date:20240708

CVS commit: src/external/gpl3/binutils

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Jul  9 04:29:11 UTC 2024

Modified Files:
src/external/gpl3/binutils/lib/libbfd: Makefile
src/external/gpl3/binutils/lib/libbfd/arch/i386: bfd.h bfdver.h
config.h defs.mk
src/external/gpl3/binutils/lib/libgnuctf: Makefile
src/external/gpl3/binutils/lib/libgnuctf/arch/i386: config.h
src/external/gpl3/binutils/lib/libiberty/arch/i386: config.h
src/external/gpl3/binutils/lib/libopcodes: Makefile
src/external/gpl3/binutils/lib/libopcodes/arch/i386: config.h defs.mk
src/external/gpl3/binutils/usr.bin/common/arch/i386: config.h defs.mk
src/external/gpl3/binutils/usr.bin/gas/arch/i386: config.h defs.mk
src/external/gpl3/binutils/usr.bin/gprof/arch/i386: gconfig.h
src/external/gpl3/binutils/usr.bin/ld/arch/i386: config.h defs.mk
Added Files:
src/external/gpl3/binutils/lib/libsframe: Makefile
src/external/gpl3/binutils/lib/libsframe/arch/i386: config.h defs.mk
src/external/gpl3/binutils/lib/libsframe/arch/x86_64: config.h defs.mk

Log Message:
regen x86, adjust Makefiles.


To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/external/gpl3/binutils/lib/libbfd/Makefile
cvs rdiff -u -r1.11 -r1.12 \
src/external/gpl3/binutils/lib/libbfd/arch/i386/bfd.h \
src/external/gpl3/binutils/lib/libbfd/arch/i386/config.h
cvs rdiff -u -r1.14 -r1.15 \
src/external/gpl3/binutils/lib/libbfd/arch/i386/bfdver.h
cvs rdiff -u -r1.12 -r1.13 \
src/external/gpl3/binutils/lib/libbfd/arch/i386/defs.mk
cvs rdiff -u -r1.2 -r1.3 src/external/gpl3/binutils/lib/libgnuctf/Makefile
cvs rdiff -u -r1.2 -r1.3 \
src/external/gpl3/binutils/lib/libgnuctf/arch/i386/config.h
cvs rdiff -u -r1.7 -r1.8 \
src/external/gpl3/binutils/lib/libiberty/arch/i386/config.h
cvs rdiff -u -r1.13 -r1.14 src/external/gpl3/binutils/lib/libopcodes/Makefile
cvs rdiff -u -r1.10 -r1.11 \
src/external/gpl3/binutils/lib/libopcodes/arch/i386/config.h
cvs rdiff -u -r1.2 -r1.3 \
src/external/gpl3/binutils/lib/libopcodes/arch/i386/defs.mk
cvs rdiff -u -r0 -r1.1 src/external/gpl3/binutils/lib/libsframe/Makefile
cvs rdiff -u -r0 -r1.1 \
src/external/gpl3/binutils/lib/libsframe/arch/i386/config.h \
src/external/gpl3/binutils/lib/libsframe/arch/i386/defs.mk
cvs rdiff -u -r0 -r1.1 \
src/external/gpl3/binutils/lib/libsframe/arch/x86_64/config.h \
src/external/gpl3/binutils/lib/libsframe/arch/x86_64/defs.mk
cvs rdiff -u -r1.11 -r1.12 \
src/external/gpl3/binutils/usr.bin/common/arch/i386/config.h
cvs rdiff -u -r1.12 -r1.13 \
src/external/gpl3/binutils/usr.bin/common/arch/i386/defs.mk
cvs rdiff -u -r1.11 -r1.12 \
src/external/gpl3/binutils/usr.bin/gas/arch/i386/config.h
cvs rdiff -u -r1.3 -r1.4 \
src/external/gpl3/binutils/usr.bin/gas/arch/i386/defs.mk
cvs rdiff -u -r1.10 -r1.11 \
src/external/gpl3/binutils/usr.bin/gprof/arch/i386/gconfig.h
cvs rdiff -u -r1.13 -r1.14 \
src/external/gpl3/binutils/usr.bin/ld/arch/i386/config.h
cvs rdiff -u -r1.7 -r1.8 \
src/external/gpl3/binutils/usr.bin/ld/arch/i386/defs.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/external/gpl3/binutils/usr.bin/ld

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Jul  9 04:24:33 UTC 2024

Modified Files:
src/external/gpl3/binutils/usr.bin/ld: Makefile

Log Message:
make sure that the ldscripts directory exists


To generate a diff of this commit:
cvs rdiff -u -r1.40 -r1.41 src/external/gpl3/binutils/usr.bin/ld/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/gpl3/binutils/usr.bin/ld/Makefile
diff -u src/external/gpl3/binutils/usr.bin/ld/Makefile:1.40 src/external/gpl3/binutils/usr.bin/ld/Makefile:1.41
--- src/external/gpl3/binutils/usr.bin/ld/Makefile:1.40	Sun Jun 30 12:10:22 2024
+++ src/external/gpl3/binutils/usr.bin/ld/Makefile	Tue Jul  9 00:24:33 2024
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.40 2024/06/30 16:10:22 christos Exp $
+#	$NetBSD: Makefile,v 1.41 2024/07/09 04:24:33 christos Exp $
 
 CPPFLAGS+=	-I${.CURDIR}/arch/${BINUTILS_MACHINE_ARCH} \
 		-I${DIST}/ld \
@@ -69,6 +69,7 @@ CLEANFILES+=	.depend.${f} e${f}.c
 e${f}.c: ${DIST}/ld/genscripts.sh ${.CURDIR}/Makefile stringify.sed
 	${_MKTARGET_CREATE}
 	unset MACHINE || true; \
+	mkdir -p ldscripts && \
 	NATIVE=yes ${HOST_SH} ${DIST}/ld/genscripts.sh ${DIST}/ld \
 		${LIBDIR} "/usr" "/usr/bin" \
 		${G_target_alias} ${G_target_alias} ${G_target_alias} \

CVS commit: src/external/gpl3/binutils/usr.bin/ld

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Jul  9 04:24:33 UTC 2024

Modified Files:
src/external/gpl3/binutils/usr.bin/ld: Makefile

Log Message:
make sure that the ldscripts directory exists


To generate a diff of this commit:
cvs rdiff -u -r1.40 -r1.41 src/external/gpl3/binutils/usr.bin/ld/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/distrib/sets/lists/debug

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Jul  9 00:34:46 UTC 2024

Modified Files:
src/distrib/sets/lists/debug: mi

Log Message:
Add missing d


To generate a diff of this commit:
cvs rdiff -u -r1.438 -r1.439 src/distrib/sets/lists/debug/mi

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/distrib/sets/lists/debug

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Jul  9 00:34:46 UTC 2024

Modified Files:
src/distrib/sets/lists/debug: mi

Log Message:
Add missing d


To generate a diff of this commit:
cvs rdiff -u -r1.438 -r1.439 src/distrib/sets/lists/debug/mi

