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519_CERT:
+ return KEY_ED25519;
++#endif /* WITHOUT_ED25519 */
+ default:
+ return type;
+ }
+@@ -492,8 +500,10 @@ sshkey_new(int type)
+ k->dsa = NULL;
+ k->rsa = NULL;
+ k->cert = NULL;
++#ifndef WITHOUT_ED25519
+ k->ed25519_sk = NULL;
+ k->ed25519_pk = NULL;
++#endif /* WITHOUT_ED25519 */
+ switch (k->type) {
+ #ifdef WITH_OPENSSL
+ case KEY_RSA1:
+@@ -530,10 +540,12 @@ sshkey_new(int type)
+ /* Cannot do anything until we know the group */
+ break;
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
+ /* no need to prealloc */
+ break;
++#endif /* WITHOUT_ED25519 */
+ case KEY_UNSPEC:
+ break;
+ default:
+@@ -582,10 +594,12 @@ sshkey_add_private(struct sshkey *k)
+ /* Cannot do anything until we know the group */
+ break;
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
+ /* no need to prealloc */
+ break;
++#endif /* WITHOUT_ED25519 */
+ case KEY_UNSPEC:
+ break;
+ default:
+@@ -639,6 +653,7 @@ sshkey_free(struct sshkey *k)
+ break;
+ # endif /* OPENSSL_HAS_ECC */
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
+ if (k->ed25519_pk) {
+@@ -652,6 +667,7 @@ sshkey_free(struct sshkey *k)
+ k->ed25519_sk = NULL;
+ }
+ break;
++#endif /* WITHOUT_ED25519 */
+ case KEY_UNSPEC:
+ break;
+ default:
+@@ -731,10 +747,12 @@ sshkey_equal_public(const struct sshkey
+ return 1;
+ # endif /* OPENSSL_HAS_ECC */
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
+ return a->ed25519_pk != NULL && b->ed25519_pk != NULL &&
+ memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0;
++#endif /* WITHOUT_ED25519 */
+ default:
+ return 0;
+ }
+@@ -773,7 +791,9 @@ to_blob_buf(const struct sshkey *key, st
+ case KEY_ECDSA_CERT:
+ case KEY_RSA_CERT:
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519_CERT:
++#endif /* WITHOUT_ED25519 */
+ /* Use the existing blob */
+ /* XXX modified flag? */
+ if ((ret = sshbuf_putb(b, key->cert->certblob)) != 0)
+@@ -810,6 +830,7 @@ to_blob_buf(const struct sshkey *key, st
+ return ret;
+ break;
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ if (key->ed25519_pk == NULL)
+ return SSH_ERR_INVALID_ARGUMENT;
+@@ -818,6 +839,7 @@ to_blob_buf(const struct sshkey *key, st
+ key->ed25519_pk, ED25519_PK_SZ)) != 0)
+ return ret;
+ break;
++#endif /* WITHOUT_ED25519 */
+ default:
+ return SSH_ERR_KEY_TYPE_UNKNOWN;
+ }
+@@ -1291,13 +1313,17 @@ sshkey_read(struct sshkey *ret, char **c
+ case KEY_RSA:
+ case KEY_DSA:
+ case KEY_ECDSA:
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
++#endif /* WITHOUT_ED25519 */
+ case KEY_DSA_CERT_V00:
+ case KEY_RSA_CERT_V00:
+ case KEY_DSA_CERT:
+ case KEY_ECDSA_CERT:
+ case KEY_RSA_CERT:
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519_CERT:
++#endif /* WITHOUT_ED25519 */
+ space = strchr(cp, ' ');
+ if (space == NULL)
+ return SSH_ERR_INVALID_FORMAT;
+@@ -1389,6 +1415,7 @@ sshkey_read(struct sshkey *ret, char **c
+ }
+ # endif /* OPENSSL_HAS_ECC */
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ if (sshkey_type_plain(ret->type) == KEY_ED25519) {
+ free(ret->ed25519_pk);
+ ret->ed25519_pk = k->ed25519_pk;
+@@ -1397,6 +1424,7 @@ sshkey_read(struct sshkey *ret, char **c
+ /* XXX */
+ #endif
+ }
++#endif /* WITHOUT_ED25519 */
+ retval = 0;
+ /*XXXX*/
+ sshkey_free(k);
+@@ -1460,8 +1488,10 @@ sshkey_write(const struct sshkey *key, F
+ case KEY_RSA_CERT_V00:
+ case KEY_RSA_CERT:
