Mailing List Archive

1 2 3  View All
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
On Fri, 18 Feb 2022, Darren Tucker wrote:

> Thanks, that does help. I'll add that to the github CI test configs.

You’re welcome.

> with this patch passes. Might be the pfd.fd=-1 for marking FDs as
> unused that's causing it to fail?

Hmm. POSIX says:

If the value of fd is less than 0, events shall be ignored, and
revents shall be set to 0 in that entry on return from poll().

musl says they strictly follow POSIX. Might be a bug?
Probably best to ask there. http://musl.libc.org/ links to IRC and
a mailing list. I checked their known issues list, but poll doesn’t
show up there.

> > (Why the configure script doesn't configure the tests so
> > they run only those that can actually be run without OpenSSL
> > is beyond me???)
>
> Both those tests and the Makefile predate --without-openssl by a
> considerable time. Right now regress/Makefile is not processed by
> configure and changing that never made it to the top of a to-do list.

Ah, okay.

bye,
//mirabilos
--
Infrastrukturexperte • tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn • http://www.tarent.de/
Telephon +49 228 54881-393 • Fax: +49 228 54881-235
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

****************************************************
/?\ The UTF-8 Ribbon
? ? Campaign against Mit dem tarent-Newsletter nichts mehr verpassen:
 ?  HTML eMail! Also, https://www.tarent.de/newsletter
? ? header encryption!
****************************************************
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
Thorsten Glaser wrote in
<d0d930df-597a-933c-cd96-7bbcdd7e586f@tarent.de>:
|On Fri, 18 Feb 2022, Steffen Nurpmeso wrote:
|
|> The TinyC compiler tcc does
|>
|> #?0|kent:tcc.git$ git grep -i musl master
|> ...
|> master:configure: --config-uClibc,-musl,-mingw32... enable system \
|> specific configurations
|> master:configure: if test -f "/lib/ld-musl-$cpu.so.1"; then
|> master:configure: echo "Perhaps you want ./configure --config-\
|> musl"
|
|Ouch, completely bogus.

It is a nice hint imho.

|I’ve found one reliable way to detect musl at configure time,
|at least for the last couple of years of their releases.
|
|Compile and link a hello-world program, then check whether the
|binary contains MUSL_LOCPATH as string.

That .. does not seem to be true for native musl systems?
You could grep for ld-musl or libc.musl though, *i think*.

|I’ve managed to not need to rely on that. I believe it’s obvious
|why I’m trying to. I *did* find something recently that would
|have benefit from musl detection, but it’s just avoiding a bug
|in old musl versions, so I’m leaving that to the packager and
|document it. (The testsuite also catches it so I’m now urging
|people even more to run it.)

--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
On Fri, 18 Feb 2022, Steffen Nurpmeso wrote:

> |Ouch, completely bogus.
>
> It is a nice hint imho.

Nope. It hardcodes a path into the *host* system. Absolutely wrong,
on multiple counts. (It would also trigger, say, on a glibc system
with musl installed.)

> That .. does not seem to be true for native musl systems?

Link statically.

bye,
//mirabilos
--
Infrastrukturexperte • tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn • http://www.tarent.de/
Telephon +49 228 54881-393 • Fax: +49 228 54881-235
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

****************************************************
/?\ The UTF-8 Ribbon
? ? Campaign against Mit dem tarent-Newsletter nichts mehr verpassen:
 ?  HTML eMail! Also, https://www.tarent.de/newsletter
? ? header encryption!
****************************************************
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
Thorsten Glaser wrote in
<dcc7333-54da-3e2-5ea7-3bcae4adf1f@tarent.de>:
|On Fri, 18 Feb 2022, Steffen Nurpmeso wrote:
|
|>|Ouch, completely bogus.
|>
|> It is a nice hint imho.
|
|Nope. It hardcodes a path into the *host* system. Absolutely wrong,
|on multiple counts. (It would also trigger, say, on a glibc system
|with musl installed.)

