diff --git a/openssh-9.6p1-gssapi-keyex.patch b/openssh-9.6p1-gssapi-keyex.patch index ef1f97e..5875943 100644 --- a/openssh-9.6p1-gssapi-keyex.patch +++ b/openssh-9.6p1-gssapi-keyex.patch @@ -1,6 +1,6 @@ diff --color -ruNp a/auth2.c b/auth2.c ---- a/auth2.c 2024-09-16 11:45:56.858133241 +0200 -+++ b/auth2.c 2024-09-16 11:46:34.688939755 +0200 +--- a/auth2.c 2026-03-13 12:32:48.463830672 +0100 ++++ b/auth2.c 2026-03-13 12:16:40.013559000 +0100 @@ -71,6 +71,7 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; @@ -18,8 +18,8 @@ diff --color -ruNp a/auth2.c b/auth2.c #endif &method_passwd, diff --color -ruNp a/auth2-gss.c b/auth2-gss.c ---- a/auth2-gss.c 2024-09-16 11:45:56.858133241 +0200 -+++ b/auth2-gss.c 2024-09-16 11:46:34.689939776 +0200 +--- a/auth2-gss.c 2026-03-13 12:32:48.464158978 +0100 ++++ b/auth2-gss.c 2026-03-13 12:16:40.011579476 +0100 @@ -51,6 +51,7 @@ #define SSH_GSSAPI_MAX_MECHS 2048 @@ -108,8 +108,8 @@ diff --color -ruNp a/auth2-gss.c b/auth2-gss.c &methodcfg_gssapi, userauth_gssapi, diff --color -ruNp a/auth2-methods.c b/auth2-methods.c ---- a/auth2-methods.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/auth2-methods.c 2024-09-16 11:46:34.689939776 +0200 +--- a/auth2-methods.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/auth2-methods.c 2026-03-13 12:16:40.011621502 +0100 @@ -50,6 +50,11 @@ struct authmethod_cfg methodcfg_pubkey = &options.pubkey_authentication }; @@ -131,8 +131,8 @@ diff --color -ruNp a/auth2-methods.c b/auth2-methods.c #endif &methodcfg_passwd, diff --color -ruNp a/auth.c b/auth.c ---- a/auth.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/auth.c 2024-09-16 11:46:34.690939798 +0200 +--- a/auth.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/auth.c 2026-03-13 12:16:39.971971452 +0100 @@ -356,7 +356,8 @@ auth_root_allowed(struct ssh *ssh, const case PERMIT_NO_PASSWD: if (strcmp(method, "publickey") == 0 || @@ -144,8 +144,8 @@ diff --color -ruNp a/auth.c b/auth.c break; case PERMIT_FORCED_ONLY: diff --color -ruNp a/canohost.c b/canohost.c ---- a/canohost.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/canohost.c 2024-09-16 11:46:34.690939798 +0200 +--- a/canohost.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/canohost.c 2026-03-13 12:16:39.971614349 +0100 @@ -35,6 +35,99 @@ #include "canohost.h" #include "misc.h" @@ -247,8 +247,8 @@ diff --color -ruNp a/canohost.c b/canohost.c ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) { diff --color -ruNp a/canohost.h b/canohost.h ---- a/canohost.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/canohost.h 2024-09-16 11:46:34.690939798 +0200 +--- a/canohost.h 2024-09-20 00:20:48.000000000 +0200 ++++ b/canohost.h 2026-03-13 12:16:39.973010227 +0100 @@ -15,6 +15,9 @@ #ifndef _CANOHOST_H #define _CANOHOST_H @@ -260,8 +260,8 @@ diff --color -ruNp a/canohost.h b/canohost.h int get_peer_port(int); char *get_local_ipaddr(int); diff --color -ruNp a/clientloop.c b/clientloop.c ---- a/clientloop.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/clientloop.c 2024-09-16 11:46:34.690939798 +0200 +--- a/clientloop.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/clientloop.c 2026-03-13 12:16:39.973067475 +0100 @@ -115,6 +115,10 @@ #include "ssherr.h" #include "hostfile.h" @@ -289,8 +289,8 @@ diff --color -ruNp a/clientloop.c b/clientloop.c if (conn_in_ready) client_process_net_input(ssh); diff --color -ruNp a/configure.ac b/configure.ac ---- a/configure.ac 2024-09-16 11:45:56.870133497 +0200 -+++ b/configure.ac 2024-09-16 11:46:34.691939819 +0200 +--- a/configure.ac 2026-03-13 12:32:48.476497111 +0100 ++++ b/configure.ac 2026-03-13 12:16:39.974067978 +0100 @@ -774,6 +774,30 @@ int main(void) { if (NSVersionOfRunTimeL [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], @@ -323,8 +323,8 @@ diff --color -ruNp a/configure.ac b/configure.ac AC_CHECK_DECL([AU_IPv4], [], AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) diff --color -ruNp a/gss-genr.c b/gss-genr.c ---- a/gss-genr.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-genr.c 2024-09-16 11:46:34.708940181 +0200 +--- a/gss-genr.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/gss-genr.c 2026-03-13 12:16:40.012672759 +0100 @@ -42,9 +42,33 @@ #include "sshbuf.h" #include "log.h" @@ -710,8 +710,8 @@ diff --color -ruNp a/gss-genr.c b/gss-genr.c + #endif /* GSSAPI */ diff --color -ruNp a/gss-serv.c b/gss-serv.c ---- a/gss-serv.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-serv.c 2024-09-16 11:46:34.692939840 +0200 +--- a/gss-serv.