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
++#endif /* WITHOUT_ED25519 */
+ if ((bb = sshbuf_new()) == NULL) {
+ ret = SSH_ERR_ALLOC_FAIL;
+ goto out;
+@@ -1671,7 +1701,8 @@ sshkey_generate(int type, u_int bits, st
+ if ((k = sshkey_new(KEY_UNSPEC)) == NULL)
+ return SSH_ERR_ALLOC_FAIL;
+ switch (type) {
+- case KEY_ED25519:
++#ifndef WITHOUT_ED25519
++ case KEY_ED25519:
+ if ((k->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL ||
+ (k->ed25519_sk = malloc(ED25519_SK_SZ)) == NULL) {
+ ret = SSH_ERR_ALLOC_FAIL;
+@@ -1680,6 +1711,7 @@ sshkey_generate(int type, u_int bits, st
+ crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk);
+ ret = 0;
+ break;
++#endif /* WITHOUT_ED25519 */
+ #ifdef WITH_OPENSSL
+ case KEY_DSA:
+ ret = dsa_generate_private_key(bits, &k->dsa);
+@@ -1817,6 +1849,7 @@ sshkey_from_private(const struct sshkey
+ }
+ break;
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
+ if ((n = sshkey_new(k->type)) == NULL)
+@@ -1829,6 +1862,7 @@ sshkey_from_private(const struct sshkey
+ memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);
+ }
+ break;
++#endif /* WITHOUT_ED25519 */
+ default:
+ return SSH_ERR_KEY_TYPE_UNKNOWN;
+ }
+@@ -2100,6 +2134,7 @@ sshkey_from_blob_internal(struct sshbuf
+ break;
+ # endif /* OPENSSL_HAS_ECC */
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519_CERT:
+ /* Skip nonce */
+ if (sshbuf_get_string_direct(b, NULL, NULL) != 0) {
+@@ -2121,6 +2156,7 @@ sshkey_from_blob_internal(struct sshbuf
+ key->ed25519_pk = pk;
+ pk = NULL;
+ break;
++#endif /* WITHOUT_ED25519 */
+ case KEY_UNSPEC:
+ if ((key = sshkey_new(type)) == NULL) {
+ ret = SSH_ERR_ALLOC_FAIL;
+@@ -2215,9 +2251,11 @@ sshkey_sign(const struct sshkey *key,
+ case KEY_RSA:
+ return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat);
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
+ return ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat);
++#endif /* WITHOUT_ED25519 */
+ default:
+ return SSH_ERR_KEY_TYPE_UNKNOWN;
+ }
+@@ -2249,9 +2287,11 @@ sshkey_verify(const struct sshkey *key,
+ case KEY_RSA:
+ return ssh_rsa_verify(key, sig, siglen, data, dlen, compat);
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ case KEY_ED25519_CERT:
+ return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat);
++#endif /* WITHOUT_ED25519 */
+ default:
+ return SSH_ERR_KEY_TYPE_UNKNOWN;
+ }
+@@ -2275,8 +2315,10 @@ sshkey_demote(const struct sshkey *k, st
+ pk->dsa = NULL;
+ pk->ecdsa = NULL;
+ pk->rsa = NULL;
++#ifndef WITHOUT_ED25519
+ pk->ed25519_pk = NULL;
+ pk->ed25519_sk = NULL;
++#endif /* WITHOUT_ED25519 */
- #include "crypto_api.h"
+ switch (k->type) {
+ #ifdef WITH_OPENSSL
+@@ -2328,6 +2370,7 @@ sshkey_demote(const struct sshkey *k, st
+ break;
+ # endif /* OPENSSL_HAS_ECC */
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519_CERT:
+ if ((ret = sshkey_cert_copy(k, pk)) != 0)
+ goto fail;
+@@ -2341,6 +2384,7 @@ sshkey_demote(const struct sshkey *k, st
+ memcpy(pk->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);
+ }
+ break;
++#endif /* WITHOUT_ED25519 */
+ default:
+ ret = SSH_ERR_KEY_TYPE_UNKNOWN;
+ fail:
+@@ -2371,11 +2415,13 @@ sshkey_to_certified(struct sshkey *k, in
+ newtype = KEY_ECDSA_CERT;
+ break;
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ if (legacy)
+ return SSH_ERR_INVALID_ARGUMENT;
+ newtype = KEY_ED25519_CERT;
+ break;
++#endif /* WITHOUT_ED25519 */