Well it may look secondarily. This is musl libc in the end.
And note it does not, as per the snippet you removed, perform any
action on its own, it just gives a hint for a specific configure
option which does. I am using the same mechanism (i have not
invented it) in my ~/.profile, for setting LC_ALL.

|> That .. does not seem to be true for native musl systems?
|
|Link statically.

Nah. For hello world you mean? Well despite Theo de Raadt
ranting (as its -static) .. requires special or at least
non-standardized flags itself.
On AlpineLinux there is no static musl, and never has been in the
past seven years i use it. But wait, i track musl for almost as
long, too:

#?0|kent:musl.git$ git grep -i LOCPA master
master:WHATSNEW:- MUSL_LOCPATH search was broken with multiple components
master:src/locale/locale_map.c: if (!libc.secure) path = getenv("MUSL_LOCPATH");

Never heard of it.

--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
RE: Call for testing: OpenSSH 8.9 [ In reply to ]
On 2/9/22 20:18, Damien Miller wrote:

> Hi,

>

> OpenSSH 8.9p1 is almost ready for release, so we would appreciate

> testing on as many platforms and systems as possible. This is a bugfix release.

>

>


openssh-SNAP-20220211.tar.gz
IBM XL C/C++ for AIX, V11.1 (5724-X13)
Version: 11.01.0000.0023
OpenSSL 1.1.1m 14 Dec 2021
AIX 7.1 TL5 SP8

# make tests
./install-sh -c -d `pwd`/regress/unittests/test_helper
Target "all" is up to date....
<skip>
xlc -g -q64 -I. -I. -I/usr/local/openssl/include -I/usr/local/zlib/include -DSSHDIR=\"/usr/local/openssh/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/openssh/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/openssh/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/openssh/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/openssh/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/openssh/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/local/openssh/libexec/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -fPIC -shared -o regress/misc/sk-dummy/sk-dummy.so regress/misc/sk-dummy/sk-dummy.lo regress/misc/sk-dummy/fatal.lo ed25519.lo hash.lo ge25519.lo fe25519.lo sc25519.lo verify.lo -L. -Lopenbsd-compat -lopenbsd-compat -L. -Lopenbsd-compat/ -L/usr/local/openssl/lib -L/usr/local/zlib/lib -q64 -blibpath:/usr/lib:/lib -lcrypto -lz -lpthread
xlc: 1501-218 (W) file regress/misc/sk-dummy/sk-dummy.lo contains an incorrect file suffix
xlc: 1501-218 (W) file regress/misc/sk-dummy/fatal.lo contains an incorrect file suffix
xlc: 1501-218 (W) file ed25519.lo contains an incorrect file suffix
xlc: 1501-218 (W) file hash.lo contains an incorrect file suffix
xlc: 1501-218 (W) file ge25519.lo contains an incorrect file suffix
xlc: 1501-218 (W) file fe25519.lo contains an incorrect file suffix
xlc: 1501-218 (W) file sc25519.lo contains an incorrect file suffix
xlc: 1501-218 (W) file verify.lo contains an incorrect file suffix
ld: 0706-005 Cannot find or open file: PIC
ld:fopen(): A file or directory in the path name does not exist.
ld: 0706-012 The -h flag is not recognized.
ld: 0706-012 The -a flag is not recognized.
make: 1254-004 The error code from the last command is 255.

Stop.

--
Using gmake does not make difference.
As a remedy in order to proceed further, commented out 2 lines below in Makefile:

regress/misc/sk-dummy/sk-dummy.so: $(SK_DUMMY_OBJS)
# $(CC) $(CFLAGS) $(CPPFLAGS) -fPIC -shared -o $@ $(SK_DUMMY_OBJS) \
# -L. -Lopenbsd-compat -lopenbsd-compat $(LDFLAGS_NOPIE) $(LIBS)


