Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openssh for openSUSE:Factory checked in at 2025-11-01 23:34:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssh (Old) and /work/SRC/openSUSE:Factory/.openssh.new.1980 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssh" Sat Nov 1 23:34:10 2025 rev:197 rq:1313013 version:10.2p1 Changes: -------- --- /work/SRC/openSUSE:Factory/openssh/openssh-askpass-gnome.changes 2025-04-25 22:18:36.297760368 +0200 +++ /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh-askpass-gnome.changes 2025-11-01 23:34:13.337483709 +0100 @@ -1,0 +2,8 @@ +Tue Oct 14 07:15:46 UTC 2025 - Antonio Larrosa <[email protected]> + +- "Update" to openssh 10.2p1: + * No changes for askpass, see main package changelog for + details. +- Build with gcr-4 in Factory and SLE-16/Leap 16 instead of gtk-3 + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/openssh/openssh.changes 2025-09-23 20:47:03.851255948 +0200 +++ /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes 2025-11-01 23:34:13.381485549 +0100 @@ -1,0 +2,273 @@ +Tue Oct 14 07:15:46 UTC 2025 - Antonio Larrosa <[email protected]> + +- Update to openssh 10.2p1: + = Future deprecation warning + * A future release of OpenSSH will deprecate support for SHA1 + SSHFP records due to weaknesses in the SHA1 hash function. + SHA1 SSHFP DNS records will be ignored and ssh-keygen -r + will generate only SHA256 SSHFP records. + The SHA256 hash algorithm, which has no known weaknesses, has + been supported for SSHFP records since OpenSSH 6.1, released + in 2012. + + = Bugfixes + * ssh(1): fix mishandling of terminal connections when + ControlPersist was active that rendered the session unusable. + bz3872 + * ssh-keygen(1): fix download of keys from PKCS#11 tokens. + * ssh-keygen(1): fix CA signing operations when the CA key is + held in a ssh-agent(1). bz3877 + + = Portability + * All: support platforms without mmap(2), e.g. WASM builds such + as https://hterm.org + * All: fix builds on FreeBSD for missing fnctl.h include. + * All: fix builds on MacOS <10.12 Sierra, which lacks + clock_gettime(3) + * sshd(8): don't PAM_RHOST if the remote host is the "UNKNOWN" + placeholder name. Avoids potential hangs in some PAM modules + as they try to resolve it. Note, sshd(8) only uses the + "UNKNOWN" name when the connection is not on an IPv4 or + IPv6 socket. + +- Update to openssh 10.1p1: + = Potentially-incompatible changes + * ssh(1): add a warning when the connection negotiates a non-post + quantum key agreement algorithm. + This warning has been added due to the risk of "store now, + decrypt later" attacks. More details at + https://openssh.com/pq.html + This warning may be controlled via a new WarnWeakCrypto + ssh_config option, defaulting to on. This option is likely to + control additional weak crypto warnings in the future. + * ssh(1), sshd(8): major changes to handling of + DSCP marking/IPQoS. In both client and server the default DSCP + (a.k.a IPQoS) values were revised and the way these values are + used during runtime has changed. + Interactive traffic is now assigned to the EF (Expedited + Forwarding) class by default. This provides more appropriate + packet prioritisation information for the intermediate network, + such as wireless media (cf. RFC 8325). Non-interactive traffic + will now use the operating system default DSCP marking. Both + the interactive and non-interactive DSCP values may be + overridden via the IPQoS keyword, described in ssh_config(5) + and sshd_config(5). + The appropriate DSCP marking is now automatically selected and + updated as needed over the course of a connection's lifetime. + ssh(1) and sshd(8) will switch between the interactive and + non-interactive IPQoS values depending on the type of SSH + channels open at the time. For example, if an sftp session is + using the connection alongside a shell session, then the non- + interactive value will be used for the duration of the sftp. A + connection which contains only interactive sessions is marked + EF. + * ssh(1), sshd(8): deprecate support for IPv4 type-of-service + (ToS) keywords in the IPQoS configuration directive. + Type of Service (ToS) was deprecated in the late nineties and + replaced with the Differentiated Services architecture, which + has significant advantages for operators because it offers more + granularity. + OpenSSH switched its default IPQoS from ToS to DSCP values in + 2018 (openssh-7.7). + IPQoS configurations with 'lowdelay', 'reliability', or + 'throughput' will be ignored and will instead use the system + default QoS settings. Additionally, a debug message will be + logged about the deprecation with a suggestion to use DSCP QoS + instead. + * ssh-add(1): when adding certificates to an agent, set the + expiry to the certificate expiry time plus a short (5 min) + grace period. + This will cause the agent to automatically remove certificates + shortly after they expire. A new ssh-add -N option disables + this behaviour. + * All: remove experimental support for XMSS keys. This was never + enabled by default. We expect to implement a new post-quantum + signature scheme in the near future. + * ssh-agent(1), sshd(8): move agent listener sockets from /tmp to + under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets + in sshd(8). + This ensures processes that have restricted filesystem access + that includes /tmp do not ambiently have the ability to use + keys in an agent. + Moving the default directory has the consequence that the OS + will no longer clean up stale agent sockets, so ssh-agent now + gains this ability. + To support $HOME on NFS, the socket path includes a truncated + hash of the hostname. ssh-agent will, by default, only clean up + sockets from the same hostname. + ssh-agent(1) gains some new flags: -U suppresses the automatic + cleanup of stale sockets when it starts. -u forces a cleanup + without keeping a running agent, -uu forces a cleanup that + ignores the hostname. -T makes ssh-agent put the socket back + in /tmp. + + = Security + * ssh(1): disallow control characters in usernames passed via the + commandline or expanded using %-sequences from the configuration + file, and disallow \0 characters in ssh:// URIs. + If an ssh(1) commandline was constructed using usernames or URIs + obtained from an untrusted source, and if a ProxyCommand that + uses the %r expansion was configured, then it may be possible + for an attacker to inject shell expressions that may be executed + when the proxy command is started. + We strongly recommend against using untrusted inputs to + construct ssh(1) commandlines. + This change also relaxes the validity checks in one small way: + usernames supplied via the configuration file as literals (i.e. + that have no % expansion characters) are not subject to these + validity checks. This allows usernames that contain arbitrary + characters to be used, but only via configuration files. This is + done on the basis that ssh's configuration is trusted. + + = New features + * ssh(1), sshd(8): add SIGINFO handlers to log active channel and + session information. + * sshd(8): when refusing a certificate for user authentication, + log enough information to identify the certificate in addition + to the reason why it was being denied. Makes debugging + certificate authorisation problems a bit easier. + * ssh(1), ssh-agent(1): support ed25519 keys hosted on PKCS#11 + tokens. + * ssh(1): add an ssh_config(5) RefuseConnection option that, when + encountered while processing an active section in a + configuration, terminates ssh(1) with an error message that + contains the argument to the option. + This may be useful for expressing reminders or warnings in + config files, for example: + Match host foo + RefuseConnection "foo is deprecated, use splork instead" + * sshd(8): make the X11 display number check relative to + X11DisplayOffset. This will allow people to use + X11DisplayOffset to configure much higher port ranges if they + really want, while