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/gss-serv.c 2026-03-13 12:16:39.978787818 +0100 @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */ @@ -1004,8 +1004,8 @@ diff --color -ruNp a/gss-serv.c b/gss-serv.c /* Privileged */ diff --color -ruNp a/gss-serv-krb5.c b/gss-serv-krb5.c ---- a/gss-serv-krb5.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/gss-serv-krb5.c 2024-09-16 11:46:34.692939840 +0200 +--- a/gss-serv-krb5.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/gss-serv-krb5.c 2026-03-13 12:16:39.978934056 +0100 @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */ @@ -1143,8 +1143,8 @@ diff --color -ruNp a/gss-serv-krb5.c b/gss-serv-krb5.c #endif /* KRB5 */ diff --color -ruNp a/kex.c b/kex.c ---- a/kex.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex.c 2024-09-16 11:46:34.692939840 +0200 +--- a/kex.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/kex.c 2026-03-13 12:16:39.978857653 +0100 @@ -297,17 +297,37 @@ static int kex_compose_ext_info_server(struct ssh *ssh, struct sshbuf *m) { @@ -1200,8 +1200,8 @@ diff --color -ruNp a/kex.c b/kex.c sshkey_free(kex->initial_hostkey); free(kex->failed_choice); diff --color -ruNp a/kexdh.c b/kexdh.c ---- a/kexdh.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kexdh.c 2024-09-16 11:46:34.693939862 +0200 +--- a/kexdh.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/kexdh.c 2026-03-13 12:16:39.979537228 +0100 @@ -49,13 +49,23 @@ kex_dh_keygen(struct kex *kex) { switch (kex->kex_type) { @@ -1227,8 +1227,8 @@ diff --color -ruNp a/kexdh.c b/kexdh.c break; case KEX_DH_GRP18_SHA512: diff --color -ruNp a/kexgen.c b/kexgen.c ---- a/kexgen.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kexgen.c 2024-09-16 11:46:34.693939862 +0200 +--- a/kexgen.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/kexgen.c 2026-03-13 12:16:39.979737335 +0100 @@ -44,7 +44,7 @@ static int input_kex_gen_init(int, u_int32_t, struct ssh *); static int input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh); @@ -1240,7 +1240,7 @@ diff --color -ruNp a/kexgen.c b/kexgen.c const struct sshbuf *client_version, diff --color -ruNp a/kexgssc.c b/kexgssc.c --- a/kexgssc.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/kexgssc.c 2024-10-14 15:18:02.491798105 +0200 ++++ b/kexgssc.c 2026-03-13 12:25:23.115812190 +0100 @@ -0,0 +1,706 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. @@ -1369,7 +1369,7 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + + /* Verify that the hash matches the MIC we just got. */ + if (GSS_ERROR(ssh_gssapi_checkmic(gss, &gss->buf, &gss->msg_tok))) -+ sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); ++ ssh_packet_disconnect(ssh, "Hash's MIC didn't verify"); + + gss_release_buffer(&gss->minor, &gss->msg_tok); + @@ -1592,10 +1592,10 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + fatal("Failed to read token: %s", ssh_err(r)); + /* If we're already complete - protocol error */ + if (gss->major == GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); ++ ssh_packet_disconnect(ssh, "Protocol error: received token when complete"); + } else { + if (gss->major != GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); ++ ssh_packet_disconnect(ssh, "Protocol error: did not receive final token"); + } + if ((r = sshpkt_get_end(ssh)) != 0) + fatal("Expecting end of packet."); @@ -1731,7 +1731,7 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + + /* Verify that the hash matches the MIC we just got. */ + if (GSS_ERROR(ssh_gssapi_checkmic(gss, &gss->buf, &gss->msg_tok))) -+ sshpkt_disconnect(ssh, "Hash's MIC didn't verify"); ++ ssh_packet_disconnect(ssh, "Hash's MIC didn't verify"); + + gss_release_buffer(&gss->minor, &gss->msg_tok); + @@ -1932,10 +1932,10 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c + fatal("Failed to read token: %s", ssh_err(r)); + /* If we're already complete - protocol error */ + if (gss->major == GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: received token when complete"); ++ ssh_packet_disconnect(ssh, "Protocol error: received token when complete"); + } else { + if (gss->major != GSS_S_COMPLETE) -+ sshpkt_disconnect(ssh, "Protocol error: did not receive final token"); ++ ssh_packet_disconnect(ssh, "Protocol error: did not receive final token"); + } + if ((r = sshpkt_get_end(ssh)) != 0) + fatal("Expecting end of packet."); @@ -1950,8 +1950,8 @@ diff --color -ruNp a/kexgssc.c b/kexgssc.c +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ diff --color -ruNp a/kexgsss.c b/kexgsss.c --- a/kexgsss.