Commit Graph

6879 Commits

Author SHA1 Message Date
Darren Tucker 74836ae0fa - djm@cvs.openbsd.org 2013/05/19 02:38:28
[auth2-pubkey.c]
     fix failure to recognise cert-authority keys if a key of a different type
     appeared in authorized_keys before it; ok markus@
2013-06-02 07:32:00 +10:00
Darren Tucker a627d42e51 - djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
     dns.c packet.c readpass.c authfd.c moduli.c]
     bye, bye xfree(); ok markus@
2013-06-02 07:31:17 +10:00
Darren Tucker c7aad0058c - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS
rather than trying to enumerate the plaforms that don't have them.
   Based on a patch from Nathan Osman, with help from tim@.
2013-06-02 07:18:47 +10:00
Darren Tucker c0c3373216 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to
using openssl's DES_crpyt function on platorms that don't have a native
   one, eg Android.  Based on a patch from Nathan Osman.
2013-06-02 06:28:03 +10:00
Darren Tucker efdf534214 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null
implementation of endgrent for platforms that don't have it (eg Android).
    Loosely based on a patch from Nathan Osman, ok djm
2013-05-30 08:29:08 +10:00
Darren Tucker 9b42d32738 - dtucker@cvs.openbsd.org 2013/05/17 10:35:43
[regress/scp.sh]
     use a file extention that's not special on some platforms.  from portable
     (id sync only)
2013-05-17 20:48:59 +10:00
Darren Tucker 0a404b0ed7 - dtucker@cvs.openbsd.org 2013/05/17 10:34:30
[regress/portnum.sh]
     use a more portable negated if structure.  from portable (id sync only)
2013-05-17 20:47:29 +10:00
Darren Tucker 62ee222e6f - dtucker@cvs.openbsd.org 2013/05/17 10:33:09
[regress/agent-getpeereid.sh]
     don't redirect stdout from sudo.  from portable (id sync only)
2013-05-17 20:46:00 +10:00
Darren Tucker 00478d30cb - dtucker@cvs.openbsd.org 2013/05/17 10:30:07
[regress/test-exec.sh]
     wait a bit longer for startup and use case for absolute path.
     from portable (id sync only)
2013-05-17 20:45:06 +10:00
Darren Tucker 98989eb95e - dtucker@cvs.openbsd.org 2013/05/17 10:28:11
[regress/sftp.sh]
     only compare copied data if sftp succeeds.  from portable (id sync only)
2013-05-17 20:44:09 +10:00
Darren Tucker 438f60eb9a - dtucker@cvs.openbsd.org 2013/05/17 10:26:26
[regress/sftp-badcmds.sh]
     remove unused BATCH variable. (id sync only)
2013-05-17 20:43:13 +10:00
Darren Tucker 1466bd25a8 - dtucker@cvs.openbsd.org 2013/05/17 10:24:48
[localcommand.sh]
     use backticks for portability. (id sync only)
2013-05-17 20:42:05 +10:00
Darren Tucker 05b5e518c9 - dtucker@cvs.openbsd.org 2013/05/17 10:23:52
[regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh]
     Use SUDO when cat'ing pid files and running the sshd log wrapper so that
     it works with a restrictive umask and the pid files are not world readable.
     Changes from -portable.  (id sync only)
2013-05-17 20:41:07 +10:00
Darren Tucker dd669173f9 - dtucker@cvs.openbsd.org 2013/05/17 10:16:26
[regress/try-ciphers.sh]
     use expr for math to keep diffs vs portable down
     (id sync only)
2013-05-17 20:39:57 +10:00
Darren Tucker 044f32f4c6 - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by
rev 1.6 which calls wait.
2013-05-17 20:12:57 +10:00
Darren Tucker 9cc8ff7b63 - (dtucker) [regress/runtests.sh] Remove obsolete test driver script. 2013-05-17 20:01:52 +10:00
Darren Tucker f8d5b34517 - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5
helper function to the portable part of test-exec.sh.
