Merging OpenSSH 9.7p1 into the Dynamic Window branch.

.github/configs

@@ -164,6 +164,11 @@ case "$config" in
     libressl-*)
 	LIBCRYPTOFLAGS="--with-ssl-dir=/opt/libressl --with-rpath=-Wl,-rpath,"
 	;;
+    putty-*)
+	CONFIGFLAGS="--with-plink=/usr/local/bin/plink --with-puttygen=/usr/local/bin/puttygen"
+	# We don't need to rerun the regular tests, just the interop ones.
+	TEST_TARGET=interop-tests
+	;;
     openssl-*)
 	LIBCRYPTOFLAGS="--with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath,"
 	# OpenSSL 1.1.1 specifically has a bug in its RNG that breaks reexec
@@ -269,20 +274,22 @@ case "${TARGET_HOST}" in
 	;;
     minix3)
 	CONFIGFLAGS="${CONFIGFLAGS} --disable-security-key"
+	# Unix domain sockets don't work quite like we expect, so also
+	# disable FD passing (and thus multiplexing).
+	CONFIGFLAGS="${CONFIGFLAGS} --disable-fd-passing"
 	LIBCRYPTOFLAGS="--without-openssl"
+
 	# Minix does not have a loopback interface so we have to skip any
 	# test that relies on one.
 	# Also, Minix seems to be very limited in the number of select()
 	# calls that can be operating concurrently, so prune additional tests for that.
 	T="addrmatch agent-restrict brokenkeys cfgmatch cfgmatchlisten cfgparse
-	    connect connect-uri exit-status forwarding hostkey-agent
-	    key-options keyscan knownhosts-command login-timeout
+	    connect connect-uri dynamic-forward exit-status forwarding
+	    forward-control
+	    hostkey-agent key-options keyscan knownhosts-command login-timeout
 	    reconfigure reexec rekey scp scp-uri scp3 sftp sftp-badcmds
 	    sftp-batch sftp-cmds sftp-glob sftp-perm sftp-uri stderr-data
 	    transfer"
-	# Unix domain sockets don't work quite like we expect, so also skip any tests
-	# that use multiplexing.
-	T="$T connection-timeout dynamic-forward forward-control multiplex"
 	SKIP_LTESTS="$(echo $T)"
 	TEST_TARGET=t-exec
 	SUDO=""
@@ -320,6 +327,10 @@ case "$host" in
 	# modern versions don't ship with libcrypto.
 	LIBCRYPTOFLAGS="--without-openssl"
 	TEST_TARGET=t-exec
+
+	# On some OS X runners we can't write to /var/empty.
+	CONFIGFLAGS="${CONFIGFLAGS} --with-privsep-path=/usr/local/empty"
+
 	case "$host" in
 	*-darwin22.*)
 		# sudo -S nobody doesn't work on macos 13 for some reason.

.github/setup_ci.sh

@@ -142,6 +142,10 @@ for TARGET in $TARGETS; do
         INSTALL_BORINGSSL=1
         PACKAGES="${PACKAGES} cmake ninja-build"
        ;;
+    putty-*)
+	INSTALL_PUTTY=$(echo "${TARGET}" | cut -f2 -d-)
+	PACKAGES="${PACKAGES} cmake"
+	;;
     valgrind*)
        PACKAGES="$PACKAGES valgrind"
        ;;
@@ -241,3 +245,25 @@ if [ ! -z "${INSTALL_ZLIB}" ]; then
      cd ${HOME}/zlib && ./configure && make &&
      sudo make install prefix=/opt/zlib)
 fi
+
+if [ ! -z "${INSTALL_PUTTY}" ]; then
+    ver="${INSTALL_PUTTY}"
+    case "${INSTALL_PUTTY}" in
+    snapshot)
+	tarball=putty.tar.gz
+	(cd /tmp && wget https://tartarus.org/~simon/putty-snapshots/${tarball})
+	;;
+    *)
+	tarball=putty-${ver}.tar.gz
+	(cd /tmp && wget https://the.earth.li/~sgtatham/putty/${ver}/${tarball})
+	;;
+    esac
+    (cd ${HOME} && tar xfz /tmp/${tarball} && cd putty-*
+     if [ -f CMakeLists.txt ]; then
+	cmake . && cmake --build . && sudo cmake --build . --target install
+     else
+	./configure && make && sudo make install
+     fi
+    )
+    /usr/local/bin/plink -V
+fi

