Damien Miller
f4fdcd2b7a
Missing unit test files
2019-11-01 08:36:16 +11:00
Darren Tucker
1bcd1169c5
Add implementation of localtime_r.
2019-10-29 20:48:46 +11:00
dtucker@openbsd.org
2046ed16c1
upstream: Signal handler cleanup: remove leftover support for
...
unreliable signals and now-unneeded save and restore of errno. ok deraadt@
markus@
OpenBSD-Commit-ID: 01dd8a1ebdd991c8629ba1f5237283341a93cd88
2019-10-29 20:47:25 +11:00
jmc@openbsd.org
70fc9a6ca4
upstream: fixes from lucas;
...
OpenBSD-Commit-ID: 4c4bfd2806c5bbc753788ffe19c5ee13aaf418b2
2019-10-29 20:47:25 +11:00
dtucker@openbsd.org
702368aa43
upstream: Import regenerated moduli file.
...
OpenBSD-Commit-ID: 58ec755be4e51978ecfee73539090eb68652a987
2019-10-29 20:47:25 +11:00
Darren Tucker
5fe81da226
Fix ifdefs to not mask needed bits.
2019-10-28 21:19:47 +11:00
Darren Tucker
7694e9d2fb
Only use RLIMIT_NOFILE if it's defined.
2019-10-28 17:05:36 +11:00
Darren Tucker
d561b0b2fa
Make sure we have struct statfs before using.
2019-10-28 16:27:53 +11:00
Darren Tucker
2912596aec
Define UINT32_MAX if needed.
2019-10-28 16:27:53 +11:00
Darren Tucker
7169e31121
Move utimensat definition into timespec section.
...
Since utimensat uses struct timespec, move it to the section where we
define struct timespec when needed.
2019-10-28 16:27:53 +11:00
Darren Tucker
850ec1773d
Wrap OpenSSL bits in WITH_OPENSSL.
2019-10-28 16:27:53 +11:00
Darren Tucker
6fc7e1c6fe
Wrap poll.h includes in HAVE_POLL_H.
2019-10-28 16:27:53 +11:00
Darren Tucker
9239a18f96
Add a function call stackprotector tests.
...
Including a function call in the test programs for the gcc stack
protector flag tests exercises more of the compiler and makes it more
likely it'll detect problems.
2019-10-24 14:39:49 +11:00
Darren Tucker
b9705393be
Import regenerated moduli file.
2019-10-22 18:09:22 +11:00
djm@openbsd.org
76ed219949
upstream: potential NULL dereference for revoked hostkeys; reported
...
by krishnaiah bommu
OpenBSD-Commit-ID: 35ff685e7cc9dd2e3fe2e3dfcdcb9bc5c79f6506
2019-10-16 17:08:38 +11:00
djm@openbsd.org
6500c3bc71
upstream: free buf before return; reported by krishnaiah bommu
...
OpenBSD-Commit-ID: 091bb23a6e913af5d4f72c50030b53ce1cef4de1
2019-10-16 17:08:38 +11:00
djm@openbsd.org
d7d116b6d9
upstream: memleak in error path; spotted by oss-fuzz, ok markus@
...
OpenBSD-Commit-ID: d6ed260cbbc297ab157ad63931802fb1ef7a4266
2019-10-14 17:03:54 +11:00
Darren Tucker
9b9e3ca694
Re-add SA_RESTART to mysignal.
...
This makes mysignal implement reliable BSD semantics according to
Stevens' APUE. This was first attempted in 2001 but was reverted
due to problems with HP-UX 10.20 and select() and possibly grantpt().
Modern systems should be fine with it, but if any current platforms have
a problem with it now we can disable it just for those. ok djm@
2019-10-11 14:12:16 +11:00
Darren Tucker
0bd312a362
Fix ifdef typo for declaration of memmem.
...
Fixes build on IRIX. bz#3081.