2013-05-17 19:53:25 +10:00
Darren Tucker 6f66981ed3 - (dtucker) [regress/test-exec.sh] Move the portable-specific functions
together and add a couple of missing lines from openbsd.
2013-05-17 19:28:51 +10:00
Darren Tucker 5f1a89a3b6 - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh]
Move the jot helper function to portable-specific part of test-exec.sh.
2013-05-17 19:17:58 +10:00
Darren Tucker 96457a54d0 - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd. 2013-05-17 19:03:38 +10:00
Darren Tucker 7f19323659 - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd. 2013-05-17 19:02:28 +10:00
Darren Tucker 8654dd2d73 - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits. 2013-05-17 16:03:48 +10:00
Darren Tucker 59d928d3b4 - dtucker@cvs.openbsd.org 2013/05/17 04:29:14
[regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh
     regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh
     regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh
     regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh
     regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh
     regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh
     regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh
     regress/multiplex.sh]
     Move the setting of DATA and COPY into test-exec.sh
2013-05-17 15:32:29 +10:00
Darren Tucker 34035be27b - dtucker@cvs.openbsd.org 2013/05/17 01:32:11
[regress/integrity.sh]
     don't print output from ssh before getting it (it's available in ssh.log)
2013-05-17 14:47:51 +10:00
Darren Tucker b8b96b0aa6 - dtucker@cvs.openbsd.org 2013/05/17 01:16:09
[regress/agent-timeout.sh]
     Pull back some portability changes from -portable:
      - TIMEOUT is a read-only variable in some shells
      - not all greps have -q so redirect to /dev/null instead.
     (ID sync only)
2013-05-17 14:46:20 +10:00
Darren Tucker a40d97ff46 sync missing ID 2013-05-17 14:44:53 +10:00
Darren Tucker 56347efe79 - dtucker@cvs.openbsd.org 2013/05/17 00:37:40
[regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
     regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
     regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
     regress/ssh-com.sh]
     replace 'echo -n' with 'printf' since it's more portable
     also remove "echon" hack.
2013-05-17 13:28:36 +10:00
Darren Tucker 91af05c516 - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange
methods.  When the openssl version doesn't support ECDH then next one on
   the list is DH group exchange, but that causes a bit more traffic which can
   mean that the tests flip bits in the initial exchange rather than the MACed
   traffic and we get different errors to what the tests look for.
2013-05-17 13:16:59 +10:00
Darren Tucker 6e1e60c3c2 - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it
in portable and it's long gone in openbsd.
2013-05-17 11:23:41 +10:00
Darren Tucker 982b0cbc4c - dtucker@cvs.openbsd.org 2013/05/16 05:48:31
[regress/rekey.sh]
     add tests for RekeyLimit parsing
2013-05-17 09:45:12 +10:00
Darren Tucker 14490fe7b0 - dtucker@cvs.openbsd.org 2013/05/16 04:26:10
[regress/rekey.sh]
     add server-side rekey test
2013-05-17 09:44:20 +10:00
Darren Tucker c31c8729c1 - dtucker@cvs.openbsd.org 2013/05/16 03:33:30
[regress/rekey.sh]
     test rekeying when there's no data being transferred
2013-05-17 09:43:33 +10:00
Darren Tucker a8a62fcc46 - dtucker@cvs.openbsd.org 2013/05/16 02:10:35
[rekey.sh]
     Add test for time-based rekeying
2013-05-17 09:42:34 +10:00
Darren Tucker 5e95173715 - djm@cvs.openbsd.org 2013/05/10 03:46:14
[modpipe.c]
     sync some portability changes from portable OpenSSH (id sync only)
2013-05-17 09:41:33 +10:00
Darren Tucker a4df65b9fc - dtucker@cvs.openbsd.org 2013/04/22 07:28:53
[multiplex.sh]
     Add tests for -Oforward and -Ocancel for local and remote forwards
2013-05-17 09:37:31 +10:00
Darren Tucker 40aaff7e4b - dtucker@cvs.openbsd.org 2013/04/22 07:23:08
[multiplex.sh]
     Write mux master logs to regress.log instead of ssh.log to keep separate
2013-05-17 09:36:20 +10:00
Darren Tucker f3568fc62b - djm@cvs.openbsd.org 2013/04/18 02:46:12
[Makefile regress/sftp-chroot.sh]
     test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
2013-05-17 09:35:26 +10:00
Darren Tucker dfea3bcdd7 - dtucker@cvs.openbsd.org 2013/04/07 02:16:03
[regress/Makefile regress/rekey.sh regress/integrity.sh
     regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
     use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
     save the output from any failing tests.  If a test fails the debug output
     from ssh and sshd for the failing tests (and only the failing tests) should
     be available in failed-ssh{,d}.log.