Then ran "make tests" again:
# make tests
<skip>
ok sshd_config matchlisten
run test percent.sh ...
percent expansions matchexec percent
percent expansions localcommand percent
percent expansions remotecommand percent
percent expansions controlpath percent
percent expansions identityagent percent
percent expansions forwardagent percent
percent expansions localforward percent
percent expansions remoteforward percent
percent expansions userknownhostsfile percent
percent expansions controlpath dollar
percent expansions identityagent dollar
percent expansions forwardagent dollar
percent expansions localforward dollar
percent expansions remoteforward dollar
percent expansions userknownhostsfile dollar
percent expansions controlpath tilde
controlpath=~ expect // got /
controlpath=~/.ssh expect //.ssh got /.ssh
percent expansions identityagent tilde
identityagent=~ expect // got /
identityagent=~/.ssh expect //.ssh got /.ssh
percent expansions forwardagent tilde
forwardagent=~ expect // got /
forwardagent=~/.ssh expect //.ssh got /.ssh
failed percent expansions
make: 1254-004 The error code from the last command is 1.

This one need help to resolve. Thanks!
--

/* Val Baranov <val.baranov@duke.edu <mailto:val.baranov@duke.edu%20> > */


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
On Sat, 19 Feb 2022 at 11:50, Val Baranov <val.baranov@duke.edu> wrote:
[...]
> openssh-SNAP-20220211.tar.gz
> IBM XL C/C++ for AIX, V11.1 (5724-X13)
> Version: 11.01.0000.0023
> OpenSSL 1.1.1m 14 Dec 2021
> AIX 7.1 TL5 SP8
[...]
> xlc: 1501-218 (W) file regress/misc/sk-dummy/sk-dummy.lo contains an incorrect file suffix
> xlc: 1501-218 (W) file regress/misc/sk-dummy/fatal.lo contains an incorrect file suffix

This is the shared library used for testing security key integration,
and it fails because our Makefile doesn't understand how to build
shared libraries on AIX.

> As a remedy in order to proceed further, commented out 2 lines below in Makefile:

You could also configure with either of --disable-security-key or
--with-security-key-builtin which (I think) will skip trying to build
that shared library.

> percent expansions forwardagent tilde
> forwardagent=~ expect // got /

I think this is because you are running the tests as root. I can
reproduce on my obsolete AIX system here. I think the test does the
wrong thing in this case (it needs to do the equivalent of realpath on
the expected string).

You can run the tests with "SUDO=sudo make tests" to run most of the
tests as a regular user and invoke sudo when necessary to exercise the
privileged bits.

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
On Sat, 19 Feb 2022 at 16:10, Darren Tucker <dtucker@dtucker.net> wrote:
[...]
> I think this is because you are running the tests as root. I can
> reproduce on my obsolete AIX system here. I think the test does the
> wrong thing in this case (it needs to do the equivalent of realpath on
> the expected string).

This should be fixed by commit fbd7725 in the next snapshot. Thanks
for letting us know.

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
On Fri, 18 Feb 2022 at 11:45, Darren Tucker <dtucker@gate.dtucker.net> wrote:
> Looks like it's actually poll vs select.
>
> $ autoreconf
> $ CC=musl-gcc ./configure --without-openssl --without-zlib --with-cflags=-DBROKEN_POLL

TL;DR: it's the combination of the rlimit sandbox and some poll
implementations which fail with EINVAL if "nfds was greater than the
number of available file descriptors".

Additional data point: it seems to be an interaction with the rlimit
sandbox since:
$ ./configure --without-sandbox && make t-exec
passes. By default, it picks the rlimit sandbox
$ ./configure && egrep '#define.*SANDBOX' config.h
#define SANDBOX_RLIMIT 1

On some platforms select(2) fails if it can't open a new FD (these
seem to be ones where select is implemented in userspace on top of
poll).

