Import OpenSSH 9.5 (Last was OpenSSH 9.3)
OpenSSH 9.5/9.5p1 (2023-10-04) OpenSSH 9.5 was released on 2023-10-04. It is available from the mirrors listed at https://www.openssh.com/. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html Changes since OpenSSH 9.4 ========================= This release fixes a number of bugs and adds some small features. Potentially incompatible changes -------------------------------- * ssh-keygen(1): generate Ed25519 keys by default. Ed25519 public keys are very convenient due to their small size. Ed25519 keys are specified in RFC 8709 and OpenSSH has supported them since version 6.5 (January 2014). * sshd(8): the Subsystem directive now accurately preserves quoting of subsystem commands and arguments. This may change behaviour for exotic configurations, but the most common subsystem configuration (sftp-server) is unlikely to be affected. New features ------------ * ssh(1): add keystroke timing obfuscation to the client. This attempts to hide inter-keystroke timings by sending interactive traffic at fixed intervals (default: every 20ms) when there is only a small amount of data being sent. It also sends fake "chaff" keystrokes for a random interval after the last real keystroke. These are controlled by a new ssh_config ObscureKeystrokeTiming keyword. * ssh(1), sshd(8): Introduce a transport-level ping facility. This adds a pair of SSH transport protocol messages SSH2_MSG_PING/PONG to implement a ping capability. These messages use numbers in the "local extensions" number space and are advertised using a "ping@openssh.com" ext-info message with a string version number of "0". * sshd(8): allow override of Subsystem directives in sshd Match blocks. Bugfixes -------- * scp(1): fix scp in SFTP mode recursive upload and download of directories that contain symlinks to other directories. In scp mode, the links would be followed, but in SFTP mode they were not. bz3611 * ssh-keygen(1): handle cr+lf (instead of just cr) line endings in sshsig signature files. * ssh(1): interactive mode for ControlPersist sessions if they originally requested a tty. * sshd(8): make PerSourceMaxStartups first-match-wins * sshd(8): limit artificial login delay to a reasonable maximum (5s) and don't delay at all for the "none" authentication mechanism.cw bz3602 * sshd(8): Log errors in kex_exchange_identification() with level verbose instead of error to reduce preauth log spam. All of those get logged with a more generic error message by sshpkt_fatal(). * sshd(8): correct math for ClientAliveInterval that caused the probes to be sent less frequently than configured. * ssh(1): fix regression in OpenSSH 9.4 (mux.c r1.99) that caused multiplexed sessions to ignore SIGINT under some circumstances. Portability ----------- * Avoid clang zero-call-used-regs=all bug on Apple compilers, which for some reason have version numbers that do not match the upstream clang version numbers. bz#3584 * Fix configure test for zlib 1.3 and later/development versions. bz3604 Checksums: ========== - SHA1 (openssh-9.5.tar.gz) = 8a0bd3a91fac338d97d91817af58df731f6509a3 - SHA256 (openssh-9.5.tar.gz) = sVMxeM3d6g65qBMktJIofxmK4Ipg9dblKif0VnhPeO0= - SHA1 (openssh-9.5p1.tar.gz) = 35c16dcc6e7d0a9465faa241476ef24f76b196cc - SHA256 (openssh-9.5p1.tar.gz) = 8Cbnt5un+1QPdRgq+W3IqPHbOV+SK7yfbKYDZyaGCGs= Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available from the mirror sites: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc Reporting Bugs: =============== - Please read https://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com OpenSSH 9.4/9.4p1 (2023-08-10) OpenSSH 9.4 was released on 2023-08-10. It is available from the mirrors listed at https://www.openssh.com/. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html Changes since OpenSSH 9.3p2 =========================== This release fixes a number of bugs and adds some small features. Potentially incompatible changes -------------------------------- * This release removes support for older versions of libcrypto. OpenSSH now requires LibreSSL >= 3.1.0 or OpenSSL >= 1.1.1. Note that these versions are already deprecated by their upstream vendors. * ssh-agent(1): PKCS#11 modules must now be specified by their full paths. Previously dlopen(3) could search for them in system library directories. New features ------------ * ssh(1): allow forwarding Unix Domain sockets via ssh -W. * ssh(1): add support for configuration tags to ssh(1). This adds a ssh_config(5) "Tag" directive and corresponding "Match tag" predicate that may be used to select blocks of configuration similar to the pf.conf(5) keywords of the same name. * ssh(1): add a "match localnetwork" predicate. This allows matching on the addresses of available network interfaces and may be used to vary the effective client configuration based on network location. * ssh(1), sshd(8), ssh-keygen(1): infrastructure support for KRL extensions. This