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/kexgsss.c 2024-10-14 15:18:02.491798105 +0200 -@@ -0,0 +1,601 @@ ++++ b/kexgsss.c 2026-03-13 12:32:17.556172591 +0100 +@@ -0,0 +1,603 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * @@ -2083,7 +2083,7 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c +{ + struct kex *kex = ssh->kex; + Gssctxt *gss = kex->gss; -+ gss_buffer_desc msg_tok; ++ gss_buffer_desc msg_tok = GSS_C_EMPTY_BUFFER; + u_char hash[SSH_DIGEST_MAX_LENGTH]; + size_t hashlen; + struct sshbuf *shared_secret = NULL; @@ -2167,7 +2167,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + Gssctxt *gss = kex->gss; + struct sshbuf *empty; + struct sshbuf *client_pubkey = NULL; -+ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; + OM_uint32 ret_flags = 0; + int r; + @@ -2243,7 +2244,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + struct ssh *ssh) +{ + Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; + OM_uint32 ret_flags = 0; + int r; + @@ -2334,7 +2336,7 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c +{ + struct kex *kex = ssh->kex; + Gssctxt *gss = kex->gss; -+ gss_buffer_desc msg_tok; ++ gss_buffer_desc msg_tok = GSS_C_EMPTY_BUFFER; + u_char hash[SSH_DIGEST_MAX_LENGTH]; + size_t hashlen; + const BIGNUM *pub_key, *dh_p, *dh_g; @@ -2475,10 +2477,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", min, nbits, max); + + kex->dh = mm_choose_dh(min, nbits, max); -+ if (kex->dh == NULL) { -+ sshpkt_disconnect(ssh, "Protocol error: no matching group found"); -+ fatal("Protocol error: no matching group found"); -+ } ++ if (kex->dh == NULL) ++ ssh_packet_disconnect(ssh, "Protocol error: no matching group found"); + + DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); + if ((r = sshpkt_start(ssh, SSH2_MSG_KEXGSS_GROUP)) != 0 || @@ -2510,7 +2510,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + struct ssh *ssh) +{ + Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; + OM_uint32 ret_flags = 0; + int r; + @@ -2537,7 +2538,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + struct ssh *ssh) +{ + Gssctxt *gss = ssh->kex->gss; -+ gss_buffer_desc recv_tok, send_tok = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc recv_tok = GSS_C_EMPTY_BUFFER; ++ gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; + OM_uint32 ret_flags = 0; + int r; + @@ -2554,8 +2556,8 @@ diff --color -ruNp a/kexgsss.c b/kexgsss.c + +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */ diff --color -ruNp a/kex.h b/kex.h ---- a/kex.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex.h 2024-09-16 11:46:34.710940224 +0200 +--- a/kex.h 2024-09-20 00:20:48.000000000 +0200 ++++ b/kex.h 2026-03-13 12:16:40.013688997 +0100 @@ -29,6 +29,10 @@ #include "mac.h" #include "crypto_api.h" @@ -2567,7 +2569,7 @@ diff --color -ruNp a/kex.h b/kex.h #ifdef WITH_OPENSSL # include # include -@@ -102,6 +106,15 @@ enum kex_exchange { +@@ -103,6 +107,15 @@ enum kex_exchange { KEX_C25519_SHA256, KEX_KEM_SNTRUP761X25519_SHA512, KEX_KEM_MLKEM768X25519_SHA256, @@ -2583,7 +2585,7 @@ diff --color -ruNp a/kex.h b/kex.h KEX_MAX }; -@@ -164,6 +177,13 @@ struct kex { +@@ -165,6 +178,13 @@ struct kex { u_int flags; int hash_alg; int ec_nid; @@ -2597,7 +2599,7 @@ diff --color -ruNp a/kex.h b/kex.h char *failed_choice; int (*verify_host_key)(struct sshkey *, struct ssh *); struct sshkey *(*load_host_public_key)(int, int, struct ssh *); -@@ -189,8 +209,10 @@ int kex_hash_from_name(const char *); +@@ -191,8 +211,10 @@ int kex_hash_from_name(const char *); int kex_nid_from_name(const char *); int kex_names_valid(const char *); char *kex_alg_list(char); @@ -2608,7 +2610,7 @@ diff --color -ruNp a/kex.h b/kex.h int kex_assemble_names(char **, const char *, const char *); void kex_proposal_populate_entries(struct ssh *, char *prop[PROPOSAL_MAX], const char *, const char *, const char *, const char *, const char *); -@@ -224,6 +246,12 @@ int kexgex_client(struct ssh *); +@@ -226,6 +248,12 @@ int kexgex_client(struct ssh *); int kexgex_server(struct ssh *); int kex_gen_client(struct ssh *); int kex_gen_server(struct ssh *); @@ -2621,7 +2623,7 @@ diff --color -ruNp a/kex.h b/kex.h int kex_dh_keypair(struct kex *); int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, -@@ -256,6 +284,12 @@ int kexgex_hash(int, const struct sshbu +@@ -264,6 +292,12 @@ int kexgex_hash(int, const struct sshbu const BIGNUM *, const u_char *, size_t, u_char *, size_t *); @@ -2635,8 +2637,8 @@ diff --color -ruNp a/kex.h b/kex.h __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); diff --color -ruNp a/kex-names.c b/kex-names.c ---- a/kex-names.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/kex-names.c 2024-09-16 11:46:34.694939883 +0200 +--- a/kex-names.