tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,721 Commits 7 Branches 18 Tags 96 MiB
Commit Graph

761 Commits

Author SHA1 Message Date
Darren Tucker 2b3402dc9f Always clean up before and after utimensat test. 2019-06-08 00:03:07 +10:00
Darren Tucker 182898192d Update utimensat test. 
POSIX specifies that when given a symlink, AT_SYMLINK_NOFOLLOW should
update the symlink and not the destination.  The compat code doesn't
have a way to do this, so where possible it fails instead of following a
symlink when explicitly asked not to. Instead of checking for an explicit
failure, check that it does not update the destination, which both the
real and compat implmentations should honour.

Inspired by github pull req #125 from chutzpah at gentoo.org.
 2019-06-07 23:47:37 +10:00
Darren Tucker b7b8334914 Don't install duplicate STREAMS modules on Solaris 
Check if STREAMS modules are already installed on pty before installing
since when compiling with XPG>=4 they will likely be installed already.
Prevents hangs and duplicate lines on the terminal.  bz#2945 and bz#2998,
patch from djm@
 2019-04-26 18:06:34 +10:00
Darren Tucker 79a87d3278 Remove "struct ssh" from sys_auth_record_login. 
It's not needed, and is not available from the call site in loginrec.c
Should only affect AIX, spotted by Kevin Brott.
 2019-04-03 06:27:45 +11:00
Darren Tucker 138c0d52cd Adapt custom_failed_login to new prototype. 
Spotted by Kevin Brott.
 2019-04-02 18:21:35 +11:00
Tim Rice 43f47ebbdd Only use O_NOFOLLOW in fchownat and fchmodat if defined 2019-03-31 19:22:19 -07:00
Darren Tucker f5abb05f8c Only use O_NOFOLLOW in utimensat if defined. 
Fixes build on systems that don't have it (Solaris <=9)  Found by
Tom G. Christensen.
 2019-03-28 09:26:14 +11:00
Darren Tucker a212107bfd Replace alloca with xcalloc. 
The latter checks for memory exhaustion and integer overflow and may be
at a less predictable place.  Sanity check by vinschen at redhat.com, ok
djm@
 2019-03-13 10:49:16 +11:00
Darren Tucker daa7505aad Use Cygwin-specific matching only for users+groups. 
Patch from vinschen at redhat.com, updated a little by me.
 2019-03-12 09:19:19 +11:00
Corinna Vinschen 37638c7520 Cygwin: implement case-insensitive Unicode user and group name matching 
The previous revert enabled case-insensitive user names again.  This
patch implements the case-insensitive user and group name matching.
To allow Unicode chars, implement the matcher using wchar_t chars in
Cygwin-specific code.  Keep the generic code changes as small as possible.
Cygwin: implement case-insensitive Unicode user and group name matching

Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
 2019-02-22 15:22:53 +11:00
Darren Tucker bed1d43698 Revert unintended parts of previous commit. 2019-02-22 15:21:21 +11:00
Corinna Vinschen f02afa350a Revert "[auth.c] On Cygwin, refuse usernames that have differences in case" 
This reverts commit acc9b29486.

Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
 2019-02-22 15:04:16 +11:00
Darren Tucker f236ca2741 Also undef SIMPLEQ_FOREACH_SAFE. 
Prevents macro redefinition warning on at least NetBSD 6.1.
 2019-01-24 10:07:03 +11:00
Damien Miller 08f66d9f17 remove vestiges of old packet API from loginrec.c 2019-01-20 09:58:45 +11:00
Darren Tucker a6258e5dc3 Add minimal fchownat and fchmodat implementations. 
Fixes builds on at least OS X Lion, NetBSD 6 and Solaris 10.
 2019-01-18 11:09:01 +11:00
Darren Tucker 091093d258 Add a minimal implementation of utimensat(). 
Some systems (eg older OS X) do not have utimensat, so provide minimal
implementation in compat layer.  Fixes build on at least El Capitan.
 2019-01-18 10:16:11 +11:00
Darren Tucker 8a85f5458d Include stdio.h for FILE if needed. 2018-11-25 21:44:05 +11:00
Darren Tucker 16fb23f254 Reverse order of OpenSSL init functions. 
Try the new init function (OPENSSL_init_crypto) before falling back to
the old one (OpenSSL_add_all_algorithms).
 2018-11-25 14:05:57 +11:00
Damien Miller 42c5ec4b97 refactor libcrypto initialisation 
Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually
supports it.

Move all libcrypto initialisation to a single function, and call that
from seed_rng() that is called early in each tool's main().

Prompted by patch from Rosen Penev
 2018-11-23 10:42:05 +11:00
Darren Tucker d0d1dfa55b Test for OPENSSL_init_crypto before using. 
Check for the presence of OPENSSL_init_crypto and all the flags we want
before trying to use it (bz#2931).
 2018-11-16 14:11:44 +11:00
Darren Tucker ce93472134 Fix check for OpenSSL 1.0.1 exactly. 
Both INSTALL and configure.ac claim OpenSSL >= 1.0.1 is supported; fix
compile-time check for 1.0.1 to match.
 2018-11-16 12:44:01 +11:00
Eneas U de Queiroz 624d19ac2d fix compilation with openssl built without ECC 
ECDSA code in openssh-compat.h and libressl-api-compat.c needs to be
guarded by OPENSSL_HAS_ECC