defines wire formats for optional KRL extensions and implements parsing of the new submessages. No actual extensions are supported at this point. * sshd(8): AuthorizedPrincipalsCommand and AuthorizedKeysCommand now accept two additional %-expansion sequences: %D which expands to the routing domain of the connected session and %C which expands to the addresses and port numbers for the source and destination of the connection. * ssh-keygen(1): increase the default work factor (rounds) for the bcrypt KDF used to derive symmetric encryption keys for passphrase protected key files by 50%. Bugfixes -------- * ssh-agent(1): improve isolation between loaded PKCS#11 modules by running separate ssh-pkcs11-helpers for each loaded provider. * ssh(1): make -f (fork after authentication) work correctly with multiplexed connections, including ControlPersist. bz3589 bz3589 * ssh(1): make ConnectTimeout apply to multiplexing sockets and not just to network connections. * ssh-agent(1), ssh(1): improve defences against invalid PKCS#11 modules being loaded by checking that the requested module contains the required symbol before loading it. * sshd(8): fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand appears before it in sshd_config. Since OpenSSH 8.7 the AuthorizedPrincipalsCommand directive was incorrectly ignored in this situation. bz3574 * sshd(8), ssh(1), ssh-keygen(1): remove vestigal support for KRL signatures When the KRL format was originally defined, it included support for signing of KRL objects. However, the code to sign KRLs and verify KRL signatues was never completed in OpenSSH. This release removes the partially-implemented code to verify KRLs. All OpenSSH tools now ignore KRL_SECTION_SIGNATURE sections in KRL files. * All: fix a number of memory leaks and unreachable/harmless integer overflows. * ssh-agent(1), ssh(1): don't truncate strings logged from PKCS#11 modules; GHPR406 * sshd(8), ssh(1): better validate CASignatureAlgorithms in ssh_config and sshd_config. Previously this directive would accept certificate algorithm names, but these were unusable in practice as OpenSSH does not support CA chains. bz3577 * ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature algorithms that are valid for CA signing. Previous behaviour was to list all signing algorithms, including certificate algorithms. * ssh-keyscan(1): gracefully handle systems where rlimits or the maximum number of open files is larger than INT_MAX; bz3581 * ssh-keygen(1): fix "no comment" not showing on when running `ssh-keygen -l` on multiple keys where one has a comment and other following keys do not. bz3580 * scp(1), sftp(1): adjust ftruncate() logic to handle servers that reorder requests. Previously, if the server reordered requests then the resultant file would be erroneously truncated. * ssh(1): don't incorrectly disable hostname canonicalization when CanonicalizeHostname=yes and ProxyJump was expicitly set to "none". bz3567 * scp(1): when copying local->remote, check that the source file exists before opening an SFTP connection to the server. Based on GHPR#370 Portability ----------- * All: a number of build fixes for various platforms and configuration combinations. * sshd(8): provide a replacement for the SELinux matchpathcon() function, which is deprecated. * All: relax libcrypto version checks for OpenSSL >=3. Beyond OpenSSL 3.0, the ABI compatibility guarantees are wider (only the library major must match instead of major and minor in earlier versions). bz#3548. * Tests: fix build problems for the sk-dummy.so FIDO provider module used in some tests. Checksums: ========== - SHA1 (openssh-9.4.tar.gz) = d88126d8d7b8e5bf4656587ac4a16055560641cc - SHA256 (openssh-9.4.tar.gz) = 7eqFjx2hAunw+1Jy7f1JQXq//3AMr9B3dKtASDtq8go= - SHA1 (openssh-9.4p1.tar.gz) = 5dea1f3c88f9cfe53a711a3c893ee8b7d3ffecff - SHA256 (openssh-9.4p1.tar.gz) = Ngj9kIjbIWPOs+YAyFq3nQ3j0iHlkZLqGSPiMmOGaoU= Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available from the mirror sites: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc Reporting Bugs: =============== - Please read https://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com
This commit is contained in:
christos
parent
91811c4fb2
commit
579b0363eb
|
|
@ -37,6 +37,7 @@ The available section types are:
|
|||
#define KRL_SECTION_FINGERPRINT_SHA1 3
|
||||
#define KRL_SECTION_SIGNATURE 4
|
||||
#define KRL_SECTION_FINGERPRINT_SHA256 5
|
||||
#define KRL_SECTION_EXTENSION 255
|
||||
|
||||
2. Certificate section
|
||||
|
||||
|
|
@ -64,6 +65,7 @@ The certificate section types are:
|
|||
#define KRL_SECTION_CERT_SERIAL_RANGE 0x21
|
||||
#define KRL_SECTION_CERT_SERIAL_BITMAP 0x22
|
||||
#define KRL_SECTION_CERT_KEY_ID 0x23
|
||||
#define KRL_SECTION_CERT_EXTENSION 0x39
|
||||
|
||||
2.1 Certificate serial list section
|
||||
|
||||
|
|
@ -114,6 +116,29 @@ associated with a particular identity, e.g. a host or a user.
