This change fills out the requirements for doing vendor updates,
documents the new vendor update process, and guides whoever needs to do
the next version update a bit better than the documentation did prior to
this change so everyone can pitch in with version updates a bit better.
Convert the document to Markdown while here to make it easier to
render/print out the directions in a structured format.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D53190
When iterating over known addresses for the requested target host name,
skip those that are not supported by the running kernel.
MFC after: 1 week
PR: 195231
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D53588
This doesn't actually do anything useful, since getifaddrs() will only
return supported addresses. The root cause of the issue described in
the PR lies earlier in the connection timeline, around the start of the
ssh_create_socket() function.
This reverts commit e5ff8e7977.
PR: 195231
When selecting an address to bind to, skip IPv4 addresses if the kernel
does not support the inet feature, and IPv6 addresses if the kernel does
not support the inet6 feature.
PR: 195231
MFC after: 1 week
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D53561
The .pc files generated in the root directory are used as part of the
build; they should never be installed. Use the versions from the
exporters subdirectory--which should be installed--as the .pc files
which are distributed with FreeBSD. This avoids the need for "fixing up"
these files after the fact (see `crypto/openssl/BSDmakefile` for more
details as part of this change).
Garbage collect `secure/lib/libcrypto/Makefile.version`, et al,
as they're orphaned files. They were technically unused prior to this
change as the vendor process properly embeds the version numbers in
various files, but this commit formalizes the removal.
This correction/clarification on the .pc files will be made in an
upcoming release of OpenSSL [1].
References:
1. https://github.com/openssl/openssl/issues/28803
Suggested by: Richard Levitte (OpenSSL project)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D53043
These files contain build host paths and other configuration details
that can be regenerated via the standard vendor import process. Don't
clutter up the FreeBSD tree with these files.
Add the paths to .gitignore to prevent them from accidentally being
added in a future update.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D53044
BLOCKLIST_NOTIFY() is called within a signal handler for the alarm after
the grace period has expired that may only take async-signal safe
actions.
Reviewed by: emaste
Fixes: e02003bce7 ("openssh: blocklist: Use NetBSD probes")
MFC after: 1 day
Differential Revision: https://reviews.freebsd.org/D53109
Follow up upstream rename from blacklist to blocklist.
- Old names and rc scripts are still valid, but emitting an ugly warning
- Old firewall rules and anchor names should work, but emitting an ugly
warning
- Old MK_BLACKLIST* knobs are wired to the new ones
Although care has been taken not to break current configurations, this
is a large patch containing mostly duplicated code. If issues arise, it
will be swiftly reverted.
Reviewed by: ivy (pkgbase)
Approved by: emaste (mentor)
MFC after: 2 days
Relnotes: yes
Commit 5000d023a4 added a new flag to the dump option.
This patch documents this new flag.
This is a content change.
MFC after: 3 days
Fixes: 5000d023a4 ("heimdal-kadmin: Add support for the -f dump option")
The "-f" dump option allows a dump of the Heimdal
KDC in a format that the MIT kdb5_util command can
load into a MIT KDC's database.
This makes transitioning from the Heimdal KDC to
the current MIT one feasible without having to
re-create the KDC database from scratch.
glebius@ did the initial work, cherry picking these
commits from the Heimdal sources on github and then doing
extensive merge conflict resolution and other fixes so
that it would build.
Heimdal commit fca5399 authored by Nico Williams:
Initial commit for second approach for multiple kvno. NOT TESTED!
Heimdal commit 57f1545 authored by Nico Williams:
Add support for writing to KDB and dumping HDB to MIT KDB dump format
Before this change Heimdal could read KDBs. Now it can write to
them too.
Heimdal can now also dump HDBs (including KDBs) in MIT format,
which can then be imported with kdb5_util load.
This is intended to help in migrations from MIT to Heimdal by
allowing migrations from Heimdal to MIT so that it is possible
to rollback from Heimdal to MIT should there be any issues. The
idea is to allow a) running Heimdal kdc/kadmind with a KDB, or
b) running Heimdal with an HDB converted from a KDB and then
rollback by dumping the HDB and loading a KDB.
Note that not all TL data types are supported, only two: last
password change and modify-by. This is the minimum necessary.
PKINIT users may need to add support for KRB5_TL_USER_CERTIFICATE,
and for databases with K/M history we may need to add KRB5_TL_MKVNO
support.