.github/workflows/c-cpp.yml

@@ -62,20 +62,32 @@ jobs:
           - { target: ubuntu-latest, config: libressl-3.5.3 }
           - { target: ubuntu-latest, config: libressl-3.6.1 }
           - { target: ubuntu-latest, config: libressl-3.7.2 }
-          - { target: ubuntu-latest, config: libressl-3.8.2 }
+          - { target: ubuntu-latest, config: libressl-3.8.3 }
+          - { target: ubuntu-latest, config: libressl-3.9.0 }
           - { target: ubuntu-latest, config: openssl-master }
           - { target: ubuntu-latest, config: openssl-noec }
           - { target: ubuntu-latest, config: openssl-1.1.1 }
           - { target: ubuntu-latest, config: openssl-1.1.1t }
           - { target: ubuntu-latest, config: openssl-1.1.1w }
           - { target: ubuntu-latest, config: openssl-3.0.0 }
-          - { target: ubuntu-latest, config: openssl-3.0.12 }
+          - { target: ubuntu-latest, config: openssl-3.0.13 }
           - { target: ubuntu-latest, config: openssl-3.1.0 }
-          - { target: ubuntu-latest, config: openssl-3.1.4 }
-          - { target: ubuntu-latest, config: openssl-3.2.0 }
+          - { target: ubuntu-latest, config: openssl-3.1.5 }
+          - { target: ubuntu-latest, config: openssl-3.2.1 }
           - { target: ubuntu-latest, config: openssl-1.1.1_stable }
           - { target: ubuntu-latest, config: openssl-3.0 }  # stable branch
           - { target: ubuntu-latest, config: openssl-3.2 }  # stable branch
+          - { target: ubuntu-latest, config: putty-0.71 }
+          - { target: ubuntu-latest, config: putty-0.72 }
+          - { target: ubuntu-latest, config: putty-0.73 }
+          - { target: ubuntu-latest, config: putty-0.74 }
+          - { target: ubuntu-latest, config: putty-0.75 }
+          - { target: ubuntu-latest, config: putty-0.76 }
+          - { target: ubuntu-latest, config: putty-0.77 }
+          - { target: ubuntu-latest, config: putty-0.78 }
+          - { target: ubuntu-latest, config: putty-0.79 }
+          - { target: ubuntu-latest, config: putty-0.80 }
+          - { target: ubuntu-latest, config: putty-snapshot }
           - { target: ubuntu-latest, config: zlib-develop }
           - { target: ubuntu-22.04, config: pam }
           - { target: ubuntu-22.04, config: krb5 }

.github/workflows/selfhosted.yml

@@ -73,6 +73,7 @@ jobs:
           - { target: fbsd14, config: pam, host: libvirt }
           - { target: nbsd8,  config: pam, host: libvirt }
           - { target: nbsd9,  config: pam, host: libvirt }
+          - { target: nbsd10, config: pam, host: libvirt }
           # VMs with persistent disks that have their own runner.
           - { target: win10, config: default, host: win10 }
           - { target: win10, config: cygwin-release, host: win10 }

.gitignore

@@ -18,6 +18,8 @@ survey.sh
 **/*.so
 **/*.out
 **/*.a
+**/*.un~
+**/.*.swp
 autom4te.cache/
 scp
 sftp

.skipped-commit-ids

@@ -1,3 +1,4 @@
+509bb19bb9762a4b3b589af98bac2e730541b6d4	clean sshd random relinking kit
 5317f294d63a876bfc861e19773b1575f96f027d	remove libssh from makefiles
 a337e886a49f96701ccbc4832bed086a68abfa85	Makefile changes
 f2c9feb26963615c4fece921906cf72e248b61ee	more Makefile
@@ -27,6 +28,7 @@ cc12a9029833d222043aecd252d654965c351a69	moduli-gen Makefile
 f9a0726d957cf10692a231996a1f34e7f9cdfeb0	moduli update
 1e0a2692b7e20b126dda60bf04999d1d30d959d8	sshd relinking makefile changes
 e1dc11143f83082e3154d6094f9136d0dc2637ad	more relinking makefile tweaks
+5a636f6ca7f25bfe775df4952f7aac90a7fcbbee	moduli update
 
 Old upstream tree:
 

PROTOCOL

@@ -137,33 +137,34 @@ than as a named global or channel request to allow pings with very
 short packet lengths, which would not be possible with other
 approaches.
 
-1.9 transport: strict key exchange extension
+1.10 transport: strict key exchange extension
 
 OpenSSH supports a number of transport-layer hardening measures under
 a "strict KEX" feature. This feature is signalled similarly to the
 RFC8308 ext-info feature: by including a additional algorithm in the
-initiial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
+initial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
 "[email protected]" to its kex_algorithms and the server
 may append "[email protected]". These pseudo-algorithms
 are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored
 if they are present in subsequent SSH2_MSG_KEXINIT packets.
 
