4ee8dc6498
Removed sha1-based MACs from default config ( #706 )
2023-11-30 18:08:35 -08:00
cb23f0d9c0
revert enabling sdl check compiler option for debug builds ( #700 )
2023-10-16 09:57:03 -04:00
0ffb0ceb64
remove redundant WINDOWS preprocessor definitions ( #697 )
2023-10-16 09:56:42 -04:00
f72324ffa1
disable adding pkcs11 providers to ssh-agent remotely unless overridden by cli arg ( #699 )
2023-10-11 16:39:05 -04:00
effdb65e40
Enable sdl check ( #695 )
...
* enable sdl checks during compilation
* fix sdl errors in Windows code
* fix sdl errors in common code without ifdefs, for now
2023-10-04 13:11:53 -04:00
39bf3d4fce
Enable /CETCOMPAT in x86, x64 Linker Additional Options ( #696 )
...
* enable spectre mitigation in vcxproj
* add linker compat option and sdl compile checks where applicable
* add linker switch to x64 and x86 arch
2023-10-04 12:59:38 -04:00
4e5f11a82c
enable spectre mitigation in vcxproj ( #694 )
2023-10-02 15:16:33 -04:00
96f8702f79
Crank versions ( #693 )
...
* Update version.rc
* Update libressl version in paths.targets
2023-09-28 16:39:39 -04:00
1ab66dd3d4
Fix unreasonably small DefaultShellCommandOption size limit ( #683 )
2023-09-28 14:34:08 -04:00
1146f366ed
fix session id2 datetype missmatch ( #679 )
...
* fix session id2 datetype missmatch
* update session_id2_len definition with WINDOWS identifier
2023-09-28 13:17:26 -04:00
24449c64b7
Merge pull request #684 from tgauth/merge-9.4
...
Merge 9.4
2023-09-27 15:33:29 -04:00
ffd23297ae
add comments
2023-09-07 16:59:04 -04:00
ae0f346a7a
fix typo
2023-09-07 14:11:27 -04:00
33f1ab9391
Update codeql.yml ( #687 )
2023-09-07 10:29:46 -04:00
f87f0c57a2
add check for program data folder permissions during sshd service startup ( #686 )
2023-09-05 12:59:28 -04:00
7023264b09
Merge branch 'latestw_all' into merge-9.4
2023-08-31 14:22:13 -04:00
3645eaa30e
Build tools version updates ( #677 )
...
* bump platform toolset to v143
* add updated proj files for testing
* add _CRT_DECLARE_NONSTDC_NAMES=0 to projects with posix functions
* revert onecore changes
* fix typo
* use latest sdk in build script
* update build toolset in config proj
* update build script to use latest toolsets
* update paths.targets
* update to win11 sdk in paths.targets
* make build script more robust with VSwhere
* change validity check from count check to null-check
* remove static keyword from auth_debug declaration
* change to ifndef for diff checking
* update string compare
* change msbuild tool search from manual check instead of using vswhere
* update wixproj to work with wix install on new build image
* update 2022 build image and zlib version
2023-08-31 14:19:37 -04:00
c769798653
remove dependencies files used for testing
2023-08-31 13:00:59 -04:00
f7996c7a5c
fix stderr tests on Windows
2023-08-29 10:14:40 -04:00
b2ec0cdd33
fix additional tests in keygen-sshfp.sh on Windows
2023-08-29 10:13:43 -04:00
a6229b9e7b
fix hostkey tests
2023-08-28 14:51:40 -04:00
22615453ef
temp add x86 zlib built with vs 2022 for CI test
2023-08-23 15:17:17 -04:00
1b8783c18e
Merge branch 'merge-9.4' of https://github.com/tgauth/openssh-portable into merge-9.4
2023-08-23 15:03:24 -04:00
4d42e70320
temporarily add zlib built with vs2022 build tools for CI
2023-08-23 14:53:01 -04:00
23090c69ca
Update ci.yml to new build image
2023-08-23 14:32:09 -04:00
6c59360e66
temporarily add dependencies built with VS2022 build tools for CI
2023-08-23 14:12:09 -04:00
f2cd96282f
add Windows preprocessor definitions around posix and pkcs11 changes
2023-08-23 14:10:25 -04:00
a1999590a8
fix parsing command-line args and add Windows #ifdef to prevent in future
2023-08-23 13:24:36 -04:00
0db6f3e486
resolve merge conflicts
2023-08-21 16:35:13 -04:00
e99a02ec18
Fix zlib version check for 1.3 and future version.
...
bz#3604.