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/distrib/sets/lists/debug/mi
diff -u src/distrib/sets/lists/debug/mi:1.438 src/distrib/sets/lists/debug/mi:1.439
--- src/distrib/sets/lists/debug/mi:1.438	Mon Jul  8 18:35:09 2024
+++ src/distrib/sets/lists/debug/mi	Mon Jul  8 20:34:46 2024
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.438 2024/07/08 22:35:09 christos Exp $
+# $NetBSD: mi,v 1.439 2024/07/09 00:34:46 christos Exp $
 ./etc/mtree/set.debug   comp-sys-root
 ./usr/lib	comp-sys-usr		compatdir
 ./usr/lib/i18n/libBIG5_g.a			comp-c-debuglib		debuglib
@@ -1040,7 +1040,7 @@
 ./usr/libdata/debug/usr/libexec/ssh-keysign.debug	comp-secsh-debug	debug
 ./usr/libdata/debug/usr/libexec/ssh-pkcs11-helper.debug	comp-secsh-debug	debug
 ./usr/libdata/debug/usr/libexec/ssh-sk-helper.debug	comp-secsh-debug	debug
-./usr/libdata/debug/usr/libexec/ssh-session.debug	comp-secsh-debug	debug
+./usr/libdata/debug/usr/libexec/sshd-session.debug	comp-secsh-debug	debug
 ./usr/libdata/debug/usr/libexec/telnetd.debug	comp-netutil-debug	debug
 ./usr/libdata/debug/usr/libexec/tftp-proxy.debug	comp-pf-debug		pf,debug
 ./usr/libdata/debug/usr/libexec/tftpd.debug	comp-netutil-debug	debug

CVS commit: src/crypto/external/bsd/openssh/libexec/sshd-session

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Jul  9 00:05:44 UTC 2024

Added Files:
src/crypto/external/bsd/openssh/libexec/sshd-session: Makefile

Log Message:
new program needed for each session


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 \
src/crypto/external/bsd/openssh/libexec/sshd-session/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Added files:

Index: src/crypto/external/bsd/openssh/libexec/sshd-session/Makefile
diff -u /dev/null src/crypto/external/bsd/openssh/libexec/sshd-session/Makefile:1.1
--- /dev/null	Mon Jul  8 20:05:44 2024
+++ src/crypto/external/bsd/openssh/libexec/sshd-session/Makefile	Mon Jul  8 20:05:44 2024
@@ -0,0 +1,79 @@
+#	$NetBSD: Makefile,v 1.1 2024/07/09 00:05:44 christos Exp $
+
+NOMAN=	yes
+.include 
+
+PROG=	sshd-session
+
+BINDIR=	/usr/libexec
+
+SRCS=	auth-rhosts.c auth-passwd.c auth2-pubkeyfile.c \
+	sshpty.c sshlogin.c servconf.c serverloop.c \
+	auth.c auth2.c auth-options.c auth2-methods.c session.c \
+	auth-krb5.c auth2-chall.c groupaccess.c \
+	auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c \
+	auth2-none.c auth2-passwd.c auth2-pubkey.c \
+	monitor.c monitor_wrap.c srclimit.c \
+	kexgexs.c sftp-server.c sftp-common.c \
+	sftp-realpath.c sandbox-rlimit.c sshd-session.c pfilter.c
+
+COPTS.auth-options.c+=	-Wno-pointer-sign
+COPTS.ldapauth.c+=	-Wno-format-nonliteral	# XXX: should fix
+
+.if (${USE_PAM} != "no")
+SRCS+=	auth-pam.c
+LDADD+=	-lpam ${PAM_STATIC_LDADD}
+DPADD+=	${LIBPAM} ${PAM_STATIC_DPADD}
+
+.if ${USE_YP} != "no"
+LDADD+= -lrpcsvc
+DPADD+= ${LIBRPCSVC}
+.endif
+
+.else	# USE_PAM == no
+
+.if (${USE_SKEY} != "no")
+LDADD+=	-lskey
+DPADD+=	${LIBSKEY}
+.endif
+
+.endif	# USE_PAM == no
+
+.if (${USE_KERBEROS} != "no")
+SRCS+=	gss-genr.c auth2-gss.c gss-serv.c gss-serv-krb5.c
+LDADD+=	-lgssapi -lheimntlm
+DPADD+=	${LIBGSSAPI} ${LIBHEIMNTLM}
+
+LDADD+=	-lkafs
+DPADD+= ${LIBKAFS}
+
+SRCS+=	auth2-krb5.c
+LDADD+= ${LIBKRB5_LDADD}
+DPADD+= ${LIBKRB5_DPADD}
+.endif
+
+.if (${USE_LDAP} != "no")
+SRCS+=	ldapauth.c
+LDADD+=	${LIBLDAP_LDADD}
+DPADD+=	${LIBLDAP_DPADD}
+.endif
+
+LDADD+=	-lcrypt -lutil
+DPADD+=	${LIBCRYPT} ${LIBUTIL}
+
+LDADD+=	-lwrap
+DPADD+=	${LIBWRAP}
+
+.ifdef CRUNCHEDPROG
+CPPFLAGS+=-DSMALL
+.else
+LDADD+=	-lblocklist
+DPADD+=	${LIBBLOCKLIST}
+.endif
+
+COPTS.sshlogin.c+=	${CC_WNO_STRINGOP_TRUNCATION}
+COPTS.ldapauth.c+=	${CC_WNO_STRINGOP_TRUNCATION} ${CC_WNO_STRINGOP_OVERFLOW}
+COPTS.monitor.c+= -Wno-error=deprecated-declarations
+COPTS.kexgexs.c+= -Wno-error=deprecated-declarations
+
+.include

CVS commit: src/crypto/external/bsd/openssh/libexec/sshd-session

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Jul  9 00:05:44 UTC 2024

Added Files:
src/crypto/external/bsd/openssh/libexec/sshd-session: Makefile

Log Message:
new program needed for each session


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 \
src/crypto/external/bsd/openssh/libexec/sshd-session/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/doc

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:36:29 UTC 2024

Modified Files:
src/doc: 3RDPARTY CHANGES

Log Message:
new OpenSSH


To generate a diff of this commit:
cvs rdiff -u -r1.2025 -r1.2026 src/doc/3RDPARTY
cvs rdiff -u -r1.3072 -r1.3073 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/doc/3RDPARTY
diff -u src/doc/3RDPARTY:1.2025 src/doc/3RDPARTY:1.2026
--- src/doc/3RDPARTY:1.2025	Mon Jul  8 03:11:28 2024
+++ src/doc/3RDPARTY	Mon Jul  8 18:36:29 2024
@@ -1,4 +1,4 @@
-#	$NetBSD: 3RDPARTY,v 1.2025 2024/07/08 07:11:28 wiz Exp $
+#	$NetBSD: 3RDPARTY,v 1.2026 2024/07/08 22:36:29 christos Exp $
 #
 # This file contains a list of the software that has been integrated into
 # NetBSD where we are not the primary maintainer.
@@ -1082,7 +1082,7 @@ Notes:
 Patch applied after OpenSSH import.
 
 Package:	OpenSSH
-Version:	9.7
+Version:	9.8
 Current Vers:	9.8 / portable 9.8p1
 Maintainer:	OpenSSH
 Archive Site:	http://www.openssh.com/ftp.html

Index: src/doc/CHANGES
diff -u src/doc/CHANGES:1.3072 src/doc/CHANGES:1.3073
--- src/doc/CHANGES:1.3072	Mon Jul  8 04:00:08 2024
+++ src/doc/CHANGES	Mon Jul  8 18:36:29 2024
@@ -1,4 +1,4 @@
-# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.3072 $>
+# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.3073 $>
 #
 #
 # [Note: This file does not mention every change made to the NetBSD source tree.
@@ -449,3 +449,4 @@ Changes from NetBSD 10.0 to NetBSD 11.0:
 		(from Reinhard Speyerer) [christos 20240704]
 	mcx(4): Match on ConnectX-6 virtual functions, from OpenBSD.
 		[msaitoh 20240707]
+	OpenSSH: Import 9.8. [christos 20240708]

CVS commit: src/doc

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:36:29 UTC 2024

Modified Files:
src/doc: 3RDPARTY CHANGES

Log Message:
new OpenSSH


To generate a diff of this commit:
cvs rdiff -u -r1.2025 -r1.2026 src/doc/3RDPARTY
cvs rdiff -u -r1.3072 -r1.3073 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/distrib/sets/lists