+ default:
+ return SSH_ERR_INVALID_ARGUMENT;
+ }
+@@ -2458,11 +2504,13 @@ sshkey_certify(struct sshkey *k, struct
+ goto out;
+ break;
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519_CERT:
+ if ((ret = sshbuf_put_string(cert,
+ k->ed25519_pk, ED25519_PK_SZ)) != 0)
+ goto out;
+ break;
++#endif /* WITHOUT_ED25519 */
+ default:
+ ret = SSH_ERR_INVALID_ARGUMENT;
+ goto out;
+@@ -2657,6 +2705,7 @@ sshkey_private_serialize(const struct ss
+ break;
+ # endif /* OPENSSL_HAS_ECC */
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ if ((r = sshbuf_put_string(b, key->ed25519_pk,
+ ED25519_PK_SZ)) != 0 ||
+@@ -2676,6 +2725,7 @@ sshkey_private_serialize(const struct ss
+ ED25519_SK_SZ)) != 0)
+ goto out;
+ break;
++#endif /* WITHOUT_ED25519 */
+ default:
+ r = SSH_ERR_INVALID_ARGUMENT;
+ goto out;
+@@ -2802,6 +2852,7 @@ sshkey_private_deserialize(struct sshbuf
+ goto out;
+ break;
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ if ((k = sshkey_new_private(type)) == NULL) {
+ r = SSH_ERR_ALLOC_FAIL;
+@@ -2832,6 +2883,7 @@ sshkey_private_deserialize(struct sshbuf
+ k->ed25519_sk = ed25519_sk;
+ ed25519_pk = ed25519_sk = NULL;
+ break;
++#endif /* WITHOUT_ED25519 */
+ default:
+ r = SSH_ERR_KEY_TYPE_UNKNOWN;
+ goto out;
+@@ -3591,9 +3643,11 @@ sshkey_private_to_fileblob(struct sshkey
+ return sshkey_private_pem_to_blob(key, blob,
+ passphrase, comment);
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ return sshkey_private_to_blob2(key, blob, passphrase,
+ comment, new_format_cipher, new_format_rounds);
++#endif /* WITHOUT_ED25519 */
+ default:
+ return SSH_ERR_KEY_TYPE_UNKNOWN;
+ }
+@@ -3899,9 +3953,11 @@ sshkey_parse_private_fileblob_type(struc
+ return sshkey_parse_private_pem_fileblob(blob, type,
+ passphrase, keyp);
+ #endif /* WITH_OPENSSL */
++#ifndef WITHOUT_ED25519
+ case KEY_ED25519:
+ return sshkey_parse_private2(blob, type, passphrase,
+ keyp, commentp);
++#endif /* WITHOUT_ED25519 */
+ case KEY_UNSPEC:
+ if ((r = sshkey_parse_private2(blob, type, passphrase, keyp,
+ commentp)) == 0)
+diff -pur old/sshkey.h new/sshkey.h
+--- old/sshkey.h 2015-05-12 06:57:55.756485788 -0700
++++ new/sshkey.h 2015-05-12 06:57:55.885805405 -0700
+@@ -57,11 +57,15 @@ enum sshkey_types {
+ KEY_RSA,
+ KEY_DSA,
+ KEY_ECDSA,
++#ifndef WITHOUT_ED25519
+ KEY_ED25519,
++#endif /* WITHOUT_ED25519 */
+ KEY_RSA_CERT,
+ KEY_DSA_CERT,
+ KEY_ECDSA_CERT,
++#ifndef WITHOUT_ED25519
+ KEY_ED25519_CERT,
++#endif /* WITHOUT_ED25519 */
+ KEY_RSA_CERT_V00,
+ KEY_DSA_CERT_V00,
+ KEY_NULL,
+@@ -106,13 +110,17 @@ struct sshkey {
+ DSA *dsa;
+ int ecdsa_nid; /* NID of curve */
+ EC_KEY *ecdsa;
++#ifndef WITHOUT_ED25519
+ u_char *ed25519_sk;
+ u_char *ed25519_pk;
++#endif /* WITHOUT_ED25519 */
+ struct sshkey_cert *cert;
+ };
+#ifndef WITHOUT_ED25519
-+
- int crypto_verify_32(const unsigned char *x,const unsigned char *y)
- {
- unsigned int differentbits = 0;
-@@ -47,3 +49,4 @@ int crypto_verify_32(const unsigned char
- F(31)
- return (1 & ((differentbits - 1) >> 8)) - 1;
- }
+ #define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES
+ #define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES
+#endif /* WITHOUT_ED25519 */
+
+ struct sshkey *sshkey_new(int);
+ int sshkey_add_private(struct sshkey *);
+@@ -210,11 +218,13 @@ int ssh_ecdsa_sign(const struct sshkey *
+ int ssh_ecdsa_verify(const struct sshkey *key,