2023-08-19 07:41:24 +10:00
ad45b5c9a1
fix func declaration ( #682 )
2023-08-18 13:31:56 -04:00
f3e39c4700
upstream: fix regression in OpenSSH 9.4 (mux.c r1.99) that caused
...
multiplexed sessions to ignore SIGINT under some circumstances. Reported by /
feedback naddy@, ok dtucker@
OpenBSD-Commit-ID: 4d5c6c894664f50149153fd4764f21f43e7d7e5a
2023-08-18 12:04:05 +10:00
c8e79e4872
Add obsd72 and obsd73 test targets.
2023-08-13 15:02:08 +10:00
daa5b2d869
depend
2023-08-10 11:10:22 +10:00
41bfb63f51
update versions in RPM specs
2023-08-10 11:05:42 +10:00
e598b92b1e
update version in README
2023-08-10 11:05:14 +10:00
e797e5ffa7
upstream: openssh-9.4
...
OpenBSD-Commit-ID: 71fc1e01a4c4ea061b252bd399cda7be757e6e35
2023-08-10 11:04:25 +10:00
3961ed02dc
wrap poll.h include in HAVE_POLL_H
2023-08-10 09:08:49 +10:00
e535fbe2af
upstream: Apply ConnectTimeout to multiplexing local socket
...
connections. If the multiplex socket exists but the connection times out,
ssh will fall back to a direct connection the same way it would if the socket
did not exist at all. ok djm@
OpenBSD-Commit-ID: 2fbe1a36d4a24b98531b2d298a6557c8285dc1b4
2023-08-04 17:50:35 +10:00
9d92e7b248
Fix RNG seeding for OpenSSL w/out self seeding.
...
When sshd is built with an OpenSSL that does not self-seed, it would
fail in the preauth privsep process while handling a new connection.
Sanity checked by djm@
2023-08-03 20:29:08 +10:00
f70010d9b0
upstream: CheckHostIP has defaulted to 'no' for a while; make the
...
commented- out config option match. From Ed Maste
OpenBSD-Commit-ID: e66e934c45a9077cb1d51fc4f8d3df4505db58d9
2023-08-03 09:09:02 +10:00
c88a8788f9
upstream: remove unnecessary if statement.
...
github PR#422 from eyalasulin999, ok djm@
OpenBSD-Commit-ID: 2b6b0dde4407e039f58f86c8d2ff584a8205ea55
2023-08-01 18:54:30 +10:00
77b8b865cd
upstream: %C is a callable macro in mdoc(7)
...
so, as we do for %D, escape it;
OpenBSD-Commit-ID: 538cfcddbbb59dc3a8739604319491dcb8e0c0c9
2023-08-01 18:54:13 +10:00
e0f91aa9c2
upstream: don't need to start a command here; use ssh -N instead.
...
Fixes failure on cygwin spotted by Darren
OpenBSD-Regress-ID: ff678a8cc69160a3b862733d935ec4a383f93cfb
2023-07-30 11:41:45 +10:00
f446a44f30
upstream: add LTESTS_FROM variable to allow skipping of tests up to
...
a specific point. e.g. "make LTESTS_FROM=t-sftp" will only run the sftp.sh
test and subsequent ones. ok dtucker@
OpenBSD-Regress-ID: 07f653de731def074b29293db946042706fcead3
2023-07-30 11:41:44 +10:00
8eb8899d61
upstream: test ChrootDirectory in Match block
...
OpenBSD-Regress-ID: a6150262f39065939f025e546af2a346ffe674c1
2023-07-30 11:18:09 +10:00
e43f43d3f1
upstream: better error messages
...
OpenBSD-Regress-ID: 55e4186604e80259496d841e690ea2090981bc7a
2023-07-30 11:17:43 +10:00
6958f00acf
upstream: don't incorrectly truncate logged strings retrieved from
...
PKCS#11 modules; based on GHPR406 by Jakub Jelen; ok markus
OpenBSD-Commit-ID: 7ed1082f23a13b38c373008f856fd301d50012f9
2023-07-28 08:31:01 +10:00
d1ffde6b55
upstream: make sshd_config AuthorizedPrincipalsCommand and
...
AuthorizedKeysCommand accept the %D (routing domain) and a new %C (connection
address/port 4-tuple) as expansion sequences; ok markus
OpenBSD-Commit-ID: ee9a48bf1a74c4ace71b69de69cfdaa2a7388565
2023-07-28 08:29:21 +10:00
999a2886ca
upstream: increase default KDF work-factor for OpenSSH format
...
private keys from 16 to 24; { feedback ok } x { deraadt markus }
OpenBSD-Commit-ID: a3afb1383f8ff0a49613d449f02395d9e8d4a9ec
2023-07-28 08:29:20 +10:00
Andrew
Tess Gauthier
Sam Hocevar
s911415
tgauth@bu.edu
Darren Tucker
djm@openbsd.org
Damien Miller
dtucker@openbsd.org
jmc@openbsd.org