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/kex-names.c 2026-03-13 12:16:39.979603048 +0100 @@ -45,6 +45,10 @@ #include "ssherr.h" #include "xmalloc.h" @@ -2648,7 +2650,7 @@ diff --color -ruNp a/kex-names.c b/kex-names.c struct kexalg { char *name; u_int type; -@@ -83,15 +87,28 @@ static const struct kexalg kexalgs[] = { +@@ -89,15 +93,28 @@ static const struct kexalg kexalgs[] = { #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */ { NULL, 0, -1, -1}, }; @@ -2680,7 +2682,7 @@ diff --color -ruNp a/kex-names.c b/kex-names.c if (ret != NULL) ret[rlen++] = sep; nlen = strlen(k->name); -@@ -106,6 +123,18 @@ kex_alg_list(char sep) +@@ -112,6 +129,18 @@ kex_alg_list(char sep) return ret; } @@ -2699,7 +2701,7 @@ diff --color -ruNp a/kex-names.c b/kex-names.c static const struct kexalg * kex_alg_by_name(const char *name) { -@@ -115,6 +144,10 @@ kex_alg_by_name(const char *name) +@@ -121,6 +150,10 @@ kex_alg_by_name(const char *name) if (strcmp(k->name, name) == 0) return k; } @@ -2710,7 +2712,7 @@ diff --color -ruNp a/kex-names.c b/kex-names.c return NULL; } -@@ -328,3 +361,26 @@ kex_assemble_names(char **listp, const c +@@ -334,3 +367,26 @@ kex_assemble_names(char **listp, const c free(ret); return r; } @@ -2738,8 +2740,8 @@ diff --color -ruNp a/kex-names.c b/kex-names.c + return 1; +} diff --color -ruNp a/Makefile.in b/Makefile.in ---- a/Makefile.in 2024-09-16 11:45:56.868133454 +0200 -+++ b/Makefile.in 2024-09-16 11:46:34.695939904 +0200 +--- a/Makefile.in 2026-03-13 12:32:48.475081074 +0100 ++++ b/Makefile.in 2026-03-13 12:16:39.979453307 +0100 @@ -114,6 +114,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ @@ -2767,9 +2769,9 @@ diff --color -ruNp a/Makefile.in b/Makefile.in regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c $(REGRESSLIBS) $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(srcdir)/regress/modpipe.c \ diff --color -ruNp a/monitor.c b/monitor.c ---- a/monitor.c 2024-09-16 11:45:56.861133305 +0200 -+++ b/monitor.c 2024-09-16 11:46:34.696939926 +0200 -@@ -143,6 +143,8 @@ int mm_answer_gss_setup_ctx(struct ssh * +--- a/monitor.c 2026-03-13 12:32:48.467311058 +0100 ++++ b/monitor.c 2026-03-13 12:16:40.012477799 +0100 +@@ -144,6 +144,8 @@ int mm_answer_gss_setup_ctx(struct ssh * int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *); int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *); int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *); @@ -2778,7 +2780,7 @@ diff --color -ruNp a/monitor.c b/monitor.c #endif #ifdef SSH_AUDIT_EVENTS -@@ -219,11 +221,18 @@ struct mon_table mon_dispatch_proto20[] +@@ -220,11 +222,18 @@ struct mon_table mon_dispatch_proto20[] {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic}, @@ -2797,7 +2799,7 @@ diff --color -ruNp a/monitor.c b/monitor.c #ifdef WITH_OPENSSL {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, #endif -@@ -292,6 +301,10 @@ monitor_child_preauth(struct ssh *ssh, s +@@ -293,6 +302,10 @@ monitor_child_preauth(struct ssh *ssh, s /* Permit requests for moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); @@ -2808,7 +2810,7 @@ diff --color -ruNp a/monitor.c b/monitor.c /* The first few requests do not require asynchronous access */ while (!authenticated) { -@@ -344,8 +357,15 @@ monitor_child_preauth(struct ssh *ssh, s +@@ -345,8 +358,15 @@ monitor_child_preauth(struct ssh *ssh, s if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { auth_log(ssh, authenticated, partial, auth_method, auth_submethod); @@ -2825,7 +2827,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if (authenticated || partial) { auth2_update_session_info(authctxt, auth_method, auth_submethod); -@@ -413,6 +433,10 @@ monitor_child_postauth(struct ssh *ssh, +@@ -414,6 +434,10 @@ monitor_child_postauth(struct ssh *ssh, monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -2836,7 +2838,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if (auth_opts->permit_pty_flag) { monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); -@@ -1793,6 +1817,17 @@ monitor_apply_keystate(struct ssh *ssh, +@@ -1803,6 +1827,17 @@ monitor_apply_keystate(struct ssh *ssh, # ifdef OPENSSL_HAS_ECC kex->kex[KEX_ECDH_SHA2] = kex_gen_server; # endif @@ -2854,7 +2856,7 @@ diff --color -ruNp a/monitor.c b/monitor.c #endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kex_gen_server; kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; -@@ -1885,8 +1920,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, +@@ -1896,8 +1931,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, u_char *p; int r; @@ -2865,7 +2867,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if ((r = sshbuf_get_string(m, &p, &len)) != 0) fatal_fr(r, "parse"); -@@ -1918,8 +1953,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh +@@ -1929,8 +1964,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh OM_uint32 flags = 0; /* GSI