summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
8 daysupstream: simplify exit message handling, which was more complicatedHEADmasterdjm@openbsd.org
than it needed to be because of unexpunged ssh1 remnants. ok markus@ OpenBSD-Commit-ID: 8b0cd2c0dee75fb053718f442aa89510b684610b
10 daysupstream: remove SSH1 leftoverstobias@openbsd.org
Authored with Space Meyer <git at the-space dot agency> ok djm OpenBSD-Commit-ID: 81db602e4cb407baae472689db1c222ed7b2afa3
10 daysupstream: never close stdintobias@openbsd.org
The sanitise_stdfd call makes sure that standard file descriptors are open (if they were closed, they are connected with /dev/null). Do not close stdin in any case to prevent error messages when stdin is read multiple times and to prevent later usage of fd 0 for connections, e.g. echo localhost | ssh-keyscan -f - -f - While at it, make stdin-related error messages nicer. Authored with Max Kunzelmann <maxdev at posteo dot de> ok djm OpenBSD-Commit-ID: 48e9b7938e2fa2f9bd47e6de6df66a31e0b375d3
10 dayssync getrrsetbyname.c with recent upstream changesDamien Miller
2024-04-30upstream: fix home-directory extension implementation, it alwaysdjm@openbsd.org
returned the current user's home directory contrary to the spec. Patch from Jakub Jelen via GHPR477 OpenBSD-Commit-ID: 5afd775eab7f9cbe222d7fbae4c793de6c3b3d28
2024-04-30upstream: flush stdout after writing "sftp>" prompt when not usingdjm@openbsd.org
editline. From Alpine Linux via GHPR480 OpenBSD-Commit-ID: 80bdc7ffe0358dc090eb9b93e6dedb2b087b24cd
2024-04-30upstream: stricter validation of messaging socket fd number; disallowdjm@openbsd.org
usage of stderr. Based on GHPR492 by RealHurrison OpenBSD-Commit-ID: 73dbbe82ea16f73ce1d044d3232bc869ae2f2ce8
2024-04-30upstream: add missing reserved fields to key constraint protocoldjm@openbsd.org
documentation. from Wiktor Kwapisiewicz via GHPR487 OpenBSD-Commit-ID: 0dfb69998cfdb3fa00cbb0e7809e7d2f6126e3df
2024-04-30dependDamien Miller
2024-04-30upstream: correctly restore sigprocmask around ppoll() reporteddjm@openbsd.org
by Tõivo Leedjärv; ok deraadt@ OpenBSD-Commit-ID: c0c0f89de5294a166578f071eade2501929c4686
2024-04-30upstream: add explict check for server hostkey type againstdjm@openbsd.org
HostkeyAlgorithms. Allows HostkeyAlgorithms to disable implicit fallback from certificate keys to plain keys. ok markus@ OpenBSD-Commit-ID: 364087e4a395ff9b2f42bf3aefdb2090bb23643a
2024-04-30upstream: correct indentation; no functional change ok tb@jsg@openbsd.org
OpenBSD-Commit-ID: dd9702fd43de546bc6a3f4f025c74d6f3692a0d4
2024-04-30upstream: set right mode on ssh-agent at boot-timesemarie@openbsd.org
which sthen@ ok deraadt@ OpenBSD-Commit-ID: 662b5056a2c6171563e1626f9c69f27862b5e7af
2024-04-30upstream: Oops, incorrect hex conversion spotted by claudio.deraadt@openbsd.org
While here try to improve how it reads a bit better. Surprising the regression tests didn't spot this error, maybe it fails to roundtrip the values. OpenBSD-Commit-ID: 866cfcc1955aef8f3fc32da0b70c353a1b859f2e
2024-04-30upstream: for parse_ipqos(), use strtonum() instead of mostlyderaadt@openbsd.org
idiomatic strtoul(), but wow it's so gross. ok djm OpenBSD-Commit-ID: cec14a76af2eb7b225300c80fc0e21052be67b05
2024-04-30upstream: can shortcut by returning strtonum() value directly; okderaadt@openbsd.org
djm OpenBSD-Commit-ID: 7bb2dd3d6d1f288dac14247d1de446e3d7ba8b8e
