tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,471 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

12471 Commits

Author SHA1 Message Date
dtucker@openbsd.org fe16948793
upstream: Import regenerated moduli. 
OpenBSD-Commit-ID: ad3d1486d105b008c93e952d158e5af4d9d4c531
 2024-03-26 13:03:00 +11:00
job@openbsd.org 151146f03b
upstream: Clarify how literal IPv6 addresses can be used in -J mode 
OK djm@

OpenBSD-Commit-ID: 524ddae97746b3563ad4a887dfd0a6e6ba114c50
 2024-03-26 13:02:27 +11:00
Darren Tucker 0d5bdc87a6
Add Mac OS X 14 test targets. 2024-03-25 16:14:21 +11:00
Darren Tucker 2d7964a03e
Move xpg4 'id' handling into test-exec.sh. 
Handle replacement of 'id' the same way as we do other Portable specific
replacements in test-exec.sh.  This brings percent.sh back into sync
with upstream.
 2024-03-25 14:05:40 +11:00
Darren Tucker 75d1d49ed1
Update branches shown on ci-status to 9.7 and 9.6. 2024-03-25 10:38:03 +11:00
Darren Tucker f9193f03db
Improve detection of -fzero-call-used-regs=used. 
Should better detect problems with gcc 13 on m68k.  bz#3673 from Colin
Watson via bz#3673 and https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110934

Signed-off-by: Darren Tucker <dtucker@dtucker.net>
 2024-03-25 10:12:58 +11:00
Damien Miller 86bdd3853f
version number in README 2024-03-11 16:20:49 +11:00
Damien Miller 282721418e
crank RPM spec versions 2024-03-11 16:20:08 +11:00
djm@openbsd.org 3876a3bbd2
upstream: openssh-9.7 
OpenBSD-Commit-ID: 618ececf58b8cdae016b149787af06240f7b0cbc
 2024-03-11 16:19:44 +11:00
Darren Tucker 8fc109cc61
Test against current OpenSSL and LibreSSL releases. 
Add LibreSSL 3.9.0, bump older branches to their respective current
releases.
 2024-03-11 12:59:26 +11:00
Damien Miller 26b09b45fe
quote regexes used to test for algorithm support 
Fixes test failures on Solaris 8 reported by Tom G. Christensen
 2024-03-10 16:24:57 +11:00
djm@openbsd.org a6a740a494
upstream: avoid logging in signal handler by converting mainloop to 
ppoll() bz3670, reported by Ben Hamilton; ok dtucker@

OpenBSD-Commit-ID: e58f18042b86425405ca09e6e9d7dfa1df9f5f7f
 2024-03-09 16:13:57 +11:00
djm@openbsd.org cd82f7526e
upstream: skip more whitespace, fixes find-principals on 
allowed_signers files with blank lines; reported by Wiktor Kwapisiewicz

OpenBSD-Commit-ID: b3a22a2afd753d70766f34bc7f309c03706b5298
 2024-03-09 09:17:22 +11:00
dtucker@openbsd.org 2f9d2af5cb
upstream: Invoke ProxyCommand that uses stderr redirection via 
$TEST_SHELL. Fixes test when run by a user whose login shell is tcsh.
Found by vinschen at redhat.com.

OpenBSD-Regress-ID: f68d79e7f00caa8d216ebe00ee5f0adbb944062a
 2024-03-08 23:12:10 +11:00
Darren Tucker 9b3f0beb40
Prefer openssl binary from --with-ssl-dir directory. 
Use openssl in the directory specified by --with-ssl-dir as long
as it's functional.  Reported by The Doctor.
 2024-03-07 19:25:17 +11:00
djm@openbsd.org c47e1c9c79
upstream: fix memory leak in mux proxy mode when requesting forwarding. 
found by RASU JSC, reported by Maks Mishin in GHPR#467

OpenBSD-Commit-ID: 97d96a166b1ad4b8d229864a553e3e56d3116860
 2024-03-06 14:03:28 +11:00
djm@openbsd.org 242742827f
upstream: wrap a few PKCS#11-specific bits in ENABLE_PKCS11 
OpenBSD-Commit-ID: 463e4a69eef3426a43a2b922c4e7b2011885d923
 2024-03-06 11:33:18 +11:00
Damien Miller d52b650921
disable RSA tests when algorithm is not supported 
Unbreaks "make test" when compiled --without-openssl.