needs this */ int r; @@ -2876,7 +2878,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0) fatal_fr(r, "ssh_gssapi_get_buffer_desc"); -@@ -1939,6 +1974,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh +@@ -1950,6 +1985,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); @@ -2884,7 +2886,7 @@ diff --color -ruNp a/monitor.c b/monitor.c } return (0); } -@@ -1950,8 +1986,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, +@@ -1961,8 +1997,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, OM_uint32 ret; int r; @@ -2895,7 +2897,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 || (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0) -@@ -1977,13 +2013,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, +@@ -1988,13 +2024,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m) { @@ -2917,7 +2919,7 @@ diff --color -ruNp a/monitor.c b/monitor.c sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) -@@ -1992,7 +2032,11 @@ mm_answer_gss_userok(struct ssh *ssh, in +@@ -2003,7 +2043,11 @@ mm_answer_gss_userok(struct ssh *ssh, in debug3_f("sending result %d", authenticated); mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); @@ -2930,7 +2932,7 @@ diff --color -ruNp a/monitor.c b/monitor.c if ((displayname = ssh_gssapi_displayname()) != NULL) auth2_record_info(authctxt, "%s", displayname); -@@ -2000,5 +2044,84 @@ mm_answer_gss_userok(struct ssh *ssh, in +@@ -2011,5 +2055,84 @@ mm_answer_gss_userok(struct ssh *ssh, in /* Monitor loop will terminate if authenticated */ return (authenticated); } @@ -3016,8 +3018,8 @@ diff --color -ruNp a/monitor.c b/monitor.c #endif /* GSSAPI */ diff --color -ruNp a/monitor.h b/monitor.h ---- a/monitor.h 2024-09-16 11:45:56.861133305 +0200 -+++ b/monitor.h 2024-09-16 11:46:34.696939926 +0200 +--- a/monitor.h 2026-03-13 12:32:48.467853845 +0100 ++++ b/monitor.h 2026-03-13 12:16:40.011929029 +0100 @@ -67,6 +67,8 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, @@ -3028,8 +3030,8 @@ diff --color -ruNp a/monitor.h b/monitor.h struct ssh; diff --color -ruNp a/monitor_wrap.c b/monitor_wrap.c ---- a/monitor_wrap.c 2024-09-16 11:45:56.862133326 +0200 -+++ b/monitor_wrap.c 2024-09-16 11:46:34.697939947 +0200 +--- a/monitor_wrap.c 2026-03-13 12:32:48.468148305 +0100 ++++ b/monitor_wrap.c 2026-03-13 12:16:40.011969272 +0100 @@ -1075,13 +1075,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss } @@ -3108,8 +3110,8 @@ diff --color -ruNp a/monitor_wrap.c b/monitor_wrap.c /* diff --color -ruNp a/monitor_wrap.h b/monitor_wrap.h ---- a/monitor_wrap.h 2024-09-16 11:45:56.862133326 +0200 -+++ b/monitor_wrap.h 2024-09-16 11:46:34.697939947 +0200 +--- a/monitor_wrap.h 2026-03-13 12:32:48.468446940 +0100 ++++ b/monitor_wrap.h 2026-03-13 12:16:40.012015851 +0100 @@ -67,8 +67,10 @@ void mm_decode_activate_server_options(s OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, @@ -3123,8 +3125,8 @@ diff --color -ruNp a/monitor_wrap.h b/monitor_wrap.h #ifdef USE_PAM diff --color -ruNp a/readconf.c b/readconf.c ---- a/readconf.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/readconf.c 2024-09-16 11:46:34.699939990 +0200 +--- a/readconf.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/readconf.c 2026-03-13 12:16:40.012058137 +0100 @@ -70,6 +70,7 @@ #include "uidswap.h" #include "myproposal.h" @@ -3165,7 +3167,7 @@ diff --color -ruNp a/readconf.c b/readconf.c #endif #ifdef ENABLE_PKCS11 { "pkcs11provider", oPKCS11Provider }, -@@ -1227,10 +1242,42 @@ parse_time: +@@ -1256,10 +1271,42 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; @@ -3208,7 +3210,7 @@ diff --color -ruNp a/readconf.c b/readconf.c case oBatchMode: intptr = &options->batch_mode; goto parse_flag; -@@ -2542,7 +2589,13 @@ initialize_options(Options * options) +@@ -2576,7 +2623,13 @@ initialize_options(Options * options) options->fwd_opts.streamlocal_bind_unlink = -1; options->pubkey_authentication = -1; options->gss_authentication = -1; @@ -3222,7 +3224,7 @@ diff --color -ruNp a/readconf.c b/readconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; -@@ -2705,8 +2758,18 @@ fill_default_options(Options * options) +@@ -2739,8 +2792,18 @@ fill_default_options(Options * options) options->pubkey_authentication = SSH_PUBKEY_AUTH_ALL; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3241,7 +3243,7 @@ diff --color -ruNp a/readconf.c b/readconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -3533,7 +3596,14 @@ dump_client_config(Options *o, const cha +@@ -3567,7 +3630,14 @@ dump_client_config(Options *o, const cha dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports); #ifdef GSSAPI dump_cfg_fmtint(oGssAuthentication, o->gss_authentication); @@ -3257,8 +3259,8 @@ diff --color -ruNp a/readconf.c b/readconf.c dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts); dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication); diff --color -ruNp a/readconf.h b/readconf.h ---- a/readconf.