Like Linux, proper _SOURCE macros need to be set to get declarations of
various standard functions, notably setres*id. Now that Debian is using
-Werror=implicit-function-declaration this is really required. While at
it, define other _SOURCE macros like on GNU/Linux, since GNU/Hurd uses
the same glibc.
can't rely on channel_did_enqueue to tell that there is data to send. This
flag indicates that the channels code enqueued a packet on _this_ ppoll()
iteration, not that data was enqueued in _any_ ppoll() iteration in the
timeslice. ok markus@
OpenBSD-Commit-ID: 009b74fd2769b36b5284a0188ade182f00564136
the parts of the grace_alarm_handler() using the exact things allowed by the
signal-safe rules. This is a good rule of thumb: Handlers should be written
to either set a global volatile sig_atomic_t inspected from outside, and/or
directly perform only safe operations listed in our sigaction(2) manual page.
ok djm markus
OpenBSD-Commit-ID: 14168ae8368aab76e4ed79e17a667cb46f404ecd
Unlike earlier versions, recent Dropbear (at least v2024.85) requires
a host arg when querying supported ciphers and macs via "-c/-m
help". Earlier versions accept but do not require it, so always
provide it. If these queries fail, skip the test with a warning.
OpenBSD-Regress-ID: 98eb863a3f0363416922efb273885e6b3c7f68d4
by current OpenSSH. Allows subsequent test runs to work if OpenSSH is
rebuilt w/out OpenSSL.
OpenBSD-Regress-ID: e0129eb2b1d31771105903a8055216fbba20a770
if querying for them fails since on some versions of Dropbear (at least
v2024.85) "-m help" doesn't seem to work. Enable all supported pubkey
algorithms in the server.
OpenBSD-Regress-ID: 4f95556a49ee9f621789f25217c367a33d2745ca
since that's supported by OpenSSH even when built without OpenSSL.
Only test diffie-hellman kex if OpenSSH is compiled with support for it.
OpenBSD-Regress-ID: a5d09ef9bbd171f9e4ec73ed0d9eeb49a8878e97
to always generate ed25519 keys, other types only if OpenSSH has support
for the corresponding key type.
OpenBSD-Regress-ID: 8f91f12604cddb9f8d93aa34f3f93a3f6074395d
When installing an sshd built without OpenSSL the mismatch between
the running sshd and newly installed sshd-session will cause the
remainder of the test to fail.
markus@
(yes, I know this expands to "the Digitial Signature Algorithm
signature algorithm)
OpenBSD-Commit-ID: 961ef594e46dd2dcade8dd5721fa565cee79ffed
log level; they could be the only record of the connection terminating if the
client doesn't send a SSH2_MSG_DISCONNECT message. ok dtucker@
OpenBSD-Commit-ID: 0c8bfaf5e9fdff945cee09ac21e641f6c5d65d3c
If the PAM subprocess crashes, exit with a crash status that will be
picked up by the sshd(8) listener process where it can be used by
PerSourcePenalties to block the client. This is similar handling to
the privsep preauth process.
enforcement but not penalty expiry, the other tests penalty expiry.
This lets us disable the expiry testing in certain CI test environments.
OpenBSD-Regress-ID: f56811064f3e3cb52ee73a206b8c2a06af1c8791
Allows selecting which PAM service name to use when UsePAM is
enabled. Defaults to "sshd" unless overridden at compile time
by defining SSHD_PAM_SERVICE.
bz2102, ok dtucker@