Here's an strace of where it fails:
30131 write(4, "\0\0\0044\7\24\357\342@\2060\350\0073hV\3\225d\202PH\0\0\1\tcurve2"...,
1080) = 1080
30131 ppoll([{fd=4, events=POLLIN}], 1, NULL, NULL, 8) = -1 EINVAL
(Invalid argument)
30131 munmap(0x7f784ac57000, 4096) = 0

and the call stack where it fails (frame 0 elided since it was my
debugging hack):

#1 0x00005555555b926e in ssh_packet_read_seqnr
(ssh=ssh@entry=0x7ffff7ca7070, typep=typep@entry=0x7fffffffe5c3 "",
seqnr_p=seqnr_p@entry=0x7fffffffe5c4) at packet.c:1368
#2 0x00005555555be322 in ssh_dispatch_run
(ssh=ssh@entry=0x7ffff7ca7070, mode=mode@entry=0, done=0x7ffff7ca7b98)
at dispatch.c:96
#3 0x00005555555be429 in ssh_dispatch_run_fatal
(ssh=ssh@entry=0x7ffff7ca7070, mode=mode@entry=0, done=<optimized
out>)
at dispatch.c:133
#4 0x000055555556106f in do_ssh2_kex (ssh=0x7ffff7ca7070) at sshd.c:2404
#5 main (ac=<optimized out>, av=<optimized out>) at sshd.c:2231

packet.c line 1368 is
if ((r = ppoll(&pfd, 1, timespecp, NULL)) >= 0)
break;

If we stick this in a test program with the rlmits:

$ cat test.c
#define _GNU_SOURCE
#include <sys/resource.h>
#include <errno.h>
#include <string.h>
#include <fcntl.h>
#include <stdlib.h>
#include <stdio.h>
#include <signal.h>
#include <poll.h>

int main(void)
{
struct rlimit rl_zero;
int r;
struct pollfd pfd;

pfd.fd = open("/dev/null", O_RDWR);
pfd.events = POLLIN|POLLOUT;
r = ppoll(&pfd, 1, NULL, NULL);
printf("before rlimit, poll returned %d (%s)\n", r, strerror(errno));
rl_zero.rlim_cur = rl_zero.rlim_max = 0;
setrlimit(RLIMIT_FSIZE, &rl_zero);
setrlimit(RLIMIT_NOFILE, &rl_zero);
r = ppoll(&pfd, 1, NULL, NULL);
printf("after rlimit poll returned %d (%s)\n", r, strerror(errno));
}

$ gcc test.c && ./a.out
before rlimit, poll returned 1 (Success)
after rlimit poll returned -1 (Invalid argument)

This happens on at least Linux+glibc and OpenBSD too. Why? It's
documented! Both Linux and OpenBSD have something like:

ERRORS
poll() and ppoll() will fail if:
[...]
[EINVAL] nfds was greater than the number of available file
descriptors.

and is in fact specified by POSIX[1]:

ERRORS
The poll() function shall fail if:
[EINVAL] The nfds argument is greater than {OPEN_MAX}

This is arguably not useful behaviour (it's not creating a new
descriptor, and in this case we know the FD is perfectly valid since
we successfully wrote to it immediately before the ppoll).

Why does it not happen on other Linux configurations? Those have
different sandbox implementations.

We have a check for similar behaviour in select(), we probably need to
add an equivalent one for poll().

[1] https://pubs.opengroup.org/onlinepubs/9699919799/functions/poll.html

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
Current master (bc16667b4a1c3cad7029304853c143a32ae04bd4) fails on Fedora
35 when building building tests with
========
cc -o regress/unittests/misc/test_misc -L. -Lopenbsd-compat/ -Wl,-z,relro
-Wl,-z,now -Wl,-z,noexecstack -fstack-protector-strong -pie
regress/unittests/misc/tests.o regress/unittests/misc/test_parse.o
regress/unittests/misc/test_expand.o regress/unittests/misc/test_convtime.o
regress/unittests/misc/test_argv.o regress/unittests/misc/test_strdelim.o
regress/unittests/misc/test_hpdelim.o \
regress/unittests/test_helper/libtest_helper.a \
-lssh -lopenbsd-compat -lssh -lopenbsd-compat -lcrypto -lz -lcrypt
/usr/bin/ld: regress/unittests/misc/test_hpdelim.o: relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a PIE object;
recompile with -fPIE
collect2: error: ld returned 1 exit status
make: *** [Makefile:665: regress/unittests/misc/test_misc] Error 1
========
Configuration results (after autoreconf && configure):
========