 When an endpoint that supports this extension observes this algorithm
 name in a peer's KEXINIT packet, it MUST make the following changes to
-the the protocol:
-
-a) During initial KEX, terminate the connection if any unexpected or
-   out-of-sequence packet is received. This includes terminating the
-   connection if the first packet received is not SSH2_MSG_KEXINIT.
-   Unexpected packets for the purpose of strict KEX include messages
-   that are otherwise valid at any time during the connection such as
-   SSH2_MSG_DEBUG and SSH2_MSG_IGNORE.
+the protocol:
+
+a) During initial KEX, terminate the connection if out-of-sequence
+   packet or any message that is not strictly required by KEX is
+   received. This includes terminating the connection if the first
+   packet received is not SSH2_MSG_KEXINIT. Unexpected packets for
+   the purpose of strict KEX include messages that are otherwise
+   valid at any time during the connection such as SSH2_MSG_DEBUG,
+   SSH2_MSG_IGNORE or SSH2_MSG_UNIMPLEMENTED.
 b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the
    packet sequence number to zero. This behaviour persists for the
    duration of the connection (i.e. not just the first
    SSH2_MSG_NEWKEYS).
 
-1.10 transport: SSH2_MSG_EXT_INFO during user authentication
+1.11 transport: SSH2_MSG_EXT_INFO during user authentication
 
 This protocol extension allows the SSH2_MSG_EXT_INFO to be sent
 during user authentication. RFC8308 does allow a second
@@ -735,6 +736,7 @@ identifiers:
 The server will reply with a SSH_FXP_EXTENDED_REPLY:
 
 	byte		SSH_FXP_EXTENDED_REPLY
+	uint32		id
 	string		usernames
 	string		groupnames
 
@@ -790,4 +792,4 @@ master instance and later clients.
 OpenSSH extends the usual agent protocol. These changes are documented
 in the PROTOCOL.agent file.
 
-$OpenBSD: PROTOCOL,v 1.51 2023/12/18 14:45:49 djm Exp $
+$OpenBSD: PROTOCOL,v 1.55 2024/01/08 05:05:15 djm Exp $

PROTOCOL.agent

@@ -91,7 +91,7 @@ with private keys as they are loaded from a PKCS#11 token.
 	bool		certs_only
 	string		certsblob
 
-Where "certsblob" constists of one or more certificates encoded as public
+Where "certsblob" consists of one or more certificates encoded as public
 key blobs:
 
 	string[]	certificates
@@ -112,4 +112,4 @@ A SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED will return SSH_AGENT_SUCCESS
 if any key (plain private or certificate) was successfully loaded, or
 SSH_AGENT_FAILURE if no key was loaded.
 
-$OpenBSD: PROTOCOL.agent,v 1.21 2023/12/18 14:46:56 djm Exp $
+$OpenBSD: PROTOCOL.agent,v 1.22 2023/12/20 00:06:25 jsg Exp $

PROTOCOL.mux

@@ -188,8 +188,6 @@ For dynamically allocated listen port the server replies with
 
 7. Requesting closure of port forwards
 
-Note: currently unimplemented (server will always reply with MUX_S_FAILURE).
-
 A client may request the master to close a port forward:
 
 	uint32	MUX_C_CLOSE_FWD
@@ -295,4 +293,4 @@ XXX session inspection via master
 XXX signals via mux request
 XXX list active connections via mux
 
-$OpenBSD: PROTOCOL.mux,v 1.13 2022/01/01 01:55:30 jsg Exp $
+$OpenBSD: PROTOCOL.mux,v 1.14 2024/01/08 05:11:18 djm Exp $

README

@@ -1,4 +1,4 @@
-See https://www.openssh.com/releasenotes.html#9.6p1 for the release
+See https://www.openssh.com/releasenotes.html#9.7p1 for the release
 notes.
 
 Please read https://www.openssh.com/report.html for bug reporting

README.platform

@@ -53,11 +53,12 @@ Darwin does not provide a tun(4) driver required for OpenSSH-based
 virtual private networks. The BSD manpage still exists, but the driver
 has been removed in recent releases of Darwin and MacOS X.
 
-Nevertheless, tunnel support is known to work with Darwin 8 and
-MacOS X 10.4 in Point-to-Point (Layer 3) and Ethernet (Layer 2) mode
-using a third party driver. More information is available at:
-	http://www-user.rhrk.uni-kl.de/~nissler/tuntap/
+Tunnel support is known to work with Darwin 8 and MacOS X 10.4 in
+Point-to-Point (Layer 3) and Ethernet (Layer 2) mode using a third
+party driver. More information is available at:
+	https://tuntaposx.sourceforge.net
 
+Recent Darwin/MacOS X versions are likely unsupported.
 
 Linux
 -----