2024-04-30upstream: rewrite convtime() to use a isdigit-scanner andderaadt@openbsd.org
strtonum() instead of strange strtoul can might be fooled by garage characters. passes regress/usr.bin/ssh/unittests/misc ok djm OpenBSD-Commit-ID: 4b1ef826bb16047aea3f3bdcb385b72ffd450abc
2024-04-30upstream: Remove unused ptr[3] char array in pkcs11_decode_hex.claudio@openbsd.org
OK deraadt@ OpenBSD-Commit-ID: 3d14433e39fd558f662d3b0431c4c555ef920481
2024-04-30upstream: Replace non-idiomatic strtoul(, 16) to parse a regionderaadt@openbsd.org
of 2-character hex sequences with a low-level replacement designed just for the task. ok djm OpenBSD-Commit-ID: 67bab8b8a4329a19a0add5085eacd6f4cc215e85
2024-04-30upstream: Use strtonum() instead of severely non-idomaticderaadt@openbsd.org
strtoul() In particular this will now reject trailing garbage, ie. '12garbage'. ok djm OpenBSD-Commit-ID: c82d95e3ccbfedfc91a8041c2f8bf0cf987d1501
2024-04-30upstream: also create a relink kit for ssh-agent, since it is aderaadt@openbsd.org
long-running setgid program carrying keys with some (not very powerful) communication channels. solution for testing the binary from dtucker. agreement from djm. Will add it into /etc/rc in a few days. OpenBSD-Commit-ID: 2fe8d707ae35ba23c7916adcb818bb5b66837ba0
2024-04-30upstream: new-style relink kit for sshd. The old scheme createdderaadt@openbsd.org
a Makefile by concatenating two Makefiles and was incredibly fragile. In the new way a narrow-purposed install.sh script is created and shipped with the objects. A recently commited /etc/rc script understands these files. OpenBSD-Commit-ID: ef9341d5a50f0d33e3a6fbe995e92964bc7ef2d3
2024-04-25Shell syntax fix (leftover from a sync).renmingshuai
Signed-off-by: renmingshuai <renmingshuai@huawei.com>
2024-04-25Merge flags for OpenSSL 3.x versions.Darren Tucker
OpenSSL has moved to 3.4 which we don't currently accept. Based on the OpenSSL versioning policy[0] it looks like all of the 3.x versions should work with OpenSSH, so remove the distinction in configure and accept all of them. [0] https://openssl.org/policies/general/versioning-policy.html
2024-04-25Remove 9.6 branch from status page.Darren Tucker
2024-04-25Update LibreSSL and OpenSSL versions tested.Darren Tucker
Update LibreSSL versions to current releases (3.8.4 & 3.9.1). Add newly-released OpenSSL 3.3.0, and add tests against the 3.1 and 3.3 branches.
2024-04-06Fix missing header for systemd notification90
2024-04-03notify systemd on listen and reloadDamien Miller
Standalone implementation that does not depend on libsystemd. With assistance from Luca Boccassi, and feedback/testing from Colin Watson. bz2641
2024-03-31Port changes from selfhosted to upstream tests.Darren Tucker
Should get them working again.
2024-03-30Check if OpenSSL implementation supports DSA.Darren Tucker
If --enable/disable-dsa-keys is not specified, set based on what OpenSSL supports. If specified as enabled, but not supported by OpenSSL error out. ok djm@
2024-03-30upstream: in OpenSSH private key format, correct type for subsequentdjm@openbsd.org
private keys in blob. From Jakub Jelen via GHPR430 OpenBSD-Commit-ID: d17dbf47554de2d752061592f95b5d772baab50b
2024-03-30Expose SSH_AUTH_INFO_0 always to PAM auth modules.Eero Häkkinen
This changes SSH_AUTH_INFO_0 to be exposed to PAM auth modules also when a password authentication method is in use and not only when a keyboard-interactive authentication method is in use.
