summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2021-09-27initgroups needs grp.hV_8_8_P1V_8_8Damien Miller
2021-09-27upstream: openssh-8.8djm@openbsd.org
OpenBSD-Commit-ID: 12357794602ac979eb7312a1fb190c453f492ec4
2021-09-27upstream: need initgroups() before setresgid(); reported by anton@,djm@openbsd.org
ok deraadt@ OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce
2021-09-26update version numbers for releaseDamien Miller
2021-09-26upstream: RSA/SHA-1 is not used by default anymorekn@openbsd.org
OK dtucker deraadt djm OpenBSD-Commit-ID: 055c51a221c3f099dd75c95362f902da1b8678c6
2021-09-24Move the fgrep replacement to hostkey-rotate.sh.Darren Tucker
The fgrep replacement for buggy greps doesn't work in the sftp-glob test so move it to just where we know it's needed.
2021-09-24Replacement function for buggy fgrep.Darren Tucker
GNU (f)grep <=2.18, as shipped by FreeBSD<=12 and NetBSD<=9 will occasionally fail to find ssh host keys in the hostkey-rotate test. If we have those versions, use awk instead.
2021-09-24Don't prompt for yes/no questions.David Manouchehri
2021-09-21upstream: fix missing -s in SYNOPSYS and usage() as well as adjm@openbsd.org
capitalisation mistake; spotted by jmc@ OpenBSD-Commit-ID: 0ed8ee085c7503c60578941d8b45f3a61d4c9710
2021-09-20upstream: Fix "Allocated port" debug messagedtucker@openbsd.org
for unix domain sockets. From peder.stray at gmail.com via github PR#272, ok deraadt@ OpenBSD-Commit-ID: 8d5ef3fbdcdd29ebb0792b5022a4942db03f017e
2021-09-20upstream: Switch scp back to use the old protocol by default, ahead ofdjm@openbsd.org
release. We'll wait a little longer for people to pick up sftp-server(8) that supports the extension that scp needs for ~user paths to continue working in SFTP protocol mode. Discussed with deraadt@ OpenBSD-Commit-ID: f281f603a705fba317ff076e7b11bcf2df941871
2021-09-19upstream: better error message for ~user failures when thedjm@openbsd.org
sftp-server lacks the expand-path extension; ok deraadt@ OpenBSD-Commit-ID: 9c1d965d389411f7e86f0a445158bf09b8f9e4bc
2021-09-19upstream: make some more scp-in-SFTP mode better match Unix idiomsdjm@openbsd.org
suggested by deraadt@ OpenBSD-Commit-ID: 0f2439404ed4cf0b0be8bf49a1ee734836e1ac87
2021-09-19upstream: allow log_stderr==2 to prefix log messages with argv[0]djm@openbsd.org
use this to make scp's SFTP mode error messages more scp-like prompted by and ok deraadt@ OpenBSD-Commit-ID: 0e821dbde423fc2280e47414bdc22aaa5b4e0733
2021-09-17Test against LibreSSL 3.2.6, 3.3.4, 3.4.0.Darren Tucker
2021-09-16upstream: missing space character in ssh -G output broke thedjm@openbsd.org
t-sshcfgparse regression test; spotted by anton@ OpenBSD-Commit-ID: bcc36fae2f233caac4baa8e58482da4aa350eed0
2021-09-16upstream: allow CanonicalizePermittedCNAMEs=none in ssh_config; okdjm@openbsd.org
markus@ OpenBSD-Commit-ID: 668a82ba8e56d731b26ffc5703213bfe071df623
2021-09-15upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENTmbuhl@openbsd.org
OK mfriedl@ OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798
2021-09-11upstream: Do not ignore SIGINT while waiting for input if editline(3)schwarze@openbsd.org
is not used. Instead, in non-interactive mode, exit sftp(1), like for other serious errors. As pointed out by dtucker@, when compiled without editline(3) support in portable OpenSSH, the el == NULL branch is also used for interactive mode. In that case, discard the input line and provide a fresh prompt to the user just like in the case where editline(3) is used. OK djm@ OpenBSD-Commit-ID: 7d06f4d3ebba62115527fafacf38370d09dfb393