not changing the default behaviour. + * unit tests: the unit test framework now includes some basic + benchmarking capabilities. Run with + "make UNITTEST_BENCHMARK=yes" on OpenBSD or "make unit-bench" + on Portable OpenSSH. + + = Bugfixes + * sshd(8): fix mistracking of MaxStartups process exits in some + situations. At worst, this could cause all MaxStartups slots to + fill and sshd to refuse new connections. + * ssh(1): fix delay on X client startup when + ObscureKeystrokeTiming is enabled. bz#3820 + * sshd(8): increase the maximum size of the supported + configuration from 256KB to 4MB, which ought to be enough for + anybody. Fail early and visibly when this limit is breached. + bz3808 + * sftp(1): during sftp uploads, avoid a condition where a failed + write could be ignored if a subsequent write succeeded. This is + unlikely but technically possible because sftp servers are + allowed to reorder requests. + * sshd(8): avoid a race condition when the sshd-auth process + exits that could cause a spurious error message to be logged. + * sshd(8): log at level INFO when PerSourcePenalties actually + blocks access to a source address range. Previously this was + logged at level VERBOSE, which hid enforcement actions under + default config settings. + * sshd(8): GssStrictAcceptor was missing from sshd -T output; fix + * sshd(8): Make the MaxStartups and PerSourceNetBlockSize options + first-match-wins as advertised. bz3859 + * ssh(1): fix an incorrect return value check in the local + forward cancellation path that would cause failed cancellations + not to be logged. + * sshd(8): make "Match !final" not trigger a second parsing pass + of ssh_config (unless hostname canonicalisation or a separate + "Match final" does). bz3843 + * ssh(1): better debug diagnostics when loading keys. Will now + list key fingerprint and algorithm (not just algorithm number) + as well as making it explicit which keys didn't load. + * All: fix a number of memory leaks found by LeakSanitizer, + Coverity and manual inspection. + * sshd(8): Output the current name for PermitRootLogin's + "prohibit-password" in sshd -T instead of its deprecated alias + "without-password". bz#3788 + * ssh(1): make writing known_hosts lines more atomic by writing + the entire line in one operation and using unbuffered stdio. + Usually writes to this file are serialised on the "Are you sure + you want to continue connecting?" prompt, but if host key + checking is disabled and connections were being made with high + concurrency then interleaved writes might have been possible. + + = Portability + * sshd(8): check the username didn't change during the PAM + transactions. + PAM modules can change the user during their execution, but + this is not supported by sshd(8). If such a case was + incorrectly configured by the system administrator, then + sshd(8) could end up using a different username to the one + authorised by PAM. + * sshd(8): don't log audit messages with UNKNOWN hostname to + avoid slow DNS lookups in the audit subsystem. + * All: when making a copy of struct passwd, ensure struct fields + are non-NULL. Android libc can return NULL pw_gecos, for + example. + * All: Remove status bits from OpenSSL >=3 version check. + * sshd(8), ssh(1): Use SSH_TUN_COMPAT_AF on FreeBSD. Otherwise + tun forwarding from other OSes fails as soon as the first IPv6 + message is sent by the other side (which is usually a Router + Solicitation ICMPv6 message which is sent as soon as the + interface is up). + * ssh(1), ssh-agent(8): check for nlist function presence before + attempting to use it instead of relying on the presence of the + nlist.h header. Mac OS X, for example, has the header but not + the function in the 64bit libraries. + * All: fill in missing system header files. + Create replacement header files inside openbsd-compat for + common headers that are missing on a given platform. Usually + these are just empty, but in some cases they'll include the + equivalent file. This avoids having to wrap those includes in + '#ifdef HAVE_FOO_H' and reduces the diff between Portable + OpenSSH and OpenBSD. + * sshd(8): handle futex_time64 properly in seccomp sandbox + Previously we only allowed __NR_futex, but some 32-bit systems + apparently support __NR_futex_time64. We had support for this + in the sandbox, but because of a macro error only __NR_futex + was allowlisted. + * Add contrib/gnome-ssh-askpass4 for GNOME 40+ using the GCR API. + * sshd(8): let ga_init() fail gracefully if getgrouplist does. + Apparently getgrouplist() can fail on OSX when passed a + non-existent group name. Other platforms seem to return a group + list consisting of the numeric gid passed to the function. + bz3848 + * ssh-agent(1): exit 0 from SIGTERM under systemd + socket-activation, preventing a graceful shutdown of an agent + via systemd from incorrectly marking the service as "failed". + * build: wrap some autoconf macros in AC_CACHE_CHECK. + This allows skipping/overriding the OSSH_CHECK_CFLAG_COMPILE + and OSSH_CHECK_CFLAG_LINK macros used to discover supported + compiler or linker flags. E.g. + $ ./configure ossh_cv_cflag__fzero_call_used_regs_used=no + [...] + checking if cc supports compile flag -fzero-call-used-regs=used + and linking succeeds... (cached) no + +- Rebased patches: + * logind_set_tty.patch + * openssh-7.7p1-cavstest-ctr.patch + * openssh-7.7p1-cavstest-kdf.patch + * openssh-7.7p1-eal3.patch + * openssh-7.7p1-fips.patch + * openssh-7.7p1-ldap.patch + * openssh-7.9p1-revert-new-qos-defaults.patch + * openssh-8.0p1-gssapi-keyex.patch + * openssh-8.1p1-audit.patch + * openssh-8.4p1-vendordir.patch + * openssh-link-with-sk.patch + * openssh-mitigate-lingering-secrets.patch + +- Split patch + * 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch + composed of different patches to separate files to ease + maintenance and rebase them: + * 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch + * 0002-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch + * 0003-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch + * 0004-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch + * 0005-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch + +- Drop patches already included by upstream: + * openssh-9.6p1-pam-rhost.patch + * openssh-10.0p2-relax-openssl-version-check.patch + +------------------------------------------------------------------- Old: ---- openssh-10.0p1.tar.gz openssh-10.0p1.tar.gz.asc openssh-10.0p2-relax-openssl-version-check.patch openssh-9.6p1-pam-rhost.patch New: ---- 0002-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch 0003-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch 0004-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch openssh-10.2p1.tar.gz openssh-10.2p1.tar.gz.asc ----------(Old B)---------- Old:/work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- * openssh-9.6p1-pam-rhost.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes: * openssh-10.0p2-relax-openssl-version-check.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- Old:/work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes-- Drop patches already included by upstream: /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes: * openssh-9.6p1-pam-rhost.