2024-03-30Rearrange selfhosted VM scheduling.Darren Tucker
Instead of trying to infer the type of the self hosted tests in each of the driver scripts (inconsistently...), set one of the following variables to "true" in the workflow: VM: tests run in a virtual machine. EPHEMERAL: tests run on an ephemeral virtual machine. PERSISTENT: tests run on a persistent virtual machine REMOTE: tests run on a physical remote host. EPHEMERAL VMs can have multiple instances of any given VM can exist simultaneously and are run by a runner pool. The other types have a dedicated runner instance and can only run a single test at a time. Other settings: SSHFS: We need to sshfs mount over the repo so the workflow can collect build artifacts. This also implies the tests must be run over ssh. DEBUG_ACTIONS: enable "set -x" in scripts for debugging.
2024-03-30add new token-based signing key for dtucker@Damien Miller
Verified in person and via signature with old key. Will remove old key in a bit.
2024-03-30Fix OpenSSL ED25519 support detectionAlkaid
Wrong function signature in configure.ac prevents openssh from enabling the recently new support for ED25519 priv keys in PEM PKCS8 format.
2024-03-30upstream: allow WAYLAND_DISPLAY to enable SSH_ASKPASSdjm@openbsd.org
From dkg via GHPR479; ok dtucker@ OpenBSD-Commit-ID: 1ac1f9c45da44eabbae89375393c662349239257
2024-03-29upstream: Use egrep instead of grep -E.dtucker@openbsd.org
Some plaforms don't have the latter so this makes things easier in -portable. OpenBSD-Regress-ID: ff82260eb0db1f11130200b25d820cf73753bbe3
2024-03-29upstream: test -h is the POSIXly way of testing for a symlink. Reducesdtucker@openbsd.org
diff vs Portable. OpenBSD-Regress-ID: 6f31cd6e231e3b8c5c2ca0307573ccb7484bff7d
2024-03-26Fix name of OpenBSD upstream CI jobs.Darren Tucker
2024-03-26Resync with upstream: ${} around DATAFILE.Darren Tucker
2024-03-26upstream: optional debuggingdjm@openbsd.org
OpenBSD-Regress-ID: b4852bf97ac8fb2e3530f2d5f999edd66058d7bc
2024-03-26upstream: Verify string returned from local shell command.dtucker@openbsd.org
OpenBSD-Regress-ID: 5039bde24d33d809aebfa8d3ad7fe9053224e6f8
2024-03-26upstream: Improve shell portability: grep -q is not portable sodtucker@openbsd.org
redirect stdout, and use printf instead of relying on echo to do \n substitution. Reduces diff vs Portable. Also resync somewhat with upstream. OpenBSD-Regress-ID: 9ae876a8ec4c4725f1e9820a0667360ee2398337
2024-03-26upstream: Save error code from SSH for use inside case statement,dtucker@openbsd.org
from portable. In some shells, "case" will reset the value of $?, so save it first. OpenBSD-Regress-ID: da32e5be19299cb4f0f7de7f29c11257a62d6949
2024-03-26upstream: Increase timeout. Resyncs with portable where some ofdtucker@openbsd.org
the test VMs are slow enough for this to matter. OpenBSD-Regress-ID: 6a83a693602eb0312f06a4ad2cd6f40d99d24b26
2024-03-26upstream: In PuTTY interop test, don't assume the PuTTY majordtucker@openbsd.org
version is 0. Patch from cjwatson at debian.org via bz#3671. OpenBSD-Regress-ID: 835ed03c1b04ad46be82e674495521f11b840191
2024-03-26Really mkdir /usr/local/etc in CI tests.Darren Tucker
2024-03-26Better short name for OpenBSD upstream CI jobs too.Darren Tucker
2024-03-26Ensure /usr/local/etc exists before using in tests.Darren Tucker
2024-03-26Be more specific about when to rerun workflows.Darren Tucker
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 04:37:59 +0000