OpenSSH has been configured with the following options:
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /usr/local/etc
Askpass program: /usr/local/libexec/ssh-askpass
Manual pages: /usr/local/share/man/manX
PID file: /var/run
Privilege separation chroot path: /var/empty
sshd default user PATH:
/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
Manpage format: doc
PAM support: no
OSF SIA support: no
KerberosV support: no
SELinux support: no
libedit support: no
libldns support: no
Solaris process contract support: no
Solaris project support: no
Solaris privilege support: no
IP address in $DISPLAY hack: no
Translate v4 in v6 hack: yes
BSD Auth support: no
Random number source: OpenSSL internal ONLY
Privsep sandbox style: seccomp_filter
PKCS#11 support: yes
U2F/FIDO support: yes

Host: x86_64-pc-linux-gnu
Compiler: cc
Compiler flags: -g -O2 -pipe -Wno-error=format-truncation -Wall -Wextra
-Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security
-Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter
-Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation
-fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fzero-call-used-regs=all
-fno-builtin-memset -fstack-protector-strong -fPIE
Preprocessor flags: -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE
Linker flags: -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack
-fstack-protector-strong -pie
Libraries: -lcrypto -lz -lcrypt
========

On Thu, Feb 10, 2022 at 5:21 AM Damien Miller <djm@mindrot.org> wrote:

