summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2021-08-07upstream: a bit more debugging of file attributes beingdjm@openbsd.org
sent/received over the wire OpenBSD-Commit-ID: f68c4e207b08ef95200a8b2de499d422808e089b
2021-08-07upstream: make scp(1) in SFTP mode output better match originaldjm@openbsd.org
scp(1) by suppressing "Retrieving [path]" lines that were emitted to support the interactive sftp(1) client. ok markus@ OpenBSD-Commit-ID: 06be293df5f156a18f366079be2f33fa68001acc
2021-08-07upstream: factor out a structure duplicated between downloadingdjm@openbsd.org
and crossloading; ok markus@ OpenBSD-Commit-ID: 96eede24d520569232086a129febe342e4765d39
2021-08-07upstream: use sftp_client crossloading to implement scp -3djm@openbsd.org
feedback/ok markus@ OpenBSD-Commit-ID: 7db4c0086cfc12afc9cfb71d4c2fd3c7e9416ee9
2021-08-07upstream: support for "cross"-loading files/directories, i.e.djm@openbsd.org
downloading from one SFTP server while simultaneously uploading to another. feedback & ok markus@ OpenBSD-Commit-ID: 3982878e29d8df0fa4ddc502f5ff6126ac714235
2021-08-07upstream: factor our SSH2_FXP_OPEN calls into their own function;djm@openbsd.org
"looks fine" markus@ OpenBSD-Commit-ID: d3dea2153f08855c6d9dacc01973248944adeffb
2021-08-07upstream: prepare for scp -3 implemented via sftpdjm@openbsd.org
OpenBSD-Commit-ID: 194aac0dd87cb175334b71c2a30623a5ad55bb44
2021-08-06upstream: Make diff invocation more portable.dtucker@openbsd.org
POSIX does not require diff to have -N, so compare in both directions with just -r, which should catch missing files in either directory. OpenBSD-Regress-ID: 0e2ec8594556a6f369ed5a0a90c6806419b845f7
2021-08-06upstream: regression test for scp -3djm@openbsd.org
OpenBSD-Regress-ID: b44375d125c827754a1f722ec6b6b75b634de05d
2021-08-06upstream: Document "ProxyJump none". bz#3334.dtucker@openbsd.org
OpenBSD-Commit-ID: f78cc6f55731f2cd35c3a41d5352ac1ee419eba7
2021-08-04upstream: Allow for different (but POSIX compliant) behaviour ofdtucker@openbsd.org
basename(3) and prevent a use-after-free in that case in the new sftp-compat code. POSIX allows basename(3) to either return a pointer to static storage or modify the passed string and return a pointer to that. OpenBSD does the former and works as is, but on other platforms "filename" points into "tmp" which was just freed. This makes the freeing of tmp consistent with the other variable in the loop. Pinpointed by the -portable Valgrind regress test. ok djm@ deraadt@ OpenBSD-Commit-ID: 750f3c19bd4440e4210e30dd5d7367386e833374
2021-08-04use openbsd-compat glob.h is requiredDamien Miller
2021-08-03Missing space between macro arg and punctuation.Darren Tucker
From jmc@
2021-08-03Avoid lines >80 chars. From jmc@Darren Tucker
2021-08-03upstream: regression tests for scp SFTP protocol support; mostly bydjm@openbsd.org
Jakub Jelen in GHPR#194 ok markus OpenBSD-Regress-ID: 36f1458525bcb111741ec8547eaf58b13cddc715
2021-08-03upstream: Treat doas with arguments as a valid SUDO variable.anton@openbsd.org
Allows one to specify SUDO="doas -n" which I do while running make regress. ok dtucker@ OpenBSD-Regress-ID: 4fe5814b5010dbf0885500d703bea06048d11005
2021-08-03upstream: support for using the SFTP protocol for file transfers indjm@openbsd.org