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:35:09 UTC 2024

Modified Files:
src/distrib/sets/lists/base: mi shl.mi
src/distrib/sets/lists/base32: ad.aarch64 ad.mips64eb ad.mips64el
ad.mipsn64eb ad.mipsn64el ad.powerpc64 ad.riscv64 md.amd64
md.sparc64
src/distrib/sets/lists/base64: ad.mips64eb ad.mips64el
src/distrib/sets/lists/debug: mi shl.mi
src/distrib/sets/lists/debug32: ad.aarch64 ad.mips64eb ad.mips64el
ad.mipsn64eb ad.mipsn64el ad.powerpc64 ad.riscv64 md.amd64
md.sparc64
src/distrib/sets/lists/debug64: ad.mips64eb ad.mips64el

Log Message:
bump libssh, add sshd-session


To generate a diff of this commit:
cvs rdiff -u -r1.1345 -r1.1346 src/distrib/sets/lists/base/mi
cvs rdiff -u -r1.983 -r1.984 src/distrib/sets/lists/base/shl.mi
cvs rdiff -u -r1.9 -r1.10 src/distrib/sets/lists/base32/ad.aarch64 \
src/distrib/sets/lists/base32/ad.mips64el \
src/distrib/sets/lists/base32/ad.riscv64 \
src/distrib/sets/lists/base32/md.sparc64
cvs rdiff -u -r1.8 -r1.9 src/distrib/sets/lists/base32/ad.mips64eb \
src/distrib/sets/lists/base32/ad.powerpc64
cvs rdiff -u -r1.12 -r1.13 src/distrib/sets/lists/base32/ad.mipsn64eb \
src/distrib/sets/lists/base32/md.amd64
cvs rdiff -u -r1.11 -r1.12 src/distrib/sets/lists/base32/ad.mipsn64el
cvs rdiff -u -r1.6 -r1.7 src/distrib/sets/lists/base64/ad.mips64eb \
src/distrib/sets/lists/base64/ad.mips64el
cvs rdiff -u -r1.437 -r1.438 src/distrib/sets/lists/debug/mi
cvs rdiff -u -r1.343 -r1.344 src/distrib/sets/lists/debug/shl.mi
cvs rdiff -u -r1.12 -r1.13 src/distrib/sets/lists/debug32/ad.aarch64 \
src/distrib/sets/lists/debug32/ad.mips64eb \
src/distrib/sets/lists/debug32/ad.mips64el
cvs rdiff -u -r1.13 -r1.14 src/distrib/sets/lists/debug32/ad.mipsn64eb \
src/distrib/sets/lists/debug32/ad.mipsn64el
cvs rdiff -u -r1.11 -r1.12 src/distrib/sets/lists/debug32/ad.powerpc64 \
src/distrib/sets/lists/debug32/ad.riscv64 \
src/distrib/sets/lists/debug32/md.sparc64
cvs rdiff -u -r1.17 -r1.18 src/distrib/sets/lists/debug32/md.amd64
cvs rdiff -u -r1.6 -r1.7 src/distrib/sets/lists/debug64/ad.mips64eb \
src/distrib/sets/lists/debug64/ad.mips64el

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/distrib/sets/lists/base/mi
diff -u src/distrib/sets/lists/base/mi:1.1345 src/distrib/sets/lists/base/mi:1.1346
--- src/distrib/sets/lists/base/mi:1.1345	Sat Jun  1 20:22:21 2024
+++ src/distrib/sets/lists/base/mi	Mon Jul  8 18:35:08 2024
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.1345 2024/06/02 00:22:21 kre Exp $
+# $NetBSD: mi,v 1.1346 2024/07/08 22:35:08 christos Exp $
 #
 # Note:	Don't delete entries from here - mark them as "obsolete" instead,
 #	unless otherwise stated below.
@@ -1385,6 +1385,7 @@
 ./usr/libexec/ssh-keysign			base-secsh-bin
 ./usr/libexec/ssh-pkcs11-helper			base-secsh-bin
 ./usr/libexec/ssh-sk-helper			base-secsh-bin
+./usr/libexec/sshd-session			base-secsh-bin
 ./usr/libexec/telnetdbase-netutil-bin
 ./usr/libexec/tftp-proxy			base-pf-bin		pf
 ./usr/libexec/tftpdbase-netutil-bin

Index: src/distrib/sets/lists/base/shl.mi
diff -u src/distrib/sets/lists/base/shl.mi:1.983 src/distrib/sets/lists/base/shl.mi:1.984
--- src/distrib/sets/lists/base/shl.mi:1.983	Mon Jul  1 06:35:36 2024
+++ src/distrib/sets/lists/base/shl.mi	Mon Jul  8 18:35:08 2024
@@ -1,4 +1,4 @@
-# $NetBSD: shl.mi,v 1.983 2024/07/01 10:35:36 rin Exp $
+# $NetBSD: shl.mi,v 1.984 2024/07/08 22:35:08 christos Exp $
 #
 # Note:	Don't delete entries from here - mark them as "obsolete" instead,
 #	unless otherwise stated below.
@@ -876,8 +876,8 @@
 ./usr/lib/libsqlite3.so.1.5			base-sys-shlib
 ./usr/lib/libss.sobase-obsolete		obsolete
 ./usr/lib/libssh.sobase-secsh-shlib
-./usr/lib/libssh.so.46base-secsh-shlib
-./usr/lib/libssh.so.46.1			base-secsh-shlib
+./usr/lib/libssh.so.47base-secsh-shlib
+./usr/lib/libssh.so.47.0			base-secsh-shlib
 ./usr/lib/libssl.sobase-crypto-shlib
 ./usr/lib/libssl.so.12base-crypto-shlib	openssl=10
 ./usr/lib/libssl.so.12.0			base-crypto-shlib	openssl=10

Index: src/distrib/sets/lists/base32/ad.aarch64
diff -u src/distrib/sets/lists/base32/ad.aarch64:1.9 src/distrib/sets/lists/base32/ad.aarch64:1.10
--- src/distrib/sets/lists/base32/ad.aarch64:1.9	Mon Jul  1 00:03:04 2024
+++ src/distrib/sets/lists/base32/ad.aarch64	Mon Jul  8 18:35:08 2024
@@ -1,4 +1,4 @@
-# $NetBSD: ad.aarch64,v 1.9 2024/07/01 04:03:04 mrg Exp $
+# $NetBSD: ad.aarch64,v 1.10 2024/07/08 22:35:08 christos Exp $
 ./lib/eabi	base-compat-shlib	compat
 ./lib/eabi/npf	base-compat-shlib	compat,npf
 ./lib/eabi/npf/ext_log.so			base-compat-shlib	compat,npf
@@ -435,8 +435,8 @@
 ./usr/lib/eabi/libsqlite3.so.1			base-compat-shlib	compat
 ./usr/lib/eabi/libsqlite3.so.1.5		base-compat-shlib	compat
 ./usr/lib/eabi/libssh.so			base-compat-shlib	compat
-./usr/l

CVS commit: src/distrib/sets/lists

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:35:09 UTC 2024

Modified Files:
src/distrib/sets/lists/base: mi shl.mi
src/distrib/sets/lists/base32: ad.aarch64 ad.mips64eb ad.mips64el
ad.mipsn64eb ad.mipsn64el ad.powerpc64 ad.riscv64 md.amd64
md.sparc64
src/distrib/sets/lists/base64: ad.mips64eb ad.mips64el
src/distrib/sets/lists/debug: mi shl.mi
src/distrib/sets/lists/debug32: ad.aarch64 ad.mips64eb ad.mips64el
ad.mipsn64eb ad.mipsn64el ad.powerpc64 ad.riscv64 md.amd64
md.sparc64
src/distrib/sets/lists/debug64: ad.mips64eb ad.mips64el