2021-09-11upstream: when using SFTP protocol, continue transferring files after adjm@openbsd.org
transfer error occurs. This matches original scp/rcp behaviour. ok dtucker@ OpenBSD-Commit-ID: dfe4558d71dd09707e9b5d6e7d2e53b793da69fa
2021-09-10upstream: Document that non-interactive commands are run via the user'sdtucker@openbsd.org
shell using the -c flag. ok jmc@ OpenBSD-Commit-ID: 4f0d912077732eead10423afd1acf4fc0ceec477
2021-09-10upstream: Document behaviour of arguments following non-interactivedtucker@openbsd.org
commands. Prompted by github PR#139 from EvanTheB, feedback & ok djm@ jmc@ OpenBSD-Commit-ID: fc758d1fe0471dfab4304fcad6cd4ecc3d79162a
2021-09-10upstream: Clarify which file's attributes -p preserves, and thatdtucker@openbsd.org
it's specifically the file mode bits. bz#3340 from calestyo at scientia.net, ok djm@ jmc@ OpenBSD-Commit-ID: f09e6098ed1c4be00c730873049825f8ee7cb884
2021-09-10upstream: openssh-7.4 was incorrectly listed twice; spotted bydjm@openbsd.org
Dmitry Belyavskiy, ok dtucker@ OpenBSD-Commit-ID: 4b823ae448f6e899927ce7b04225ac9e489f58ef
2021-09-10upstream: - move CAVEATS to its correct order - use the termjmc@openbsd.org
"legacy" protocol rather than "original", as the latter made the text misleading - uppercase SCP ok djm OpenBSD-Commit-ID: 8479255746d5fa76a358ee59e7340fecf4245ff0
2021-09-09Disable tracing on FreeBSD using procctl.David Carlier
Placed at the start of platform_disable_tracing() to prevent declaration after code errors from strict C89 compilers (in the unlikely event that more than one method is enabled).
2021-09-09upstream: Use the SFTP protocol by default. The original scp/rcpdjm@openbsd.org
protocol remains available via the -O flag. Note that ~user/ prefixed paths in SFTP mode require a protocol extension that was first shipped in OpenSSH 8.7. ok deraadt, after baking in snaps for a while without incident OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c
2021-09-08Really fix test on OpenSSL 1.1.1 stable.Darren Tucker
2021-09-08Correct OpenSSL 1.1.1 stable identifier.Darren Tucker
2021-09-08Increment nfds when coming from startup_pipe.Darren Tucker
If we have to increase nfds because startup_pipe[0] is above any of the descriptors passed in the fd_sets, we also need to add 1 to nfds since select takes highest FD number plus one. bz#3345 from yaroslav.kuzmin at vmssoftware.com.
2021-09-08Tests for OpenSSL 3.0.0 release & 1.1.1 branch.Darren Tucker
2021-09-08upstream: correct my mistake in previous fix; spotted by halexdjm@openbsd.org
OpenBSD-Commit-ID: 3cc62d92e3f70006bf02468fc146bfc36fffa183
2021-09-07upstream: avoid NULL deref in -Y find-principals. Report and fixdjm@openbsd.org
from Carlo Marcelo Arenas Belón MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: 6238486f8ecc888d6ccafcd9ad99e621bb41f1e0
2021-09-07upstream: revision 1.381 neglected to removemillert@openbsd.org
sChallengeResponseAuthentication from the enum. Noticed by christos@zoulas.com. OK dtucker@ OpenBSD-Commit-ID: b533283a4dd6d04a867da411a4c7a8fbc90e34ff
2021-09-05Correct version_num for OpenSSL dev branch.Darren Tucker
2021-09-05Test against OpenSSL 3 branch as well as dev.Darren Tucker
Now that OpenSSL development has moved to 3.1, test against the most recent version of the openssl-3.0 branch too.