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- * openssh-10.0p2-relax-openssl-version-check.patch ----------(Old E)---------- ----------(New B)---------- New:/work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- * 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes: * 0002-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- * 0003-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch New:/work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- * 0002-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes: * 0003-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- * 0004-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch New:/work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- * 0003-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes: * 0004-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch /work/SRC/openSUSE:Factory/.openssh.new.1980/openssh.changes- * 0005-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssh-askpass-gnome.spec ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:16.329608817 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:16.333608985 +0100 @@ -18,8 +18,8 @@ %define _name openssh Name: openssh-askpass-gnome -Version: 10.0p2 -%define wrongly_named_version 10.0p1 +Version: 10.2p1 +%define wrongly_named_version 10.2p1 Release: 0 Summary: A GNOME-Based Passphrase Dialog for OpenSSH License: BSD-2-Clause @@ -28,9 +28,9 @@ Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{wrongly_named_version}.tar.gz Source1: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{wrongly_named_version}.tar.gz.asc Requires: %{_name}-clients = %{version} -Supplements: packageand(openssh-clients:libgtk-3-0) +Supplements: packageand(openssh-clients:gcr) %if 0%{?suse_version} >= 1550 -BuildRequires: gtk3-devel +BuildRequires: pkgconfig(gcr-4) %else BuildRequires: gtk2-devel %endif @@ -47,7 +47,7 @@ cd contrib export CFLAGS="%{optflags}" %if 0%{?suse_version} >= 1550 -%make_build gnome-ssh-askpass3 +%make_build gnome-ssh-askpass4 %else %make_build gnome-ssh-askpass2 %endif @@ -55,7 +55,7 @@ %install install -d -m 755 %{buildroot}%{_libexecdir}/ssh/ %if 0%{?suse_version} >= 1550 -install contrib/gnome-ssh-askpass3 %{buildroot}%{_libexecdir}/ssh/gnome-ssh-askpass +install contrib/gnome-ssh-askpass4 %{buildroot}%{_libexecdir}/ssh/gnome-ssh-askpass %else install contrib/gnome-ssh-askpass2 %{buildroot}%{_libexecdir}/ssh/gnome-ssh-askpass %endif ++++++ openssh.spec ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:16.381610992 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:16.385611158 +0100 @@ -59,15 +59,14 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: openssh -Version: 10.0p2 -%define wrongly_named_version 10.0p1 +Version: 10.2p1 Release: 0 Summary: Secure Shell Client and Server (Remote Login Program) License: BSD-2-Clause AND MIT Group: Productivity/Networking/SSH URL: https://www.openssh.com/ -Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{wrongly_named_version}.tar.gz -Source1: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{wrongly_named_version}.tar.gz.asc +Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz +Source1: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc Source2: sshd.pamd Source3: README.SUSE Source4: README.kerberos @@ -146,12 +145,12 @@ Patch105: openssh-6.6.1p1-selinux-contexts.patch Patch106: openssh-7.6p1-cleanup-selinux.patch Patch107: openssh-send-extra-term-env.patch -# upstream patch https://github.com/openssh/openssh-portable/pull/388 -Patch108: openssh-9.6p1-pam-rhost.patch -Patch109: openssh-10.0p2-relax-openssl-version-check.patch # 200 - 300 -- Patches submitted to upstream # PATCH-FIX-UPSTREAM -- https://github.com/openssh/openssh-portable/pull/452 boo#1229010 Patch200: 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch +Patch201: 0002-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch +Patch202: 0003-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch +Patch203: 0004-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch # 1000 - 2000 -- Conditional patches %if %{with crypto_policies} # PATCH-FIX-OPENSUSE bsc#1211301 Add crypto-policies support @@ -340,7 +339,7 @@ Validation Program/Suite) related tests of OpenSSH. %prep -%setup -q -n "%{name}-%{wrongly_named_version}" +%setup -q -n "%{name}-%{version}" cp %{SOURCE3} %{SOURCE4} %{SOURCE11} . %autopatch -p1 ++++++ 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:16.429612998 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:16.429612998 +0100 @@ -49,7 +49,7 @@ + return KbdintResultFailure; } if ((buffer = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); @@ -1015,10 +1015,10 @@ sshpam_respond(void *ctx, u_int num, char **resp) } if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, buffer) == -1) { @@ -106,310 +106,4 @@ if (send_userauth_info_request(ssh) == 1) authctxt->postponed = 1; -From 91ef15e8ed01a7e16d96ba6cb9ed51965dca9641 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> -Date: Mon, 16 Oct 2023 21:15:45 +0200 -Subject: [PATCH 2/6] auth-pam: Add an enum to define the PAM done status - -Makes things more readable and easier to extend ---- - auth-pam.c | 17 +++++++++++------ - 1 file changed, 11 insertions(+), 6 deletions(-) - -diff --git a/auth-pam.c b/auth-pam.c -index 86137a1acdb..21291631011 100644 ---- a/auth-pam.c -+++ b/auth-pam.c -@@ -136,11 +136,16 @@ typedef pid_t sp_pthread_t; - #define pthread_join fake_pthread_join - #endif - -+typedef int SshPamDone; -+#define SshPamError -1 -+#define SshPamNone 0 -+#define SshPamAuthenticated 1 -+ - struct pam_ctxt { - sp_pthread_t pam_thread; - int pam_psock; - int pam_csock; -- int pam_done; -+ SshPamDone pam_done; - }; - - static void sshpam_free_ctx(void *); -@@ -904,7 +909,7 @@ sshpam_query(void *ctx, char **name, char **info, - **prompts = NULL; - *num = 0; - **echo_on = 0; -- ctxt->pam_done = -1; -+ ctxt->pam_done = SshPamError; - free(msg); - sshbuf_free(buffer); - return 0; -@@ -931,7 +936,7 @@ sshpam_query(void *ctx, char **name, char **info, - import_environments(buffer); - *num = 0; - **echo_on = 0; -- ctxt->pam_done = 1; -+ ctxt->pam_done = SshPamAuthenticated; - free(msg); - sshbuf_free(buffer); - return (0); -@@ -944,7 +949,7 @@ sshpam_query(void *ctx, char **name, char **info, - *num = 0; - **echo_on = 0; - free(msg); -- ctxt->pam_done = -1; -+ ctxt->pam_done = SshPamError; - sshbuf_free(buffer); - return (-1); - } -@@ -988,10 +993,10 @@ sshpam_respond(void *ctx, u_int num, char **resp) - - debug2("PAM: %s entering, %u responses", __func__, num); - switch (ctxt->pam_done) { -- case 1: -+ case SshPamAuthenticated: - sshpam_authenticated = 1; - return KbdintResultSuccess; -- case 0: -+ case SshPamNone: - break; - default: - return KbdintResultFailure; - -From 6fa8934d31cb9925c856f1b992fc5e04dd26da21 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> -Date: Tue, 17 Oct 2023 04:35:17 +0200 -Subject: [PATCH 3/6] auth-pam: Add debugging information when we receive PAM - messages - ---- - auth-pam.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/auth-pam.c b/auth-pam.c -index 21291631011..7a72e724adc 100644 ---- a/auth-pam.c -+++ b/auth-pam.c -@@ -450,6 +450,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, - break; - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: -+ debug3("PAM: Got message of type %d: %s", -+ PAM_MSG_MEMBER(msg, i, msg_style), -+ PAM_MSG_MEMBER(msg, i, msg)); - if ((r = sshbuf_put_cstring(buffer, - PAM_MSG_MEMBER(msg, i, msg))) != 0) - fatal("%s: buffer error: %s", - -From 598ee34312b541fa7b3988b4896641bf81996e27 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> -Date: Tue, 17 Oct 2023 04:27:32 +0200 -Subject: [PATCH 4/6] auth-pam: Immediately report interactive instructions to - clients - -SSH keyboard-interactive authentication method supports instructions but -sshd didn't show them until an user prompt was requested. - -This is quite inconvenient for various PAM modules that need to notify -an user without requiring for their explicit input. - -So, properly implement RFC4256 making instructions to be shown to users -when they are requested from PAM. - -Closes: https://bugzilla.mindrot.org/show_bug.cgi?id=2876 ---- - auth-pam.c | 21 ++++++++++++--------- - 1 file changed, 12 insertions(+), 9 deletions(-) - -diff --git a/auth-pam.c b/auth-pam.c -index 7a72e724adc..b756f0e5221 100644 ---- a/auth-pam.c -+++ b/auth-pam.c -@@ -140,6 +140,7 @@ typedef int SshPamDone; - #define SshPamError -1 - #define SshPamNone 0 - #define SshPamAuthenticated 1 -+#define SshPamAgain 2 - - struct pam_ctxt { - sp_pthread_t pam_thread; -@@ -868,6 +869,8 @@ sshpam_query(void *ctx, char **name, char **info, - **prompts = NULL; - plen = 0; - *echo_on = xmalloc(sizeof(u_int)); -+ ctxt->pam_done = SshPamNone; -+ - while (ssh_msg_recv(ctxt->pam_psock, buffer) == 0) { - if (++nmesg > PAM_MAX_NUM_MSG) - fatal_f("too many query messages"); -@@ -888,15 +891,13 @@ sshpam_query(void *ctx, char **name, char **info, - return (0); - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: -- /* accumulate messages */ -- len = plen + mlen + 2; -- **prompts = xreallocarray(**prompts, 1, len); -- strlcpy(**prompts + plen, msg, len - plen); -- plen += mlen; -- strlcat(**prompts + plen, "\n", len - plen); -- plen++; -- free(msg); -- break; -+ *num = 0; -+ free(*info); -+ *info = msg; /* Steal the message */ -+ msg = NULL; -+ ctxt->pam_done = SshPamAgain; -+ sshbuf_free(buffer); -+ return (0); - case PAM_ACCT_EXPIRED: - case PAM_MAXTRIES: - if (type == PAM_ACCT_EXPIRED) -@@ -1001,6 +1002,8 @@ sshpam_respond(void *ctx, u_int num, char **resp) - return KbdintResultSuccess; - case SshPamNone: - break; -+ case SshPamAgain: -+ return KbdintResultAgain; - default: - return KbdintResultFailure; - } - -From cc14301ce0542cdbb825eff8041ce98a1da9ef08 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> -Date: Tue, 17 Oct 2023 06:12:03 +0200 -Subject: [PATCH 5/6] sshconnect2: Write kbd-interactive service, info and - instructions as utf-8 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -As per the previous server change now the keyboard-interactive service -and instruction values could be reported as soon as they are available -and so they're not prompts anymore and not parsed like them. - -While this was already supported by the SSH client, these messages were -not properly written as the escaped sequences they contained were not -correctly reported. - -So for example a message containing "\" was represented as "\\" and -similarly for all the other C escape sequences. - -This was leading to more problems when it come to utf-8 chars, as they -were only represented by their octal representation. - -This was easily testable by adding a line like the one below to the -sshd PAM service: - auth requisite pam_echo.so Hello SSHD! Want some 🍕? - -Which was causing this to be written instead: - Hello SSHD! Want some \360\237\215\225? - -To handle this, instead of simply using fmprintf, we're using the notifier -in a way can be exposed to users in the proper format and UI. ---- - sshconnect2.c | 33 ++++++++++++++++++++++++--------- - 1 file changed, 24 insertions(+), 9 deletions(-) - -diff --git a/sshconnect2.c b/sshconnect2.c -index 5831a00c6d1..543431218c1 100644 ---- a/sshconnect2.c -+++ b/sshconnect2.c -@@ -1091,6 +1091,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) - char *info = NULL, *lang = NULL, *password = NULL, *retype = NULL; - char prompt[256]; - const char *host; -+ size_t info_len; - int r; - - debug2("input_userauth_passwd_changereq"); -@@ -1100,11 +1101,15 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) - "no authentication context"); - host = options.host_key_alias ? options.host_key_alias : authctxt->host; - -- if ((r = sshpkt_get_cstring(ssh, &info, NULL)) != 0 || -+ if ((r = sshpkt_get_cstring(ssh, &info, &info_len)) != 0 || - (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0) - goto out; -- if (strlen(info) > 0) -- logit("%s", info); -+ if (info_len > 0) { -+ struct notifier_ctx *notifier = NULL; -+ debug_f("input_userauth_passwd_changereq info: %s", info); -+ notifier = notify_start(0, "%s", info); -+ notify_complete(notifier, NULL); -+ } - if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || - (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || - (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || -@@ -1938,8 +1943,10 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) - Authctxt *authctxt = ssh->authctxt; - char *name = NULL, *inst = NULL, *lang = NULL, *prompt = NULL; - char *display_prompt = NULL, *response = NULL; -+ struct notifier_ctx *notifier = NULL; - u_char echo = 0; - u_int num_prompts, i; -+ size_t name_len, inst_len; - int r; - - debug2_f("entering"); -@@ -1949,14 +1956,22 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) - - authctxt->info_req_seen = 1; - -- if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0 || -- (r = sshpkt_get_cstring(ssh, &inst, NULL)) != 0 || -+ if ((r = sshpkt_get_cstring(ssh, &name, &name_len)) != 0 || -+ (r = sshpkt_get_cstring(ssh, &inst, &inst_len)) != 0 || - (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0) - goto out; -- if (strlen(name) > 0) -- logit("%s", name); -- if (strlen(inst) > 0) -- logit("%s", inst); -+ if (name_len > 0) { -+ debug_f("kbd int name: %s", name); -+ notifier = notify_start(0, "%s", name); -+ notify_complete(notifier, NULL); -+ notifier = NULL; -+ } -+ if (inst_len > 0) { -+ debug_f("kbd int inst: %s", inst); -+ notifier = notify_start(0, "%s", inst); -+ notify_complete(notifier, NULL); -+ notifier = NULL; -+ } - - if ((r = sshpkt_get_u32(ssh, &num_prompts)) != 0) - goto out; - -From 99656caabc5cff24122e5b9a140e5a38ab418a5d Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> -Date: Tue, 17 Oct 2023 06:05:59 +0200 -Subject: [PATCH 6/6] auth2-chall: Fix selection of the keyboard-interactive - device - -We were only checking if the prefix of a device name was matching what -we had in the devices list, so if the device list contained "pam", then -also the device "pam-foo" was matching. ---- - auth2-chall.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/auth2-chall.c b/auth2-chall.c -index 047d4e83c33..db658c9b4a7 100644 ---- a/auth2-chall.c -+++ b/auth2-chall.c -@@ -170,7 +170,7 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) - "keyboard-interactive", devices[i]->name)) - continue; - if (strncmp(kbdintctxt->devices, devices[i]->name, -- len) == 0) { -+ len) == 0 && strlen(devices[i]->name) == len) { - kbdintctxt->device = devices[i]; - kbdintctxt->devices_done |= 1 << i; - } ++++++ 0002-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch ++++++ >From 91ef15e8ed01a7e16d96ba6cb9ed51965dca9641 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> Date: Mon, 16 Oct 2023 21:15:45 +0200 Subject: [PATCH 2/6] auth-pam: Add an enum to define the PAM done status Makes things more readable and easier to extend --- auth-pam.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 86137a1acdb..21291631011 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -136,11 +136,16 @@ typedef pid_t sp_pthread_t; #define pthread_join fake_pthread_join #endif +typedef int SshPamDone; +#define SshPamError -1 +#define SshPamNone 0 +#define SshPamAuthenticated 1 + struct pam_ctxt { sp_pthread_t pam_thread; int pam_psock; int pam_csock; - int pam_done; + SshPamDone pam_done; }; static void sshpam_free_ctx(void *); @@ -904,7 +909,7 @@ sshpam_query(void *ctx, char **name, char **info, **prompts = NULL; *num = 0; **echo_on = 0; - ctxt->pam_done = -1; + ctxt->pam_done = SshPamError; free(msg); sshbuf_free(buffer); return 0; @@ -931,7 +936,7 @@ sshpam_query(void *ctx, char **name, char **info, import_environments(buffer); *num = 0; **echo_on = 0; - ctxt->pam_done = 1; + ctxt->pam_done = SshPamAuthenticated; free(msg); sshbuf_free(buffer); return (0); @@ -944,7 +949,7 @@ sshpam_query(void *ctx, char **name, char **info, *num = 0; **echo_on = 0; free(msg); - ctxt->pam_done = -1; + ctxt->pam_done = SshPamError; sshbuf_free(buffer); return (-1); } @@ -988,10 +993,10 @@ sshpam_respond(void *ctx, u_int num, char **resp) debug2_f("PAM: entering, %u responses", num); switch (ctxt->pam_done) { - case 1: + case SshPamAuthenticated: sshpam_authenticated = 1; return KbdintResultSuccess; - case 0: + case SshPamNone: break; default: return KbdintResultFailure; ++++++ 0003-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch ++++++ >From 6fa8934d31cb9925c856f1b992fc5e04dd26da21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> Date: Tue, 17 Oct 2023 04:35:17 +0200 Subject: [PATCH 3/6] auth-pam: Add debugging information when we receive PAM messages --- auth-pam.