summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2022-01-25upstream: Add a sshbuf_read() that attempts to read(2) directly indjm@openbsd.org
to a sshbuf; ok markus@ OpenBSD-Commit-ID: 2d8f249040a4279f3bc23c018947384de8d4a45b
2022-01-25upstream: add a helper for writing an error message to thedjm@openbsd.org
stderr_buf and setting quit_pending; no functional change but saves a bunch of boilerplate OpenBSD-Commit-ID: 0747657cad6b9eabd514a6732adad537568e232d
2022-01-25upstream: correct comment and use local variable instead of longdjm@openbsd.org
indirection; spotted by dtucker@ OpenBSD-Commit-ID: 5f65f5f69db2b7d80a0a81b08f390a63f8845965
2022-01-25upstream: When poll(2) returns -1, for some error conditionsderaadt@openbsd.org
pfd[].revents is not cleared. There are subtle errors in various programs. In this particular case, the program should error out. ok djm millert OpenBSD-Commit-ID: 00f839b16861f7fb2adcf122e95e8a82fa6a375c
2022-01-22restore tty force-read hackDamien Miller
This portable-specific hack fixes a hang on exit for ttyful sessions on Linux and some SysVish Unix variants. It was accidentally disabled in commit 5c79952dfe1a (a precursor to the mainloop poll(2) conversion). Spotted by John in bz3383
2022-01-21Fix signedness bug in Cygwin codeCorinna Vinschen
The Cygwin-specific pattern match code has a bug. It checks the size_t value returned by mbstowcs for being < 0. The right thing to do is to check against (size_t) -1. Fix that. Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2022-01-20Improve compatibility of early exit trap handling.Darren Tucker
Dash (as used by the github runners) has some differences in its trap builtin: - it doesn't have -p (which is fine, that's not in posix). - it doesn't work in a subshell (which turns out to be in compliance with posix, which means bash isn't). - it doesn't work in a pipeline, ie "trap|cat" produces no output.
2022-01-20Move more tests out of valgrind-1 runner.Darren Tucker
2022-01-19Invoke EXIT handler early when using Valgrind.Darren Tucker
When using Valgrind, we need to wait for all invoked programs to complete before checking their valgrind logs. Some tests, notably agent-restrict, set an EXIT trap handler to clean up things like ssh-agent, but those do not get invoked until test-exec.sh exits. This causes the Valgrind wait to deadlock, so if present invoke the EXIT handler before checking the Valgrind logs.
2022-01-18Remove line leftover from upstream sync.Darren Tucker
2022-01-18upstream: when decompressing zlib compressed packets, usedjm@openbsd.org
Z_SYNC_FLUSH instead of Z_PARTIAL_FLUSH as the latter is not actually specified as a valid mode for inflate(). There should be no practical change in behaviour as the compression side ensures a flush that should make all data available to the receiver in all cases. repoted by lamm AT ibm.com via bz3372; ok markus OpenBSD-Commit-ID: 67cfc1fa8261feae6d2cc0c554711c97867cc81b
2022-01-18upstream: make most of the sftp errors more idiomatic, followingdjm@openbsd.org
the general form of "[local/remote] operation path: error message"; ok markus OpenBSD-Commit-ID: 61364cd5f3a9fecaf8d63b4c38a42c0c91f8b571
2022-01-18upstream: when transferring multiple files in SFTP mode, create thedjm@openbsd.org
destination directory if it doesn't already exist to match olde-scp(1) behaviour. noticed by deraadt@ ok markus@ OpenBSD-Commit-ID: cf44dfa231d4112f697c24ff39d7ecf2e6311407
2022-01-18upstream: allow pin-required FIDO keys to be added to ssh-agent(1).djm@openbsd.org
ssh-askpass will be used to request the PIN at authentication time. From Pedro Martelletto, ok djm OpenBSD-Commit-ID: de8189fcd35b45f632484864523c1655550e2950