+ const u_char *signature, size_t signaturelen,
+ const u_char *data, size_t datalen, u_int compat);
++#ifndef WITHOUT_ED25519
+ int ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
+ const u_char *data, size_t datalen, u_int compat);
+ int ssh_ed25519_verify(const struct sshkey *key,
+ const u_char *signature, size_t signaturelen,
+ const u_char *data, size_t datalen, u_int compat);
++#endif /* WITHOUT_ED25519 */
+ #endif
+
+ #if !defined(WITH_OPENSSL)
--- a/components/openssh/patches/025-login_to_a_role.patch Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/patches/025-login_to_a_role.patch Thu Jun 18 07:01:42 2015 -0700
@@ -10,8 +10,8 @@
# https://bugzilla.mindrot.org/show_bug.cgi?id=2378
#
diff -pur old/auth-pam.c new/auth-pam.c
---- old/auth-pam.c 2015-04-13 07:40:15.102801416 -0700
-+++ new/auth-pam.c 2015-04-13 07:40:15.170507123 -0700
+--- old/auth-pam.c 2015-05-21 04:08:41.910932322 -0700
++++ new/auth-pam.c 2015-05-21 04:08:42.024831668 -0700
@@ -1038,6 +1038,20 @@ do_pam_account(void)
return (sshpam_account_status);
}
@@ -34,8 +34,8 @@
do_pam_set_tty(const char *tty)
{
diff -pur old/auth-pam.h new/auth-pam.h
---- old/auth-pam.h 2004-09-11 05:17:26.000000000 -0700
-+++ new/auth-pam.h 2015-04-13 07:40:15.170675124 -0700
+--- old/auth-pam.h 2015-03-16 22:49:20.000000000 -0700
++++ new/auth-pam.h 2015-05-21 04:08:42.025160216 -0700
@@ -35,6 +35,9 @@ void start_pam(Authctxt *);
void finish_pam(void);
u_int do_pam_account(void);
@@ -47,9 +47,9 @@
void do_pam_setcred(int );
void do_pam_chauthtok(void);
diff -pur old/auth.h new/auth.h
---- old/auth.h 2015-04-13 07:40:15.102912510 -0700
-+++ new/auth.h 2015-04-13 07:40:15.170773363 -0700
-@@ -79,6 +79,9 @@ struct Authctxt {
+--- old/auth.h 2015-05-21 04:08:41.911346027 -0700
++++ new/auth.h 2015-05-21 04:08:42.025504068 -0700
+@@ -84,6 +84,9 @@ struct Authctxt {
#ifdef PAM_ENHANCEMENT
char *authmethod_name;
#endif
@@ -60,9 +60,9 @@
/*
* Every authentication method has to handle authentication requests for
diff -pur old/auth2-hostbased.c new/auth2-hostbased.c
---- old/auth2-hostbased.c 2013-12-30 17:25:41.000000000 -0800
-+++ new/auth2-hostbased.c 2015-04-13 07:40:15.170883166 -0700
-@@ -83,6 +83,9 @@ userauth_hostbased(Authctxt *authctxt)
+--- old/auth2-hostbased.c 2015-03-16 22:49:20.000000000 -0700
++++ new/auth2-hostbased.c 2015-05-21 04:08:42.026208843 -0700
+@@ -85,6 +85,9 @@ userauth_hostbased(Authctxt *authctxt)
buffer_dump(&b);
buffer_free(&b);
#endif
@@ -72,7 +72,7 @@
pktype = key_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) {
/* this is perfectly legal */
-@@ -133,6 +136,13 @@ userauth_hostbased(Authctxt *authctxt)
+@@ -143,6 +146,13 @@ userauth_hostbased(Authctxt *authctxt)
buffer_len(&b))) == 1)
authenticated = 1;
@@ -87,9 +87,9 @@
done:
debug2("userauth_hostbased: authenticated %d", authenticated);
diff -pur old/auth2.c new/auth2.c
---- old/auth2.c 2015-04-13 07:40:15.125748357 -0700
-+++ new/auth2.c 2015-04-13 07:54:08.589929143 -0700
-@@ -347,6 +347,14 @@ userauth_finish(Authctxt *authctxt, int
+--- old/auth2.c 2015-05-21 04:08:41.947286493 -0700
++++ new/auth2.c 2015-05-21 04:08:42.026846014 -0700
+@@ -339,6 +339,14 @@ userauth_finish(Authctxt *authctxt, int
#endif
}
@@ -105,9 +105,9 @@
#if defined(USE_PAM) && defined(PAM_ENHANCEMENT)
diff -pur old/config.h.in new/config.h.in
---- old/config.h.in 2015-04-13 07:40:15.118922540 -0700