Log Message:
bump libssh, add sshd-session


To generate a diff of this commit:
cvs rdiff -u -r1.1345 -r1.1346 src/distrib/sets/lists/base/mi
cvs rdiff -u -r1.983 -r1.984 src/distrib/sets/lists/base/shl.mi
cvs rdiff -u -r1.9 -r1.10 src/distrib/sets/lists/base32/ad.aarch64 \
src/distrib/sets/lists/base32/ad.mips64el \
src/distrib/sets/lists/base32/ad.riscv64 \
src/distrib/sets/lists/base32/md.sparc64
cvs rdiff -u -r1.8 -r1.9 src/distrib/sets/lists/base32/ad.mips64eb \
src/distrib/sets/lists/base32/ad.powerpc64
cvs rdiff -u -r1.12 -r1.13 src/distrib/sets/lists/base32/ad.mipsn64eb \
src/distrib/sets/lists/base32/md.amd64
cvs rdiff -u -r1.11 -r1.12 src/distrib/sets/lists/base32/ad.mipsn64el
cvs rdiff -u -r1.6 -r1.7 src/distrib/sets/lists/base64/ad.mips64eb \
src/distrib/sets/lists/base64/ad.mips64el
cvs rdiff -u -r1.437 -r1.438 src/distrib/sets/lists/debug/mi
cvs rdiff -u -r1.343 -r1.344 src/distrib/sets/lists/debug/shl.mi
cvs rdiff -u -r1.12 -r1.13 src/distrib/sets/lists/debug32/ad.aarch64 \
src/distrib/sets/lists/debug32/ad.mips64eb \
src/distrib/sets/lists/debug32/ad.mips64el
cvs rdiff -u -r1.13 -r1.14 src/distrib/sets/lists/debug32/ad.mipsn64eb \
src/distrib/sets/lists/debug32/ad.mipsn64el
cvs rdiff -u -r1.11 -r1.12 src/distrib/sets/lists/debug32/ad.powerpc64 \
src/distrib/sets/lists/debug32/ad.riscv64 \
src/distrib/sets/lists/debug32/md.sparc64
cvs rdiff -u -r1.17 -r1.18 src/distrib/sets/lists/debug32/md.amd64
cvs rdiff -u -r1.6 -r1.7 src/distrib/sets/lists/debug64/ad.mips64eb \
src/distrib/sets/lists/debug64/ad.mips64el

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/crypto/external/bsd/openssh

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:33:45 UTC 2024

Modified Files:
src/crypto/external/bsd/openssh: openssh2netbsd
src/crypto/external/bsd/openssh/bin/sshd: Makefile
src/crypto/external/bsd/openssh/dist: PROTOCOL.agent addr.c auth-pam.c
auth-pam.h auth-rhosts.c auth.c auth.h auth2-gss.c
auth2-hostbased.c auth2-kbdint.c auth2-krb5.c auth2-methods.c
auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c channels.c
channels.h cipher.c clientloop.c clientloop.h includes.h
kex-names.c kex.c kex.h kexgexs.c log.c log.h misc.c misc.h
monitor.c monitor.h monitor_wrap.c monitor_wrap.h msg.c packet.c
packet.h pathnames.h readconf.c readpass.c scp.c servconf.c
servconf.h serverloop.c session.c sftp-client.c sftp-server.c
sftp.c srclimit.c ssh-add.1 ssh-gss.h ssh-keygen.1 ssh-keyscan.1
ssh-keyscan.c ssh-keysign.8 ssh-keysign.c ssh-pkcs11.c ssh.1
ssh_api.c ssh_config.5 sshbuf.h sshconnect.c sshconnect.h
sshconnect2.c sshd-session.c sshd.8 sshd.c sshd_config.5 sshkey.h
version.h
src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048
moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192
src/crypto/external/bsd/openssh/lib: Makefile shlib_version
src/crypto/external/bsd/openssh/libexec: Makefile

Log Message:
resolve conflicts between 9.7 and 9.8


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/openssh2netbsd
cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/bin/sshd/Makefile
cvs rdiff -u -r1.16 -r1.17 \
src/crypto/external/bsd/openssh/dist/PROTOCOL.agent \
src/crypto/external/bsd/openssh/dist/auth-rhosts.c \
src/crypto/external/bsd/openssh/dist/auth2-passwd.c \
src/crypto/external/bsd/openssh/dist/ssh_api.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/addr.c
cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/auth-pam.c \
src/crypto/external/bsd/openssh/dist/cipher.c
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/auth-pam.h \
src/crypto/external/bsd/openssh/dist/auth2-krb5.c \
src/crypto/external/bsd/openssh/dist/ssh-gss.h
cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/auth.c \
src/crypto/external/bsd/openssh/dist/auth2-pubkey.c \
src/crypto/external/bsd/openssh/dist/monitor_wrap.c \
src/crypto/external/bsd/openssh/dist/ssh-keygen.1
cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/auth.h \
src/crypto/external/bsd/openssh/dist/auth2-hostbased.c \
src/crypto/external/bsd/openssh/dist/kexgexs.c \
src/crypto/external/bsd/openssh/dist/monitor_wrap.h
cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/auth2-gss.c \
src/crypto/external/bsd/openssh/dist/log.h \
src/crypto/external/bsd/openssh/dist/sshconnect.h
cvs rdiff -u -r1.15 -r1.16 \
src/crypto/external/bsd/openssh/dist/auth2-kbdint.c \
src/crypto/external/bsd/openssh/dist/pathnames.h
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/crypto/external/bsd/openssh/dist/auth2-methods.c \
src/crypto/external/bsd/openssh/dist/kex-names.c \
src/crypto/external/bsd/openssh/dist/sshd-session.c
cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/auth2-none.c \
src/crypto/external/bsd/openssh/dist/ssh-keysign.8
cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/auth2.c \
src/crypto/external/bsd/openssh/dist/servconf.h \
src/crypto/external/bsd/openssh/dist/sftp-server.c
cvs rdiff -u -r1.43 -r1.44 src/crypto/external/bsd/openssh/dist/channels.c \
src/crypto/external/bsd/openssh/dist/sshd_config.5
cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/channels.h \
src/crypto/external/bsd/openssh/dist/packet.h \
src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c
cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/clientloop.c \
src/crypto/external/bsd/openssh/dist/sftp.c
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/clientloop.h \
src/crypto/external/bsd/openssh/dist/readpass.c \
src/crypto/external/bsd/openssh/dist/ssh-keyscan.1
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/includes.h
cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/kex.c \
src/crypto/external/bsd/openssh/dist/serverloop.c \
src/crypto/external/bsd/openssh/dist/sftp-client.c
cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/kex.h \
src/crypto/external/bsd/openssh/dist/ssh-keysign.c
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/log.c
cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/misc.c
cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/misc.h
cvs rdiff -u -r1.44 -r1.45 src/crypto/external/bsd/openssh/dist/monitor.c
cvs rdiff -u -r1.13 -r1.14 src/crypto/ex