2022-01-14upstream: ssh-sk: free a resident key's user iddjm@openbsd.org
From Pedro Martelletto; ok dtucker & me OpenBSD-Commit-ID: 47be40d602b7a6458c4c71114df9b53d149fc2e9
2022-01-14upstream: sshsk_load_resident: don't preallocate respdjm@openbsd.org
resp is allocated by client_converse(), at which point we lose the original pointer. From Pedro Martelletto; ok dtucker & me OpenBSD-Commit-ID: 1f1b5ea3282017d6584dfed4f8370dc1db1f44b1
2022-01-14upstream: sshsk_sign: trim call to sshkey_fingerprint()djm@openbsd.org
the resulting fingerprint doesn't appear to be used for anything, and we end up leaking it. from Pedro Martelletto; ok dtucker & me OpenBSD-Commit-ID: 5625cf6c68f082bc2cbbd348e69a3ed731d2f9b7
2022-01-14upstream: use status error message to communicate ~user expansiondjm@openbsd.org
failures; provides better experience for scp in sftp mode, where ~user paths are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg & markus (forgot to include this file in previous commit) OpenBSD-Commit-ID: d37cc4c8c861ce48cd6ea9899e96aaac3476847b
2022-01-14fix edge case in poll(2) wrapperDamien Miller
Correct handling of select(2) exceptfds. These should only be consulted for POLLPRI flagged pfds and not unconditionally converted to POLLERR. with and ok dtucker@
2022-01-14Wrap OpenSSL includes in unit tests in ifdef.Darren Tucker
Fixes unit test on systems that do not have OpenSSL headers installed.
2022-01-13Remove sort wrapper.Darren Tucker
agent-restrict now takes care of this itself.
2022-01-13upstream: Set LC_ALL in both local and remote shells so that sorteddtucker@openbsd.org
output matches regardless of what the user's shell sets it to. ok djm@ OpenBSD-Regress-ID: 4e97dd69a68b05872033175a4c2315345d01837f
2022-01-13upstream: Avoid %'s in commands (not used in OpenBSD, but used indtucker@openbsd.org
-portable's Valgrind test) being interpretted as printf format strings. OpenBSD-Regress-ID: dc8655db27ac4acd2c386c4681bf42a10d80b043
2022-01-13Stop on first test failure to minimize logs.Darren Tucker
2022-01-12upstream: Use egrep when searching for an anchored string.dtucker@openbsd.org
OpenBSD-Regress-ID: dd114a2ac27ac4b06f9e4a586d3f6320c54aeeb4
2022-01-12Add "rev" command replacement if needed.Darren Tucker
2022-01-12upstream: Don't log NULL hostname in restricted agent code,dtucker@openbsd.org
printf("%s", NULL) is not safe on all platforms. with & ok djm OpenBSD-Commit-ID: faf10cdae4adde00cdd668cd1f6e05d0a0e32a02
2022-01-12upstream: remove hardcoded domain and use window.location.host, so thisdjm@openbsd.org
can be run anywhere OpenBSD-Regress-ID: 2ac2ade3b6227d9c547351d3ccdfe671e62b7f92
2022-01-12upstream: "void" functions should not return anything. From Tim Ricedtucker@openbsd.org
via -portable. OpenBSD-Commit-ID: ce6616304f4c9881b46413e616b226c306830e2a
2022-01-12upstream: suppress "Connection to xxx closed" messages at LogLevel >=djm@openbsd.org
error bz3378; ok dtucker@ OpenBSD-Commit-ID: d5bf457d5d2eb927b81d0663f45248a31028265c
2022-01-12OS X poll(2) is broken; use compat replacementDamien Miller
Darwin's poll(2) implementation is broken. For character-special devices like /dev/null, it returns POLLNVAL when polled with POLLIN. Apparently this is Apple bug 3710161, which is AFAIK not public, but a websearch will find other OSS projects rediscovering it periodically since it was first identified in 2005 (!!)
2022-01-11libhardended_malloc.so moved into out dir.Darren Tucker
2022-01-10Make USL compilers happyTim Rice
UX:acomp: ERROR: "sftp-server.c", line 567: void function cannot return value
2022-01-10Add wrapper for "sort" to set LC_ALL=C.Darren Tucker
Found by djm, this should make sorts stable and reduce test flakiness.