Similar treatment to how we do DSA and ECDSA.
 2024-03-06 11:31:36 +11:00
Damien Miller 668d270a6c
add a --without-retpoline configure option 
discussed with deraadt and dtucker a while ago
 2024-03-06 10:33:20 +11:00
djm@openbsd.org 3deb501f86
upstream: fix leak of CanonicalizePermittedCNAMEs on error path; 
spotted by Coverity (CID 438039)

OpenBSD-Commit-ID: 208839699939721f452a4418afc028a9f9d3d8af
 2024-03-04 15:19:29 +11:00
djm@openbsd.org 65a44a8a4f
upstream: Separate parsing of string array options from applying them 
to the active configuration. This fixes the config parser from erroneously
rejecting cases like:

AuthenticationMethods password
Match User ivy
 AuthenticationMethods any

bz3657 ok markus@

OpenBSD-Commit-ID: 7f196cba634c2a3dba115f3fac3c4635a2199491
 2024-03-04 14:46:46 +11:00
Darren Tucker 6886e1b1f5
Add nbsd10 test target. 2024-02-22 17:59:35 +11:00
Damien Miller d86bf8a3f6
more descriptive configure test name 2024-02-22 12:06:10 +11:00
djm@openbsd.org 9ee335aacc
upstream: explain arguments of internal-sftp GHPR#454 from Niklas 
Hambüchen
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

OpenBSD-Commit-ID: 0335d641ae6b5b6201b9ffd5dd06345ebbd0a3f3
 2024-02-21 17:18:02 +11:00
djm@openbsd.org d1164cb100
upstream: clarify permissions requirements for ChrootDirectory Part 
of GHPR#454 from Niklas Hambüchen
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

OpenBSD-Commit-ID: d37bc8786317a11649c62ff5e2936441186ef7a0
 2024-02-21 17:18:01 +11:00
djm@openbsd.org d410e17d18
upstream: .Cm for a keyword. Part of GHPR#454 from Niklas Hambüchen 
OpenBSD-Commit-ID: d59c52559f926fa82859035d79749fbb4a3ce18a
 2024-02-21 17:18:01 +11:00
djm@openbsd.org ab73f9678e
upstream: fix typo in match directive predicate (s/tagged/tag) GHPR#462 
from Tobias Manske

OpenBSD-Commit-ID: 05b23b772677d48aa82eefd7ebebd369ae758908
 2024-02-21 17:01:37 +11:00
djm@openbsd.org 9844aa2521
upstream: fix proxy multiplexing mode, broken when keystroke timing 
obfuscation was added. GHPR#463 from montag451

OpenBSD-Commit-ID: 4e412d59b3f557d431f1d81c715a3bc0491cc677
 2024-02-21 16:58:02 +11:00
djm@openbsd.org ee6d932acb
upstream: don't append a gratuitous space to the end of subsystem 
arguments; bz3667

OpenBSD-Commit-ID: e11023aeb3f30b77a674e37b8292c862926d5dc6
 2024-02-20 15:10:55 +11:00
dtucker@openbsd.org e27f032aa8
upstream: Always define puttysetup function. 
OpenBSD-Regress-ID: b4c0ccfa4006a1bc5dfd99ccf21c854d3ce2aee0
 2024-02-19 20:35:31 +11:00
dtucker@openbsd.org 84046f9991
upstream: Exapnd PuTTY test coverage. 
Expand the set of ciphers, MACs and KEX methods in the PuTTY interop
tests.

OpenBSD-Regress-ID: dd28d97d48efe7329a396d0d505ee2907bf7fc57
 2024-02-19 18:49:00 +11:00
dtucker@openbsd.org bbf541ee2a
upstream: Factor out PuTTY setup. 
Factor out PuTTY and call only when needed.

This allows us to avoid PuTTY key setup when it's not needed, which
speeds up the overall test run by a couple of percent.

