summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2023-03-03upstream: actually print "channeltimeout none" in config dump mode;djm@openbsd.org
spotted via Coverity CID 405022 OpenBSD-Commit-ID: b074b52bf138b75f08264e8da15880b29c7a630f
2023-03-03Add Coverity badges.Darren Tucker
2023-03-03upstream: Check return values of dup2. Spotted by Coverity, ok djm@dtucker@openbsd.org
OpenBSD-Commit-ID: 19fb1b53072826d00c67df677731d2f6c1dd602b
2023-03-03upstream: Use time_t for x11_refuse_time timeout. We needdtucker@openbsd.org
SSH_TIME_T_MAX for this, so move from misc.c to misc.h so it's available. Fixes a Coverity warning for 64bit time_t safety, ok djm@ OpenBSD-Commit-ID: c69c4c3152cdaab953706db4ccf4d5fd682f7d8d
2023-03-03upstream: Check return value from fctnl and warn on failure.dtucker@openbsd.org
Spotted by Coverity, ok djm@ OpenBSD-Commit-ID: 2097c7db3cf657f1e3a6c5077041bacc63143cab
2023-03-02upstream: Remove SUDO in proxy command wrapper. Anything that needsdtucker@openbsd.org
sudo is already run by it, and it breaks if root isn't in sudoers. OpenBSD-Regress-ID: 6cf22fda32a89c16915f31a6ed9bbdbef2a3bac9
2023-03-02upstream: Fix breakage on dhgex test.dtucker@openbsd.org
This was due to the sshd logs being written to the wrong log file. While there, make save_debug_logs less verbose, write the name of the tarball to regress.log and use $SUDO to remove the old symlinks (which shouldn't be needed, but won't hurt). Initial problem spotted by anton@. OpenBSD-Regress-ID: 9c44fb9cd418e6ff31165e7a6c1f9f11a6d19f5b
2023-03-02upstream: Quote grep and log message better.dtucker@openbsd.org
OpenBSD-Regress-ID: 3823d9063127169736aa274b1784cb28e15b64d4
2023-03-02upstream: Always call fclose on checkpoints.dtucker@openbsd.org
In the case of an fprintf failure we would not call fclose which would leak the FILE pointer. While we're there, try to clean up the temp file on failure. Spotted by Coverity, ok djm@ OpenBSD-Commit-ID: 73c7ccc5d4fcc235f54c6b20767a2815408525ef
2023-03-02upstream: Remove old log symlinksdtucker@openbsd.org
before creating new ones. In -portable some platforms don't like overwriting existing symlinks. OpenBSD-Regress-ID: 7e7ddc0beb73e945e1c4c58d51c8a125b518120f
2023-03-01Adjust test jobs for new log directory.Darren Tucker
2023-03-01upstream: Rework logging for the regression tests.dtucker@openbsd.org
Previously we would log to ssh.log and sshd.log, but that is insufficient for tests that have more than one concurent ssh/sshd. Instead, we'll log to separate datestamped files in a $OBJ/log/ and leave a symlink at the previous location pointing at the most recent instance with an entry in regress.log showing which files were created at each point. This should be sufficient to reconstruct what happened even for tests that use multiple instances of each program. If the test fails, tar up all of the logs for later analysis. This will let us also capture the output from some of the other tools which was previously sent to /dev/null although most of those will be in future commits. OpenBSD-Regress-ID: f802aa9e7fa51d1a01225c05fb0412d015c33e24
2023-03-01upstream: fatal out if allocating banner string fails to avoiddtucker@openbsd.org
potential null deref later in sscanf. Spotted by Coverity, ok deraadt@ OpenBSD-Commit-ID: 74e8d228ac00552e96e9e968dfcccf8dd1f46ad5
2023-02-28upstream: Explicitly ignore return from fchmoddtucker@openbsd.org
similar to other calls to prevent warning. OpenBSD-Commit-ID: fdc5287dcee0860b5a493186414226c655b0eb0a
2023-02-28upstream: Plug mem leak on globbed ls error path.dtucker@openbsd.org
Spotted by Coverity, ok deraadt@ OpenBSD-Commit-ID: de28476025db29820a9a2e56e98b964d8a02861c
2023-02-27Cast time_t's in debug output to long long.Darren Tucker
Should fix Coverity warning about truncation of 64bit time_t.
2023-02-27Do shadow expiry calcs using "long long".Darren Tucker
Coverity flags these as potentially not 64bit time_t safe so use long long for the calculations and debug output. ok djm@
2023-02-27avoid clash between for getopt's struct optionDamien Miller
Since we don't use getopt_long() nothing outside the getopt() implementation itself uses this structure, so move it into the source to remove it from visibility and clashes with libc's ok dtucker@
2023-02-25Revert explicit chmods on private keys.Darren Tucker
This should no longer be needed on Cygwin test runners due to previous commit.
2023-02-25Remove extended ACLs from working dirs.Darren Tucker
This should allow umask to work as expected and prevent tests from failing due to excessive permissions on private keys.
2023-02-24Explicitly set permissions on user and host keys.Darren Tucker
On cygwin, the umask might not be sufficient. Should fix tests on Github runners.
2023-02-22upstream: fix progressmeter corruption on wide displays; bz3534djm@openbsd.org
feedback/ok dtucker@ OpenBSD-Commit-ID: f4affee067cec7c182f3e0b307d758e0472762a3
2023-02-21upstream: fseek to end of known_hosts before writing to it.dtucker@openbsd.org
POSIX and ANSI C require that applications call fseek or similar between read and writing to a RW file. OpenBSD doesn't enforce this, but some (System V derived) platforms need this to prevent it from writing a spurious extra byte (in this case, a newline). ok djm@ deraadt@ OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137
2023-02-21Also run unit tests on AIX VMs.Darren Tucker
In the past these tests took too long, but these days it only adds about 5 min to the run.