-+++ new/config.h.in 2015-04-13 07:40:15.171493102 -0700
-@@ -814,6 +814,9 @@
+--- old/config.h.in 2015-05-21 04:08:41.938119429 -0700
++++ new/config.h.in 2015-05-21 04:08:42.027796887 -0700
+@@ -827,6 +827,9 @@
/* Define if you have Digital Unix Security Integration Architecture */
#undef HAVE_OSF_SIA
@@ -118,20 +118,20 @@
#undef HAVE_PAM_GETENVLIST
diff -pur old/configure new/configure
---- old/configure 2015-04-13 07:40:15.121667931 -0700
-+++ new/configure 2015-04-13 07:40:15.174438856 -0700
-@@ -7799,6 +7799,7 @@ fi
-
- $as_echo "#define USE_GSS_STORE_CRED 1" >>confdefs.h
- $as_echo "#define GSSAPI_STORECREDS_NEEDS_RUID 1" >>confdefs.h
-+ $as_echo "#define HAVE_PAM_AUSER 1" >>confdefs.h
+--- old/configure 2015-05-21 04:08:41.952127851 -0700
++++ new/configure 2015-05-21 04:09:34.214165539 -0700
+@@ -10872,6 +10872,7 @@ fi
+ cat >>confdefs.h <<\_ACEOF
+ #define USE_GSS_STORE_CRED 1
+ #define GSSAPI_STORECREDS_NEEDS_RUID 1
++#define HAVE_PAM_AUSER 1
+ _ACEOF
TEST_SHELL=$SHELL # let configure find us a capable shell
- ;;
diff -pur old/configure.ac new/configure.ac
---- old/configure.ac 2015-04-13 07:40:15.085660430 -0700
-+++ new/configure.ac 2015-04-13 07:40:15.175130655 -0700
-@@ -868,6 +868,7 @@ mips-sony-bsd|mips-sony-newsos4)
+--- old/configure.ac 2015-05-21 04:08:41.886514252 -0700
++++ new/configure.ac 2015-05-21 04:08:42.052981088 -0700
+@@ -904,6 +904,7 @@ mips-sony-bsd|mips-sony-newsos4)
TEST_SHELL=$SHELL # let configure find us a capable shell
AC_DEFINE([USE_GSS_STORE_CRED])
AC_DEFINE([GSSAPI_STORECREDS_NEEDS_RUID])
@@ -140,10 +140,10 @@
*-*-sunos4*)
CPPFLAGS="$CPPFLAGS -DSUNOS4"
diff -pur old/monitor.c new/monitor.c
---- old/monitor.c 2015-04-13 07:40:15.136922050 -0700
-+++ new/monitor.c 2015-04-13 07:40:15.175533060 -0700
-@@ -490,6 +490,12 @@ monitor_child_preauth(Authctxt *_authctx
- #endif
+--- old/monitor.c 2015-05-21 04:08:41.964048305 -0700
++++ new/monitor.c 2015-05-21 04:08:42.054374639 -0700
+@@ -461,6 +461,12 @@ monitor_child_preauth(Authctxt *_authctx
+ }
}
+#if defined(HAVE_PAM_AUSER) && defined(USE_PAM)
@@ -155,7 +155,7 @@
if (!authctxt->valid)
fatal("%s: authenticated invalid user", __func__);
if (strcmp(auth_method, "unknown") == 0)
-@@ -699,12 +705,14 @@ monitor_reset_key_state(void)
+@@ -694,12 +700,14 @@ monitor_reset_key_state(void)
{
/* reset state */
free(key_blob);
@@ -171,7 +171,7 @@
hostbased_chost = NULL;
}
-@@ -1111,6 +1119,11 @@ mm_answer_pam_account(int sock, Buffer *
+@@ -1146,6 +1154,11 @@ mm_answer_pam_account(int sock, Buffer *
if (!options.use_pam)
fatal("UsePAM not set, but ended up in %s anyway", __func__);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssh/patches/027-missing_include.patch Thu Jun 18 07:01:42 2015 -0700
@@ -0,0 +1,27 @@
+#
+# This patch adds a missing include to avoid compilation error.
+#
+# Recently, OpenSSH includes were refactored, so that header files no longer
+# include system header files. System header files are now included in
+# sources only.
+#
+# kex.h references sig_atomic_t, but no longer includes signal.h.
+# Now every file including kex.h must include signal.h. gss-genr.c failed
+# to do so, which resulted in unknown type compilation error.
+#
+# The patch has been accepted by upstream and will be part of 6.9 release.
+# https://bugzilla.mindrot.org/show_bug.cgi?id=2402
+#
+# When upgrading to some release >=6.9, this patch will be dropped.