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/auth-pam.c b/auth-pam.c index 21291631011..7a72e724adc 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -450,6 +450,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, break; case PAM_ERROR_MSG: case PAM_TEXT_INFO: + debug3("PAM: Got message of type %d: %s", + PAM_MSG_MEMBER(msg, i, msg_style), + PAM_MSG_MEMBER(msg, i, msg)); if ((r = sshbuf_put_cstring(buffer, PAM_MSG_MEMBER(msg, i, msg))) != 0) fatal("%s: buffer error: %s", ++++++ 0004-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch ++++++ >From 598ee34312b541fa7b3988b4896641bf81996e27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> Date: Tue, 17 Oct 2023 04:27:32 +0200 Subject: [PATCH 4/6] auth-pam: Immediately report interactive instructions to clients SSH keyboard-interactive authentication method supports instructions but sshd didn't show them until an user prompt was requested. This is quite inconvenient for various PAM modules that need to notify an user without requiring for their explicit input. So, properly implement RFC4256 making instructions to be shown to users when they are requested from PAM. Closes: https://bugzilla.mindrot.org/show_bug.cgi?id=2876 --- auth-pam.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 7a72e724adc..b756f0e5221 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -140,6 +140,7 @@ typedef int SshPamDone; #define SshPamError -1 #define SshPamNone 0 #define SshPamAuthenticated 1 +#define SshPamAgain 2 struct pam_ctxt { sp_pthread_t pam_thread; @@ -868,6 +869,8 @@ sshpam_query(void *ctx, char **name, char **info, **prompts = NULL; plen = 0; *echo_on = xmalloc(sizeof(u_int)); + ctxt->pam_done = SshPamNone; + while (ssh_msg_recv(ctxt->pam_psock, buffer) == 0) { if (++nmesg > PAM_MAX_NUM_MSG) fatal_f("too many query messages"); @@ -888,15 +891,13 @@ sshpam_query(void *ctx, char **name, char **info, return (0); case PAM_ERROR_MSG: case PAM_TEXT_INFO: - /* accumulate messages */ - len = plen + mlen + 2; - **prompts = xreallocarray(**prompts, 1, len); - strlcpy(**prompts + plen, msg, len - plen); - plen += mlen; - strlcat(**prompts + plen, "\n", len - plen); - plen++; - free(msg); - break; + *num = 0; + free(*info); + *info = msg; /* Steal the message */ + msg = NULL; + ctxt->pam_done = SshPamAgain; + sshbuf_free(buffer); + return (0); case PAM_ACCT_EXPIRED: case PAM_MAXTRIES: if (type == PAM_ACCT_EXPIRED) @@ -1001,6 +1002,8 @@ sshpam_respond(void *ctx, u_int num, char **resp) return KbdintResultSuccess; case SshPamNone: break; + case SshPamAgain: + return KbdintResultAgain; default: return KbdintResultFailure; } >From cc14301ce0542cdbb825eff8041ce98a1da9ef08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> Date: Tue, 17 Oct 2023 06:12:03 +0200 Subject: [PATCH 5/6] sshconnect2: Write kbd-interactive service, info and instructions as utf-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As per the previous server change now the keyboard-interactive service and instruction values could be reported as soon as they are available and so they're not prompts anymore and not parsed like them. While this was already supported by the SSH client, these messages were not properly written as the escaped sequences they contained were not correctly reported. So for example a message containing "\" was represented as "\\" and similarly for all the other C escape sequences. This was leading to more problems when it come to utf-8 chars, as they were only represented by their octal representation. This was easily testable by adding a line like the one below to the sshd PAM service: auth requisite pam_echo.so Hello SSHD! Want some 🍕? Which was causing this to be written instead: Hello SSHD! Want some \360\237\215\225? To handle this, instead of simply using fmprintf, we're using the notifier in a way can be exposed to users in the proper format and UI. --- sshconnect2.c | 33 ++++++++++++++++++++++++--------- 1 file changed, 24 insertions(+), 9 deletions(-) diff --git a/sshconnect2.c b/sshconnect2.c index 5831a00c6d1..543431218c1 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1091,6 +1091,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) char *info = NULL, *lang = NULL, *password = NULL, *retype = NULL; char prompt[256]; const char *host; + size_t info_len; int r; debug2("input_userauth_passwd_changereq"); @@ -1100,11 +1101,15 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh) "no authentication context"); host = options.host_key_alias ? options.host_key_alias : authctxt->host; - if ((r = sshpkt_get_cstring(ssh, &info, NULL)) != 0 || + if ((r = sshpkt_get_cstring(ssh, &info, &info_len)) != 0 || (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0) goto out; - if (strlen(info) > 0) - logit("%s", info); + if (info_len > 0) { + struct notifier_ctx *notifier = NULL; + debug_f("input_userauth_passwd_changereq info: %s", info); + notifier = notify_start(0, "%s", info); + notify_complete(notifier, NULL); + } if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 || (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 || @@ -1938,8 +1943,10 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) Authctxt *authctxt = ssh->authctxt; char *name = NULL, *inst = NULL, *lang = NULL, *prompt = NULL; char *display_prompt = NULL, *response = NULL; + struct notifier_ctx *notifier = NULL; u_char echo = 0; u_int num_prompts, i; + size_t name_len, inst_len; int r; debug2_f("entering"); @@ -1949,14 +1956,22 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) authctxt->info_req_seen = 1; - if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0 || - (r = sshpkt_get_cstring(ssh, &inst, NULL)) != 0 || + if ((r = sshpkt_get_cstring(ssh, &name, &name_len)) != 0 || + (r = sshpkt_get_cstring(ssh, &inst, &inst_len)) != 0 || (r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0) goto out; - if (strlen(name) > 0) - logit("%s", name); - if (strlen(inst) > 0) - logit("%s", inst); + if (name_len > 0) { + debug_f("kbd int name: %s", name); + notifier = notify_start(0, "%s", name); + notify_complete(notifier, NULL); + notifier = NULL; + } + if (inst_len > 0) { + debug_f("kbd int inst: %s", inst); + notifier = notify_start(0, "%s", inst); + notify_complete(notifier, NULL); + notifier = NULL; + } if ((r = sshpkt_get_u32(ssh, &num_prompts)) != 0) goto out; #From 99656caabc5cff24122e5b9a140e5a38ab418a5d Mon Sep 17 00:00:00 2001 #From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <[email protected]> #Date: Tue, 17 Oct 2023 06:05:59 +0200 #Subject: [PATCH 6/6] auth2-chall: Fix selection of the keyboard-interactive # device # #We were only checking if the prefix of a device name was matching what #we had in the devices list, so if the device list contained "pam", then #also the device "pam-foo" was matching. #--- # auth2-chall.c | 2 +- # 1 file changed, 1 insertion(+), 1 deletion(-) # #diff --git a/auth2-chall.c b/auth2-chall.c #index 047d4e83c33..db658c9b4a7 100644 #--- a/auth2-chall.c #+++ b/auth2-chall.c #@@ -170,7 +170,7 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) # "keyboard-interactive", devices[i]->name)) # continue; # if (strncmp(kbdintctxt->devices, devices[i]->name, #- len) == 0) { #+ len) == 0 && strlen(devices[i]->name) == len) { # kbdintctxt->device = devices[i]; # kbdintctxt->devices_done |= 1 << i; # } ++++++ logind_set_tty.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:16.561618518 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:16.565618685 +0100 @@ -108,7 +108,7 @@ !sys_auth_record_login(li->username,li->hostname,li->line, @@ -1459,6 +1469,100 @@ wtmpdb_write_entry(struct logininfo *li) default: - logit("%s: invalid type field", __func__); + logit_f("invalid type field"); return (0); + } +} ++++++ openssh-10.0p1.tar.gz -> openssh-10.2p1.tar.gz ++++++ ++++ 36196 lines of diff (skipped) ++++++ openssh-7.7p1-cavstest-ctr.