|
|||
This section must contain at least one "key_id". This section may appear
|
||||
multiple times.
|
||||
|
||||
2.5. Certificate Extension subsections
|
||||
|
||||
This subsection type provides a generic extension mechanism to the
|
||||
certificates KRL section that may be used to provide optional or critical
|
||||
data.
|
||||
|
||||
Extensions are stored in subsections of type
|
||||
KRL_SECTION_CERT_EXTENSION with the following contents:
|
||||
|
||||
string extension_name
|
||||
boolean is_critical
|
||||
string extension_contents.
|
||||
|
||||
Where "extension_name" describes the type of extension. It is
|
||||
recommended that user extensions follow "cert-name@domain.org" naming.
|
||||
|
||||
The "is_critical" indicates whether this extension is mandatory or
|
||||
optional. If true, then any unsupported extension encountered should
|
||||
result in KRL parsing failure. If false, then it may be safely be
|
||||
ignored.
|
||||
|
||||
The "extension_contents" contains the body of the extension.
|
||||
|
||||
3. Explicit key sections
|
||||
|
||||
These sections, identified as KRL_SECTION_EXPLICIT_KEY, revoke keys
|
||||
|
|
@ -144,7 +169,33 @@ as a big-endian integer.
|
|||
|
||||
This section may appear multiple times.
|
||||
|
||||
5. KRL signature sections
|
||||
5. Extension sections
|
||||
|
||||
This section type provides a generic extension mechanism to the KRL
|
||||
format that may be used to provide optional or critical data.
|
||||
|
||||
Extensions are recorded in sections of type KRL_SECTION_EXTENSION
|
||||
with the following contents:
|
||||
|
||||
string extension_name
|
||||
boolean is_critical
|
||||
string extension_contents.
|
||||
|
||||
Where "extension_name" describes the type of extension. It is
|
||||
recommended that user extensions follow "name@domain.org" naming.
|
||||
|
||||
The "is_critical" indicates whether this extension is mandatory or
|
||||
optional. If true, then any unsupported extension encountered should
|
||||
result in KRL parsing failure. If false, then it may be safely be
|
||||
ignored.
|
||||
|
||||
The "extension_contents" contains the body of the extension.
|
||||
|
||||
6. KRL signature sections
|
||||
|
||||
Note: KRL signatures are not supported by OpenSSH. OpenSSH >= 9.4 will
|
||||
refuse to load KRLs that contain signatures. We recommend the use
|
||||
of SSHSIG (`ssh-keygen -Y sign ...`) style signatures for KRLs instead.
|
||||
|
||||
The KRL_SECTION_SIGNATURE section serves a different purpose to the
|
||||
preceding ones: to provide cryptographic authentication of a KRL that
|
||||
|
|
@ -168,4 +219,4 @@ Implementations that retrieve KRLs over untrusted channels must verify
|
|||
signatures. Signature sections are optional for KRLs distributed by
|
||||
trusted means.
|
||||
|
||||
$OpenBSD: PROTOCOL.krl,v 1.5 2018/09/12 01:21:34 djm Exp $
|
||||
$OpenBSD: PROTOCOL.krl,v 1.7 2023/07/17 04:01:10 djm Exp $
|
||||
|
|
|
|||
Loading…
Reference in New Issue