CVS commit: src/crypto/external/bsd/openssh

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:33:45 UTC 2024

Modified Files:
src/crypto/external/bsd/openssh: openssh2netbsd
src/crypto/external/bsd/openssh/bin/sshd: Makefile
src/crypto/external/bsd/openssh/dist: PROTOCOL.agent addr.c auth-pam.c
auth-pam.h auth-rhosts.c auth.c auth.h auth2-gss.c
auth2-hostbased.c auth2-kbdint.c auth2-krb5.c auth2-methods.c
auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c channels.c
channels.h cipher.c clientloop.c clientloop.h includes.h
kex-names.c kex.c kex.h kexgexs.c log.c log.h misc.c misc.h
monitor.c monitor.h monitor_wrap.c monitor_wrap.h msg.c packet.c
packet.h pathnames.h readconf.c readpass.c scp.c servconf.c
servconf.h serverloop.c session.c sftp-client.c sftp-server.c
sftp.c srclimit.c ssh-add.1 ssh-gss.h ssh-keygen.1 ssh-keyscan.1
ssh-keyscan.c ssh-keysign.8 ssh-keysign.c ssh-pkcs11.c ssh.1
ssh_api.c ssh_config.5 sshbuf.h sshconnect.c sshconnect.h
sshconnect2.c sshd-session.c sshd.8 sshd.c sshd_config.5 sshkey.h
version.h
src/crypto/external/bsd/openssh/dist/moduli-gen: moduli.2048
moduli.3072 moduli.4096 moduli.6144 moduli.7680 moduli.8192
src/crypto/external/bsd/openssh/lib: Makefile shlib_version
src/crypto/external/bsd/openssh/libexec: Makefile

Log Message:
resolve conflicts between 9.7 and 9.8


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/openssh2netbsd
cvs rdiff -u -r1.27 -r1.28 src/crypto/external/bsd/openssh/bin/sshd/Makefile
cvs rdiff -u -r1.16 -r1.17 \
src/crypto/external/bsd/openssh/dist/PROTOCOL.agent \
src/crypto/external/bsd/openssh/dist/auth-rhosts.c \
src/crypto/external/bsd/openssh/dist/auth2-passwd.c \
src/crypto/external/bsd/openssh/dist/ssh_api.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/addr.c
cvs rdiff -u -r1.21 -r1.22 src/crypto/external/bsd/openssh/dist/auth-pam.c \
src/crypto/external/bsd/openssh/dist/cipher.c
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/auth-pam.h \
src/crypto/external/bsd/openssh/dist/auth2-krb5.c \
src/crypto/external/bsd/openssh/dist/ssh-gss.h
cvs rdiff -u -r1.34 -r1.35 src/crypto/external/bsd/openssh/dist/auth.c \
src/crypto/external/bsd/openssh/dist/auth2-pubkey.c \
src/crypto/external/bsd/openssh/dist/monitor_wrap.c \
src/crypto/external/bsd/openssh/dist/ssh-keygen.1
cvs rdiff -u -r1.23 -r1.24 src/crypto/external/bsd/openssh/dist/auth.h \
src/crypto/external/bsd/openssh/dist/auth2-hostbased.c \
src/crypto/external/bsd/openssh/dist/kexgexs.c \
src/crypto/external/bsd/openssh/dist/monitor_wrap.h
cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/auth2-gss.c \
src/crypto/external/bsd/openssh/dist/log.h \
src/crypto/external/bsd/openssh/dist/sshconnect.h
cvs rdiff -u -r1.15 -r1.16 \
src/crypto/external/bsd/openssh/dist/auth2-kbdint.c \
src/crypto/external/bsd/openssh/dist/pathnames.h
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/crypto/external/bsd/openssh/dist/auth2-methods.c \
src/crypto/external/bsd/openssh/dist/kex-names.c \
src/crypto/external/bsd/openssh/dist/sshd-session.c
cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/auth2-none.c \
src/crypto/external/bsd/openssh/dist/ssh-keysign.8
cvs rdiff -u -r1.30 -r1.31 src/crypto/external/bsd/openssh/dist/auth2.c \
src/crypto/external/bsd/openssh/dist/servconf.h \
src/crypto/external/bsd/openssh/dist/sftp-server.c
cvs rdiff -u -r1.43 -r1.44 src/crypto/external/bsd/openssh/dist/channels.c \
src/crypto/external/bsd/openssh/dist/sshd_config.5
cvs rdiff -u -r1.26 -r1.27 src/crypto/external/bsd/openssh/dist/channels.h \
src/crypto/external/bsd/openssh/dist/packet.h \
src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c
cvs rdiff -u -r1.40 -r1.41 src/crypto/external/bsd/openssh/dist/clientloop.c \
src/crypto/external/bsd/openssh/dist/sftp.c
cvs rdiff -u -r1.18 -r1.19 src/crypto/external/bsd/openssh/dist/clientloop.h \
src/crypto/external/bsd/openssh/dist/readpass.c \
src/crypto/external/bsd/openssh/dist/ssh-keyscan.1
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/includes.h
cvs rdiff -u -r1.35 -r1.36 src/crypto/external/bsd/openssh/dist/kex.c \
src/crypto/external/bsd/openssh/dist/serverloop.c \
src/crypto/external/bsd/openssh/dist/sftp-client.c
cvs rdiff -u -r1.25 -r1.26 src/crypto/external/bsd/openssh/dist/kex.h \
src/crypto/external/bsd/openssh/dist/ssh-keysign.c
cvs rdiff -u -r1.29 -r1.30 src/crypto/external/bsd/openssh/dist/log.c
cvs rdiff -u -r1.36 -r1.37 src/crypto/external/bsd/openssh/dist/misc.c
cvs rdiff -u -r1.28 -r1.29 src/crypto/external/bsd/openssh/dist/misc.h
cvs rdiff -u -r1.44 -r1.45 src/crypto/external/bsd/openssh/dist/monitor.c
cvs rdiff -u -r1.13 -r1.14 src/crypto/ex

CVS import: src/crypto/external/bsd/openssh/dist

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:27:36 UTC 2024

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv3538

Log Message:
Import OpenSSH-9.8 (previous was 9.7)

Security


This release contains fixes for two security problems, one critical
and one minor.

1) Race condition in sshd(8)

A critical vulnerability in sshd(8) was present in Portable OpenSSH
versions between 8.5p1 and 9.7p1 (inclusive) that may allow arbitrary
code execution with root privileges.

Successful exploitation has been demonstrated on 32-bit Linux/glibc
systems with ASLR. Under lab conditions, the attack requires on
average 6-8 hours of continuous connections up to the maximum the
server will accept. Exploitation on 64-bit systems is believed to be
possible but has not been demonstrated at this time. It's likely that
these attacks will be improved upon.

Exploitation on non-glibc systems is conceivable but has not been
examined. Systems that lack ASLR or users of downstream Linux
distributions that have modified OpenSSH to disable per-connection
ASLR re-randomisation (yes - this is a thing, no - we don't
understand why) may potentially have an easier path to exploitation.
OpenBSD is not vulnerable.

We thank the Qualys Security Advisory Team for discovering, reporting
and demonstrating exploitability of this problem, and for providing
detailed feedback on additional mitigation measures.

2) Logic error in ssh(1) ObscureKeystrokeTiming

In OpenSSH version 9.5 through 9.7 (inclusive), when connected to an
OpenSSH server version 9.5 or later, a logic error in the ssh(1)
ObscureKeystrokeTiming feature (on by default) rendered this feature
ineffective - a passive observer could still detect which network
packets contained real keystrokes when the countermeasure was active
because both fake and real keystroke packets were being sent
unconditionally.

This bug was found by Philippos Giavridis and also independently by
Jacky Wei En Kung, Daniel Hugenroth and Alastair Beresford of the
University of Cambridge Computer Lab.

Worse, the unconditional sending of both fake and real keystroke
packets broke another long-standing timing attack mitigation. Since
OpenSSH 2.9.9 sshd(8) has sent fake keystoke echo packets for
traffic received on TTYs in echo-off mode, such as when entering a
password into su(8) or sudo(8). This bug rendered these fake
keystroke echoes ineffective and could allow a passive observer of
a SSH session to once again detect when echo was off and obtain
fairly limited timing information about keystrokes in this situation
(20ms granularity by default).

