summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2021-03-12Allow (but return EACCES) fstatat64 in sandbox.V_8_5Darren Tucker
This is apparently used in some configurations of OpenSSL when glibc has getrandom(). bz#3276, patch from Kris Karas, ok djm@
2021-03-12Move generic includes outside of ifdef.Darren Tucker
This ensures that the macros in log.h are defined in the case where either of --with-solaris-projects or --with-solaris-privs are used without --with-solaris-contracts. bz#3278.
2021-03-02update dependV_8_5_P1Damien Miller
2021-03-02update relnotes URLDamien Miller
2021-03-02update RPM spec version numbersDamien Miller
2021-03-02upstream: openssh-8.5djm@openbsd.org
OpenBSD-Commit-ID: 185e85d60fe042b8f8fa1ef29d4ef637bdf397d6
2021-03-01Only upload config logs if configure fails.Darren Tucker
2021-03-01upstream: Add %k to list of keywords. Fromdtucker@openbsd.org
=?UTF-8?q?=20Eero=20H=C3=A4kkinenvia=20bz#3267?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: 9c87f39a048cee2a7d1c8bab951b2f716256865e
2021-02-28upstream: Do not try to reset signal handler for signal 0 indtucker@openbsd.org
subprocess. Prevents spurious debug message. ok djm@ OpenBSD-Commit-ID: 7f9785e292dcf304457566ad4637effd27ad1d46
2021-02-28upstream: fix alphabetic ordering of options; spotted by Iain Morgandjm@openbsd.org
OpenBSD-Commit-ID: f955fec617d74af0feb5b275831a9fee813d7ad5
2021-02-27zlib is now optional.Darren Tucker
2021-02-27Fix punctuatio and typo in README.md.Jeffrey H. Johnson
Some very minor fixes, missing 's' and punctuation.
2021-02-26Revert "ssh: optional bind interface if bind address specified."Damien Miller
This reverts commit 5a878a71a3528c2626aa1d331934fd964782d41c. Apologies - I accidentally pushed this.
2021-02-26detech BSD libc hash functions in libbsd / libmdDamien Miller
Some Linux distributions are shipping the BSD-style hashing functions (e.g. SHA256Update) in libbsd and/or libmd. Detect this situation to avoid header/replacement clashes later. ok dtucker@
2021-02-26ssh: optional bind interface if bind address specified.Dmitrii Turlupov
Allows the -b and -B options to be used together. For example, when the interface is in the VRF.
2021-02-26upstream: remove this KEX fuzzer; it's awkward to use and doesn't playdjm@openbsd.org
nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it but me. OpenBSD-Regress-ID: cad919522b3ce90c147c95abaf81b0492ac296c9
2021-02-26Remove macos-11.00 PAM test target too.Darren Tucker
These are failing apparently due to some kind of infrastructure problem, making it look like every commit is busted.
2021-02-26upstream: a bit more debugging behind #ifdef DEBUG_SKdjm@openbsd.org
OpenBSD-Commit-ID: d9fbce14945721061cb322f0084c2165d33d1993
2021-02-26Remove macos-11.0 from the test target list.Darren Tucker
It has been consistently failing for the past few days with a github actions internal error.
2021-02-26tidy the $INSTALLKEY_SH code layout a littlePhilip Hands
SSH-Copy-ID-Upstream: 78178aa5017222773e4c23d9001391eeaeca8983
2021-02-26if unable to add a missing newline, failJakub Jelen
SSH-Copy-ID-Upstream: 76b25e18f55499ea9edb4c4d6dc4a80bebc36d95
2021-02-26use $AUTH_KEY_DIR, now that we have itPhilip Hands
since that was a change made since jjelen's commit was written also, quote the variables SSH-Copy-ID-Upstream: 588cd8e5cbf95f3443d92b9ab27c5d73ceaf6616
2021-02-26restorecon the correct directoryJakub Jelen
if using different path for authorized_keys file SSH-Copy-ID-Upstream: 791a3df47b48412c726bff6f7b1d190721e65d51
2021-02-25upstream: s/PubkeyAcceptedKeyTypes/PubkeyAcceptedAlgorithms/djm@openbsd.org
OpenBSD-Regress-ID: 3dbc005fa29f69dc23d97e433b6dffed6fe7cb69
2021-02-25upstream: Rename pubkeyacceptedkeytypes to pubkeyacceptedalgorithms indtucker@openbsd.org
test to match change to config-dump output. OpenBSD-Regress-ID: 74c9a4ad50306be873d032819d5e55c24eb74d5d
2021-02-25upstream: Put obsolete aliases for hostbasedalgorithms anddtucker@openbsd.org
pubkeyacceptedalgorithms after their current names so that the config-dump mode finds and uses the current names. Spotted by Phil Pennock. OpenBSD-Commit-ID: 5dd10e93cccfaff3aaaa09060c917adff04a9b15
2021-02-24upstream: lots more s/key types/signature algorithms/ mostly indjm@openbsd.org
HostbasedAcceptedAlgorithms and HostKeyAlgorithms; prompted by Jakub Jelen OpenBSD-Commit-ID: 3f719de4385b1a89e4323b2549c66aae050129cb
2021-02-24upstream: Correct reference to signature algorithms as keys; fromdjm@openbsd.org
Jakub Jelen OpenBSD-Commit-ID: 36f7ecee86fc811aa0f8e21e7a872eee044b4be5
2021-02-23Add a couple more test VMs.Darren Tucker
2021-02-23Valgrind test: split and move up list.Darren Tucker
Since the valgrind test takes so long it approaches the limit allowed by github, move it to the head of the list so it's the first one started and split the longest tests out into a second instance that runs concurrently with the first.
