tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,137 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

9137 Commits

Author SHA1 Message Date
Damien Miller 612faa34c7 object files end with .o - not .c 2018-02-26 12:17:55 +11:00
Damien Miller bda709b8e1 avoid inclusion of deprecated selinux/flask.h 
Use string_to_security_class() instead.
 2018-02-26 12:17:22 +11:00
Damien Miller 2e39643936 updatedepend 2018-02-26 11:48:27 +11:00
markus@openbsd.org 1b11ea7c58 upstream: Add experimental support for PQC XMSS keys (Extended 
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@

OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
 2018-02-26 11:40:41 +11:00
jmc@openbsd.org 7d330a1ac0 upstream: some cleanup for BindInterface and ssh-keyscan; 
OpenBSD-Commit-ID: 1a719ebeae22a166adf05bea5009add7075acc8c
 2018-02-26 11:32:29 +11:00
Darren Tucker c7b5a47e3b Invert sense of getpgrp test. 
AC_FUNC_GETPGRP tests if getpgrp(0) works, which it does if it's not
declared.  Instead, test if the zero-arg version we want to use works.
 2018-02-26 00:14:42 +11:00
Darren Tucker b39593a6de Add no-op getsid implmentation. 2018-02-26 00:09:04 +11:00
Darren Tucker 11057564eb bsd-statvfs: include sys/vfs.h, check for f_flags. 2018-02-26 00:09:04 +11:00
Darren Tucker e9dede06e5 Handle calloc(0,x) where different from malloc. 
Configure assumes that if malloc(0) returns null then calloc(0,n)
also does.  On some old platforms (SunOS4) malloc behaves as expected
(as determined by AC_FUNC_MALLOC) but calloc doesn't.  Test for this
at configure time and activate the replacement function if found, plus
handle this case in rpl_calloc.
 2018-02-26 00:09:04 +11:00
Darren Tucker 2eb4041493 Add prototype for readv if needed. 2018-02-26 00:09:04 +11:00
Darren Tucker 6c8c9a615b Check for raise and supply if needed. 2018-02-26 00:09:04 +11:00
Darren Tucker a9004425a0 Check for bzero and supply if needed. 
Since explicit_bzero uses it via an indirect it needs to be a function
not just a macro.
 2018-02-26 00:09:04 +11:00
djm@openbsd.org 1a348359e4 upstream: Add ssh-keyscan -D option to make it print its results in 
SSHFP format bz#2821, ok dtucker@

OpenBSD-Commit-ID: 831446b582e0f298ca15c9d99c415c899e392221
 2018-02-23 17:00:52 +11:00
dtucker@openbsd.org 3e19fb976a upstream: Add missing braces. 
Caught by the tinderbox's -Werror=misleading-indentation,  ok djm@

OpenBSD-Commit-ID: d44656af594c3b2366eb87d6abcef83e1c88a6ca
 2018-02-23 15:34:58 +11:00
Darren Tucker b59162da99 Check for ifaddrs.h for BindInterface. 
BindInterface required getifaddr and friends so disable if not available
(eg Solaris 10).  We should be able to add support for some systems with
a bit more work but this gets the building again.
 2018-02-23 15:20:42 +11:00
Damien Miller a8dd6fe0aa space before tab in previous 2018-02-23 14:19:55 +11:00
dtucker@openbsd.org b5e9263c77 upstream: Replace fatal with exit in the case that we do not have 
$SUDO set. Prevents test failures when neither sudo nor doas are configured.

OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b
 2018-02-23 14:18:25 +11:00
Darren Tucker 3e9d3192ad Use portable syntax for REGRESSTMP. 2018-02-23 14:10:53 +11:00
djm@openbsd.org 73282b6118 upstream: unbreak interop test after SSHv1 purge; patch from Colin 
Watson via bz#2823

OpenBSD-Regress-ID: 807d30a597756ed6612bdf46dfebca74f49cb31a
 2018-02-23 14:07:23 +11:00
dtucker@openbsd.org f8985dde5f upstream: Skip sftp-chroot test when SUDO not set instead of 
fatal().

OpenBSD-Regress-ID: cd4b5f1109b0dc09af4e5ea7d4968c43fbcbde88
 2018-02-23 14:07:23 +11:00
dtucker@openbsd.org df88551c02 upstream: Replace fatal with exit in the case that we do not have 
$SUDO set. Prevents test failures when neither sudo nor doas are configured.

OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b
 2018-02-23 14:05:33 +11:00
djm@openbsd.org 3b252c20b1 upstream: some helpers to check verbose/quiet mode 
OpenBSD-Regress-ID: e736aac39e563f5360a0935080a71d5fdcb976de
 2018-02-23 14:05:07 +11:00
djm@openbsd.org ac2e3026bb upstream: Add BindInterface ssh_config directive and -B 
command-line argument to ssh(1) that directs it to bind its outgoing
connection to the address of the specified network interface.

BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.

Based on patch by Mike Manning in bz#2820, ok dtucker@

OpenBSD-Commit-ID: c5064d285c2851f773dd736a2c342aa384fbf713
 2018-02-23 13:37:49 +11:00
djm@openbsd.org fcdb9d7778 upstream: emphasise that the hostkey rotation may send key types 
that the client may not support, and that the client should simply disregard
such keys (this is what ssh does already).