scp, via a new "-M sftp" option. Marked as experimental for now. Some corner-cases exist, in particular there is no attempt to provide bug-compatibility with scp's weird "double shell" quoting rules. Mostly by Jakub Jelen in GHPR#194 with some tweaks by me. ok markus@ Thanks jmc@ for improving the scp.1 bits. OpenBSD-Commit-ID: 6ce4c9157ff17b650ace571c9f7793d92874051c
2021-08-03upstream: fix a formatting error and add some Xr; from debian atjmc@openbsd.org
helgefjell de removed references to rlogin etc. as no longer relevant; suggested by djm ok djm dtucker OpenBSD-Commit-ID: 3c431c303068d3aec5bb18573a0bd5e0cd77c5ae
2021-08-03upstream: fix a formatting error and mark up known_hostsjmc@openbsd.org
consistently; issues reported by debian at helgefjell de ok djm dtucker OpenBSD-Commit-ID: a1fd8d21dc77f507685443832df0c9700481b0ce
2021-08-03upstream: no need to talk about version 2 with the -Q option, sojmc@openbsd.org
rewrite the text to read better; issue reported by debian at helgefjell de ok djm dtucker OpenBSD-Commit-ID: 59fe2e8219c37906740ad062e0fdaea487dbe9cf
2021-08-03upstream: word fix; reported by debian at helgefjell dejmc@openbsd.org
OpenBSD-Commit-ID: 0c6fd22142422a25343c5bd1a618f31618f41ece
2021-08-03upstream: standardise the grammar in the options list; issuejmc@openbsd.org
reported by debian at helgefjell de ok dtucker djm OpenBSD-Commit-ID: 7ac15575045d82f4b205a42cc7d5207fe4c3f8e6
2021-08-02Check for RLIMIT_NOFILE before trying to use it.Darren Tucker
2021-07-27lastenv is only used in setenv.Darren Tucker
Prevents an unused variable warning on platforms that have setenv but not unsetenv.
2021-07-26Move SUDO to "make test" command line.Darren Tucker
Environment variables don't get passed by vmrun, so move to command line.
2021-07-25Set SUDO for tests and cleanup.Darren Tucker
2021-07-25Pass OPENSSL=no to make tests too.Darren Tucker
2021-07-25upstream: Skip unit and makefile-based key conversion tests whendtucker@openbsd.org
we're building with OPENSSL=no. OpenBSD-Regress-ID: 20455ed9a977c93f846059d1fcb48e29e2c8d732
2021-07-25upstream: Replace OPENSSL as the variable that points to thedtucker@openbsd.org
openssl binary with OPENSSL_BIN. This will allow us to use the OPENSSL variable from mk.conf or the make(1) command line indicating if we're building with our without OpenSSL, and ultimately get the regress tests working in the OPENSSL=no configuration. OpenBSD-Regress-ID: 2d788fade3264d7803e5b54cae8875963f688c4e
2021-07-24upstream: Skip RFC4716 format import and export tests when builtdtucker@openbsd.org
without OpenSSL. OpenBSD-Regress-ID: d2c2d5d38c1acc2b88cc99cfe00a2eb8bb39dfa4
2021-07-24upstream: Don't omit ssh-keygen -y from usage when built withoutdtucker@openbsd.org
OpenSSL. It is actually available, albeit only for ed25519 keys. OpenBSD-Commit-ID: 7a254c33d0e6a55c30c6b016a8d298d3cb7a7674
2021-07-24upstream: Exclude key conversion options from usage when builtdtucker@openbsd.org
without OpenSSL since those are not available, similar to what we currently do with the moduli screening options. We can also use this to skip the conversion regression tests in this case. OpenBSD-Commit-ID: 3c82caa398cf99cd4518c23bba5a2fc66b16bafe
2021-07-24Test OpenBSD upstream with and without OpenSSL.Darren Tucker
2021-07-24upstream: test for first-match-wins in authorized_keys environment=djm@openbsd.org