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.433654980 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.441655314 +0100 @@ -20,16 +20,16 @@ +TARGETS += cavstest-ctr$(EXEEXT) + - XMSS_OBJS=\ - ssh-xmss.o \ - sshkey-xmss.o \ + LIBOPENSSH_OBJS=\ + ssh_api.o \ + ssherr.o \ @@ -245,6 +248,10 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libss sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS) $(LD) -o $@ $(SFTP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) +# FIPS tests -+cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o -+ $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz ++cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o $(P11OBJS) ++ $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(P11OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz + # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o ++++++ openssh-7.7p1-cavstest-kdf.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.461656151 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.465656318 +0100 @@ -21,14 +21,14 @@ -TARGETS += cavstest-ctr$(EXEEXT) +TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT) - XMSS_OBJS=\ - ssh-xmss.o \ + LIBOPENSSH_OBJS=\ + ssh_api.o \ @@ -252,6 +253,9 @@ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(S - cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o - $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz + cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-ctr.o $(P11OBJS) + $(LD) -o $@ cavstest-ctr.o ssh-sk.o sk-usbhid.o $(P11OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz -+cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-kdf.o -+ $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz ++cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o cavstest-kdf.o $(P11OBJS) ++ $(LD) -o $@ cavstest-kdf.o ssh-sk.o sk-usbhid.o $(P11OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) -lz + # test driver for the loginrec code - not built by default logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o ++++++ openssh-7.7p1-eal3.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.505657990 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.513658325 +0100 @@ -15,5 +15,5 @@ + -e 's|/etc/shosts.equiv|$(sysconfdir)/ssh/shosts.equiv|g' \ -e 's|/etc/ssh/ssh_host_key|$(sysconfdir)/ssh_host_key|g' \ -e 's|/etc/ssh/ssh_host_ecdsa_key|$(sysconfdir)/ssh_host_ecdsa_key|g' \ - -e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \ + -e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \ ++++++ openssh-7.7p1-fips.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.545659663 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.553659997 +0100 @@ -14,7 +14,7 @@ +LIBSSH_OBJS += fips.o + SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect2.o mux.o $(SKOBJS) + sshconnect.o sshconnect2.o mux.o $(P11OBJS) $(SKOBJS) Index: openssh-9.6p1/cipher.c =================================================================== @@ -91,8 +91,8 @@ char * cipher_alg_list(char sep, int auth_only) @@ -120,7 +167,7 @@ cipher_alg_list(char sep, int auth_only) - size_t nlen, rlen = 0; const struct sshcipher *c; + char sep_str[2] = {sep, '\0'}; - for (c = ciphers; c->name != NULL; c++) { + for (c = fips_select_ciphers(); c->name != NULL; c++) { @@ -401,40 +401,40 @@ char *name; u_int type; @@ -87,7 +89,7 @@ struct kexalg { - int ec_nid; int hash_alg; + int pq_alg; }; -static const struct kexalg kexalgs[] = { +static const struct kexalg kexalgs_all[] = { #ifdef WITH_OPENSSL - { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, - { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, + { KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, + { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, @@ -120,6 +122,47 @@ static const struct kexalg kexalgs[] = { - { NULL, 0, -1, -1}, + { NULL, 0, -1, -1, 0 }, }; +static const struct kexalg kexalgs_fips140_2[] = { +#ifdef WITH_OPENSSL -+ { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, -+ { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, -+ { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512 }, -+ { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, ++ { KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, ++ { KEX_DH14_SHA256, KEX_DH_GRP14_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, ++ { KEX_DH16_SHA512, KEX_DH_GRP16_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ }, ++ { KEX_DH18_SHA512, KEX_DH_GRP18_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ }, ++ { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, +#ifdef HAVE_EVP_SHA256 -+ { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256 }, ++ { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, +#endif /* HAVE_EVP_SHA256 */ +#ifdef OPENSSL_HAS_ECC + { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, -+ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, ++ NID_X9_62_prime256v1, SSH_DIGEST_SHA256, KEX_NOT_PQ }, + { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, -+ SSH_DIGEST_SHA384 }, ++ SSH_DIGEST_SHA384, KEX_NOT_PQ }, +# ifdef OPENSSL_HAS_NISTP521 + { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, -+ SSH_DIGEST_SHA512 }, ++ SSH_DIGEST_SHA512, KEX_NOT_PQ }, +# endif /* OPENSSL_HAS_NISTP521 */ +#endif /* OPENSSL_HAS_ECC */ +#endif /* WITH_OPENSSL */ -+ { NULL, -1, -1, -1}, ++ { NULL, -1, -1, -1, 0}, +}; + +/* Returns array of macs available depending on selected FIPS mode */ @@ -458,14 +458,14 @@ kex_alg_list(char sep) { @@ -127,7 +170,7 @@ kex_alg_list(char sep) - size_t nlen, rlen = 0; const struct kexalg *k; + char sep_str[2] = {sep, '\0'}; -- for (k = kexalgs; k->name != NULL; k++) { -+ for (k = fips_select_kexalgs(); k->name != NULL; k++) { - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(k->name); +- for (k = kexalgs; k->name != NULL; k++) ++ for (k = fips_select_kexalgs(); k->name != NULL; k++) + xextendf(&ret, sep_str, "%s", k->name); + + return ret; @@ -147,7 +190,7 @@ kex_alg_by_name(const char *name) { const struct kexalg *k; @@ -552,14 +552,14 @@ char * mac_alg_list(char sep) @@ -87,7 +125,7 @@ mac_alg_list(char sep) - size_t nlen, rlen = 0; const struct macalg *m; + char sep_str[2] = {sep, '\0'}; -- for (m = macs; m->name != NULL; m++) { -+ for (m = fips_select_macs(); m->name != NULL; m++) { - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(m->name); +- for (m = macs; m->name != NULL; m++) ++ for (m = fips_select_macs(); m->name != NULL; m++) + xextendf(&ret, sep_str, "%s", m->name); + + return ret; @@ -126,7 +164,7 @@ mac_setup(struct sshmac *mac, char *name { const struct macalg *m; @@ -702,8 +702,8 @@ +#include "fips.h" + #ifdef WITH_OPENSSL - #include <openssl/evp.h> - #include <openssl/pem.h> + #include "openbsd-compat/openssl-compat.h" + #include <openssl/bn.h> @@ -1040,11 +1042,13 @@ do_fingerprint(struct passwd *pw) static void do_gen_all_hostkeys(struct passwd *pw) @@ -751,7 +751,7 @@ for (i = 0; key_types[i].key_type; i++) { public = private = NULL; prv_tmp = pub_tmp = prv_file = pub_file = NULL; -@@ -3794,6 +3815,15 @@ main(int argc, char **argv) +@@ -3794,6 +3815,14 @@ main(int argc, char **argv) key_type_name = DEFAULT_KEY_TYPE_NAME; type = sshkey_type_from_shortname(key_type_name); @@ -760,8 +760,7 @@ + * it has to be 1024 bit due to RFC 4253 using SHA-1 which implies 1024 bit + * keys due to FIPS-186 specification for DSS */ + if (fips_mode() && -+ (type == KEY_DSA || type == KEY_ED25519 || -+ type == KEY_DSA_CERT || type == KEY_ED25519_CERT)) ++ (type == KEY_ED25519 || type == KEY_ED25519_CERT)) + fatal("Key type %s not alowed in FIPS mode", key_type_name); + type_bits_valid(type, key_type_name, &bits); @@ -785,8 +784,8 @@ --- openssh-9.6p1.orig/sshd.c +++ openssh-9.6p1/sshd.c @@ -128,6 +128,8 @@ - #include "srclimit.h" - #include "atomicio.h" + #endif + #include "monitor_wrap.h" +#include "fips.h" + ++++++ openssh-7.7p1-ldap.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.605662172 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.617662673 +0100 @@ -143,9 +143,9 @@ +INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@ +TARGETS += ssh-ldap-helper$(EXEEXT) + - XMSS_OBJS=\ - ssh-xmss.o \ - sshkey-xmss.o \ + LIBOPENSSH_OBJS=\ + ssh_api.o \ + ssherr.o \ @@ -162,8 +167,8 @@ SFTPSERVER_OBJS=sftp-common.o sftp-serve SFTP_OBJS= sftp.o sftp-usergroup.o progressmeter.o $(SFTP_CLIENT_OBJS) ++++++ openssh-7.9p1-revert-new-qos-defaults.