31d8d231eb
upstream: highly polished whitespace, mostly fixing spaces-for-tab
...
and bad indentation on continuation lines. Prompted by GHPR#185
OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
2021-04-03 17:23:02 +11:00
34afde5c73
upstream: whitespace (tab after space)
...
OpenBSD-Commit-ID: 0e2b3f7674e985d3f7c27ff5028e690ba1c2efd4
2021-04-03 17:20:00 +11:00
7cd262c1c5
Save config.h and config.log on failure too.
2021-04-03 16:59:10 +11:00
460aee9298
upstream: fix incorrect plural; from Ville Skyt
...
=?UTF-8?q?t=C3=A4=20via=20GHPR#181?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenBSD-Commit-ID: 92f31754c6296d8f403d7c293e09dc27292d22c9
2021-04-03 16:49:02 +11:00
082804c14e
upstream: ensure that pkcs11_del_provider() is called before exit -
...
some PKCS#11 providers get upset if C_Initialize is not matched with
C_Finalize.
From Adithya Baglody via GHPR#234; ok markus
OpenBSD-Commit-ID: f8e770e03b416ee9a58f9762e162add900f832b6
2021-04-03 16:42:45 +11:00
464ebc82aa
upstream: unused variable
...
OpenBSD-Commit-ID: 85f6a394c8e0f60d15ecddda75176f112007b205
2021-04-03 16:30:17 +11:00
dc3c0be820
upstream: Fix two problems in string->argv conversion: 1) multiple
...
backslashes were not being dequoted correctly and 2) quoted space in the
middle of a string was being incorrectly split.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
A unit test for these cases has already been committed
prompted by and based on GHPR#223 by Eero Häkkinen; ok markus@
OpenBSD-Commit-ID: d7ef27abb4eeeaf6e167e9312e4abe9e89faf1e4
2021-04-03 16:24:40 +11:00
f75bcbba58
missing bits from 259d648e
2021-04-03 16:22:48 +11:00
4cbc4a7228
upstream: cannot effectively test posix-rename extension after
...
changes in feature advertisment.
OpenBSD-Regress-ID: 5e390bf88d379162aaa81b60ed86b34cb0c54d29
2021-04-01 09:22:53 +11:00
259d648e63
upstream: add a test for misc.c:argv_split(), currently fails
...
OpenBSD-Regress-ID: ad6b96d6ebeb9643b698b3575bdd6f78bb144200
2021-04-01 09:22:53 +11:00
473ddfc2d6
upstream: split
...
OpenBSD-Regress-ID: f6c03c0e4c58b3b9e04b161757b8c10dc8378c34
2021-04-01 09:22:31 +11:00
1339800fef
upstream: Use new limits@openssh.com protocol extension to let the
...
client select good limits based on what the server supports. Split the
download and upload buffer sizes to allow them to be chosen independently.
In practice (and assuming upgraded sftp/sftp-server at each end), this
increases the download buffer 32->64KiB and the upload buffer
32->255KiB.
Patches from Mike Frysinger; ok dtucker@
OpenBSD-Commit-ID: ebd61c80d85b951b794164acc4b2f2fd8e88606c
2021-04-01 09:20:57 +11:00
6653c61202
upstream: do not advertise protocol extensions that have been
...
disallowed by the command-line options (e.g. -p/-P/-R); ok dtucker@
OpenBSD-Commit-ID: 3a8a76b3f5131741aca4b41bfab8d101c9926205
2021-04-01 09:19:36 +11:00
71241fc05d
gnome-ssh-askpass3 is a valid target here
2021-03-29 15:14:25 +11:00
8a9520836e
upstream: return non-zero exit status when killed by signal; bz#3281 ok
...
dtucker@
OpenBSD-Commit-ID: 117b31cf3c807993077b596bd730c24da9e9b816
2021-03-19 13:24:56 +11:00
1269b8a686
upstream: increase maximum SSH2_FXP_READ to match the maximum
...
packet size. Also handle zero-length reads that are borderline nonsensical
but not explicitly banned by the spec. Based on patch from Mike Frysinger,
feedback deraadt@ ok dtucker@
OpenBSD-Commit-ID: 4e67d60d81bde7b84a742b4ee5a34001bdf80d9c
2021-03-19 13:20:32 +11:00
860b676044
upstream: don't let logging clobber errno before use
...
