openssh: Update to 9.8p1

Highlights from the release notes are reproduced below.  Some security
and bug fixes were previously merged into FreeBSD and have been elided.
See the upstream release notes for full details
(https://www.openssh.com/releasenotes.html).

---

Future deprecation notice
=========================

OpenSSH plans to remove support for the DSA signature algorithm in
early 2025.

Potentially-incompatible changes
--------------------------------

 * sshd(8): the server will now block client addresses that
   repeatedly fail authentication, repeatedly connect without ever
   completing authentication or that crash the server. See the
   discussion of PerSourcePenalties below for more information.
   Operators of servers that accept connections from many users, or
   servers that accept connections from addresses behind NAT or
   proxies may need to consider these settings.

 * sshd(8): the server has been split into a listener binary, sshd(8),
   and a per-session binary "sshd-session". This allows for a much
   smaller listener binary, as it no longer needs to support the SSH
   protocol. As part of this work, support for disabling privilege
   separation (which previously required code changes to disable) and
   disabling re-execution of sshd(8) has been removed. Further
   separation of sshd-session into additional, minimal binaries is
   planned for the future.

 * sshd(8): several log messages have changed. In particular, some
   log messages will be tagged with as originating from a process
   named "sshd-session" rather than "sshd".

 * ssh-keyscan(1): this tool previously emitted comment lines
   containing the hostname and SSH protocol banner to standard error.
   This release now emits them to standard output, but adds a new
   "-q" flag to silence them altogether.

 * sshd(8): (portable OpenSSH only) sshd will no longer use argv[0]
   as the PAM service name. A new "PAMServiceName" sshd_config(5)
   directive allows selecting the service name at runtime. This
   defaults to "sshd". bz2101

New features
------------

 * sshd(8): sshd(8) will now penalise client addresses that, for various
   reasons, do not successfully complete authentication. This feature is
   controlled by a new sshd_config(5) PerSourcePenalties option and is
   on by default.

 * ssh(8): allow the HostkeyAlgorithms directive to disable the
   implicit fallback from certificate host key to plain host keys.

Portability
-----------

 * sshd(8): expose SSH_AUTH_INFO_0 always to PAM auth modules
   unconditionally. The previous behaviour was to expose it only when
   particular authentication methods were in use.

 * ssh(1), ssh-agent(8): allow the presence of the WAYLAND_DISPLAY
   environment variable to enable SSH_ASKPASS, similarly to the X11
   DISPLAY environment variable. GHPR479

---

Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48914

4 files changed, 72 insertions, 46 deletions

diff --git a/secure/lib/libssh/Makefile b/secure/lib/libssh/Makefile
index c50be0763f3c..2642744400b1 100644
--- a/secure/lib/libssh/Makefile
+++ b/secure/lib/libssh/Makefile
@@ -21,7 +21,7 @@ SRCS+=	authfd.c authfile.c \
 	poly1305.c chacha.c cipher-chachapoly.c cipher-chachapoly-libcrypto.c \
 	ssh-ed25519.c digest-openssl.c digest-libc.c \
 	hmac.c ed25519.c hash.c \
-	kex.c kexdh.c kexgex.c kexecdh.c kexc25519.c \
+	kex.c kex-names.c kexdh.c kexgex.c kexecdh.c kexc25519.c \
 	kexgexc.c kexgexs.c \
 	kexsntrup761x25519.c sntrup761.c kexgen.c \
 	sftp-realpath.c platform-pledge.c platform-tracing.c platform-misc.c \
diff --git a/secure/libexec/Makefile b/secure/libexec/Makefile
index cf265c72bddd..8896e232e2be 100644
--- a/secure/libexec/Makefile
+++ b/secure/libexec/Makefile
@@ -2,7 +2,7 @@
 
 SUBDIR=
 .if ${MK_OPENSSH} != "no"
-SUBDIR+=sftp-server ssh-keysign ssh-pkcs11-helper ssh-sk-helper
+SUBDIR+=sftp-server ssh-keysign ssh-pkcs11-helper ssh-sk-helper sshd-session
 .endif
 