2022-01-08upstream: Remove errant "set -x" left over from debugging.dtucker@openbsd.org
OpenBSD-Regress-ID: cd989268e034264cec5df97be7581549032c87dc
2022-01-08upstream: Enable all supported hostkey algorithms (but no others).dtucker@openbsd.org
Allows hostbased test to pass when built without OpenSSL. OpenBSD-Regress-ID: 5ddd677a68b672517e1e78460dc6ca2ccc0a9562
2022-01-08upstream: use status error message to communicate ~user expansiondjm@openbsd.org
failures; provides better experience for scp in sftp mode, where ~user paths are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg & markus OpenBSD-Commit-ID: fc610ce00ca0cdc2ecdabbd49ce7cb82033f905f
2022-01-08upstream: fix some corner-case bugs in scp sftp-mode handling ofdjm@openbsd.org
~-prefixed paths; spotted by jsg; feedback jsg & deraadt, ok jsg & markus OpenBSD-Commit-ID: d1697dbaaa9f0f5649d69be897eab25c7d37c222
2022-01-08upstream: more idiomatic error messages; spotted by jsg & deraadtdjm@openbsd.org
ok jsg & markus OpenBSD-Commit-ID: 43618c692f3951747b4151c477c7df22afe2bcc8
2022-01-08upstream: add a variant of send_status() that allows overriding thedjm@openbsd.org
default, generic error message. feedback/ok markus & jsg OpenBSD-Commit-ID: 81f251e975d759994131b717ee7c0b439659c40f
2022-01-08upstream: refactor tilde_expand_filename() and make it handle ~userdjm@openbsd.org
paths with no trailing slash; feedback/ok markus and jsg OpenBSD-Commit-ID: a2ab365598a902f0f14ba6a4f8fb2d07a9b5d51d
2022-01-07upstream: Don't explicitly set HostbasedAuthentication indtucker@openbsd.org
sshd_config. It defaults to "no", and not explicitly setting it allows us to enable it for the (optional) hostbased test. OpenBSD-Regress-ID: aa8e3548eb5793721641d26e56c29f363b767c0c
2022-01-07upstream: Add test for hostbased auth. It requires some externaldtucker@openbsd.org
setup (see comments at the top) and thus is disabled unless TEST_SSH_HOSTBASED_AUTH and SUDO are set. OpenBSD-Regress-ID: 3ec8ba3750c5b595fc63e7845d13483065a4827a
2022-01-07dependDamien Miller
2022-01-07upstream: allow hostbased auth to select RSA keys when onlydjm@openbsd.org
RSA/SHA2 are configured (this is the default case); ok markus@ OpenBSD-Commit-ID: 411c18c7bde40c60cc6dfb7017968577b4d4a827
2022-01-07upstream: add a helper function to match a key type to a list ofdjm@openbsd.org
signature algorithms. RSA keys can make signatures with multiple algorithms, so some special handling is required. ok markus@ OpenBSD-Commit-ID: 03b41b2bda06fa4cd9c84cef6095033b9e49b6ff
2022-01-07upstream: log some details on hostkeys that ssh loads fordjm@openbsd.org
hostbased authn ok markus@ OpenBSD-Commit-ID: da17061fa1f0e58cb31b88478a40643e18233e38
2022-01-07upstream: log signature algorithm during verification by monitor;djm@openbsd.org
ok markus OpenBSD-Commit-ID: 02b92bb42c4d4bf05a051702a56eb915151d9ecc
2022-01-07upstream: piece of UpdateHostkeys client strictification: whendjm@openbsd.org
updating known_hosts with new keys, ignore NULL keys (forgot to include in prior commit) OpenBSD-Commit-ID: 49d2eda6379490e1ceec40c3b670b973f63dea08
2022-01-07upstream: include rejected signature algorithm in error messagedjm@openbsd.org
and not the (useless) key type; ok markus OpenBSD-Commit-ID: 4180b5ec7ab347b43f84e00b1972515296dab023
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 02:57:02 +0000