OpenBSD-Commit-ID: 65f8ffbc32ac8d12be8f913d7c0ea55bef8622bf
 2018-02-23 13:37:32 +11:00
Darren Tucker ce066f688d Add headers for sys/audit.h. 
On some older platforms (at least sunos4, probably others) sys/audit.h
requires some other headers.  Patch from klausz at haus-gisela.de.
 2018-02-22 21:00:06 +11:00
Darren Tucker 3fd2d2291a Add REGRESSTMP make var override. 
Defaults to original location ($srcdir/regress) but allows overriding
if desired, eg a directory in /tmp.
 2018-02-19 18:37:40 +11:00
Darren Tucker f833842858 Remove now-unused check for getrusage. 
getrusage was used in ssh-rand-helper but that's now long gone.
Patch from klauszh at haus-gisela.de.
 2018-02-18 15:53:15 +11:00
dtucker@openbsd.org 8570177195 upstream: Don't send IUTF8 to servers that don't like them. 
Some SSH servers eg "ConfD" drop the connection if the client sends the
new IUTF8 (RFC8160) terminal mode even if it's not set.  Add a bug bit
for such servers and avoid sending IUTF8 to them.  ok djm@

OpenBSD-Commit-ID: 26425855402d870c3c0a90491e72e2a8a342ceda
 2018-02-16 23:25:48 +11:00
Darren Tucker f6dc2ba3c9 freezero should check for NULL. 2018-02-16 17:33:29 +11:00
djm@openbsd.org 680321f3eb upstream: Mention recent DH KEX methods: 
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512

From Jakub Jelen via bz#2826

OpenBSD-Commit-ID: 51bf769f06e55447f4bfa7306949e62d2401907a
 2018-02-16 13:42:09 +11:00
djm@openbsd.org 88c50a5ae2 upstream: stop loading DSA keys by default, remove sshd_config 
stanza and manpage bits; from Colin Watson via bz#2662, ok dtucker@

OpenBSD-Commit-ID: d33a849f481684ff655c140f5eb1b4acda8c5c09
 2018-02-16 13:35:28 +11:00
jsing@openbsd.org d2b3db2860 upstream: Ensure that D mod (P-1) and D mod (Q-1) are calculated in 
constant time.

This avoids a potential side channel timing leak.

ok djm@ markus@

OpenBSD-Commit-ID: 71ff3c16be03290e63d8edab8fac053d8a82968c
 2018-02-16 13:35:28 +11:00
jsing@openbsd.org 4270efad70 upstream: Some obvious freezero() conversions. 
This also zeros an ed25519_pk when it was not being zeroed previously.

ok djm@ dtucker@

OpenBSD-Commit-ID: 5c196a3c85c23ac0bd9b11bcadaedd90b7a2ce82
 2018-02-16 13:35:28 +11:00
Darren Tucker affa6ba67f Remove execute bit from modpipe.c. 2018-02-15 22:33:21 +11:00
Darren Tucker 9879dca438 Update prngd link to point to sourceforge. 2018-02-15 22:28:25 +11:00
Darren Tucker b6973fa515 Remove references to UNICOS. 2018-02-15 22:28:14 +11:00
Darren Tucker f1ca487940 Remove extra newline. 2018-02-15 22:28:00 +11:00
Darren Tucker 6d4e980f3c OpenSSH's builtin entropy gathering is long gone. 2018-02-15 22:27:51 +11:00
Darren Tucker 389125b25d Replace remaining mysignal() with signal(). 
These seem to have been missed during the replacement of mysignal
with #define signal in commit 5ade9ab.  Both include the requisite
headers to pick up the #define.
 2018-02-15 22:06:26 +11:00
Darren Tucker 265d88d4e6 Remove remaining now-obsolete cvs $Ids. 2018-02-15 20:06:19 +11:00
Darren Tucker 015749e9b1 Regenerate dependencies after UNICOS removal. 2018-02-15 20:04:12 +11:00
Darren Tucker ddc0f38148 Remove UNICOS support. 
The code required to support it is quite invasive to the mainline
code that is synced with upstream and is an ongoing maintenance burden.
Both the hardware and software are literal museum pieces these days and
we could not find anyone still running OpenSSH on one.
 2018-02-15 20:04:02 +11:00
Darren Tucker 174bed6869 Retpoline linker flag only needed for linking. 2018-02-13 18:12:47 +11:00
Darren Tucker 075e258c2c Default PidFile is sshd.pid not ssh.pid. 2018-02-13 17:36:43 +11:00
Darren Tucker 49f3c0ec47 Remove assigned-to-but-never-used variable. 
'p' was removed in previous change but I neglected to remove the
otherwise-unused assignment to it.
 2018-02-13 16:27:09 +11:00
djm@openbsd.org b8bbff3b3f upstream: remove space before tab 
OpenBSD-Commit-ID: 674edd214d0a7332dd4623c9cf8117301b012890
 2018-02-13 14:38:05 +11:00
dtucker@openbsd.org 05046d907c upstream Don't reset signal handlers inside handlers. 
The signal handlers from the original ssh1 code on which OpenSSH
is based assume unreliable signals and reinstall their handlers.
Since OpenBSD (and pretty much every current system) has reliable
signals this is not needed.  In the unlikely even that -portable
is still being used on such systems we will deal with it in the
compat layer.  ok deraadt@

OpenBSD-Commit-ID: f53a1015cb6908431b92116130d285d71589612c
 2018-02-13 09:29:09 +11:00
Darren Tucker 3c51143c63 Whitespace sync with upstream. 2018-02-13 09:07:29 +11:00
Darren Tucker 19edfd4af7 Whitespace sync with upstream. 2018-02-13 08:25:46 +11:00
Darren Tucker fbfa6f980d Move signal compat code into bsd-signal.{c,h} 2018-02-11 21:24:48 +11:00