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.677665183 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.685665517 +0100 @@ -14,10 +14,10 @@ if (options->visual_host_key == -1) options->visual_host_key = 0; if (options->ip_qos_interactive == -1) -- options->ip_qos_interactive = IPTOS_DSCP_AF21; +- options->ip_qos_interactive = IPTOS_DSCP_EF; + options->ip_qos_interactive = IPTOS_LOWDELAY; if (options->ip_qos_bulk == -1) -- options->ip_qos_bulk = IPTOS_DSCP_CS1; +- options->ip_qos_bulk = IPTOS_DSCP_CS0; + options->ip_qos_bulk = IPTOS_THROUGHPUT; if (options->request_tty == -1) options->request_tty = REQUEST_TTY_AUTO; @@ -30,10 +30,10 @@ if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; if (options->ip_qos_interactive == -1) -- options->ip_qos_interactive = IPTOS_DSCP_AF21; +- options->ip_qos_interactive = IPTOS_DSCP_EF; + options->ip_qos_interactive = IPTOS_LOWDELAY; if (options->ip_qos_bulk == -1) -- options->ip_qos_bulk = IPTOS_DSCP_CS1; +- options->ip_qos_bulk = IPTOS_DSCP_CS0; + options->ip_qos_bulk = IPTOS_THROUGHPUT; if (options->version_addendum == NULL) options->version_addendum = xstrdup(""); @@ -46,12 +46,12 @@ If two values are specified, the first is automatically selected for interactive sessions and the second for non-interactive sessions. The default is --.Cm af21 --(Low-Latency Data) +-.Cm ef +-(Expedited Forwarding) +.Cm lowdelay for interactive sessions and --.Cm cs1 --(Lower Effort) +-.Cm none +-(the operating system default) +.Cm throughput for non-interactive sessions. .It Cm KbdInteractiveAuthentication @@ -64,12 +64,12 @@ If two values are specified, the first is automatically selected for interactive sessions and the second for non-interactive sessions. The default is --.Cm af21 --(Low-Latency Data) +-.Cm ef +-(Expedited Forwarding) +.Cm lowdelay for interactive sessions and --.Cm cs1 --(Lower Effort) +-.Cm none +-(the operating system default) +.Cm throughput for non-interactive sessions. .It Cm KbdInteractiveAuthentication ++++++ openssh-8.0p1-gssapi-keyex.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.725667190 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.741667859 +0100 @@ -8,7 +8,7 @@ kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ + kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ - sshbuf-io.o + sshbuf-io.o misc-agent.o @@ -125,7 +126,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ auth2-chall.o groupaccess.o \ @@ -32,8 +32,8 @@ ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile REGRESSLIBS=libssh.a $(LIBCOMPAT) --TESTLIBS=$(LIBS) $(CHANNELLIBS) -+TESTLIBS=$(LIBS) $(CHANNELLIBS) $(GSSLIBS) +-TESTLIBS=$(LIBS) $(CHANNELLIBS) @TESTLIBS@ ++TESTLIBS=$(LIBS) $(CHANNELLIBS) @TESTLIBS@ $(GSSLIBS) regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ @@ -855,7 +855,7 @@ --- a/gss-serv.c +++ b/gss-serv.c @@ -1,7 +1,7 @@ - /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ + /* $OpenBSD: gss-serv.c,v 1.33 2025/09/29 21:30:15 dtucker Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -1176,31 +1176,31 @@ u_int type; @@ -110,6 +113,30 @@ static const struct kexalg kexalgs[] = { #endif /* WITH_OPENSSL */ - { NULL, -1, -1, -1}, + { NULL, -1, -1, -1, 0}, }; +static const struct kexalg gss_kexalgs_all[] = { +#ifdef GSSAPI -+ { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, -+ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, -+ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, ++ { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, ++ { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, ++ { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1, KEX_NOT_PQ }, ++ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, ++ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ }, + { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, -+ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, -+ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, ++ NID_X9_62_prime256v1, SSH_DIGEST_SHA256, KEX_NOT_PQ }, ++ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, +#endif -+ { NULL, 0, -1, -1}, ++ { NULL, 0, -1, -1, 0}, +}; + +static const struct kexalg gss_kexalgs_fips140_2[] = { +#ifdef GSSAPI -+ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256 }, -+ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512 }, ++ { KEX_GSS_GRP14_SHA256_ID, KEX_GSS_GRP14_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, ++ { KEX_GSS_GRP16_SHA512_ID, KEX_GSS_GRP16_SHA512, 0, SSH_DIGEST_SHA512, KEX_NOT_PQ }, + { KEX_GSS_NISTP256_SHA256_ID, KEX_GSS_NISTP256_SHA256, -+ NID_X9_62_prime256v1, SSH_DIGEST_SHA256 }, -+ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, ++ NID_X9_62_prime256v1, SSH_DIGEST_SHA256, KEX_NOT_PQ }, ++ { KEX_GSS_C25519_SHA256_ID, KEX_GSS_C25519_SHA256, 0, SSH_DIGEST_SHA256, KEX_NOT_PQ }, +#endif -+ { NULL, 0, -1, -1}, ++ { NULL, 0, -1, -1, 0}, +}; /* Returns array of macs available depending on selected FIPS mode */ @@ -1231,15 +1231,15 @@ +static char * +kex_alg_list_internal(char sep, const struct kexalg *algs) { - char *ret = NULL, *tmp; - size_t nlen, rlen = 0; + char *ret = NULL; const struct kexalg *k; + char sep_str[2] = {sep, '\0'}; -- for (k = fips_select_kexalgs(); k->name != NULL; k++) { -+ for (k = algs; k->name != NULL; k++) { - if (ret != NULL) - ret[rlen++] = sep; - nlen = strlen(k->name); +- for (k = fips_select_kexalgs(); k->name != NULL; k++) ++ for (k = algs; k->name != NULL; k++) + xextendf(&ret, sep_str, "%s", k->name); + + return ret; @@ -138,6 +156,18 @@ kex_alg_list(char sep) return ret; } @@ -1331,7 +1331,7 @@ int (*verify_host_key)(struct sshkey *, struct ssh *); struct sshkey *(*load_host_public_key)(int, int, struct ssh *); @@ -174,8 +189,10 @@ struct kex { - int kex_nid_from_name(const char *); + int kex_is_pq_from_name(const char *); int kex_names_valid(const char *); char *kex_alg_list(char); +char *kex_gss_alg_list(char); @@ -3132,12 +3132,11 @@ case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -2892,6 +2935,10 @@ dump_config(ServerOptions *o) - #ifdef GSSAPI +@@ -2892,6 +2935,9 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); + dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); + dump_cfg_fmtint(sGssKeyEx, o->gss_keyex); -+ dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); + dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); + dump_cfg_string(sGssKexAlgorithms, o->gss_kex_algorithms); #endif @@ -3840,9 +3839,9 @@ --- a/sshkey.c +++ b/sshkey.c @@ -127,6 +127,75 @@ static const struct keytype keytypes[] = { - extern const struct sshkey_impl sshkey_xmss_impl; - extern const struct sshkey_impl sshkey_xmss_cert_impl; - #endif + extern const struct sshkey_impl sshkey_rsa_sha512_impl; + extern const struct sshkey_impl sshkey_rsa_sha512_cert_impl; + #endif /* WITH_OPENSSL */ + +static int ssh_gss_equal(const struct sshkey *, const struct sshkey *) +{ @@ -3916,9 +3915,9 @@ const struct sshkey_impl * const keyimpls[] = { &sshkey_ed25519_impl, @@ -154,6 +154,7 @@ static const struct keytype keytypes[] = { - &sshkey_xmss_impl, - &sshkey_xmss_cert_impl, - #endif + &sshkey_rsa_sha512_impl, + &sshkey_rsa_sha512_cert_impl, + #endif /* WITH_OPENSSL */ + &sshkey_gss_kex_impl, NULL }; ++++++ openssh-8.1p1-audit.