2023-02-21Wrap stdint.h inside ifdef.Darren Tucker
2023-02-20Add includes to ptimeout test.Mayank Sharma
Fixes test failures on AIX due to type mismatches.
2023-02-20Always use the openssl binary configure tells us.Darren Tucker
This fixes tests on platforms that do not have the openssl tool installed at all.
2023-02-17upstream: Remove now-unused compat bit SSH_BUG_RSASIGMD5. The codedtucker@openbsd.org
to set this was removed in OpenSSH 7.7 when support for SSH implementations dating back to before RFC standardization were removed. "burn it all" djm@ OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda
2023-02-17upstream: Remove now-unused compat bit SSH_BUG_BIGENDIANAES. Thisdtucker@openbsd.org
was previously set for OpenSSH 2.3 (released in 2000) but this check was removed in OpenSSH 7.7 (2018). ok djm@ deraadt@ OpenBSD-Commit-ID: 326426ea328707fc9e83305291ab135c87f678af
2023-02-17whitespace fixesDamien Miller
2023-02-17whitespace at EOLDamien Miller
2023-02-16upstream: Remove SSH_BUG_PASSWORDPAD compat bitdtucker@openbsd.org
since it's no longer used. ok markus@ OpenBSD-Commit-ID: b92c21f56fe4b7f9a54790d6a9650725c226820b
2023-02-16upstream: Remove SSH_BUG_IGNOREMSG compat flagdtucker@openbsd.org
since it's only applicable to SSH1 and thus no longer used. ok markus@ "kill it with fire" djm@ OpenBSD-Commit-ID: ea13318b1937795d9db4790d3ce0a6ed01584dab
2023-02-16upstream: space between macro and punctuation; sort usage();jmc@openbsd.org
OpenBSD-Commit-ID: 6141610cfca037700730e41f868d1d9124958f8c
2023-02-16upstream: space between macro and punctuation;jmc@openbsd.org
OpenBSD-Commit-ID: abc95e550be9e6d9a7ff64b65c104c7be21ab19e
2023-02-16upstream: sort SYNOPSIS;jmc@openbsd.org
OpenBSD-Commit-ID: dacd9da33277d5669a51213d880632599c890c1e
2023-02-11Improve seccomp compat on older systems.Darren Tucker
Check if flags to mmap and madvise are defined before using them. Should fix problems building on older Linux systems that don't have these. bz#3537, with & ok djm@.
2023-02-10upstream: test -Ohashalg=... and that the default output contains bothdjm@openbsd.org
specified hash algorithms; prompted by dtucker@ OpenBSD-Regress-ID: 26f309208c8d8b8fa9c5f419767b85f1e9b22f51
2023-02-10upstream: let ssh-keygen and ssh-keyscan acceptdjm@openbsd.org
-Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm selection. bz3493 ok dtucker@ OpenBSD-Commit-ID: e6e07fe21318a873bd877f333e189eb963a11b3d
2023-02-10upstream: add a `sshd -G` option that parses and prints thedjm@openbsd.org
effective configuration without attempting to load private keys and perform other checks. This allows usage of the option before keys have been generated. bz3460 feedback/ok dtucker@ OpenBSD-Commit-ID: 774504f629023fc25a559ab1d95401adb3a7fb29
2023-02-10upstream: make `ssh -Q CASignatureAlgorithms` work as the manpage saysdjm@openbsd.org
it should bz3532 OpenBSD-Commit-ID: 0ddb17b3fcbd99bfb5baea4ac5e449620cbd3adc
2023-02-10Add CentOS 7 test targets.Darren Tucker
2023-02-09upstream: Test adding terminating newline to known_hosts.dtucker@openbsd.org
OpenBSD-Regress-ID: 5fc3010ac450195b3fbdeb68e875564968800365
2023-02-09upstream: ssh-agent doesn't actually take -v,dtucker@openbsd.org
so the recently-added ones will result in the test not cleaning up after itself. Patch from cjwatson at debian.org vi bz#3536. OpenBSD-Regress-ID: 1fc8283568f5bf2f918517c2c1e778072cf61b1a
2023-02-09upstream: Ensure that there is a terminating newline when adding a newdtucker@openbsd.org
entry to known_hosts. bz#3529, with git+openssh at limpsquid.nl, ok deraadt@ markus@ OpenBSD-Commit-ID: fa8d90698da1886570512b96f051e266eac105e0
2023-02-07Replace 9.1 with 9.2 on CI status page.Darren Tucker
2023-02-06harden Linux seccomp sandboxDamien Miller
Linux mmap(2) and madvise(2) syscalls support quite a number of funky flags that we don't expect that sshd/libc will ever need. We can exclude this kernel attack surface by filtering the mmap(2) flags and the madvise(2) advice arguments. Similarly, the sandboxed process in sshd is a single-threaded program that does not use shared memory for synchronisation or communication. Therefore, there should be no reason for the advanced priority inheritance futex(2) operations to be necessary. These can also be excluded. Motivated by Jann Horn pointing out that there have been kernel bugs in nearby Linux kernel code, e.g. CVE-2020-29368, CVE-2020-29374 and CVE-2022-42703. Feedback Jann Horn, ok dtucker@
2023-02-02crank versions in RPM specsV_9_2_P1V_9_2Damien Miller
2023-02-02update version in READMEDamien Miller
2023-02-02adapt compat_kex_proposal() test to portableDamien Miller
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 22:34:43 +0000