2019-10-10 09:42:03 +11:00
Abhishek Arya
01ce1cd402
Update README.md
2019-10-09 14:25:09 +11:00
Damien Miller
1ba130ac8f
add a fuzzer for private key parsing
2019-10-09 13:49:35 +11:00
Damien Miller
cdf1d0a9f5
prepare for 8.1 release
2019-10-09 11:31:03 +11:00
djm@openbsd.org
3b4e56d740
upstream: openssh-8.1
...
OpenBSD-Commit-ID: 3356bb34e2aa287f0e6d6773c9ae659dc680147d
2019-10-09 11:12:26 +11:00
djm@openbsd.org
29e0ecd9b4
upstream: fix an unreachable integer overflow similar to the XMSS
...
case, and some other NULL dereferences found by fuzzing.
fix with and ok markus@
OpenBSD-Commit-ID: 0f81adbb95ef887ce586953e1cb225fa45c7a47b
2019-10-09 11:11:41 +11:00
djm@openbsd.org
a546b17bba
upstream: fix integer overflow in XMSS private key parsing.
...
Reported by Adam Zabrocki via SecuriTeam's SSH program.
Note that this code is experimental and not compiled by default.
ok markus@
OpenBSD-Commit-ID: cd0361896d15e8a1bac495ac583ff065ffca2be1
2019-10-09 11:11:41 +11:00
dtucker@openbsd.org
c2cc25480b
upstream: Correct type for end-of-list sentinel; fixes initializer
...
warnings on some platforms. ok deraadt.
OpenBSD-Commit-ID: a990dbc2dac25bdfa07e79321349c73fd991efa2
2019-10-09 11:11:41 +11:00
djm@openbsd.org
e827aedf88
upstream: reversed test yielded incorrect debug message
...
OpenBSD-Commit-ID: 78bb512d04cfc238adb2c5b7504ac93eecf523b3
2019-10-09 11:06:47 +11:00
Damien Miller
8ca491d29f
depend
2019-10-09 11:06:37 +11:00
Darren Tucker
86a0323374
Make MAKE_CLONE no-op macro more correct.
...
Similar to the previous change to DEF_WEAK, some compilers don't like
the empty statement, so convert into a no-op function prototype.
2019-10-09 09:36:06 +11:00
Damien Miller
cfc1897a20
wrap stdint.h include in HAVE_STDINT_H
...
make the indenting a little more consistent too..
Fixes Solaris 2.6; reported by Tom G. Christensen
2019-10-09 09:06:35 +11:00
Damien Miller
13b3369830
avoid "return (value)" in void-declared function
...
spotted by Tim Rice; ok dtucker
2019-10-08 15:32:02 +11:00
Darren Tucker
0c7f8d2326
Make DEF_WEAK more likely to be correct.
...
Completely nop-ing out DEF_WEAK leaves an empty statemment which some
compilers don't like. Replace with a no-op function template. ok djm@
2019-10-08 14:48:32 +11:00
dtucker@openbsd.org
b1e79ea8fa
upstream: Instead of running sed over the whole log to remove CRs,
...
remove them only where it's needed (and confuses test(1) on at least OS X in
portable).
OpenBSD-Regress-ID: a6ab9b4bd1d33770feaf01b2dfb96f9e4189d2d0
2019-10-07 13:08:57 +11:00
Eduardo Barretto
8dc7d6b75a
Enable specific ioctl call for EP11 crypto card (s390)
...
The EP11 crypto card needs to make an ioctl call, which receives an
specific argument. This crypto card is for s390 only.
Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
2019-10-05 18:30:40 +10:00
djm@openbsd.org
07f2c7f349
upstream: fix memory leak in error path; bz#3074 patch from
...
krishnaiah.bommu@intel.com , ok dtucker
OpenBSD-Commit-ID: d031853f3ecf47b35a0669588f4d9d8e3b307b3c
2019-10-04 14:34:05 +10:00
djm@openbsd.org
b7fbc75e11
upstream: space
...
OpenBSD-Commit-ID: 350648bcf00a2454e7ef998b7d88e42552b348ac
2019-10-04 14:34:05 +10:00
djm@openbsd.org
643ab68c79
upstream: more sshsig regress tests: check key revocation, the
...
check-novalidate signature test mode and signing keys in ssh-agent.