+#
+--- a/gss-genr.c
++++ a/gss-genr.c
+@@ -34,6 +34,7 @@
+ #include <limits.h>
+ #include <stdarg.h>
+ #include <string.h>
++#include <signal.h>
+ #include <unistd.h>
+
+ #include "xmalloc.h"
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssh/patches/028-relax_bits_needed_check.patch Thu Jun 18 07:01:42 2015 -0700
@@ -0,0 +1,23 @@
+#
+# Relax bits needed check to allow diffie-hellman-group1-sha1 key exchange to
+# complete when chacha20-poly1305 was selected as the cipher.
+#
+# OpenSSH 6.8 regression causing test case failure.
+#
+# Fixed in 6.9:
+# https://github.com/openssh/openssh-portable/commit/b8afbe2c1aaf573565e4da775261dfafc8b1ba9c
+#
+# This patch will be removed when upgrading to 6.9 or higher.
+#
+diff -pur old/dh.c new/dh.c
+--- old/dh.c 2015-03-16 22:49:20.000000000 -0700
++++ new/dh.c 2015-06-01 05:24:39.007860187 -0700
+@@ -261,7 +261,7 @@ dh_gen_key(DH *dh, int need)
+
+ if (need < 0 || dh->p == NULL ||
+ (pbits = BN_num_bits(dh->p)) <= 0 ||
+- need > INT_MAX / 2 || 2 * need >= pbits)
++ need > INT_MAX / 2 || 2 * need > pbits)
+ return SSH_ERR_INVALID_ARGUMENT;
+ dh->length = MIN(need * 2, pbits - 1);
+ if (DH_generate_key(dh) == 0 ||
--- a/components/openssh/sources/kexgssc.c Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/sources/kexgssc.c Thu Jun 18 07:01:42 2015 -0700
@@ -22,6 +22,15 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+/*
+ * May 22, 2015
+ * In version 6.8 a new packet interface has been introduced to OpenSSH,
+ * while the old packet API has been provided in opacket.c.
+ * At this moment we are not rewritting GSS-API key exchange code to the new
+ * API, just adjusting it to still work with new struct ssh.
+ * Rewritting to the new API can be considered in the future.
+ */
+
#include "includes.h"
#ifdef GSSAPI
@@ -31,6 +40,7 @@
#include <openssl/crypto.h>
#include <openssl/bn.h>
+#include <signal.h> /* for sig_atomic_t in kex.h */
#include <string.h>
#include "xmalloc.h"
@@ -38,6 +48,7 @@
#include "ssh2.h"
#include "key.h"
#include "cipher.h"
+#include "digest.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
@@ -45,19 +56,19 @@
#include "ssh-gss.h"
-void
-kexgss_client(Kex *kex) {
+int
+kexgss_client(struct ssh *ssh) {
gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr;
Gssctxt *ctxt;
OM_uint32 maj_status, min_status, ret_flags;
- uint_t klen, kout, slen = 0, hashlen, strlen;
+ uint_t klen, kout, slen = 0, strlen;
DH *dh;
BIGNUM *dh_server_pub = NULL;
BIGNUM *shared_secret = NULL;
BIGNUM *p = NULL;
BIGNUM *g = NULL;
- uchar_t *kbuf, *hash;
+ uchar_t *kbuf;
uchar_t *serverhostkey = NULL;
uchar_t *empty = "";
char *msg;
@@ -65,6 +76,10 @@
int type = 0;
int first = 1;
int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX;
+ struct kex *kex = ssh->kex;
+ int r;
+ uchar_t hash[SSH_DIGEST_MAX_LENGTH];
+ size_t hashlen;
/* Initialise our GSSAPI world */
ssh_gssapi_build_ctx(&ctxt);
@@ -77,10 +92,10 @@
switch (kex->kex_type) {
case KEX_GSS_GRP1_SHA1:
- dh = dh_new_group1();
+ kex->dh = dh_new_group1();
break;
case KEX_GSS_GRP14_SHA1:
- dh = dh_new_group14();
+ kex->dh = dh_new_group14();
break;
case KEX_GSS_GEX_SHA1:
debug("Doing group exchange\n");
@@ -106,14 +121,14 @@
fatal("GSSGRP_GEX group out of range: %d !< %d !< %d",
min, BN_num_bits(p), max);