OpenBSD-Commit-ID: ce6cca370005c270c277c51c111bb6911e1680ec
2021-03-19 13:20:32 +11:00
5ca8a92165
Only call dh_set_moduli_file if using OpenSSL.
...
Fixes link failure when configuring --without-openssl since dh.c is not
linked in.
2021-03-13 14:40:43 +11:00
867a7dcf00
Don't install moduli during tests.
...
Now that we have TEST_SSH_MODULI_FILE pointing to the moduli in the
soure directory we don't need to install the file to prevent warnings
about it being missing.
2021-03-13 13:52:53 +11:00
0c054538fc
Point TEST_SSH_MODULI_FILE at our own moduli.
...
This will allow the test to run without requiring a moduli file
installed at the configured default path.
2021-03-13 13:51:26 +11:00
4d48219c72
upstream: spelling
...
OpenBSD-Commit-ID: 478bc3db04f62f1048ed6e1765400f3ab325e60f
2021-03-13 13:14:13 +11:00
88057eb6df
upstream: Add ModuliFile keyword to sshd_config to specify the
...
location of the "moduli" file containing the groups for DH-GEX. This will
allow us to run tests against arbitrary moduli files without having to
install them. ok djm@
OpenBSD-Commit-ID: 8df99d60b14ecaaa28f3469d01fc7f56bff49f66
2021-03-13 13:14:13 +11:00
f07519a2af
upstream: pwcopy() struct passwd that we're going to reuse across a
...
bunch of library calls; bz3273 ok dtucker@
OpenBSD-Commit-ID: b6eafa977b2e44607b1b121f5de855107809b762
2021-03-13 13:09:54 +11:00
69d6d4b0c8
upstream: Import regenerated moduli file.
...
OpenBSD-Commit-ID: 7ac6c252d2a5be8fbad4c66d9d35db507c9dac5b
2021-03-13 13:09:28 +11:00
e5895e8ecf
upstream: no need to reset buffer after send_msg() as that is done
...
for us; patch from Mike Frysinger
OpenBSD-Commit-ID: 565516495ff8362a38231e0f1a087b8ae66da59c
2021-03-13 13:06:10 +11:00
721948e674
upstream: Add TEST_SSH_MODULI_FILE variable to allow overriding of the
...
moduli file used during the test run.
OpenBSD-Regress-ID: be10f785263120edb64fc87db0e0d6570a10220a
2021-03-13 13:02:51 +11:00
82fef71e20
Allow (but return EACCES) fstatat64 in sandbox.
...
This is apparently used in some configurations of OpenSSL when glibc
has getrandom(). bz#3276, patch from Kris Karas, ok djm@
2021-03-12 15:58:57 +11:00
1cd67ee15c
Move generic includes outside of ifdef.
...
This ensures that the macros in log.h are defined in the case where
either of --with-solaris-projects or --with-solaris-privs are used
without --with-solaris-contracts. bz#3278.
2021-03-12 13:16:10 +11:00
2421a567a8
Import regenerated moduli file.
2021-03-10 17:44:16 +11:00
e99080c05d
upstream: Fix PRINT macro, the suffix param to sshlog() was missing.
...
Also remove redundant __func__ prefix from PRINT calls as the macro already
adds __FILE__, __func__ and __LINE__. From Christos Zoulas. OK dtucker@
OpenBSD-Commit-ID: 01fdfa9c5541151b5461d9d7d6ca186a3413d949
2021-03-10 10:14:26 +11:00
160db17fc6
upstream: don't sshbuf_get_u32() into an enum; reported by goetze
...