OpenBSD-Regress-ID: c25eaccc3c91bc874400f7c85ce40e9032358c1c
 2024-02-19 18:48:26 +11:00
naddy@openbsd.org d31c21c57f
upstream: clean sshd random relinking kit; ok miod@ 
OpenBSD-Commit-ID: 509bb19bb9762a4b3b589af98bac2e730541b6d4
 2024-02-19 18:41:19 +11:00
djm@openbsd.org 4dbc5a363f
upstream: whitespace 
OpenBSD-Commit-ID: b24680bc755b621ea801ff8edf6f0f02b68edae1
 2024-02-19 18:40:09 +11:00
Darren Tucker efde85dda2
Improve error message for OpenSSL header check. 
bz#3668, ok djm@
 2024-02-19 17:29:31 +11:00
Darren Tucker cbbdf868bc
Interop test against PuTTY snapshot and releases. 2024-02-07 23:10:34 +11:00
Darren Tucker 91898bf786
Put privsep dir on OS X on /usr/local. 
On some runners we can't create /var/empty, so put it some place we can
write.  Should fix test breakage on Max OS X 11.
 2024-02-06 16:37:07 +11:00
Darren Tucker be5ed8ebed
Add --disable-fd-passing option. 
.. and enable for the minix3 test VM.  This will cause it to more reliably
skip tests that need FD passing and should fix the current test breakage.
 2024-02-06 11:22:20 +11:00
Darren Tucker 0f6a8a0d0a
Use "skip" function instead doing it ourselves. 2024-02-06 11:18:44 +11:00
Damien Miller 3ad669f81a
ignore some vim droppings 2024-02-01 14:01:18 +11:00
djm@openbsd.org c283f29d23
upstream: whitespace 
OpenBSD-Commit-ID: bf9e4a1049562ee4322684fbdce07142f04fdbb7
 2024-02-01 13:42:45 +11:00
Damien Miller 0d96b1506b
skip tests that use multiplexing on Windows 
Some tests here use multiplexing, skip these if DISABLE_FD_PASSING
is set. Should unbreak tests on Windows.
 2024-01-16 14:40:18 +11:00
djm@openbsd.org 50080fa42f
upstream: don't disable RSA test when DSA is disabled; bug introduced 
in last commit

OpenBSD-Regress-ID: 8780a7250bf742b33010e9336359a1c516f2d7b5
 2024-01-11 15:56:37 +11:00
djm@openbsd.org 415c94ce17
upstream: make DSA testing optional, defaulting to on 
ok markus

OpenBSD-Regress-ID: dfc27b5574e3f19dc4043395594cea5f90b8572a
 2024-01-11 15:55:19 +11:00
djm@openbsd.org f9311e8921
upstream: ensure key_fd is filled when DSA is disabled; spotted by 
tb@

OpenBSD-Commit-ID: 9dd417b6eec3cf67e870f147464a8d93f076dce7
 2024-01-11 15:46:22 +11:00
djm@openbsd.org 4e838120a7
upstream: make DSA key support compile-time optional, defaulting to 
on

ok markus@

OpenBSD-Commit-ID: 4f8e98fc1fd6de399d0921d5b31b3127a03f581d
 2024-01-11 15:46:22 +11:00
jmc@openbsd.org afcc9028bf
upstream: fix incorrect capitalisation; 
OpenBSD-Commit-ID: cb07eb06e15fa2334660ac73e98f29b6a1931984
 2024-01-11 14:20:29 +11:00
djm@openbsd.org 9707c8170c
upstream: extend ChannelTimeout regression test to exercise multiplexed 
connections and the new "global" timeout type. ok dtucker@

OpenBSD-Regress-ID: f10d19f697024e9941acad7c2057f73d6eacb8a2
 2024-01-10 09:25:04 +11:00
djm@openbsd.org b31b12d28d
upstream: add a "global" ChannelTimeout type to ssh(1) and sshd(8) 
that watches all open channels and will close all open channels if there is
no traffic on any of them for the specified interval. This is in addition to
the existing per-channel timeouts added a few releases ago.

This supports use-cases like having a session + x11 forwarding channel
open where one may be idle for an extended period but the other is
actively used. The global timeout would allow closing both channels when
both have been idle for too long.

ok dtucker@

OpenBSD-Commit-ID: 0054157d24d2eaa5dc1a9a9859afefc13d1d7eb3
 2024-01-10 09:24:53 +11:00
djm@openbsd.org 602f4beeed
upstream: adapt ssh_api.c code for kex-strict 
from markus@ ok me

OpenBSD-Commit-ID: 4d9f256852af2a5b882b12cae9447f8f00f933ac
 2024-01-10 09:24:06 +11:00