This additional implication of the bug was identified by Jacky Wei
En Kung, Daniel Hugenroth and Alastair Beresford and we thank them
for their detailed analysis.

This bug does not affect connections when ObscureKeystrokeTiming
was disabled or sessions where no TTY was requested.

Future deprecation notice
=

OpenSSH plans to remove support for the DSA signature algorithm in
early 2025. This release disables DSA by default at compile time.

DSA, as specified in the SSHv2 protocol, is inherently weak - being
limited to a 160 bit private key and use of the SHA1 digest. Its
estimated security level is only 80 bits symmetric equivalent.

OpenSSH has disabled DSA keys by default since 2015 but has retained
run-time optional support for them. DSA was the only mandatory-to-
implement algorithm in the SSHv2 RFCs, mostly because alternative
algorithms were encumbered by patents when the SSHv2 protocol was
specified.

This has not been the case for decades at this point and better
algorithms are well supported by all actively-maintained SSH
implementations. We do not consider the costs of maintaining DSA
in OpenSSH to be justified and hope that removing it from OpenSSH
can accelerate its wider deprecation in supporting cryptography
libraries.

This release, and its deactivation of DSA by default at compile-time,
marks the second step in our timeline to finally deprecate DSA. The
final step of removing DSA support entirely is planned for the first
OpenSSH release of 2025.

DSA support may be re-enabled in OpenBSD by setting "DSAKEY=yes"
in Makefile.inc. To enable DSA support in portable OpenSSH, pass
the "--enable-dsa-keys" option to configure.

Potentially-incompatible changes


 * all: as mentioned above, the DSA signature algorithm is now
   disabled at compile time.

 * sshd(8): the server will now block client addresses that
   repeatedly fail authentication, repeatedly connect without ever
   completing authentication or that crash the server. See the
   discussion of PerSourcePenalties below for more information.
   Operators of servers that accept connections from many users, or
   servers that accept connections from addresses behind NAT or
   proxies may need to consider these settings.

 * sshd(8): the server has been split into a

CVS import: src/crypto/external/bsd/openssh/dist

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:27:36 UTC 2024

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv3538

Log Message:
Import OpenSSH-9.8 (previous was 9.7)

Security


This release contains fixes for two security problems, one critical
and one minor.

1) Race condition in sshd(8)

A critical vulnerability in sshd(8) was present in Portable OpenSSH
versions between 8.5p1 and 9.7p1 (inclusive) that may allow arbitrary
code execution with root privileges.

Successful exploitation has been demonstrated on 32-bit Linux/glibc
systems with ASLR. Under lab conditions, the attack requires on
average 6-8 hours of continuous connections up to the maximum the
server will accept. Exploitation on 64-bit systems is believed to be
possible but has not been demonstrated at this time. It's likely that
these attacks will be improved upon.

Exploitation on non-glibc systems is conceivable but has not been
examined. Systems that lack ASLR or users of downstream Linux
distributions that have modified OpenSSH to disable per-connection
ASLR re-randomisation (yes - this is a thing, no - we don't
understand why) may potentially have an easier path to exploitation.
OpenBSD is not vulnerable.

We thank the Qualys Security Advisory Team for discovering, reporting
and demonstrating exploitability of this problem, and for providing
detailed feedback on additional mitigation measures.

2) Logic error in ssh(1) ObscureKeystrokeTiming

In OpenSSH version 9.5 through 9.7 (inclusive), when connected to an
OpenSSH server version 9.5 or later, a logic error in the ssh(1)
ObscureKeystrokeTiming feature (on by default) rendered this feature
ineffective - a passive observer could still detect which network
packets contained real keystrokes when the countermeasure was active
because both fake and real keystroke packets were being sent
unconditionally.

This bug was found by Philippos Giavridis and also independently by
Jacky Wei En Kung, Daniel Hugenroth and Alastair Beresford of the
University of Cambridge Computer Lab.

Worse, the unconditional sending of both fake and real keystroke
packets broke another long-standing timing attack mitigation. Since
OpenSSH 2.9.9 sshd(8) has sent fake keystoke echo packets for
traffic received on TTYs in echo-off mode, such as when entering a
password into su(8) or sudo(8). This bug rendered these fake
keystroke echoes ineffective and could allow a passive observer of
a SSH session to once again detect when echo was off and obtain
fairly limited timing information about keystrokes in this situation
(20ms granularity by default).

This additional implication of the bug was identified by Jacky Wei
En Kung, Daniel Hugenroth and Alastair Beresford and we thank them
for their detailed analysis.

This bug does not affect connections when ObscureKeystrokeTiming
was disabled or sessions where no TTY was requested.

Future deprecation notice
=

OpenSSH plans to remove support for the DSA signature algorithm in
early 2025. This release disables DSA by default at compile time.

DSA, as specified in the SSHv2 protocol, is inherently weak - being
limited to a 160 bit private key and use of the SHA1 digest. Its
estimated security level is only 80 bits symmetric equivalent.

OpenSSH has disabled DSA keys by default since 2015 but has retained
run-time optional support for them. DSA was the only mandatory-to-
implement algorithm in the SSHv2 RFCs, mostly because alternative
algorithms were encumbered by patents when the SSHv2 protocol was
specified.

This has not been the case for decades at this point and better
algorithms are well supported by all actively-maintained SSH
implementations. We do not consider the costs of maintaining DSA
in OpenSSH to be justified and hope that removing it from OpenSSH
can accelerate its wider deprecation in supporting cryptography
libraries.

This release, and its deactivation of DSA by default at compile-time,
marks the second step in our timeline to finally deprecate DSA. The
final step of removing DSA support entirely is planned for the first
OpenSSH release of 2025.

DSA support may be re-enabled in OpenBSD by setting "DSAKEY=yes"
in Makefile.inc. To enable DSA support in portable OpenSSH, pass
the "--enable-dsa-keys" option to configure.

Potentially-incompatible changes


 * all: as mentioned above, the DSA signature algorithm is now
   disabled at compile time.

 * sshd(8): the server will now block client addresses that
   repeatedly fail authentication, repeatedly connect without ever
   completing authentication or that crash the server. See the
   discussion of PerSourcePenalties below for more information.
   Operators of servers that accept connections from many users, or
   servers that accept connections from addresses behind NAT or
   proxies may need to consider these settings.

 * sshd(8): the server has been split into a

CVS commit: src

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:14:31 UTC 2024

Modified Files:
src/distrib/sets/lists/comp: mi
src/lib/libc/gen: Makefile.inc syslog.3 syslog_ss.c
src/lib/libc/include: extern.h
src/sys/sys: syslog.h

Log Message:
PR/58391: Noriyuki Soda: re-adding syslog_ss() to syslog.h and syslog.3