2021-02-23upstream: warn when the user specifies a ForwardAgent path that doesdjm@openbsd.org
not exist and exit if ExitOnForwardFailure is set; bz3264 OpenBSD-Commit-ID: 72f7875865e723e464c71bf8692e83110699bf26
2021-02-21Disable rlimit sandbox, doesn't work with valgrindDarren Tucker
Only run regress tests, runing unit tests as well makes it run longer than allowed y github.
2021-02-20Upload valgrind logs on failure.Darren Tucker
2021-02-19Rename "vm" to "os" in selfhosted to match c-cpp.Darren Tucker
Should make it easier to share code or maybe merge at some point.
2021-02-19Upload regress failure logs in c-cpp too.Darren Tucker
2021-02-19Comment out Solaris 64bit PAM build...Darren Tucker
until I can figure out why it's failing.
2021-02-19Actually run Valgrind tests.Darren Tucker
2021-02-19Add test against Valgrind.Darren Tucker
2021-02-18Add fbsd12 test target.Darren Tucker
2021-02-18Remove unused arg.Darren Tucker
2021-02-18Add DEBUG_SK to kitchensink builds.Darren Tucker
2021-02-18Add bbone test target (arm32).Darren Tucker
2021-02-18upstream: Fix the hostkeys rotation extension documentationdjm@openbsd.org
The documentation was lacking the needed want-reply field in the initial global request. https://github.com/openssh/openssh-portable/pull/218 by dbussink OpenBSD-Commit-ID: 051824fd78edf6d647a0b9ac011bf88e28775054
2021-02-18upstream: make names in function prototypes match those indjm@openbsd.org
definition from https://github.com/openssh/openssh-portable/pull/225 by ZenithalHourlyRate OpenBSD-Commit-ID: 7c736307bf3f2c7cb24d6f82f244eee959485acd
2021-02-18upstream: unbreak SK_DEBUG buildsdjm@openbsd.org
from https://github.com/openssh/openssh-portable/pull/225 by ZenithalHourlyRate OpenBSD-Commit-ID: 28d7259ce1b04d025411464decfa2f1a097b43eb
2021-02-18upstream: sftp-server: implement limits@openssh.com extensiondjm@openbsd.org
This is a simple extension that allows the server to clearly communicate transfer limits it is imposing so the client doesn't have to guess, or force the user to manually tune. This is particularly useful when an attempt to use too large of a value causes the server to abort the connection. Patch from Mike Frysinger; ok dtucker@ OpenBSD-Commit-ID: f96293221e5aa24102d9bf30e4f4ef04d5f4fb51
2021-02-18support OpenSSL 3.x cipher IV API changeDamien Miller
OpenSSL renamed the "get current CIPHER_CTX" IV operation in 3.x. This uses the new name if available. https://github.com/openssl/openssl/issues/13411 bz#3238 ok dtucker@
2021-02-18prefer login_getpwclass() to login_getclass()Damien Miller
FreeBSD has login_getpwclass() that does some special magic for UID=0. Prefer this to login_getclass() as its easier to emulate the former with the latter. Based on FreeBSD PR 37416 via Ed Maste; ok dtucker@
2021-02-18Fixing quoting for installing moduli on target guest.Darren Tucker
2021-02-18Install moduli on target not host.Darren Tucker
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-14 20:06:02 +0000