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/readconf.h 2024-09-16 11:46:34.699939990 +0200 +--- a/readconf.h 2024-09-20 00:20:48.000000000 +0200 ++++ b/readconf.h 2026-03-13 12:16:39.991140430 +0100 @@ -40,7 +40,13 @@ typedef struct { int pubkey_authentication; /* Try ssh2 pubkey authentication. */ int hostbased_authentication; /* ssh2's rhosts_rsa */ @@ -3274,8 +3276,8 @@ diff --color -ruNp a/readconf.h b/readconf.h * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ diff --color -ruNp a/servconf.c b/servconf.c ---- a/servconf.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/servconf.c 2024-09-16 11:46:34.700940011 +0200 +--- a/servconf.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/servconf.c 2026-03-13 12:16:39.991185528 +0100 @@ -68,6 +68,7 @@ #include "auth.h" #include "myproposal.h" @@ -3296,7 +3298,7 @@ diff --color -ruNp a/servconf.c b/servconf.c options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->permit_empty_passwd = -1; -@@ -376,10 +380,18 @@ fill_default_server_options(ServerOption +@@ -378,10 +382,18 @@ fill_default_server_options(ServerOption options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; @@ -3315,7 +3317,7 @@ diff --color -ruNp a/servconf.c b/servconf.c if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) -@@ -558,6 +570,7 @@ typedef enum { +@@ -564,6 +576,7 @@ typedef enum { sPerSourcePenalties, sPerSourcePenaltyExemptList, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, @@ -3323,7 +3325,7 @@ diff --color -ruNp a/servconf.c b/servconf.c sAcceptEnv, sSetEnv, sPermitTunnel, sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, -@@ -643,12 +656,22 @@ static struct { +@@ -649,12 +662,22 @@ static struct { #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, @@ -3346,7 +3348,7 @@ diff --color -ruNp a/servconf.c b/servconf.c { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, /* alias */ -@@ -1585,6 +1608,10 @@ process_server_config_line_depth(ServerO +@@ -1605,6 +1628,10 @@ process_server_config_line_depth(ServerO intptr = &options->gss_authentication; goto parse_flag; @@ -3357,7 +3359,7 @@ diff --color -ruNp a/servconf.c b/servconf.c case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; -@@ -1593,6 +1620,22 @@ process_server_config_line_depth(ServerO +@@ -1613,6 +1640,22 @@ process_server_config_line_depth(ServerO intptr = &options->gss_strict_acceptor; goto parse_flag; @@ -3380,7 +3382,7 @@ diff --color -ruNp a/servconf.c b/servconf.c case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; -@@ -3178,6 +3221,10 @@ dump_config(ServerOptions *o) +@@ -3204,6 +3247,10 @@ dump_config(ServerOptions *o) #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); @@ -3392,9 +3394,9 @@ diff --color -ruNp a/servconf.c b/servconf.c dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, diff --color -ruNp a/servconf.h b/servconf.h ---- a/servconf.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/servconf.h 2024-09-16 11:46:34.700940011 +0200 -@@ -149,8 +149,11 @@ typedef struct { +--- a/servconf.h 2024-09-20 00:20:48.000000000 +0200 ++++ b/servconf.h 2026-03-13 12:16:40.004993534 +0100 +@@ -150,8 +150,11 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ @@ -3407,8 +3409,8 @@ diff --color -ruNp a/servconf.h b/servconf.h * authentication. */ int kbd_interactive_authentication; /* If true, permit */ diff --color -ruNp a/session.c b/session.c ---- a/session.c 2024-09-16 11:45:56.866133411 +0200 -+++ b/session.c 2024-09-16 11:46:34.701940032 +0200 +--- a/session.c 2026-03-13 12:32:48.472280104 +0100 ++++ b/session.c 2026-03-13 12:16:40.005034524 +0100 @@ -2674,13 +2674,19 @@ do_cleanup(struct ssh *ssh, Authctxt *au #ifdef KRB5 @@ -3432,9 +3434,9 @@ diff --color -ruNp a/session.c b/session.c /* remove agent socket */ diff --color -ruNp a/ssh.1 b/ssh.1 ---- a/ssh.1 2024-09-16 11:45:56.875133603 +0200 -+++ b/ssh.1 2024-09-16 11:46:34.701940032 +0200 -@@ -536,7 +536,13 @@ For full details of the options listed b +--- a/ssh.1 2026-03-13 12:32:48.479681434 +0100 ++++ b/ssh.1 2026-03-13 12:16:40.012217780 +0100 +@@ -538,7 +538,13 @@ For full details of the options listed b .It GatewayPorts .It GlobalKnownHostsFile .It GSSAPIAuthentication @@ -3448,7 +3450,7 @@ diff --color -ruNp a/ssh.1 b/ssh.1 .It HashKnownHosts .It Host .It HostbasedAcceptedAlgorithms -@@ -624,6 +630,8 @@ flag), +@@ -626,6 +632,8 @@ flag), (supported message integrity codes), .Ar kex (key exchange algorithms), @@ -3458,8 +3460,8 @@ diff --color -ruNp a/ssh.1 b/ssh.1 (key types), .Ar key-ca-sign diff --color -ruNp a/ssh.c b/ssh.c ---- a/ssh.