- dh = dh_new_group(g, p);
+ kex->dh = dh_new_group(g, p);
break;
default:
fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
}
/* Step 1 - e is dh->pub_key */
- dh_gen_key(dh, kex->we_need * 8);
+ dh_gen_key(kex->dh, kex->we_need * 8);
/* This is f, we initialise it now to make life easier */
dh_server_pub = BN_new();
@@ -161,7 +176,7 @@
packet_start(SSH2_MSG_KEXGSS_INIT);
packet_put_string(send_tok.value,
send_tok.length);
- packet_put_bignum2(dh->pub_key);
+ packet_put_bignum2(kex->dh->pub_key);
first = 0;
} else {
packet_start(SSH2_MSG_KEXGSS_CONTINUE);
@@ -245,13 +260,13 @@
fatal("Didn't receive SSH2_MSG_KEXGSS_COMPLETE when expected");
/* Check f in range [1, p-1] */
- if (!dh_pub_is_valid(dh, dh_server_pub))
+ if (!dh_pub_is_valid(kex->dh, dh_server_pub))
packet_disconnect("bad server public DH value");
/* compute K=f^x mod p */
- klen = DH_size(dh);
+ klen = DH_size(kex->dh);
kbuf = xmalloc(klen);
- kout = DH_compute_key(kbuf, dh_server_pub, dh);
+ kout = DH_compute_key(kbuf, dh_server_pub, kex->dh);
if (kout < 0)
fatal("DH_compute_key: failed");
@@ -265,33 +280,34 @@
memset(kbuf, 0, klen);
free(kbuf);
+ hashlen = sizeof (hash);
switch (kex->kex_type) {
case KEX_GSS_GRP1_SHA1:
case KEX_GSS_GRP14_SHA1:
kex_dh_hash(kex->client_version_string,
kex->server_version_string,
- buffer_ptr(&kex->my), buffer_len(&kex->my),
- buffer_ptr(&kex->peer), buffer_len(&kex->peer),
+ buffer_ptr(kex->my), buffer_len(kex->my),
+ buffer_ptr(kex->peer), buffer_len(kex->peer),
(serverhostkey ? serverhostkey : empty), slen,
- dh->pub_key, /* e */
+ kex->dh->pub_key, /* e */
dh_server_pub, /* f */
shared_secret, /* K */
- &hash, &hashlen);
+ hash, &hashlen);
break;
case KEX_GSS_GEX_SHA1:
kexgex_hash(
kex->hash_alg,
kex->client_version_string,
kex->server_version_string,
- buffer_ptr(&kex->my), buffer_len(&kex->my),
- buffer_ptr(&kex->peer), buffer_len(&kex->peer),
+ buffer_ptr(kex->my), buffer_len(kex->my),
+ buffer_ptr(kex->peer), buffer_len(kex->peer),
(serverhostkey ? serverhostkey : empty), slen,
min, nbits, max,
- dh->p, dh->g,
- dh->pub_key,
+ kex->dh->p, kex->dh->g,
+ kex->dh->pub_key,
dh_server_pub,
shared_secret,
- &hash, &hashlen);
+ hash, &hashlen);
break;
default:
fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
@@ -306,7 +322,7 @@
free(msg_tok.value);
- DH_free(dh);
+ DH_free(kex->dh);
if (serverhostkey)
free(serverhostkey);
BN_clear_free(dh_server_pub);
@@ -323,9 +339,9 @@
else
ssh_gssapi_delete_ctx(&ctxt);
- kex_derive_keys_bn(kex, hash, hashlen, shared_secret);
- BN_clear_free(shared_secret);
- kex_finish(kex);
+ if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
+ r = kex_send_newkeys(ssh);
+ return (r);
}
#endif /* GSSAPI */
--- a/components/openssh/sources/kexgsss.c Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/sources/kexgsss.c Thu Jun 18 07:01:42 2015 -0700
@@ -22,10 +22,20 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+/*
+ * May 22, 2015
+ * In version 6.8 a new packet interface has been introduced to OpenSSH,
+ * while the old packet API has been provided in opacket.c.
+ * At this moment we are not rewritting GSS-API key exchange code to the new
+ * API, just adjusting it to still work with new struct ssh.
+ * Rewritting to the new API can be considered in the future.