 SUBDIR.${MK_TESTS}+= tests
diff --git a/secure/libexec/sshd-session/Makefile b/secure/libexec/sshd-session/Makefile
new file mode 100644
index 000000000000..2461962f00e2
--- /dev/null
+++ b/secure/libexec/sshd-session/Makefile
@@ -0,0 +1,66 @@
+.include <src.opts.mk>
+.include "${SRCTOP}/secure/ssh.mk"
+
+PROG=	sshd-session
+SRCS=	sshd-session.c auth-rhosts.c auth-passwd.c \
+	audit.c audit-bsm.c audit-linux.c platform.c \
+	sshpty.c sshlogin.c servconf.c serverloop.c \
+	auth.c auth2.c auth2-methods.c auth-options.c session.c \
+	auth2-chall.c groupaccess.c \
+	auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c \
+	auth2-none.c auth2-passwd.c auth2-pubkey.c auth2-pubkeyfile.c \
+	monitor.c monitor_wrap.c auth-krb5.c \
+	auth2-gss.c gss-serv.c gss-serv-krb5.c \
+	loginrec.c auth-pam.c auth-shadow.c auth-sia.c \
+	sftp-server.c sftp-common.c \
+	sandbox-null.c sandbox-rlimit.c sandbox-systrace.c sandbox-darwin.c \
+	sandbox-seccomp-filter.c sandbox-capsicum.c sandbox-pledge.c \
+	sandbox-solaris.c uidswap.c
+PACKAGE=	ssh
+
+# gss-genr.c really belongs in libssh; see src/secure/lib/libssh/Makefile
+SRCS+=	gss-genr.c
+
+MAN=
+
+# pam should always happen before ssh here for static linking
+LIBADD=	pam ssh util
+
+.if ${MK_LDNS} != "no"
+CFLAGS+=	-DHAVE_LDNS=1
+#DPADD+=	${LIBLDNS}
+#LDADD+=	-lldns
+.endif
+
+.if ${MK_AUDIT} != "no"
+CFLAGS+= -DUSE_BSM_AUDIT=1 -DHAVE_GETAUDIT_ADDR=1
+LIBADD+=	bsm
+.endif
+
+.if ${MK_BLACKLIST_SUPPORT} != "no"
+CFLAGS+= -DUSE_BLACKLIST=1 -I${SRCTOP}/contrib/blocklist/include
+SRCS+=	blacklist.c
+LIBADD+= blacklist
+LDFLAGS+=-L${LIBBLACKLISTDIR}
+.endif
+
+.if ${MK_GSSAPI} != "no" && ${MK_KERBEROS_SUPPORT} != "no"
+CFLAGS+= -include krb5_config.h
+SRCS+=	krb5_config.h
+LIBADD+=	gssapi_krb5 gssapi krb5
+.endif
+
+.if ${MK_TCP_WRAPPERS} != "no"
+CFLAGS+=	-DLIBWRAP=1
+LIBADD+=	wrap
+.endif
+
+LIBADD+=	crypto
+
+.if defined(LOCALBASE)
+CFLAGS+= -DXAUTH_PATH=\"${LOCALBASE}/bin/xauth\"
+.endif
+
+.include <bsd.prog.mk>
+
+.PATH:	${SSHDIR}
diff --git a/secure/usr.sbin/sshd/Makefile b/secure/usr.sbin/sshd/Makefile
index 2762d4151009..4e1f330076b4 100644
--- a/secure/usr.sbin/sshd/Makefile
+++ b/secure/usr.sbin/sshd/Makefile
@@ -4,56 +4,17 @@
 CONFS=	moduli sshd_config
 CONFSDIR=	/etc/ssh
 PROG=	sshd
-SRCS=	sshd.c auth-rhosts.c auth-passwd.c \
-	audit.c audit-bsm.c audit-linux.c platform.c \
-	sshpty.c sshlogin.c servconf.c serverloop.c \
-	auth.c auth2.c auth-options.c session.c \
-	auth2-chall.c groupaccess.c \
-	auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c \
-	auth2-none.c auth2-passwd.c auth2-pubkey.c auth2-pubkeyfile.c \
-	monitor.c monitor_wrap.c auth-krb5.c \
-	auth2-gss.c gss-serv.c gss-serv-krb5.c \
-	loginrec.c auth-pam.c auth-shadow.c auth-sia.c \
-	srclimit.c sftp-server.c sftp-common.c \
-	sandbox-null.c sandbox-rlimit.c sandbox-systrace.c sandbox-darwin.c \
-	sandbox-seccomp-filter.c sandbox-capsicum.c sandbox-pledge.c \
-	sandbox-solaris.c uidswap.c
+SRCS=	sshd.c \
+	platform-listen.c \
+	servconf.c sshpty.c srclimit.c groupaccess.c auth2-methods.c
 PACKAGE=	ssh
 
-# gss-genr.c really belongs in libssh; see src/secure/lib/libssh/Makefile
-SRCS+=	gss-genr.c
-
 MAN=	sshd.8 sshd_config.5
 
 # Don't rebuild based on moduli.c
 moduli: .MADE
 
-# pam should always happen before ssh here for static linking
-LIBADD=	pam ssh util
-
-.if ${MK_LDNS} != "no"
-CFLAGS+=	-DHAVE_LDNS=1
-#DPADD+=	${LIBLDNS}
-#LDADD+=	-lldns
-.endif
-
-.if ${MK_AUDIT} != "no"
-CFLAGS+= -DUSE_BSM_AUDIT=1 -DHAVE_GETAUDIT_ADDR=1
-LIBADD+=	bsm
-.endif
-
-.if ${MK_BLACKLIST_SUPPORT} != "no"
-CFLAGS+= -DUSE_BLACKLIST=1 -I${SRCTOP}/contrib/blocklist/include
-SRCS+=	blacklist.c
-LIBADD+= blacklist
-LDFLAGS+=-L${LIBBLACKLISTDIR}
-.endif
-
-.if ${MK_GSSAPI} != "no" && ${MK_KERBEROS_SUPPORT} != "no"
-CFLAGS+= -include krb5_config.h
-SRCS+=	krb5_config.h
-LIBADD+=	gssapi_krb5 gssapi krb5
-.endif
+LIBADD=	ssh util
 
 .if ${MK_TCP_WRAPPERS} != "no"
 CFLAGS+=	-DLIBWRAP=1
@@ -62,7 +23,6 @@ LIBADD+=	wrap
 
 LIBADD+=	crypto
 
-
 .include <bsd.prog.mk>
 
 .PATH:	${SSHDIR}