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh.c 2024-09-16 11:46:34.702940054 +0200 +--- a/ssh.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/ssh.c 2026-03-13 12:16:40.012768046 +0100 @@ -827,6 +827,8 @@ main(int ac, char **av) else if (strcmp(optarg, "kex") == 0 || strcasecmp(optarg, "KexAlgorithms") == 0) @@ -3481,8 +3483,8 @@ diff --color -ruNp a/ssh.c b/ssh.c if (cp == NULL) fatal("Unsupported query \"%s\"", optarg); diff --color -ruNp a/ssh_config b/ssh_config ---- a/ssh_config 2024-09-16 11:45:56.884133795 +0200 -+++ b/ssh_config 2024-09-16 11:46:34.702940054 +0200 +--- a/ssh_config 2026-03-13 12:32:48.487976307 +0100 ++++ b/ssh_config 2026-03-13 12:16:40.007769377 +0100 @@ -24,6 +24,8 @@ # HostbasedAuthentication no # GSSAPIAuthentication no @@ -3493,8 +3495,8 @@ diff --color -ruNp a/ssh_config b/ssh_config # CheckHostIP no # AddressFamily any diff --color -ruNp a/ssh_config.5 b/ssh_config.5 ---- a/ssh_config.5 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh_config.5 2024-09-16 11:46:34.703940075 +0200 +--- a/ssh_config.5 2024-09-20 00:20:48.000000000 +0200 ++++ b/ssh_config.5 2026-03-13 12:16:40.013000257 +0100 @@ -938,10 +938,68 @@ The default is Specifies whether user authentication based on GSSAPI is allowed. The default is @@ -3565,8 +3567,8 @@ diff --color -ruNp a/ssh_config.5 b/ssh_config.5 Indicates that .Xr ssh 1 diff --color -ruNp a/sshconnect2.c b/sshconnect2.c ---- a/sshconnect2.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshconnect2.c 2024-09-16 11:46:34.703940075 +0200 +--- a/sshconnect2.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/sshconnect2.c 2026-03-13 12:16:40.008053898 +0100 @@ -222,6 +222,11 @@ ssh_kex2(struct ssh *ssh, char *host, st char *all_key, *hkalgs = NULL; int r, use_known_hosts_order = 0; @@ -3669,7 +3671,7 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c #ifdef DEBUG_KEXDH /* send 1st encrypted/maced/compressed message */ if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 || -@@ -368,6 +439,7 @@ static int input_gssapi_response(int typ +@@ -369,6 +440,7 @@ static int input_gssapi_response(int typ static int input_gssapi_token(int type, u_int32_t, struct ssh *); static int input_gssapi_error(int, u_int32_t, struct ssh *); static int input_gssapi_errtok(int, u_int32_t, struct ssh *); @@ -3677,7 +3679,7 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c #endif void userauth(struct ssh *, char *); -@@ -384,6 +456,11 @@ static char *authmethods_get(void); +@@ -385,6 +457,11 @@ static char *authmethods_get(void); Authmethod authmethods[] = { #ifdef GSSAPI @@ -3689,7 +3691,7 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c {"gssapi-with-mic", userauth_gssapi, userauth_gssapi_cleanup, -@@ -755,12 +832,32 @@ userauth_gssapi(struct ssh *ssh) +@@ -756,12 +833,32 @@ userauth_gssapi(struct ssh *ssh) OM_uint32 min; int r, ok = 0; gss_OID mech = NULL; @@ -3723,7 +3725,7 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c /* Check to see whether the mechanism is usable before we offer it */ while (authctxt->mech_tried < authctxt->gss_supported_mechs->count && -@@ -769,13 +866,15 @@ userauth_gssapi(struct ssh *ssh) +@@ -770,13 +867,15 @@ userauth_gssapi(struct ssh *ssh) elements[authctxt->mech_tried]; /* My DER encoding requires length<128 */ if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt, @@ -3740,7 +3742,7 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c if (!ok || mech == NULL) return 0; -@@ -1009,6 +1108,55 @@ input_gssapi_error(int type, u_int32_t p +@@ -1010,6 +1109,55 @@ input_gssapi_error(int type, u_int32_t p free(lang); return r; } @@ -3797,9 +3799,9 @@ diff --color -ruNp a/sshconnect2.c b/sshconnect2.c static int diff --color -ruNp a/sshd.c b/sshd.c ---- a/sshd.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshd.c 2024-09-16 11:46:34.704940096 +0200 -@@ -1551,7 +1551,8 @@ main(int ac, char **av) +--- a/sshd.