2021-09-05OpenSSL development is now 3.1.*Darren Tucker
2021-09-03upstream: Use .Cm instead of .Dq in StrictHostKeyChecking list fordtucker@openbsd.org
consistency. Patch from scop via github PR#257, ok jmc@ OpenBSD-Commit-ID: 3652a91564570779431802c31224fb4a9cf39872
2021-09-03upstream: Mention using ssh -i for specifying the public key filedtucker@openbsd.org
in the case where the private key is loaded into ssh-agent but is not present locally. Based on patch from rafork via github PR#215, ok jmc@ OpenBSD-Commit-ID: 2282e83b0ff78d2efbe705883b67240745fa5bb2
2021-09-03upstream: Refer to KEX "algorithms" instead of "methods" to matchdtucker@openbsd.org
other references and improve consistency. Patch from scop via github PR#241, ok djm@ OpenBSD-Commit-ID: 840bc94ff6861b28d8603c8e8c16499bfb65e32c
2021-09-03upstream: Remove redundant attrib_clear in upload_dir_internal.dtucker@openbsd.org
The subsequent call to stat_to_attrib clears the struct as its first step anyway. From pmeinhardt via github PR#220, ok djm@ OpenBSD-Commit-ID: f5234fc6d7425b607e179acb3383f21716f3029e
2021-09-03upstream: Add test for client termination status on signal.dtucker@openbsd.org
Based on patch from Alexxz via github PR#235 with some tweaks, to match patch in bz#3281. OpenBSD-Regress-ID: d87c7446fb8b5f8b45894fbbd6875df326e729e2
2021-09-03upstream: sys/param.h is not needed for any visible reasonderaadt@openbsd.org
OpenBSD-Commit-ID: 8bdea2d0c75692e4c5777670ac039d4b01c1f368
2021-09-03Fix memory leak in error path.Shchelkunov Artem
*info is allocated via xstrdup but was leaked in the PAM_AUTH_ERR path. From github PR#266.
2021-09-01upstream: Fix ssh-rsa fallback for old PuTTY interop tests.dtucker@openbsd.org
OpenBSD-Regress-ID: a19ac929da604843a5b5f0f48d2c0eb6e0773d37
2021-09-01upstream: Add a function to skip remaining tests.dtucker@openbsd.org
Many tests skip tests for various reasons but not in a consistent way and don't always clean up, so add that and switch the tests that do that over. OpenBSD-Regress-ID: 72d2ec90a3ee8849486956a808811734281af735
2021-09-01upstream: Specify path to PuTTY keys.dtucker@openbsd.org
Portable needs this and it makes no difference on OpenBSD, so resync them. (Id sync only, Portable already had this.) OpenBSD-Regress-ID: 33f6f66744455886d148527af8368811e4264162
2021-08-31upstream: Better compat tests with old PuTTY.dtucker@openbsd.org
When running PuTTY interop tests and using a PuTTY version older than 0.76, re-enable the ssh-rsa host key algorithm (the 256 and 512 variants of RSA were added some time between 0.73 and 0.76). OpenBSD-Regress-ID: e6138d6987aa705fa1e4f216db0bb386e1ff38e1
2021-08-31Resync PuTTY interop tests.Darren Tucker
Resync behaviour when REGRESS_INTEROP_PUTTY is not set with OpenBSD.
2021-08-31upstream: Specify hostkeyalgorithms in SSHFP test.dtucker@openbsd.org
Specify host key algorithms in sshd's default set for the SSHFP test, from djm@. Make the reason for when the test is skipped a bit clearer. OpenBSD-Regress-ID: 4f923dfc761480d5411de17ea6f0b30de3e32cea
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-15 21:33:54 +0000