+ */
+
#include "includes.h"
#ifdef GSSAPI
+#include <signal.h> /* for sig_atomic_t in kex.h */
#include <string.h>
#include <openssl/crypto.h>
@@ -36,6 +46,7 @@
#include "ssh2.h"
#include "key.h"
#include "cipher.h"
+#include "digest.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
@@ -43,8 +54,8 @@
#include "ssh-gss.h"
#include "monitor_wrap.h"
-void
-kexgss_server(Kex *kex)
+int
+kexgss_server(struct ssh *ssh)
{
OM_uint32 maj_status, min_status;
@@ -59,8 +70,8 @@
gss_buffer_desc gssbuf, recv_tok, msg_tok;
gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
Gssctxt *ctxt = NULL;
- uint_t slen, klen, kout, hashlen;
- uchar_t *kbuf, *hash;
+ uint_t slen, klen, kout;
+ uchar_t *kbuf;
DH *dh;
int min = -1, max = -1, nbits = -1;
BIGNUM *shared_secret = NULL;
@@ -68,6 +79,10 @@
int type = 0;
gss_OID oid;
char *mechs;
+ struct kex *kex = ssh->kex;
+ int r;
+ uchar_t hash[SSH_DIGEST_MAX_LENGTH];
+ size_t hashlen;
/* Initialise GSSAPI */
@@ -92,10 +107,10 @@
switch (kex->kex_type) {
case KEX_GSS_GRP1_SHA1:
- dh = dh_new_group1();
+ kex->dh = dh_new_group1();
break;
case KEX_GSS_GRP14_SHA1:
- dh = dh_new_group14();
+ kex->dh = dh_new_group14();
break;
case KEX_GSS_GEX_SHA1:
debug("Doing group exchange");
@@ -109,14 +124,14 @@
if (max < min || nbits < min || max < nbits)
fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
min, nbits, max);
- dh = PRIVSEP(choose_dh(min, nbits, max));
- if (dh == NULL)
+ kex->dh = PRIVSEP(choose_dh(min, nbits, max));
+ if (kex->dh == NULL)
packet_disconnect("Protocol error:"
" no matching group found");
packet_start(SSH2_MSG_KEXGSS_GROUP);
- packet_put_bignum2(dh->p);
- packet_put_bignum2(dh->g);
+ packet_put_bignum2(kex->dh->p);
+ packet_put_bignum2(kex->dh->g);
packet_send();
packet_write_wait();
@@ -125,7 +140,7 @@
fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
}
- dh_gen_key(dh, kex->we_need * 8);
+ dh_gen_key(kex->dh, kex->we_need * 8);
do {
debug("Wait SSH2_MSG_GSSAPI_INIT");
@@ -190,12 +205,12 @@
if (!(ret_flags & GSS_C_INTEG_FLAG))
fatal("Integrity flag wasn't set");
- if (!dh_pub_is_valid(dh, dh_client_pub))
+ if (!dh_pub_is_valid(kex->dh, dh_client_pub))
packet_disconnect("bad client public DH value");
- klen = DH_size(dh);
+ klen = DH_size(kex->dh);
kbuf = xmalloc(klen);
- kout = DH_compute_key(kbuf, dh_client_pub, dh);
+ kout = DH_compute_key(kbuf, dh_client_pub, kex->dh);
if (kout < 0)
fatal("DH_compute_key: failed");
@@ -209,30 +224,31 @@
memset(kbuf, 0, klen);
free(kbuf);
+ hashlen = sizeof (hash);
switch (kex->kex_type) {
case KEX_GSS_GRP1_SHA1:
case KEX_GSS_GRP14_SHA1:
kex_dh_hash(
kex->client_version_string, kex->server_version_string,
- buffer_ptr(&kex->peer), buffer_len(&kex->peer),
- buffer_ptr(&kex->my), buffer_len(&kex->my),
+ buffer_ptr(kex->peer), buffer_len(kex->peer),
+ buffer_ptr(kex->my), buffer_len(kex->my),
NULL, 0, /* Change this if we start sending host keys */
- dh_client_pub, dh->pub_key, shared_secret,
- &hash, &hashlen);
+ dh_client_pub, kex->dh->pub_key, shared_secret,
+ hash, &hashlen);
break;
case KEX_GSS_GEX_SHA1:
kexgex_hash(
kex->hash_alg,
kex->client_version_string, kex->server_version_string,
- buffer_ptr(&kex->peer), buffer_len(&kex->peer),
- buffer_ptr(&kex->my), buffer_len(&kex->my),
+ buffer_ptr(kex->peer), buffer_len(kex->peer),
+ buffer_ptr(kex->my), buffer_len(kex->my),
NULL, 0,
min, nbits, max,
- dh->p, dh->g,
+ kex->dh->p, kex->dh->g,
dh_client_pub,
- dh->pub_key,
+ kex->dh->pub_key,
shared_secret,
- &hash, &hashlen);
+ hash, &hashlen);
break;
default:
fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
@@ -253,7 +269,7 @@
fatal("Couldn't get MIC");
packet_start(SSH2_MSG_KEXGSS_COMPLETE);
- packet_put_bignum2(dh->pub_key);
+ packet_put_bignum2(kex->dh->pub_key);
packet_put_string(msg_tok.value, msg_tok.length);
if (send_tok.length != 0) {
@@ -272,10 +288,10 @@
else
ssh_gssapi_delete_ctx(&ctxt);
- DH_free(dh);
+ DH_free(kex->dh);
- kex_derive_keys_bn(kex, hash, hashlen, shared_secret);
- BN_clear_free(shared_secret);
- kex_finish(kex);
+ if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
+ r = kex_send_newkeys(ssh);
+ return (r);
}
#endif /* GSSAPI */