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/sshd.c 2026-03-13 12:16:40.008426802 +0100 +@@ -1558,7 +1558,8 @@ main(int ac, char **av) free(fp); } accumulate_host_timing_secret(cfg, NULL); @@ -3810,8 +3812,8 @@ diff --color -ruNp a/sshd.c b/sshd.c exit(1); } diff --color -ruNp a/sshd_config b/sshd_config ---- a/sshd_config 2024-09-16 11:45:56.888133880 +0200 -+++ b/sshd_config 2024-09-16 11:46:34.704940096 +0200 +--- a/sshd_config 2026-03-13 12:32:48.491841092 +0100 ++++ b/sshd_config 2026-03-13 12:16:40.008629209 +0100 @@ -77,6 +77,8 @@ AuthorizedKeysFile .ssh/authorized_keys # GSSAPI options #GSSAPIAuthentication no @@ -3822,8 +3824,8 @@ diff --color -ruNp a/sshd_config b/sshd_config # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will diff --color -ruNp a/sshd_config.5 b/sshd_config.5 ---- a/sshd_config.5 2024-09-16 11:45:56.885133816 +0200 -+++ b/sshd_config.5 2024-09-16 11:46:34.704940096 +0200 +--- a/sshd_config.5 2026-03-13 12:32:48.489069461 +0100 ++++ b/sshd_config.5 2026-03-13 12:16:40.013495921 +0100 @@ -739,6 +739,11 @@ Specifies whether to automatically destr on logout. The default is @@ -3870,9 +3872,9 @@ diff --color -ruNp a/sshd_config.5 b/sshd_config.5 Specifies the signature algorithms that will be accepted for hostbased authentication as a list of comma-separated patterns. diff --color -ruNp a/sshd-session.c b/sshd-session.c ---- a/sshd-session.c 2024-09-16 11:45:56.888133880 +0200 -+++ b/sshd-session.c 2024-09-16 11:46:34.705940118 +0200 -@@ -660,8 +660,8 @@ notify_hostkeys(struct ssh *ssh) +--- a/sshd-session.c 2026-03-13 12:32:48.491392577 +0100 ++++ b/sshd-session.c 2026-03-13 12:16:40.013202390 +0100 +@@ -662,8 +662,8 @@ notify_hostkeys(struct ssh *ssh) } debug3_f("sent %u hostkeys", nkeys); if (nkeys == 0) @@ -3883,7 +3885,7 @@ diff --color -ruNp a/sshd-session.c b/sshd-session.c sshpkt_fatal(ssh, r, "%s: send", __func__); sshbuf_free(buf); } -@@ -1180,8 +1180,9 @@ main(int ac, char **av) +@@ -1182,8 +1182,9 @@ main(int ac, char **av) break; } } @@ -3895,7 +3897,7 @@ diff --color -ruNp a/sshd-session.c b/sshd-session.c /* Ensure that umask disallows at least group and world write */ new_umask = umask(0077) | 0022; -@@ -1462,6 +1463,48 @@ do_ssh2_kex(struct ssh *ssh) +@@ -1476,6 +1477,48 @@ do_ssh2_kex(struct ssh *ssh) free(hkalgs); @@ -3944,7 +3946,7 @@ diff --color -ruNp a/sshd-session.c b/sshd-session.c /* start key exchange */ if ((r = kex_setup(ssh, myproposal)) != 0) fatal_r(r, "kex_setup"); -@@ -1479,7 +1522,18 @@ do_ssh2_kex(struct ssh *ssh) +@@ -1493,7 +1536,18 @@ do_ssh2_kex(struct ssh *ssh) #ifdef OPENSSL_HAS_ECC kex->kex[KEX_ECDH_SHA2] = kex_gen_server; #endif @@ -3965,8 +3967,8 @@ diff --color -ruNp a/sshd-session.c b/sshd-session.c kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_server; diff --color -ruNp a/ssh-gss.h b/ssh-gss.h ---- a/ssh-gss.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/ssh-gss.h 2024-09-16 11:46:34.710940224 +0200 +--- a/ssh-gss.h 2024-09-20 00:20:48.000000000 +0200 ++++ b/ssh-gss.h 2026-03-13 12:16:40.013453154 +0100 @@ -61,10 +61,36 @@ #define SSH_GSS_OIDTYPE 0x06 @@ -4092,9 +4094,9 @@ diff --color -ruNp a/ssh-gss.h b/ssh-gss.h #endif /* _SSH_GSS_H */ diff --color -ruNp a/sshkey.c b/sshkey.c ---- a/sshkey.c 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshkey.c 2024-09-16 11:46:34.706940139 +0200 -@@ -131,6 +131,75 @@ extern const struct sshkey_impl sshkey_x +--- a/sshkey.c 2024-09-20 00:20:48.000000000 +0200 ++++ b/sshkey.c 2026-03-13 12:16:40.006634461 +0100 +@@ -132,6 +132,75 @@ extern const struct sshkey_impl sshkey_x extern const struct sshkey_impl sshkey_xmss_cert_impl; #endif @@ -4170,7 +4172,7 @@ diff --color -ruNp a/sshkey.c b/sshkey.c const struct sshkey_impl * const keyimpls[] = { &sshkey_ed25519_impl, &sshkey_ed25519_cert_impl, -@@ -169,6 +238,7 @@ const struct sshkey_impl * const keyimpl +@@ -170,6 +239,7 @@ const struct sshkey_impl * const keyimpl &sshkey_xmss_impl, &sshkey_xmss_cert_impl, #endif @@ -4178,7 +4180,7 @@ diff --color -ruNp a/sshkey.c b/sshkey.c NULL }; -@@ -324,7 +394,7 @@ sshkey_alg_list(int certs_only, int plai +@@ -339,7 +409,7 @@ sshkey_alg_list(int certs_only, int plai for (i = 0; keyimpls[i] != NULL; i++) { impl = keyimpls[i]; @@ -4188,9 +4190,9 @@ diff --color -ruNp a/sshkey.c b/sshkey.c if (!include_sigonly && impl->sigonly) continue; diff --color -ruNp a/sshkey.h b/sshkey.h ---- a/sshkey.h 2024-07-01 06:36:28.000000000 +0200 -+++ b/sshkey.h 2024-09-16 11:46:34.706940139 +0200 -@@ -71,6 +71,7 @@ enum sshkey_types { +--- a/sshkey.h 2024-09-20 00:20:48.000000000 +0200 ++++ b/sshkey.h 2026-03-13 12:16:40.008972328 +0100 +@@ -73,6 +73,7 @@ enum sshkey_types { KEY_ECDSA_SK_CERT, KEY_ED25519_SK, KEY_ED25519_SK_CERT, diff --git a/openssh.spec b/openssh.spec index 0fbcc8c..7e547a7 100644 --- a/openssh.spec +++ b/openssh.spec @@ -729,6 +729,9 @@ test -f %{sysconfig_anaconda} && \ Resolves: RHEL-121768 - Fix GSSAPI authentication indicator issues found by AI Resolves: RHEL-154309 +- CVE-2026-3497: Fix information disclosure or denial of service due + to uninitialized variables in gssapi-keyex + Resolves: RHEL-155813 * Wed Mar 11 2026 Dmitry Belyavskiy - 9.9p1-21 - Implement obtaining Kerberos tickets on behalf of user on SSH authentication