summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2022-08-29additional keysDamien Miller
2022-08-29cross-sign allowed_signers with PGP keyDamien Miller
Provides continuity of trust from legacy PGP release key to the SSHSIG signing keys that we will use henceforth for git signing.
2022-08-27Add libcrypt-devel to cygwin-release deps.Darren Tucker
Based on feedback from vinschen at redhat.com.
2022-08-27Add Windows 2022 test targets.Darren Tucker
2022-08-26Add cygwin-release test target.Darren Tucker
This also moves the cygwin package install from the workflow file to setup_ci.sh so that we can install different sets of Cygwin packages for different test configs.
2022-08-26upstream: whitespacedjm@openbsd.org
OpenBSD-Commit-ID: a5d015efbfd228dc598ffdef612d2da3a579e5d8
2022-08-26upstream: whitespacedjm@openbsd.org
OpenBSD-Commit-ID: d297e4387935d4aef091c5e9432578c2e513f538
2022-08-26initial list of allowed signersDamien Miller
2022-08-19Install Cygwin packages based on OS not config.Darren Tucker
2022-08-19upstream: attemp FIDO key signing without PIN and use the errordjm@openbsd.org
code returned to fall back only if necessary. Avoids PIN prompts for FIDO tokens that don't require them; part of GHPR#302 OpenBSD-Commit-ID: 4f752aaf9f2e7c28bcaaf3d4f8fc290131bd038e
2022-08-19upstream: remove incorrect check that can break enrolling adjm@openbsd.org
resident key (introduced in r1.40) OpenBSD-Commit-ID: 4cab364d518470e29e624af3d3f9ffa9c92b6f01
2022-08-19upstream: Strictly enforce the maximum allowed SSH2 banner size indtucker@openbsd.org
ssh-keyscan and prevent a one-byte buffer overflow. Patch from Qualys, ok djm@ OpenBSD-Commit-ID: 6ae664f9f4db6e8a0589425f74cd0bbf3aeef4e4
2022-08-19Fix cygwin conditional steps.Darren Tucker
2022-08-19Add a bit more debug output.Darren Tucker
2022-08-19Add Cygwin (on windows-2019) test target.Darren Tucker
In addition to installing the requisite Cygwin packages, we also need to explicitly invoke "sh" for steps that run other scripts since the runner environment doesn't understand #! paths.
2022-08-19upstream: double free() in error path; from Eusgor via GHPR333djm@openbsd.org
OpenBSD-Commit-ID: 39f35e16ba878c8d02b4d01d8826d9b321be26d4
2022-08-18Check for perms to run agent-getpeereid test.Darren Tucker
Ubuntu 22.04 defaults to private home dirs which prevents "nobody" running ssh-add during the agent-getpeereid test. Check for this and add the necessary permissions.
2022-08-17on Cygwin, prefer WinHello FIDO deviceDamien Miller
If no FIDO device was explictly specified, then prefer the windows://hello FIDO device. An exception to this is when probing resident FIDO keys, in which case hardware FIDO devices are preferred.
2022-08-17upstream: add an extra flag to sk_probe() to indicate whether we'redjm@openbsd.org
probing for a FIDO resident key or not. Unused here, but will make like easier for portable OpenBSD-Commit-ID: 432c8ff70e270378df9dbceb9bdeaa5b43b5a832
2022-08-17upstream: use .Cm for "sign"; from josiah frentsosjmc@openbsd.org
OpenBSD-Commit-ID: 7f80a53d54857ac6ae49ea6ad93c5bd12231d1e4
2022-08-12Revert "check_sk_options: add temporary WinHello workaround"Corinna Vinschen
Cygwin now comes with libfido2 1.11.0, so this workaround isn't required anymore. This reverts commit 242c044ab111a37aad3b0775727c36a4c5f0102c. Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2022-08-12fido_dev_is_winhello: return 0, not "false"Corinna Vinschen
"false" is not used anywhere in OpenSSH, so return 0 like everywhere else. Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2022-08-12upstream: sftp-server: support home-directory requestdjm@openbsd.org
Add support to the sftp-server for the home-directory extension defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the existing expand-path@openssh.com, but uses a more official protocol name, and so is a bit more likely to be implemented by non-OpenSSH clients. From Mike Frysinger, ok dtucker@ OpenBSD-Commit-ID: bfc580d05cc0c817831ae7ecbac4a481c23566ab
2022-08-12Replace deprecated ubuntu-18.04 runners with 22.04Darren Tucker
2022-08-11Add a timegm implementation from Heimdal via Samba.Darren Tucker
Fixes build on (at least Solaris 10).
2022-08-11Rerun tests if any .github config file changes.Darren Tucker
2022-08-11Skip hostbased during Valgrind tests.Darren Tucker
Valgrind doesn't let ssh exec ssh-keysign (because it's setuid) so skip it during the Valgrind based tests. See https://bugs.kde.org/show_bug.cgi?id=119404 for a discussion of this (ironically there the problematic binary was ssh(1) back when it could still be setuid).