2013-05-17 09:31:39 +10:00
Darren Tucker 75129025a2 - dtucker@cvs.openbsd.org 2013/04/06 06:00:22
[regress/rekey.sh regress/test-exec.sh regress/integrity.sh
     regress/multiplex.sh Makefile regress/cfgmatch.sh]
     Split the regress log into 3 parts: the debug output from ssh, the debug
     log from sshd and the output from the client command (ssh, scp or sftp).
     Somewhat functional now, will become more useful when ssh/sshd -E is added.
2013-05-17 09:19:10 +10:00
Darren Tucker 7c8b1e7233 - dtucker@cvs.openbsd.org 2013/03/23 11:09:43
[test-exec.sh]
     Only regenerate host keys if they don't exist or if ssh-keygen has changed
     since they were.  Reduces test runtime by 5-30% depending on machine
     speed.
2013-05-17 09:10:20 +10:00
Darren Tucker 712de4d110 - djm@cvs.openbsd.org 2013/03/07 00:20:34
[regress/proxy-connect.sh]
     repeat test with a style appended to the username
2013-05-17 09:07:12 +10:00
Darren Tucker 09c0f0325b - dtucker@cvs.openbsd.org 2013/05/16 10:44:06
[servconf.c]
     remove another now-unused variable
2013-05-16 20:48:57 +10:00
Darren Tucker 9113d0c238 - dtucker@cvs.openbsd.org 2013/05/16 10:43:34
[servconf.c readconf.c]
     remove now-unused variables
2013-05-16 20:48:14 +10:00
Darren Tucker e194ba4111 - (dtucker) [configure.ac readconf.c servconf.c
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
2013-05-16 20:47:31 +10:00
Darren Tucker b7ee852144 - dtucker@cvs.openbsd.org 2013/05/16 09:12:31
[readconf.c servconf.c]
     switch RekeyLimit traffic volume parsing to scan_scaled.  ok djm@
2013-05-16 20:33:10 +10:00
Darren Tucker dbee308253 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
     Fix some "unused result" warnings found via clang and -portable.
     ok markus@
2013-05-16 20:32:29 +10:00
Darren Tucker 64d22946d6 - jmc@cvs.openbsd.org 2013/05/16 06:30:06
[sshd_config.5]
     oops! avoid Xr to self;
2013-05-16 20:31:29 +10:00
Darren Tucker 63e0df2b93 - jmc@cvs.openbsd.org 2013/05/16 06:28:45
[ssh_config.5]
     put IgnoreUnknown in the right place;
2013-05-16 20:30:31 +10:00
Darren Tucker 0763698f71 - djm@cvs.openbsd.org 2013/05/16 04:27:50
[ssh_config.5 readconf.h readconf.c]
     add the ability to ignore specific unrecognised ssh_config options;
     bz#866; ok markus@
2013-05-16 20:30:03 +10:00
Darren Tucker 5f96f3b4be - dtucker@cvs.openbsd.org 2013/05/16 04:09:14
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
     sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
     rekeying based on traffic volume or time.  ok djm@, help & ok jmc@ for the man
     page.
2013-05-16 20:29:28 +10:00