This resulted in a Heimdal kadmin that would dump
the KDC database in MIT format. However, there
were issues when this dump was loaded into the
current MIT KDC in FreeBSD current/15.0.
The changes I did to make the dump more useful are listed below:
When "-f MIT" is used for "kadmin -l dump" it writes
the dump out in MIT format. This dump format is understood
by the MIT kdb5_util command. The patch modifies the above
so that the MIT KDC's master key keytab file can be provided
as the argument to "-f" so that the principals are re-encrypted in
it. This allows any principal with at least one strong encryption
type key to work without needing a change_password.
The strong encryption types supported by the Heimdal KDC are:
aes256-cts-hmac-sha1-96
aes128-cts-hmac-sha1-96
The issues my changes address are:
- If there are weak encryption keys in a principal's entry,
MIT's kadmin.local will report that the principcal's entry
is incomplete or corrupted.
- The keys are encrypted in Heimdal's master key. The
"-d" option can be used on the "kadmin -l dump" to
de-encrypt them, but the passwords will not work on the
current MIT KDC.
To try and deal with the above issues, this patch modied the above to:
- Does not dump the weak keys.
- Re-encrypts the strong keys in MIT's master key if the argument
to "-f" is actually a filename which holds the MIT KDC's
master key keytab and not "MIT".
- For principals that only have weak keys, it generates
a fake strong key. This key will not work on the MIT
KDC, but the principal entry will work once a
change_password is done to it.
- It always generates a "modified_by" entry, faking one if
not already present in the Heimdal KDC database.
This was necessary, since the MIT kadmin will
report that the principal entry is "incomplete or
corrupted" without one.
It also fixed a problem where "get principal" no longer
worked after the initial patch was applied.
A man page update will be done as a separate commit.
I believe this commit is acceptable since the Heimdal
sources are now essentially deprecated in favor of the
MIT sources and that this new "-f" patch simplifies
the transition to the MIT KDC.
Discussed with: glebius, cy
MFC after: 3 days
This change includes all necessary changes required to update to OpenSSL
3.5.4.
More information about the 3.5.4 release can be found in the relevant
release notes (see 8e12a5c4eb for more details).
Merge commit '8e12a5c4eb3507846b507d0afe87d115af41df40'
Use NetBSD probe locations for consistency. We have submitted all
improved or missing probes, keeping them synchronized with NetBSD (our
blocklist upstream) should simplify upgrades and maintenance, as the
locations of these probes are a moving target, depending on upstream
OpenSSH changes.
Additionally, use BLACKLIST_AUTH_FAIL exclusively for now. At the time
of this commit BLACKLIST_BAD_USER, is a no-op. However, it will change
in a future upgrade.
Also, enhance blacklist notification messages for better debugging by
making them more descriptive.
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D52749
This change updates the build artifacts to match the 3.5.3 release. Much
of the change involves updating version numbers and release dates to
match the release version's metadata.
MFC after: 1 week
MFC with: 88b8b7f0c4
This change updates the sources for crypto/openssl. The subsequent
commit will update the build artifacts to match the 3.5.3 release.
More details about the update can be found in the related vendor branch
commits.
MFC after: 1 week
Merge commit 'aed904c48f330dc76da942a8ee2d6eef9d11f572'
Tests contains a file that contains spaces in it. This causes the
freebsd-update build scripts some issues. As we don't need the tests
directory let's simply remove it.
MFC after: 3 days or as determined by re@
MFC to: stable/15
Prior to this change, CC was not being passed through to Configure,
which was resulting in failures when Configure was running compiler
checks.
Pass through CC via `WRK_ENV` to Configure so the compiler is defined
properly as part of the initial build.
MFC after: 1 month
Fixes: d18058b7b8 ("crypto/openssl: apply polish to new vendor import process")
Differential Revision: https://reviews.freebsd.org/D52595
This change does the following 2 things:
- Makes the build more repeatable by isolating the environment. This
prevents bmake from leaking variables into gmake and makes the overall
process a bit more robust.
- Add debug printouts to make the process more straightforward to the
reader and whoever is executing doing the current vendor import.
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D52420
FreeBSD introduced VersionAddendum for the server as a local change in
2001 in commit 933ca70f8f and later extended it to the client in
commit 9e2cbe04ff.
In 2012 upstream added support for server VersionAddendum, in commit
23528816dc10. They did not add client support.
We removed the client support in commit bffe60ead0 ("ssh: retire
client VersionAddendum").