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.765668863 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.769669029 +0100 @@ -6,10 +6,10 @@ kexsntrup761x25519.o kexmlkem768x25519.o sntrup761.o kexgen.o \ kexgssc.o \ sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \ -- sshbuf-io.o -+ sshbuf-io.o auditstub.o +- sshbuf-io.o misc-agent.o ++ sshbuf-io.o misc-agent.o auditstub.o - SKOBJS= ssh-sk-client.o + P11OBJS= ssh-pkcs11-client.o Index: openssh-8.9p1/audit-bsm.c =================================================================== @@ -57,7 +57,7 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event) { @@ -452,4 +471,28 @@ audit_event(struct ssh *ssh, ssh_audit_e - debug("%s: unhandled event %d", __func__, event); + debug_f("unhandled event %d", event); } } + @@ -89,7 +89,7 @@ =================================================================== --- openssh-8.9p1.orig/audit-linux.c +++ openssh-8.9p1/audit-linux.c -@@ -33,27 +33,40 @@ +@@ -33,29 +33,42 @@ #include "log.h" #include "audit.h" @@ -130,6 +130,10 @@ - return 0; /* Must prevent login */ + goto fatal_report; /* Must prevent login */ } +- if (hostname != NULL && strcmp(hostname, "UNKNOWN") == 0) +- hostname = NULL; ++ if (ip != NULL && strcmp(ip, "UNKNOWN") == 0) ++ ip = NULL; - rc = audit_log_acct_message(audit_fd, AUDIT_USER_LOGIN, + rc = audit_log_acct_message(audit_fd, event, NULL, "login", username ? username : "(unknown)", @@ -345,7 +349,7 @@ + ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); break; default: - debug("%s: unhandled event %d", __func__, event); + debug_f("unhandled event %d", event); break; } } @@ -1269,9 +1273,9 @@ int r; + Session *s; - debug3("%s entering", __func__); + debug3_f("entering"); if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); + /* sanity check command, if so how? */ - audit_run_command(cmd); @@ -1518,10 +1522,10 @@ int r; + int handle; - debug3("%s entering command %s", __func__, command); + debug3_f("entering command %s", command); @@ -914,6 +930,30 @@ mm_audit_run_command(const char *command - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "buffer error"); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_COMMAND, m); @@ -1691,9 +1695,9 @@ * Returns the IP-address of the remote host as a string. The returned * string must not be freed. @@ -579,22 +587,19 @@ ssh_packet_rdomain_in(struct ssh *ssh) - { struct session_state *state = ssh->state; u_int mode; + struct packet *p; + u_int had_keys = packet_state_has_keys(state); if (!state->initialized) @@ -1715,9 +1719,9 @@ + state->outgoing_packet = NULL; sshbuf_free(state->incoming_packet); + state->incoming_packet = NULL; - for (mode = 0; mode < MODE_MAX; mode++) { - kex_free_newkeys(state->newkeys[mode]); /* current keys */ - state->newkeys[mode] = NULL; + while ((p = TAILQ_FIRST(&state->outgoing))) { + sshbuf_free(p->payload); + TAILQ_REMOVE(&state->outgoing, p, next); @@ -634,8 +639,18 @@ ssh_packet_close_internal(struct ssh *ss #endif /* WITH_ZLIB */ cipher_free(state->send_context); @@ -1832,15 +1836,15 @@ =================================================================== --- openssh-8.9p1.orig/session.c +++ openssh-8.9p1/session.c -@@ -135,7 +135,7 @@ extern char *__progname; - extern int debug_flag; - extern u_int utmp_len; - extern int startup_pipe; --extern void destroy_sensitive_data(void); -+extern void destroy_sensitive_data(struct ssh *); - extern struct sshbuf *loginmsg; - extern struct sshauthopt *auth_opts; - extern char *tun_fwd_ifnames; /* serverloop.c */ +#@@ -135,7 +135,7 @@ extern char *__progname; +# extern ServerOptions options; +# extern char *__progname; +# extern int debug_flag; +#-extern void destroy_sensitive_data(void); +#+extern void destroy_sensitive_data(struct ssh *); +# extern struct sshbuf *loginmsg; +# extern struct sshauthopt *auth_opts; +# extern char *tun_fwd_ifnames; /* serverloop.c */ @@ -644,6 +644,14 @@ do_exec_pty(struct ssh *ssh, Session *s, /* Parent. Close the slave side of the pseudo tty. */ close(ttyfd); @@ -1855,7 +1859,7 @@ + /* Enter interactive session. */ s->ptymaster = ptymaster; - ssh_packet_set_interactive(ssh, 1, + session_set_fds(ssh, s, ptyfd, fdout, -1, 1, 1); @@ -736,15 +744,19 @@ do_exec(struct ssh *ssh, Session *s, con s->self); @@ -2266,7 +2270,7 @@ #endif #include "crypto_api.h" -@@ -400,6 +403,53 @@ sshkey_type_is_valid_ca(int type) +@@ -400,6 +403,47 @@ sshkey_type_is_valid_ca(int type) } int @@ -2300,12 +2304,6 @@ + } +# endif /* OPENSSL_HAS_ECC */ +# endif /* OPENSSL < 3.0.0 */ -+ case KEY_DSA_CERT: -+ case KEY_DSA: { -+ const BIGNUM *priv_key = NULL; -+ DSA_get0_key(k->dsa, NULL, &priv_key); -+ return priv_key != NULL; -+ } +#endif /* WITH_OPENSSL */ + case KEY_ED25519_CERT: + case KEY_ED25519: ++++++ openssh-8.4p1-vendordir.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.829671538 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.837671873 +0100 @@ -35,17 +35,15 @@ #ifndef _PATH_SSH_PIDDIR #define _PATH_SSH_PIDDIR "/var/run" #endif -@@ -35,13 +37,17 @@ +@@ -35,11 +37,15 @@ * should be world-readable. */ #define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config" +#define _PATH_SERVER_VENDOR_CONFIG_FILE VENDORDIR "/sshd_config" #define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" +#define _PATH_HOST_VENDOR_CONFIG_FILE VENDORDIR "/ssh_config" - #define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" - #define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key" #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" #define _PATH_DH_MODULI SSHDIR "/moduli" +#define _PATH_VENDOR_DH_MODULI VENDORDIR "/moduli" ++++++ openssh-link-with-sk.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.881673713 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.893674214 +0100 @@ -8,8 +8,8 @@ -sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTPSERVER_OBJS) - $(LD) -o $@ $(SFTPSERVER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) -+sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o $(SFTPSERVER_OBJS) -+ $(LD) -o $@ $(SFTPSERVER_OBJS) ssh-sk.o sk-usbhid.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) ++sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-sk.o sk-usbhid.o $(P11OBJS) $(SFTPSERVER_OBJS) ++ $(LD) -o $@ $(SFTPSERVER_OBJS) ssh-sk.o sk-usbhid.o $(P11OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) $(LIBFIDO2) sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS) $(LD) -o $@ $(SFTP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) ++++++ openssh-mitigate-lingering-secrets.patch ++++++ --- /var/tmp/diff_new_pack.LUSFD1/_old 2025-11-01 23:34:17.917675218 +0100 +++ /var/tmp/diff_new_pack.LUSFD1/_new 2025-11-01 23:34:17.921675385 +0100 @@ -134,22 +134,22 @@ } out: @@ -2375,9 +2393,12 @@ ssh_packet_get_state(struct ssh *ssh, st - (r = sshbuf_put_u32(m, state->p_read.packets)) != 0 || - (r = sshbuf_put_u64(m, state->p_read.bytes)) != 0 || - (r = sshbuf_put_stringb(m, state->input)) != 0 || -- (r = sshbuf_put_stringb(m, state->output)) != 0) -+ (r = sshbuf_put_stringb(m, state->output)) != 0) { + (r = sshbuf_put_stringb(m, state->output)) != 0 || + (r = sshbuf_put_u32(m, ENCODE_INT(state->interactive_mode))) != 0 || + (r = sshbuf_put_u32(m, ENCODE_INT(state->qos_interactive))) != 0 || +- (r = sshbuf_put_u32(m, ENCODE_INT(state->qos_other))) != 0) ++ (r = sshbuf_put_u32(m, ENCODE_INT(state->qos_other))) != 0) { + sshbuf_obfuscate(m); return r; + } - + #undef ENCODE_INT + sshbuf_obfuscate(m); return 0; } @@ -2496,6 +2517,8 @@ ssh_packet_set_state(struct ssh *ssh, st - size_t ilen, olen; int r; + u_int interactive, qos_interactive, qos_other; + sshbuf_unobfuscate(m); + @@ -178,13 +178,24 @@ sshbuf_reset(state->input); sshbuf_reset(state->output); -@@ -2529,12 +2552,19 @@ ssh_packet_set_state(struct ssh *ssh, st +@@ -2529,22 +2552,29 @@ ssh_packet_set_state(struct ssh *ssh, st (r = sshbuf_get_string_direct(m, &output, &olen)) != 0 || (r = sshbuf_put(state->input, input, ilen)) != 0 || (r = sshbuf_put(state->output, output, olen)) != 0) - return r; + goto out; + if ((r = sshbuf_get_u32(m, &interactive)) != 0 || + (r = sshbuf_get_u32(m, &qos_interactive)) != 0 || + (r = sshbuf_get_u32(m, &qos_other)) != 0) +- return r; ++ goto out; + #define DECODE_INT(v) ((v) > INT_MAX ? -1 : (int)(v)) + state->interactive_mode = DECODE_INT(interactive); + state->qos_interactive = DECODE_INT(qos_interactive); + state->qos_other = DECODE_INT(qos_other); + #undef DECODE_INT + - if (sshbuf_len(m)) - return SSH_ERR_INVALID_FORMAT; + if (sshbuf_len(m)) { @@ -368,8 +379,8 @@ privsep_child_demote(void) { @@ -796,6 +796,7 @@ main(int ac, char **av) - */ mm_send_keystate(ssh, pmonitor); + sshauthopt_free(auth_opts); ssh_packet_clear_keys(ssh); + clobber_stack(); exit(0);