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
 2018-11-09 14:19:24 +11:00
Darren Tucker 595605d4ab Update check for minimum OpenSSL version. 2018-10-28 15:18:13 +11:00
Darren Tucker c801b0e38e Use detected version functions in openssl compat. 
Use detected functions in compat layer instead of guessing based on
versions.  Really fixes builds with LibreSSL, not just configure.
 2018-10-28 14:34:12 +11:00
Damien Miller 406a24b25d fix builds on OpenSSL <= 1.0.x 
I thought OpenSSL 1.0.x offered the new-style OpenSSL_version_num() API
to obtain version number, but they don't.
 2018-10-26 13:43:28 +11:00
Damien Miller c0a3526590 fix compile for openssl 1.0.x w/ --with-ssl-engine 
bz#2921, patch from cotequeiroz
 2018-10-23 16:19:56 +11:00
Damien Miller 08300c2114 unbreak compilation with --with-ssl-engine 
Missing last argument to OPENSSL_init_crypto()
 2018-10-17 08:12:02 +11:00
Damien Miller 4e23deefd7 Avoid deprecated OPENSSL_config when using 1.1.x 
OpenSSL 1.1.x soft-deprecated OPENSSL_config in favour of
OPENSSL_init_crypto; pointed out by Jakub Jelen
 2018-10-16 10:54:37 +11:00
Darren Tucker 797cdd9c84 Don't avoid our *sprintf replacements. 
Don't let systems with broken printf(3) avoid our replacements
via asprintf(3)/vasprintf(3) calling libc internally.  From djm@
 2018-10-12 16:58:47 +11:00
Damien Miller fe8e8f349a check for NULL return from shadow_pw() 
probably unreachable on this platform; pointed out by
coolbugcheckers AT gmail.com
 2018-10-11 11:03:54 +11:00
Damien Miller d1d301a1dd in pick_salt() avoid dereference of NULL passwords 
Apparently some NIS implementations can leave pw->pw_passwd (or the
shadow equivalent) NULL.

bz#2909; based on patch from Todd Eigenschink
 2018-10-10 14:57:00 +11:00
Darren Tucker c2fa53cd64 Remove unused variable in _ssh_compat_fflush. 2018-09-22 14:41:24 +10:00
Damien Miller 48f54b9d12 adapt -portable to OpenSSL 1.1x API 
Polyfill missing API with replacement functions extracted from LibreSSL
 2018-09-13 12:13:50 +10:00
Darren Tucker 039bf2a817 Initial len for the fmt=NULL case. 
Patch from jjelen at redhat via bz#2687.  (OpenSSH never calls
setproctitle with a null format so len is always initialized).
 2018-09-07 14:06:57 +10:00
Darren Tucker ea9c06e11d Include stdlib.h. 
Patch from jjelen at redhat via bz#2687.
 2018-09-07 14:01:39 +10:00
Tim Rice bc44ee088a modified: openbsd-compat/port-uw.c 
remove obsolete and un-needed include
 2018-08-21 08:57:24 -07:00
Corinna Vinschen b0917945ef cygwin: add missing stdarg.h include 
Further header file standarization in Cygwin uncovered a lazy
indirect include in bsd-cygwin_util.c

Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
 2018-08-13 13:01:18 -07:00
Damien Miller e36a5f61b0 Some AIX fixes; report from Michael Felt 2018-08-11 18:08:45 -07:00
Damien Miller 4492e2ec4e correct snprintf truncation check in closefrom() 
Truncation cannot happen unless the system has set PATH_MAX to some
nonsensically low value.

bz#2862, patch from Daniel Le
 2018-07-27 14:20:09 +10:00
Darren Tucker 61cc0003eb Undef a few new macros in sys-queue.h. 
Prevents macro redefinition warnings on OSX.
 2018-07-14 16:49:01 +10:00
markus@openbsd.org 5467fbcb09 upstream: remove legacy key emulation layer; ok djm@ 
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
 2018-07-12 13:18:25 +10:00
Darren Tucker 1c688801e9 Include stdlib.h for declaration of free. 
Fixes build with -Werror on at least Fedora and probably others.
 2018-07-11 12:14:09 +10:00
Damien Miller 120a1ec74e Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
Darren Tucker 872517ddbb Defer setting bufsiz in getdelim. 
Do not write to bufsiz until we are sure the malloc has succeeded,
in case any callers rely on it (which they shouldn't).  ok djm@
 2018-07-06 13:32:02 +10:00
Darren Tucker 6301e6c787 Add implementation of getline. 
Add getline for the benefit of platforms that don't have it.  Sourced
from NetBSD (OpenBSD's implementation is a little too chummy with the
internals of FILE).
 2018-07-02 21:36:31 +10:00
Damien Miller 32e4e94e15 sync fmt_scaled.c 
revision 1.17
date: 2018/05/14 04:39:04;  author: djm;  state: Exp;  lines: +5 -2;
commitid: 53zY8GjViUBnWo8Z;
constrain fractional part to [0-9] (less confusing to static analysis); ok ian@
 2018-05-14 14:40:08 +10:00
Darren Tucker 7c15301841 Use includes.h instead of config.h. 
This ensures it picks up the definition of DEF_WEAK, the lack of which
can cause compile errors in some cases (eg modern AIX).  From
michael at felt.demon.nl.
 2018-04-29 17:54:12 +10:00
Damien Miller cfb1d9bc76 Fix tunnel forwarding broken in 7.7p1 
bz2855, ok dtucker@
 2018-04-13 13:38:06 +10:00
Damien Miller afa6e79b76 prefer to use getrandom() for PRNG seeding 
Only applies when built --without-openssl. Thanks Jann Horn for
reminder.
 2018-04-13 13:32:23 +10:00
Damien Miller 10479cc2a4 Many typo fixes from Karsten Weiss 
Spotted using https://github.com/lucasdemarchi/codespell
 2018-04-10 10:19:02 +10:00