From Sebastian Kinne (slightly tweaked)
OpenBSD-Regress-ID: b39566f5cec70140674658cdcedf38752a52e2e2
2019-10-04 13:41:03 +10:00
dtucker@openbsd.org
714031a10b
upstream: Check for gmtime failure in moduli generation. Based on
...
patch from krishnaiah.bommu@intel.com , ok djm@
OpenBSD-Commit-ID: 4c6a4cde0022188ac83737de08da0e875704eeaa
2019-10-04 13:40:57 +10:00
jmc@openbsd.org
6918974405
upstream: use a more common options order in SYNOPSIS and sync
...
usage(); while here, no need for Bk/Ek;
ok dtucker
OpenBSD-Commit-ID: 38715c3f10b166f599a2283eb7bc14860211bb90
2019-10-04 13:40:57 +10:00
djm@openbsd.org
feff96b7d4
upstream: thinko in previous; spotted by Mantas
...
=?UTF-8?q?=20Mikul=C4=97nas?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenBSD-Commit-ID: ffa3f5a45e09752fc47d9041e2203ee2ec15b24d
2019-10-02 19:53:40 +10:00
djm@openbsd.org
b5a89eec41
upstream: make signature format match PROTOCO
...
=?UTF-8?q?=20as=20a=20string,=20not=20raw=20bytes.=20Spotted=20by=20Manta?=
=?UTF-8?q?s=20Mikul=C4=97nas?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenBSD-Commit-ID: 80fcc6d52893f80c6de2bedd65353cebfebcfa8f
2019-10-02 18:08:17 +10:00
djm@openbsd.org
dc6f81ee94
upstream: ban empty namespace strings for s
...
=?UTF-8?q?shsig;=20spotted=20by=20Mantas=20Mikul=C4=97nas?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenBSD-Commit-ID: 7c5bcf40bed8f4e826230176f4aa353c52aeb698
2019-10-02 18:08:17 +10:00
Darren Tucker
fa5bd8107e
Put ssherr.h back as it's actually needed.
2019-10-02 14:30:55 +10:00
Lonnie Abelbeck
3ef92a6574
Deny (non-fatal) shmget/shmat/shmdt in preauth privsep child.
...
New wait_random_seeded() function on OpenSSL 1.1.1d uses shmget, shmat, and shmdt
in the preauth codepath, deny (non-fatal) in seccomp_filter sandbox.
2019-10-02 12:24:38 +10:00
Damien Miller
edd1d3a626
remove duplicate #includes
...
Prompted by Jakub Jelen
2019-10-02 10:54:28 +10:00
Damien Miller
13c508dfed
typo in comment
2019-10-02 10:51:15 +10:00
djm@openbsd.org
d0c3ac427f
upstream: remove some duplicate #includes
...
OpenBSD-Commit-ID: ed6827ab921eff8027669848ef4f70dc1da4098c
2019-10-02 10:43:47 +10:00
djm@openbsd.org
084682786d
upstream: revert unconditional forced login implemented in r1.41 of
...
ssh-pkcs11.c; r1.45 added a forced login as a fallback for cases where the
token returns no objects and this is less disruptive for users of tokens
directly in ssh (rather than via ssh-agent) and in ssh-keygen
bz3006, patch from Jakub Jelen; ok markus
OpenBSD-Commit-ID: 33d6df589b072094384631ff93b1030103b3d02e
2019-10-01 20:24:07 +10:00
jmc@openbsd.org
6c91d42cce
upstream: group and sort single letter options; ok deraadt
...
OpenBSD-Commit-ID: e1480e760a2b582f79696cdcff70098e23fc603f
2019-10-01 20:24:07 +10:00
jmc@openbsd.org
3b44bf39ff
upstream: fix the DH-GEX text in -a; because this required a comma,
...
i added a comma to the first part, for balance...
OpenBSD-Commit-ID: 2c3464e9e82a41e8cdfe8f0a16d94266e43dbb58
2019-10-01 20:24:07 +10:00