To generate a diff of this commit:
cvs rdiff -u -r1.2461 -r1.2462 src/distrib/sets/lists/comp/mi
cvs rdiff -u -r1.217 -r1.218 src/lib/libc/gen/Makefile.inc
cvs rdiff -u -r1.33 -r1.34 src/lib/libc/gen/syslog.3
cvs rdiff -u -r1.3 -r1.4 src/lib/libc/gen/syslog_ss.c
cvs rdiff -u -r1.29 -r1.30 src/lib/libc/include/extern.h
cvs rdiff -u -r1.41 -r1.42 src/sys/sys/syslog.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/distrib/sets/lists/comp/mi
diff -u src/distrib/sets/lists/comp/mi:1.2461 src/distrib/sets/lists/comp/mi:1.2462
--- src/distrib/sets/lists/comp/mi:1.2461	Mon Jul  1 00:03:04 2024
+++ src/distrib/sets/lists/comp/mi	Mon Jul  8 18:14:30 2024
@@ -1,4 +1,4 @@
-#	$NetBSD: mi,v 1.2461 2024/07/01 04:03:04 mrg Exp $
+#	$NetBSD: mi,v 1.2462 2024/07/08 22:14:30 christos Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 ./etc/mtree/set.compcomp-sys-root
@@ -10977,9 +10977,10 @@
 ./usr/share/man/cat3/sysexits.0			comp-c-catman		.cat
 ./usr/share/man/cat3/syslog.0			comp-c-catman		.cat
 ./usr/share/man/cat3/syslog_r.0			comp-c-catman		.cat
-./usr/share/man/cat3/syslog_ss.0		comp-obsolete		obsolete
+./usr/share/man/cat3/syslog_ss.0		comp-c-catman		.cat
 ./usr/share/man/cat3/syslogp.0			comp-c-catman		.cat
 ./usr/share/man/cat3/syslogp_r.0		comp-c-catman		.cat
+./usr/share/man/cat3/syslogp_ss.0		comp-c-catman		.cat
 ./usr/share/man/cat3/system.0			comp-c-catman		.cat
 ./usr/share/man/cat3/t_freent.0			comp-obsolete		obsolete
 ./usr/share/man/cat3/t_getent.0			comp-obsolete		obsolete
@@ -11219,9 +11220,10 @@
 ./usr/share/man/cat3/vswscanf.0			comp-c-catman		.cat
 ./usr/share/man/cat3/vsyslog.0			comp-c-catman		.cat
 ./usr/share/man/cat3/vsyslog_r.0		comp-c-catman		.cat
-./usr/share/man/cat3/vsyslog_ss.0		comp-obsolete		obsolete
+./usr/share/man/cat3/vsyslog_ss.0		comp-c-catman		.cat
 ./usr/share/man/cat3/vsyslogp.0			comp-c-catman		.cat
 ./usr/share/man/cat3/vsyslogp_r.0		comp-c-catman		.cat
+./usr/share/man/cat3/vsyslogp_ss.0		comp-c-catman		.cat
 ./usr/share/man/cat3/vtimes.0			comp-obsolete		obsolete
 ./usr/share/man/cat3/vwarn.0			comp-c-catman		.cat
 ./usr/share/man/cat3/vwarnc.0			comp-c-catman		.cat
@@ -19444,8 +19446,10 @@
 ./usr/share/man/html3/sysexits.html		comp-c-htmlman		html
 ./usr/share/man/html3/syslog.html		comp-c-htmlman		html
 ./usr/share/man/html3/syslog_r.html		comp-c-htmlman		html
+./usr/share/man/html3/syslog_ss.html		comp-c-htmlman		html
 ./usr/share/man/html3/syslogp.html		comp-c-htmlman		html
 ./usr/share/man/html3/syslogp_r.html		comp-c-htmlman		html
+./usr/share/man/html3/syslogp_ss.html		comp-c-htmlman		html
 ./usr/share/man/html3/system.html		comp-c-htmlman		html
 ./usr/share/man/html3/t_freent.html		comp-obsolete		obsolete
 ./usr/share/man/html3/t_getent.html		comp-obsolete		obsolete
@@ -19671,8 +19675,10 @@
 ./usr/share/man/html3/vswscanf.html		comp-c-htmlman		html
 ./usr/share/man/html3/vsyslog.html		comp-c-htmlman		html
 ./usr/share/man/html3/vsyslog_r.html		comp-c-htmlman		html
+./usr/share/man/html3/vsyslog_ss.html		comp-c-htmlman		html
 ./usr/share/man/html3/vsyslogp.html		comp-c-htmlman		html
 ./usr/share/man/html3/vsyslogp_r.html		comp-c-htmlman		html
+./usr/share/man/html3/vsyslogp_ss.html		comp-c-htmlman		html
 ./usr/share/man/html3/vwarn.html		comp-c-htmlman		html
 ./usr/share/man/html3/vwarnc.html		comp-c-htmlman		html
 ./usr/share/man/html3/vwarnx.html		comp-c-htmlman		html
@@ -27949,9 +27955,10 @@
 ./usr/share/man/man3/sysexits.3			comp-c-man		.man
 ./usr/share/man/man3/syslog.3			comp-c-man		.man
 ./usr/share/man/man3/syslog_r.3			comp-c-man		.man
-./usr/share/man/man3/syslog_ss.3		comp-obsolete		obsolete
+./usr/share/man/man3/syslog_ss.3		comp-c-man		.man
 ./usr/share/man/man3/syslogp.3			comp-c-man		.man
 ./usr/share/man/man3/syslogp_r.3		comp-c-man		.man
+./usr/share/man/man3/syslogp_ss.3		comp-c-man		.man
 ./usr/share/man/man3/system.3			comp-c-man		.man
 ./usr/share/man/man3/t_freent.3			comp-obsolete		obsolete
 ./usr/share/man/man3/t_getent.3			comp-obsolete		obsolete
@@ -28191,9 +28198,10 @@
 ./usr/share/man/man3/vswscanf.3			comp-c-man		.man
 ./usr/share/man/man3/vsyslog.3			comp-c-man		.man
 ./usr/share/man/man3/vsyslog_r.3		comp-c-man		.man
-./usr/share/man/man3/vsyslog_ss.3		comp-obsolete		obsolete
+./usr/share/man/man3/vsyslog_ss.3		comp-c-man		.man
 ./usr/share/man/man3/vsyslogp.3			comp-c-man		.man
 ./usr/share/man/man3/vsyslogp_r.3		comp-c-man		.man
+./usr/share/man/man3/vsyslogp_ss.3		comp-c-man		.man
 ./usr/share/man/man3/vtimes.3			comp-obsolete		obsolete
 ./usr/shar

CVS commit: src

2024-07-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jul  8 22:14:31 UTC 2024

Modified Files:
src/distrib/sets/lists/comp: mi
src/lib/libc/gen: Makefile.inc syslog.3 syslog_ss.c
src/lib/libc/include: extern.h
src/sys/sys: syslog.h

Log Message:
PR/58391: Noriyuki Soda: re-adding syslog_ss() to syslog.h and syslog.3


To generate a diff of this commit:
cvs rdiff -u -r1.2461 -r1.2462 src/distrib/sets/lists/comp/mi
cvs rdiff -u -r1.217 -r1.218 src/lib/libc/gen/Makefile.inc
cvs rdiff -u -r1.33 -r1.34 src/lib/libc/gen/syslog.3
cvs rdiff -u -r1.3 -r1.4 src/lib/libc/gen/syslog_ss.c
cvs rdiff -u -r1.29 -r1.30 src/lib/libc/include/extern.h
cvs rdiff -u -r1.41 -r1.42 src/sys/sys/syslog.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/distrib/sets/lists/debug

2024-07-08 Thread Rin Okuyama

Module Name:src
Committed By:   rin
Date:   Mon Jul  8 14:10:13 UTC 2024

Modified Files:
src/distrib/sets/lists/debug: md.amd64

Log Message:
sets: amd64: Fix `!compat && debuglib` build


To generate a diff of this commit:
cvs rdiff -u -r1.125 -r1.126 src/distrib/sets/lists/debug/md.amd64

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/distrib/sets/lists/debug/md.amd64
diff -u src/distrib/sets/lists/debug/md.amd64:1.125 src/distrib/sets/lists/debug/md.amd64:1.126
--- src/distrib/sets/lists/debug/md.amd64:1.125	Mon Jul  1 04:03:04 2024
+++ src/distrib/sets/lists/debug/md.amd64	Mon Jul  8 14:10:13 2024
@@ -1,5 +1,5 @@
-# $NetBSD: md.amd64,v 1.125 2024/07/01 04:03:04 mrg Exp $
-./usr/lib/libtsan_g.acomp-c-debuglib		compat,debuglib,arch64,cxx,gcccmds,gcc
+# $NetBSD: md.amd64,v 1.126 2024/07/08 14:10:13 rin Exp $
+./usr/lib/libtsan_g.acomp-c-debuglib		debuglib,arch64,cxx,gcccmds,gcc
 ./usr/lib/libx86_64_g.acomp-c-debuglib		debuglib
 ./usr/libdata/debug/usr/bin/fdformat.debug	comp-util-debug		debug
 ./usr/libdata/debug/usr/bin/gdbserver.debug	base-util-debug		gdb,debug