> Hi,
>
> OpenSSH 8.9p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev@mindrot.org. Security bugs should be reported
> directly to openssh@openssh.com.
>
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
>
> Thanks to the many people who contributed to this release.
>
> Future deprecation notice
> =========================
>
> A near-future release of OpenSSH will switch scp(1) from using the
> legacy scp/rcp protocol to using SFTP by default.
>
> Legacy scp/rcp performs wildcard expansion of remote filenames (e.g.
> "scp host:* .") through the remote shell. This has the side effect of
> requiring double quoting of shell meta-characters in file names
> included on scp(1) command-lines, otherwise they could be interpreted
> as shell commands on the remote side.
>
> This creates one area of potential incompatibility: scp(1) when using
> the SFTP protocol no longer requires this finicky and brittle quoting,
> and attempts to use it may cause transfers to fail. We consider the
> removal of the need for double-quoting shell characters in file names
> to be a benefit and do not intend to introduce bug-compatibility for
> legacy scp/rcp in scp(1) when using the SFTP protocol.
>
> Another area of potential incompatibility relates to the use of remote
> paths relative to other user's home directories, for example -
> "scp host:~user/file /tmp". The SFTP protocol has no native way to
> expand a ~user path. However, sftp-server(8) in OpenSSH 8.7 and later
> support a protocol extension "expand-path@openssh.com" to support
> this.
>
> Potentially-incompatible changes
> ================================
>
> * sshd(8), portable OpenSSH only: this release removes in-built
> support for MD5-hashed passwords. If you require these on your
> system then we recommend linking against libxcrypt or similar.
>
> * This release modifies the FIDO security key middleware interface
> and increments SSH_SK_VERSION_MAJOR.
>
> Changes since OpenSSH 8.8
> =========================
>
> This release includes a number of new features.
>
> New features
> ------------
>
> * ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for
> restricting forwarding and use of keys added to ssh-agent(1)
> A detailed description of the feature is available at
> https://www.openssh.com/agent-restrict.html and the protocol
> extensions are documented in the PROTOCOL and PROTOCOL.agent
> files in the source release.
>
> * ssh(1), sshd(8): add the sntrup761x25519-sha512@openssh.com hybrid
> ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the
> default KEXAlgorithms list (after the ECDH methods but before the
> prime-group DH ones).
>
> * ssh-keygen(1): when downloading resident keys from a FIDO token,
> pass back the user ID that was used when the key was created and
> append it to the filename the key is written to (if it is not the
> default). Avoids keys being clobbered if the user created multiple
> resident keys with the same application string but different user
> IDs.
>
> * ssh-keygen(1), ssh(1), ssh-agent(1): better handling for FIDO keys
> on tokens that provide user verification (UV) on the device itself,
> including biometric keys, avoiding unnecessary PIN prompts.
>
> * ssh-keygen(1): add "ssh-keygen -Y match-principals" operation to
> perform matching of principals names against an allowed signers
> file. To be used towards a TOFU model for SSH signatures in git.
>
> * ssh-add(1), ssh-agent(1): allow pin-required FIDO keys to be added
> to ssh-agent(1). $SSH_ASKPASS will be used to request the PIN at
> authentication time.
>
> * ssh-keygen(1): allow selection of hash at sshsig signing time
> (either sha512 (default) or sha256).
>
> * ssh(1), sshd(8): read network data directly to the packet input
> buffer instead indirectly via a small stack buffer. Provides a
> modest performance improvement.
>
> * ssh(1), sshd(8): read data directly to the channel input buffer,
> providing a similar modest performance improvement.
>
> * ssh(1): extend the PubkeyAuthentication configuration directive to
> accept yes|no|unbound|host-bound to allow control over one of the
> protocol extensions used to implement agent-restricted keys.
>
> Bugfixes
> --------
>
> * sshd(8): document that CASignatureAlgorithms, ExposeAuthInfo and
> PubkeyAuthOptions can be used in a Match block. PR#277.
>
> * ssh-keysign(1): unbreak for KEX algorithms that use SHA384/512
> exchange hashes
>
> * ssh(1): don't put the TTY into raw mode when SessionType=none,
> avoids ^C being unable to kill such a session. bz3360
>
> * scp(1): fix some corner-case bugs in SFTP-mode handling of
> ~-prefixed paths.
>
> * ssh(1): unbreak hostbased auth using RSA keys. Allow ssh(1) to
> select RSA keys when only RSA/SHA2 signature algorithms are
> configured (this is the default case). Previously RSA keys were
> not being considered in the default case.
>
> * ssh-keysign(1): make ssh-keysign use the requested signature
> algorithm and not the default for the key type. Part of unbreaking
> hostbased auth for RSA/SHA2 keys.
>
> * ssh(1): stricter UpdateHostkey signature verification logic on
> the client- side. Require RSA/SHA2 signatures for RSA hostkeys
> except when RSA/SHA1 was explicitly negotiated during initial
> KEX; bz3375
>
> * ssh(1), sshd(8): fix signature algorithm selection logic for
> UpdateHostkeys on the server side. The previous code tried to
> prefer RSA/SHA2 for hostkey proofs of RSA keys, but missed some
> cases. This will use RSA/SHA2 signatures for RSA keys if the
> client proposed these algorithms in initial KEX. bz3375
>
> * All: convert all uses of select(2)/pselect(2) to poll(2)/ppoll(2).
> This includes the mainloops in ssh(1), ssh-agent(1), ssh-agent(1)
> and sftp-server(8), as well as the sshd(8) listen loop and all
> other FD read/writability checks. On platforms with missing or
> broken poll(2)/ppoll(2) syscalls as select(2)-based compat shim is
> available.
>
> * ssh-keygen(1): the "-Y find-principals" command was verifying key
> validity when using ca certs but not with simple key lifetimes
> within the allowed signers file.
>
> * ssh-keygen(1): make sshsig verify-time argument parsing optional
>
> * ssh(1), ssh-agent(1): avoid xmalloc(0) for PKCS#11 keyid for ECDSA
> keys (we already did this for RSA keys). Avoids fatal errors for
> PKCS#11 libraries that return empty keyid, e.g. Microchip ATECC608B
> "cryptoauthlib"; bz#3364
>
> * ssh(1), ssh-agent(1): improve the testing of credentials against
> inserted FIDO: ask the token whether a particular key belongs to
> it in cases where the token supports on-token user-verification
> (e.g. biometrics) rather than just assuming that it will accept it.
>
> Will reduce spurious "Confirm user presence" notifications for key
> handles that relate to FIDO keys that are not currently inserted in at
> least some cases. bz3366
>
> * ssh(1), sshd(8): correct value for IPTOS_DSCP_LE. It needs to
> allow for the preceding two ECN bits. bz#3373
>
> * ssh-keygen(1): add missing -O option to usage() for the "-Y sign"
> option.
>
> * ssh-keygen(1): fix a NULL deref when using the find-principals
> function, when matching an allowed_signers line that contains a
> namespace restriction, but no restriction specified on the
> command-line
>
> * ssh-agent(1): fix memleak in process_extension(); oss-fuzz
> issue #42719
>
> * ssh(1): suppress "Connection to xxx closed" messages when LogLevel
> is set to "error" or above. bz3378
>
> * ssh(1), sshd(8): use correct zlib flags when inflate(3)-ing
> compressed packet data. bz3372
>
> * scp(1): when recursively transferring files in SFTP mode, create the
> destination directory if it doesn't already exist to match scp(1) in
> legacy RCP mode behaviour.
>
> * scp(1): many improvements in error message consistency between scp(1)
> in SFTP mode vs legacy RCP mode.
>
> * sshd(8): fix potential race in SIGTERM handling PR#289
>
> * ssh(1), ssh(8): since DSA keys are deprecated, move them to the
> end of the default list of public keys so that they will be tried
> last. PR#295
>
> * ssh-keygen(1): allow 'ssh-keygen -Y find-principals' to match
> wildcard principals in allowed_signers files
>
> Portability
> -----------
>
> * ssh(1), sshd(8): don't trust closefrom(2) on Linux. glibc's
> implementation does not work in a chroot when the kernel does not
> have close_range(2). It tries to read from /proc/self/fd and when
> that fails dies with an assertion of sorts. Instead, call
> close_range(2) directly from our compat code and fall back if
> that fails. bz#3349,
>
> * OS X poll(2) is broken; use compat replacement. For character-
> special devices like /dev/null, Darwin's poll(2) returns POLLNVAL
> when polled with POLLIN. Apparently this is Apple bug 3710161 -
> not public but a websearch will find other OSS projects
> rediscovering it periodically since it was first identified in
> 2005.
>
> * Correct handling of exceptfds/POLLPRI in our select(2)-based
> poll(2)/ppoll(2) compat implementation.
>
> * Cygwin: correct checking of mbstowcs() return value.
>
> * Add a basic SECURITY.md that refers people to the openssh.com
> website.
>
> * Enable additional compiler warnings and toolchain hardening flags,
> including -Wbitwise-instead-of-logical, -Wmisleading-indentation,
> -fzero-call-used-regs and -ftrivial-auto-var-init.
>
> * HP/UX. Use compat getline(3) on HP-UX 10.x, where the libc version
> is not reliable.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>