As of the 10.0p2 release upstream has added client-side VersionAddendum.
Make note of this in FREEBSD-upgrade's patches section.
Sponsored by: The FreeBSD Foundation
Full release notes are available at
https://www.openssh.com/txt/release-10.0
Selected highlights from the release notes:
Potentially-incompatible changes
- This release removes support for the weak DSA signature algorithm.
[This change was previously merged to FreeBSD main.]
- This release has the version number 10.0 and announces itself as
"SSH-2.0-OpenSSH_10.0". Software that naively matches versions using
patterns like "OpenSSH_1*" may be confused by this.
- sshd(8): this release removes the code responsible for the user
authentication phase of the protocol from the per-connection
sshd-session binary to a new sshd-auth binary.
Security
- sshd(8): fix the DisableForwarding directive, which was failing to
disable X11 forwarding and agent forwarding as documented.
[This change was previously merged to FreeBSD main.]
New features
- ssh(1): the hybrid post-quantum algorithm mlkem768x25519-sha256 is now
used by default for key agreement.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51630
This change adds a custom BSD makefile containing multiple high-level PHONY
targets, similar to targets provided by the ports framework.
The Makefile does the following:
- Reruns Configure with a deterministic set of arguments to ensure that
all appropriate features have been enabled/disabled in OpenSSL.
- Preens the pkgconfig files to remove duplicate paths in their
`CFLAGS` and `includedir` variables.
- Rebuilds all ASM files to ensure that the content contained is fresh.
- Rebuilds all manpages to ensure that the content contained in the
manpages is fresh.
Some additional work needs to be done to make the manpage regeneration
"operation" reproducible (the date the manpages were generated is
embedded in the files).
All dynamic configuration previously captured in
`include/openssl/configuration.h` and `include/crypto/bn_conf.h` has been
moved to `freebsd/include/dynamic_freebsd_configuration.h` and
`freebsd/include/crypto/bn_conf.h`, respectively. This helps
ensure that future updates don't wipe out FreeBSD customizations to
these files, which tune behavior on a per-target architecture basis, e.g.,
ARM vs x86, 32-bit vs 64-bit, etc.
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D51663
According to https://krbdev.mit.edu/rt/Ticket/Display.html?id=9181,
The function verify_mic_v3() in src/lib/gssapi/krb5/verify_mic.c
calls kg_verify_checksum_v3() as it returns an OM_uint32 status
but kg_verify_checksum_v3() returns a krb5_boolean which has
the opposite interpretation:
- OM_uint32 0 is GSS_S_COMPLETE so no error
- krb5_boolean 0 is false so failure
This patch will be in MIT KRB5 1.22.1.
Obtained from: Greg Hudson <rt@krbdev.mit.edu> on krbdev.mit.edu ML.
Reviewed by: ivy, ngie
Differential review: https://reviews.freebsd.org/D51990
Current and traditional FreeBSD behavior means that getegid() here is
the first element in the prior setgroups() call, if any, so we may
inadvertently wipe out our rgid with the unprivileged gid. This is
rendered somewhat harmless by the fact that we're losing the privileged
gid -- we'll still regain it as the egid in restore_uid() later by way
of restoring saved_egroups, rather than by intentionally restoring it
from getgid().
This will be promptly reverted if we can get setgroups(2)/getgroups(2)
changed in FreeBSD 15.0, but it seemed wise to get this technically
correct for previous branches.
Reviewed by: jlduran
Differential Revision: https://reviews.freebsd.org/D51753
Migrate to OpenSSL 3.5 in advance of FreeBSD 15.0. OpenSSL 3.0 will be
EOL after 2026-09-07.
Approved by: philip (mentor)
Sponsored by: Alpha-Omega Beach Cleaning Project
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D51613
This stub isn't actually used on modern versions of OpenSSL for which
OpenSSH uses EVP_CIPHER_CTX_get_updated_iv instead via a wrapper macro.
However, the wrapper macro conflicted with the existing namespace
macro triggering an error on GCC:
In file included from crypto/openssh/sshd-session.c:65:
crypto/openssh/openbsd-compat/openssl-compat.h:71:11: error: "EVP_CIPHER_CTX_get_iv" redefined [-Werror]
71 | # define EVP_CIPHER_CTX_get_iv EVP_CIPHER_CTX_get_updated_iv
| ^~~~~~~~~~~~~~~~~~~~~
In file included from <command-line>:
crypto/openssh/ssh_namespace.h:12:9: note: this is the location of the previous definition
12 | #define EVP_CIPHER_CTX_get_iv Fssh_EVP_CIPHER_CTX_get_iv
| ^~~~~~~~~~~~~~~~~~~~~
The error was masked on clang due to MIT krb5 adding a blanket
-Wno-macro-redefined. Building sshd-session without Kerberos support
was sufficient to trigger a warning from clang.
Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D51810
This was previously included due to nested includes in Heimdal's
headers. Without this, the build fails with an error due to redefining
AT_FDCWD.
clang:
In file included from crypto/openssh/sshd-session.c:46:
/usr/obj/.../tmp/usr/include/fcntl.h:232:9: error: 'AT_FDCWD' macro redefined [-Werror,-Wmacro-redefined]
232 | #define AT_FDCWD -100
| ^
crypto/openssh/openbsd-compat/bsd-misc.h:69:10: note: previous definition is here
69 | # define AT_FDCWD (-2)
| ^
GCC (can't be disabled):
In file included from crypto/openssh/sshd-session.c:46:
sys/sys/fcntl.h:232:9: error: "AT_FDCWD" redefined [-Werror]
232 | #define AT_FDCWD -100
| ^~~~~~~~
In file included from crypto/openssh/openbsd-compat/openbsd-compat.h:218,
from crypto/openssh/includes.h:173,
from crypto/openssh/sshd-session.c:30:
openssh/openbsd-compat/bsd-misc.h:69:10: note: this is the location of the previous definition
69 | # define AT_FDCWD (-2)
| ^~~~~~~~
Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D51809
This conflicts with ALIGN() from <sys/param.h>. Rather than trying
to excise <sys/param.h> from all of krb5, rename the macro.
Reviewed by: des (previous version), cy
Differential Revision: https://reviews.freebsd.org/D51574
Upstream had a poor description for KbdInteractiveAuthentication prior
to the 10.0p2 release. We use KbdInteractiveAuthentication for PAM
authentication, and we replaced the poor description with a note about
use by PAM.
In 10.0p2 the upstream description has been fixed. Incorporate that
text now as it is an improvement and avoids a conflict in the upcoming
10.0p2 import.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
libedit breaks the bootstrap on MacOS and Linux.
Activate libedit only for the regular build not for the bootstrap
tools
While here fix the definition of the dependency chain between
libkrb5ss and libedit (and libtinfow) via src.libnames.mk
Remove a local patch to find the readline compatible header and
find them via proper CFLAGS.
Remove HEIMDAL=1 from openssh/krb5_config.h and move the definition
to the Makefile in order to control whether we're building under
Heimdal or MIT.
Add MIT KRB5 LIBS and INCLUDES to the openssh build.
Sponsored by: The FreeBSD Foundation
Reviewed by: markj
Differential revision: https://reviews.freebsd.org/D50782
Import MIT KRB5 1.21.3, which will gracefully replace KTH Heimdal.
The tarball used in this import is the same tarball used in
ports/krb5-121.
The Makefiles to add MIT KRB5 to the build will be added later.
Obtained from: http://web.mit.edu/kerberos/dist/
Sponsored by: The FreeBSD Foundation
Add 'crypto/krb5/' from commit '8f7d3ef26dec89a92ec0665de84a5936310a5574'
git-subtree-dir: crypto/krb5
git-subtree-mainline: bf6873c578
git-subtree-split: 8f7d3ef26d
The net result of this change is the removal of a few comments from
config.h; it has no direct user-facing impact as DSA was already
disabled as of commit 0b707d5fe8 ("ssh: Disable support for DSA
keys").
Reviewed by: jlduran, philip
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49739
DSA is deprecated and upstream OpenSSH is in the process of removing it.
From OpenSSH-portable 10.0, cherry-pick the configure change so that we
can independently decide what to merge to stable branches.
This change has no direct user-facing impact, as the upstream configure
script is not used in the FreeBSD build process. It is worth noting as
part of OpenSSH's full removal of DSA support.
Reviewed by: jlduran, philip
Relnotes: Yes
Obtained from: OpenSSH-portable 6c9872faa1c2
Sponsored by: The FreeBSD Foundation
This option was documented as disabling X11 and agent forwarding but it
failed to do so. Spotted by Tim Rice.
Obtained from: OpenBSD d31ec64016fc
Sponsored by: The FreeBSD Foundation