2022-08-11upstream: add some tests for parse_absolute_time(), including casesdjm@openbsd.org
where it is forced to the UTC timezone. bz3468 ok dtucker OpenBSD-Regress-ID: ea07ca31c2f3847a38df028ca632763ae44e8759
2022-08-11upstream: allow certificate validity intervals, sshsig verificationdjm@openbsd.org
times and authorized_keys expiry-time options to accept dates in the UTC time zone in addition to the default of interpreting them in the system time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed with a 'Z' character. Also allow certificate validity intervals to be specified in raw seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This is intended for use by regress tests and other tools that call ssh-keygen as part of a CA workflow. bz3468 ok dtucker OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13
2022-08-11Fix conditional for running hostbased tests.Darren Tucker
2022-08-11fix SANDBOX_SECCOMP_FILTER_DEBUGDamien Miller
2022-08-10Test hostbased auth on github runners.Darren Tucker
2022-08-10Rename our getentropy to prevent possible loops.Darren Tucker
Since arc4random seeds from getentropy, and we use OpenSSL for that if enabled, there's the possibility that if we build on a system that does not have getentropy then run on a system that does have it, then OpenSSL could end up calling our getentropy and getting stuck in a loop. Pointed out by deraadt@, ok djm@
2022-08-08Actually put HAVE_STDINT_H around the stdint.h.Darren Tucker
2022-08-08Give unused param a name.Darren Tucker
Fixes builds on platforms that do have fido2 but don't have fido_dev_is_winhello.
2022-08-05upstream: don't prompt for FIDO passphrase before attempting to enrolldjm@openbsd.org
the credential, just let the enroll operating fail and we'll attempt to get a PIN anyway. Might avoid some unneccessary PIN prompts. Part of GHPR#302 from Corinna Vinschen; ok dtucker@ OpenBSD-Commit-ID: bd5342ffc353ee37d39617906867c305564d1ce2
2022-08-05sk_sign: set FIDO2 uv attribute explicitely for WinHelloCorinna Vinschen
WinHello via libfido2 performs user verification by default. However, if we stick to that, there's no way to differentiate between keys created with or without "-O verify-required". Set FIDO2 uv attribute explicitely to FIDO_OPT_FALSE, then check if user verification has been requested. Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2022-08-05check_sk_options: add temporary WinHello workaroundCorinna Vinschen
Up to libfido 1.10.0, WinHello advertises "clientPin" rather than "uv" capability. This is fixed in 1.11.0. For the time being, workaround it here. Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2022-08-05compat code for fido_dev_is_winhello()Corinna Vinschen
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2022-08-05Factor out getrnd() and rename to getentropy().Darren Tucker
Factor out the arc4random seeding into its own file and change the interface to match getentropy. Use native getentropy if available. This will make it easier to resync OpenBSD changes to arc4random. Prompted by bz#3467, ok djm@.
2022-08-04Include CHANNEL and FIDO2 libs in configure outputDarren Tucker
2022-08-01upstream: avoid double-free in error path introduced in r1.70; reportdjm@openbsd.org
and fix based on GHPR#332 by v-rzh ok dtucker@ OpenBSD-Commit-ID: 3d21aa127b1f37cfc5bdc21461db369a663a951f
2022-07-27Remove deprecated MacOS 10.15 runners.Darren Tucker
2022-07-27Move stale-configure check as early as possible.Darren Tucker
We added a check in Makefile to catch the case where configure needs to be rebuilt, however this did not happen until a build was attempted in which case all of the work done by configure was wasted. Move this check to the start of configure to catch it as early as possible. ok djm@
2022-07-27Move libcrypto into CHANNELLIBS.Darren Tucker
This will result in sftp, sftp-server and scp no longer being linked against libcrypto. ok djm@
2022-07-27Remove seed_rng calls from scp, sftp, sftp-server.Darren Tucker
These binaries don't use OpenSSL's random functions. The next step will be to stop linking them against libcrypto. ok djm@
2022-07-27Group libcrypto and PRNGD checks together.Darren Tucker
They're related more than the libcrypt or libiaf checks which are currently between them. ok djm@
2022-07-27Do not link scp, sftp and sftp-server w/ zlib.Darren Tucker
Some of our binaries (eg sftp, sftp-server, scp) do not interact with the channels code and thus do use libraries such as zlib and libcrypto although they are linked with them. This adds a CHANNELLIBS and starts by moving zlib into it, which means the aformentioned binaries are no longer linked against zlib. ok djm@
2022-07-25Remove workarounds for OpenSSL missing AES-CTR.Darren Tucker
We have some compatibility hacks that were added to support OpenSSL versions that do not support AES CTR mode. Since that time, however, the minimum OpenSSL version that we support has moved to 1.0.1 which *does* have CTR, so this is no longer needed. ok djm@
2022-07-25Remove workarounds for OpenSSL missing AES-GCM.Darren Tucker
We have some compatibility hacks that were added to support OpenSSL versions that do not support AES GCM mode. Since that time, however, the minimum OpenSSL version that we support has moved to 1.0.1 which *does* have GCM, so this is no longer needed. ok djm@
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-30 00:16:00 +0000