options OpenBSD-Regress-ID: 1517c90276fe84b5dc5821c59f88877fcc34c0e8
2021-07-24upstream: Simplify keygen-convert by using $SSH_KEYTYPES directly.dtucker@openbsd.org
OpenBSD-Regress-ID: cdbe408ec3671ea9ee9b55651ee551370d2a4108
2021-07-24upstream: don't leak environment= variable when it is not the firstdjm@openbsd.org
match OpenBSD-Commit-ID: 7fbdc3dfe0032deaf003fd937eeb4d434ee4efe0
2021-07-24upstream: punctuation;jmc@openbsd.org
OpenBSD-Commit-ID: 64be152e378c45975073ab1c07e0db7eddd15806
2021-07-23upstream: mention in comment that read_passphrase(..., RP_ALLOW_STDIN)djm@openbsd.org
will try to use askpass first. bz3314 convert a couple of debug() -> debug_f() while here OpenBSD-Commit-ID: c7e812aebc28fcc5db06d4710e0f73613dee545c
2021-07-23upstream: Test conversion of ed25519 and ecdsa keys too.dtucker@openbsd.org
OpenBSD-Regress-ID: 3676d2d00e58e0d6d37f2878f108cc2b83bbe4bb
2021-07-23upstream: Add test for exporting pubkey from a passphrase-protecteddtucker@openbsd.org
private key. OpenBSD-Regress-ID: da99d93e7b235fbd5b5aaa01efc411225e6ba8ac
2021-07-23upstream: regression test for time-limited signature keysdjm@openbsd.org
OpenBSD-Regress-ID: 2a6f3bd900dbee0a3c96f1ff23e032c93ab392bc
2021-07-23upstream: note successful authentication method in final "Authenticateddjm@openbsd.org
to ..." message and partial auth success messages (all at LogLevel=verbose) ok dtucker@ OpenBSD-Commit-ID: 06834b89ceb89f8f16c5321d368a66c08f441984
2021-07-23upstream: Add a ForkAfterAuthentication ssh_config(5) counterpartdjm@openbsd.org
to the ssh(1) -f flag. Last part of GHPR231 from Volker Diels-Grabsch. ok dtucker OpenBSD-Commit-ID: b18aeda12efdebe2093d55263c90fe4ea0bce0d3
2021-07-23upstream: Add a StdinNull directive to ssh_config(5) that allowsdjm@openbsd.org
the config file to do the same thing as -n does on the ssh(1) commandline. Patch from Volker Diels-Grabsch via GHPR231; ok dtucker OpenBSD-Commit-ID: 66ddf3f15c76796d4dcd22ff464aed1edd62468e
2021-07-23upstream: make authorized_keys environment="..." directivesdjm@openbsd.org
first-match-wins and more strictly limit their maximum number; prompted by OOM reported by OSS-fuzz (35470). feedback and ok dtucker@ OpenBSD-Commit-ID: 01f63fc10dcd995e7aed9c378ad879161af83121
2021-07-23upstream: Let allowed signers files used by ssh-keygen(1)djm@openbsd.org
signatures support key lifetimes, and allow the verification mode to specify a signature time to check at. This is intended for use by git to support signing objects using ssh keys. ok dtucker@ OpenBSD-Commit-ID: 3e2c67b7dcd94f0610194d1e8e4907829a40cf31
2021-07-19upstream: Use SUDO when setting up hostkey.dtucker@openbsd.org
OpenBSD-Regress-ID: 990cf4481cab8dad62e90818a9b4b36c533851a7
2021-07-19upstream: Increase time margin for rekey tests. Should helpdtucker@openbsd.org
reliability on very heavily loaded hosts. OpenBSD-Regress-ID: 4c28a0fce3ea89ebde441d7091464176e9730533
2021-07-19Add sshfp-connect.sh file missed in previous.Darren Tucker
2021-07-19upstream: Ensure that all returned SSHFP records for the specified hostdtucker@openbsd.org
name and hostkey type match instead of only one. While there, simplify the code somewhat and add some debugging. Based on discussion in bz#3322, ok djm@. OpenBSD-Commit-ID: 0a6a0a476eb7f9dfe8fe2c05a1a395e3e9b22ee4
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-31 11:39:08 +0000