--
Dmitry Belyavskiy
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
On Tue, 22 Feb 2022, Dmitry Belyavskiy wrote:

> Current master (bc16667b4a1c3cad7029304853c143a32ae04bd4) fails on Fedora 35
> when building building tests with========
> cc -o regress/unittests/misc/test_misc -L. -Lopenbsd-compat/  -Wl,-z,relro
> -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-strong -pie
>  regress/unittests/misc/tests.o regress/unittests/misc/test_parse.o
> regress/unittests/misc/test_expand.o regress/unittests/misc/test_convtime.o
> regress/unittests/misc/test_argv.o regress/unittests/misc/test_strdelim.o
> regress/unittests/misc/test_hpdelim.o \
>     regress/unittests/test_helper/libtest_helper.a \
>     -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lcrypto -lz  -lcrypt
> /usr/bin/ld: regress/unittests/misc/test_hpdelim.o: relocation R_X86_64_32
> against `.rodata.str1.1' can not be used when making a PIE object; recompile
> with -fPIE

That's weird, because according to the configure output, -fPIE is already
in CFLAGS.

>     Compiler flags: -g -O2 -pipe -Wno-error=format-truncation -Wall -Wextra
> -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security
> -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter
> -Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation
> -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fzero-call-used-regs=all
> -fno-builtin-memset -fstack-protector-strong -fPIE

Is it possible you had an old .o file laying around from a previous
compilation?