CVS commit: src/distrib/sets/lists/debug

2024-07-08 Thread Rin Okuyama

Module Name:src
Committed By:   rin
Date:   Mon Jul  8 14:10:13 UTC 2024

Modified Files:
src/distrib/sets/lists/debug: md.amd64

Log Message:
sets: amd64: Fix `!compat && debuglib` build


To generate a diff of this commit:
cvs rdiff -u -r1.125 -r1.126 src/distrib/sets/lists/debug/md.amd64

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sbin/swapctl

2024-07-08 Thread Paul Goyette

Module Name:src
Committed By:   pgoyette
Date:   Mon Jul  8 09:23:51 UTC 2024

Modified Files:
src/sbin/swapctl: swapctl.8

Log Message:
s/point mount/mount point/


To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 src/sbin/swapctl/swapctl.8

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sbin/swapctl/swapctl.8
diff -u src/sbin/swapctl/swapctl.8:1.45 src/sbin/swapctl/swapctl.8:1.46
--- src/sbin/swapctl/swapctl.8:1.45	Sun Feb  4 05:43:06 2024
+++ src/sbin/swapctl/swapctl.8	Mon Jul  8 09:23:50 2024
@@ -1,4 +1,4 @@
-.\"	$NetBSD: swapctl.8,v 1.45 2024/02/04 05:43:06 mrg Exp $
+.\"	$NetBSD: swapctl.8,v 1.46 2024/07/08 09:23:50 pgoyette Exp $
 .\"
 .\" Copyright (c) 1997 Matthew R. Green
 .\" All rights reserved.
@@ -316,7 +316,7 @@ This option is useful for swapping to NF
 It specifies the local mount point to mount an NFS filesystem.
 The mount point must exist as a directory.
 Typically, once this mount has succeeded, the file to be used for swapping
-on will be available under this point mount.
+on will be available under this mount point.
 For example:
 .Bd -literal
 server:/export/swap/client none swap sw,nfsmntpt=/swap

CVS commit: src/sbin/swapctl

2024-07-08 Thread Paul Goyette

Module Name:src
Committed By:   pgoyette
Date:   Mon Jul  8 09:23:51 UTC 2024

Modified Files:
src/sbin/swapctl: swapctl.8

Log Message:
s/point mount/mount point/


To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 src/sbin/swapctl/swapctl.8

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/doc

2024-07-08 Thread Nia Alarie

Module Name:src
Committed By:   nia
Date:   Mon Jul  8 08:00:08 UTC 2024

Modified Files:
src/doc: CHANGES

Log Message:
changes from the past week


To generate a diff of this commit:
cvs rdiff -u -r1.3071 -r1.3072 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/doc/CHANGES
diff -u src/doc/CHANGES:1.3071 src/doc/CHANGES:1.3072
--- src/doc/CHANGES:1.3071	Sun Jun 30 18:53:48 2024
+++ src/doc/CHANGES	Mon Jul  8 08:00:08 2024
@@ -1,4 +1,4 @@
-# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.3071 $>
+# LIST OF CHANGES FROM LAST RELEASE:			<$Revision: 1.3072 $>
 #
 #
 # [Note: This file does not mention every change made to the NetBSD source tree.
@@ -443,3 +443,9 @@ Changes from NetBSD 10.0 to NetBSD 11.0:
 	evbarm: Add support for Ampere Altra/Altra Max platforms.
 		[jmcneill 20240630]
 	evbarm: Add NUMA awareness for ACPI based systems. [jmcneill 20240630]
+	compat_linux(8): Add linux POSIX message queue support (from
+		Ricardo Branco) [christos 20240701]
+	u3g(4): add support for Sierra Wireless MC7304 devices
+		(from Reinhard Speyerer) [christos 20240704]
+	mcx(4): Match on ConnectX-6 virtual functions, from OpenBSD.
+		[msaitoh 20240707]

CVS commit: src/doc

2024-07-08 Thread Nia Alarie

Module Name:src
Committed By:   nia
Date:   Mon Jul  8 08:00:08 UTC 2024

Modified Files:
src/doc: CHANGES

Log Message:
changes from the past week


To generate a diff of this commit:
cvs rdiff -u -r1.3071 -r1.3072 src/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/doc

2024-07-08 Thread Thomas Klausner

Module Name:src
Committed By:   wiz
Date:   Mon Jul  8 07:11:29 UTC 2024

Modified Files:
src/doc: 3RDPARTY

Log Message:
gdb-15.1 out


To generate a diff of this commit:
cvs rdiff -u -r1.2024 -r1.2025 src/doc/3RDPARTY

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/doc/3RDPARTY
diff -u src/doc/3RDPARTY:1.2024 src/doc/3RDPARTY:1.2025
--- src/doc/3RDPARTY:1.2024	Wed Jul  3 06:07:56 2024
+++ src/doc/3RDPARTY	Mon Jul  8 07:11:28 2024
@@ -1,4 +1,4 @@
-#	$NetBSD: 3RDPARTY,v 1.2024 2024/07/03 06:07:56 wiz Exp $
+#	$NetBSD: 3RDPARTY,v 1.2025 2024/07/08 07:11:28 wiz Exp $
 #
 # This file contains a list of the software that has been integrated into
 # NetBSD where we are not the primary maintainer.
@@ -489,7 +489,7 @@ Before importing a new version of extern
 
 Package:	gdb
 Version:	13.2
-Current Vers:	14.2
+Current Vers:	15.1
 Maintainer:	FSF
 Archive Site:	ftp://ftp.gnu.org/gnu/gdb/
 Home Page:	http://www.gnu.org/software/gdb/

CVS commit: src/doc

2024-07-08 Thread Thomas Klausner

Module Name:src
Committed By:   wiz
Date:   Mon Jul  8 07:11:29 UTC 2024

Modified Files:
src/doc: 3RDPARTY

Log Message:
gdb-15.1 out


To generate a diff of this commit:
cvs rdiff -u -r1.2024 -r1.2025 src/doc/3RDPARTY

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/external/gpl3/binutils

CVS commit: src/external/gpl3/binutils/usr.bin/ld

CVS commit: src/external/gpl3/binutils/usr.bin/ld

CVS commit: src/distrib/sets/lists/debug

CVS commit: src/distrib/sets/lists/debug

CVS commit: src/crypto/external/bsd/openssh/libexec/sshd-session

CVS commit: src/crypto/external/bsd/openssh/libexec/sshd-session

CVS commit: src/doc

CVS commit: src/doc

CVS commit: src/distrib/sets/lists

CVS commit: src/distrib/sets/lists

CVS commit: src/crypto/external/bsd/openssh

CVS commit: src/crypto/external/bsd/openssh

CVS import: src/crypto/external/bsd/openssh/dist

CVS import: src/crypto/external/bsd/openssh/dist

CVS commit: src

CVS commit: src

CVS commit: src/distrib/sets/lists/debug

CVS commit: src/distrib/sets/lists/debug

CVS commit: src/sbin/swapctl

CVS commit: src/sbin/swapctl

CVS commit: src/doc

CVS commit: src/doc

CVS commit: src/doc

CVS commit: src/doc

25 matches

Site Navigation

Mail list logo

Footer information