AT dovetail.com via bz3269
OpenBSD-Commit-ID: 99a30a8f1df9bd72be54e21eee5c56a0f050921a
2021-03-04 09:43:28 +11:00
cffd033817
upstream: typo in other_hostkeys_message() display output, ok djm
...
OpenBSD-Commit-ID: 276f58afc97b6f5826e0be58380b737603dbf5f5
2021-03-04 09:43:28 +11:00
7fe141b96b
upstream: needs FILE*; from Mike Frysinger
...
OpenBSD-Commit-ID: dddb3aa9cb5792eeeaa37a1af67b5a3f25ded41d
2021-03-03 19:43:59 +11:00
d2afd717e6
update depend
2021-03-02 21:31:47 +11:00
f0c4eddf7c
update relnotes URL
2021-03-02 21:30:14 +11:00
67a8bb7fe6
update RPM spec version numbers
2021-03-02 21:29:54 +11:00
0a4b23b11b
upstream: openssh-8.5
...
OpenBSD-Commit-ID: 185e85d60fe042b8f8fa1ef29d4ef637bdf397d6
2021-03-02 16:43:01 +11:00
de3866383b
Only upload config logs if configure fails.
2021-03-01 21:13:24 +11:00
85ff2a564c
upstream: Add %k to list of keywords. From
...
=?UTF-8?q?=20Eero=20H=C3=A4kkinenvia=20bz#3267?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenBSD-Commit-ID: 9c87f39a048cee2a7d1c8bab951b2f716256865e
2021-03-01 10:20:42 +11:00
e774bac359
upstream: Do not try to reset signal handler for signal 0 in
...
subprocess. Prevents spurious debug message. ok djm@
OpenBSD-Commit-ID: 7f9785e292dcf304457566ad4637effd27ad1d46
2021-02-28 13:01:20 +11:00
351c5dbbd7
upstream: fix alphabetic ordering of options; spotted by Iain Morgan
...
OpenBSD-Commit-ID: f955fec617d74af0feb5b275831a9fee813d7ad5
2021-02-28 10:54:19 +11:00
0d1c9dbe57
zlib is now optional.
2021-02-27 12:26:08 +11:00
b7c6ee7b43
Fix punctuatio and typo in README.md.
...
Some very minor fixes, missing 's' and punctuation.
2021-02-27 12:26:08 +11:00
6248b86074
Revert "ssh: optional bind interface if bind address specified."
...
This reverts commit 5a878a71a3
2021-02-26 16:45:50 +11:00
493339a940
detech BSD libc hash functions in libbsd / libmd
...
Some Linux distributions are shipping the BSD-style hashing functions
(e.g. SHA256Update) in libbsd and/or libmd. Detect this situation to
avoid header/replacement clashes later. ok dtucker@
2021-02-26 15:46:47 +11:00
5a878a71a3
ssh: optional bind interface if bind address specified.
...
Allows the -b and -B options to be used together.
For example, when the interface is in the VRF.
2021-02-26 15:46:47 +11:00
1fe4d70df9
upstream: remove this KEX fuzzer; it's awkward to use and doesn't play
...
nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it
but me.
OpenBSD-Regress-ID: cad919522b3ce90c147c95abaf81b0492ac296c9
2021-02-26 15:23:42 +11:00
24a3a67bd7
Remove macos-11.00 PAM test target too.
...
These are failing apparently due to some kind of infrastructure problem,
making it look like every commit is busted.
2021-02-26 11:50:37 +11:00
473201783f
upstream: a bit more debugging behind #ifdef DEBUG_SK
...
OpenBSD-Commit-ID: d9fbce14945721061cb322f0084c2165d33d1993
2021-02-26 11:18:26 +11:00
fd9fa76a34
Remove macos-11.0 from the test target list.
...
It has been consistently failing for the past few days with a github
actions internal error.
2021-02-26 01:15:10 +11:00
djm@openbsd.org
Darren Tucker
Damien Miller
jsg@openbsd.org
dtucker@openbsd.org
millert@openbsd.org
sthen@openbsd.org
Jeffrey H. Johnson
Dmitrii Turlupov