If not, then please dig out the make output for the compilation of
test_hpdelim.c and see whather -fPIE is applied there correctly.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
On Wed, 23 Feb 2022, Damien Miller wrote:

> On Tue, 22 Feb 2022, Dmitry Belyavskiy wrote:
>
> > Current master (bc16667b4a1c3cad7029304853c143a32ae04bd4) fails on Fedora 35
> > when building building tests with========
> > cc -o regress/unittests/misc/test_misc -L. -Lopenbsd-compat/  -Wl,-z,relro
> > -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-strong -pie
> >  regress/unittests/misc/tests.o regress/unittests/misc/test_parse.o
> > regress/unittests/misc/test_expand.o regress/unittests/misc/test_convtime.o
> > regress/unittests/misc/test_argv.o regress/unittests/misc/test_strdelim.o
> > regress/unittests/misc/test_hpdelim.o \
> >     regress/unittests/test_helper/libtest_helper.a \
> >     -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lcrypto -lz  -lcrypt
> > /usr/bin/ld: regress/unittests/misc/test_hpdelim.o: relocation R_X86_64_32
> > against `.rodata.str1.1' can not be used when making a PIE object; recompile
> > with -fPIE
>
> That's weird, because according to the configure output, -fPIE is already
> in CFLAGS.
>
> >     Compiler flags: -g -O2 -pipe -Wno-error=format-truncation -Wall -Wextra
> > -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security
> > -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter
> > -Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation
> > -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fzero-call-used-regs=all
> > -fno-builtin-memset -fstack-protector-strong -fPIE
>
> Is it possible you had an old .o file laying around from a previous
> compilation?
>
> If not, then please dig out the make output for the compilation of
> test_hpdelim.c and see whather -fPIE is applied there correctly.

FWIW, I couldn't replicate this in a fedora35 VM

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
Thanks!

make clean && make resolved the issue. Sorry for disturbing you.

On Wed, Feb 23, 2022 at 11:27 AM Damien Miller <djm@mindrot.org> wrote:

> On Wed, 23 Feb 2022, Damien Miller wrote:
>
> > On Tue, 22 Feb 2022, Dmitry Belyavskiy wrote:
> >
> > > Current master (bc16667b4a1c3cad7029304853c143a32ae04bd4) fails on
> Fedora 35
> > > when building building tests with========
> > > cc -o regress/unittests/misc/test_misc -L. -Lopenbsd-compat/
> -Wl,-z,relro
> > > -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-strong -pie
> > > regress/unittests/misc/tests.o regress/unittests/misc/test_parse.o
> > > regress/unittests/misc/test_expand.o
> regress/unittests/misc/test_convtime.o
> > > regress/unittests/misc/test_argv.o
> regress/unittests/misc/test_strdelim.o
> > > regress/unittests/misc/test_hpdelim.o \
> > > regress/unittests/test_helper/libtest_helper.a \
> > > -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lcrypto -lz -lcrypt
> > > /usr/bin/ld: regress/unittests/misc/test_hpdelim.o: relocation
> R_X86_64_32
> > > against `.rodata.str1.1' can not be used when making a PIE object;
> recompile
> > > with -fPIE
> >
> > That's weird, because according to the configure output, -fPIE is already
> > in CFLAGS.
> >
> > > Compiler flags: -g -O2 -pipe -Wno-error=format-truncation -Wall
> -Wextra
> > > -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security
> > > -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter
> > > -Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation
> > > -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv
> -fzero-call-used-regs=all
> > > -fno-builtin-memset -fstack-protector-strong -fPIE
> >
> > Is it possible you had an old .o file laying around from a previous
> > compilation?
> >
> > If not, then please dig out the make output for the compilation of
> > test_hpdelim.c and see whather -fPIE is applied there correctly.
>
> FWIW, I couldn't replicate this in a fedora35 VM
>
> -d



--
Dmitry Belyavskiy
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Call for testing: OpenSSH 8.9 [ In reply to ]
On Wed, 23 Feb 2022, Dmitry Belyavskiy wrote:

> Thanks!
> make clean && make resolved the issue. Sorry for disturbing you.

no problem - better than missing a problem :)

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

1 2 3  View All