summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Add authfd path to debug output. ok markus@dtucker@openbsd.org2022-04-271-1/+2
| | | | OpenBSD-Commit-ID: f735a17d1a6f2bee63bfc609d76ef8db8c090890
* upstream: Check sshauthopt_new() for NULL. bz#3425, fromdtucker@openbsd.org2022-04-271-2/+3
| | | | | | tessgauthier at microsoft.com. ok djm@ OpenBSD-Commit-ID: af0315bc3e44aa406daa7e0ae7c2d719a974483f
* upstream: Remove unnecessary includes: openssl/hmac.h andmillert@openbsd.org2022-04-271-4/+1
| | | | | | openssl/evp.h. From Martin Vahlensieck. OpenBSD-Commit-ID: a6debb5fb0c8a44e43e8d5ca7cc70ad2f3ea31c3
* upstream: Add missing includes of stdlib.h and stdint.h. We needmillert@openbsd.org2022-04-271-1/+3
| | | | | | | | stdlib.h for malloc(3) and stdint.h for SIZE_MAX. Unlike the other xmss files, ssh-xmss.c does not include xmss_commons.h so ssh-xmss.c must include those headers itself. From Martin Vahlensieck OpenBSD-Commit-ID: 70e28a9818cee3da1be2ef6503d4b396dd421e6b
* upstream: Avoid an unnecessary xstrdup in rm_env() when matchingmillert@openbsd.org2022-04-271-7/+3
| | | | | | | | patterns. Since match_pattern() doesn't modify its arguments (they are const), there is no need to make an extra copy of the strings in options->send_env. From Martin Vahlensieck OpenBSD-Commit-ID: 2c9db31e3f4d3403b49642c64ee048b2a0a39351
* Add debian-riscv64 test target.Darren Tucker2022-04-261-0/+1
|
* Update OpenSSL and LibreSSL versions in tests.Darren Tucker2022-04-251-5/+5
|
* Include stdlib.h for free() prototype.Darren Tucker2022-04-231-0/+1
| | | | ... which is used inside the CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG block.
* Cache timezone data in capsicum sandbox.Darren Tucker2022-04-232-1/+16
| | | | | From emaste at freebsd.org, originally part of FreeBSD commit r339216 / fc3c19a9 with autoconf bits added by me.
* upstream: It looks like we can't completely avoiddtucker@openbsd.org2022-04-211-7/+18
| | | | | | | waiting for processes to exit so retrieve the pid via controlmaster and use that. OpenBSD-Regress-ID: 8246f00f22b14e49d2ff1744c94897ead33d457b
* upstream: Use ssh -f and ControlPersist ..dtucker@openbsd.org2022-04-201-13/+11
| | | | | | | to start up test forwards and ssh -O stop to shut them down intead of sleep loops. This speeds up the test by an order of magnitude. OpenBSD-Regress-ID: eb3db5f805100919b092a3b2579c611fba3e83e7
* upstream: Simplify forward-control test.dtucker@openbsd.org2022-04-201-25/+9
| | | | | | | | Since we no longer need to support SSH1 we don't need to run shell commands on the other end of the connection and can use ssh -N instead. This also makes the test less racy. OpenBSD-Regress-ID: 32e94ce272820cc398f30b848b2b0f080d10302c
* upstream: regression test for sftp cp commanddjm@openbsd.org2022-04-201-1/+6
| | | | OpenBSD-Regress-ID: c96bea9edde3a384b254785e7f9b2b24a81cdf82
* upstream: Import regenerated modulidtucker@openbsd.org2022-04-201-382/+419
| | | | OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
* upstream: Try to continue running local I/O for channels in statedjm@openbsd.org2022-04-203-13/+10
| | | | | | | | OPEN during SSH transport rekeying. The most visible benefit is that it should make ~-escapes work in the client (e.g. to exit) if the connection happened to have stalled during a rekey event. Based work by and ok dtucker@ OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
* upstream: Import regenerated modulidtucker@openbsd.org2022-04-201-0/+1
| | | | OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
* upstream: list the correct version numbertj@openbsd.org2022-04-161-4/+4
| | | | | | | for when usage of the sftp protocol became default and fix a typo from ed maste OpenBSD-Commit-ID: 24e1795ed2283fdeacf16413c2f07503bcdebb31
* upstream: Correct path for system known hosts file in descriptiondtucker@openbsd.org2022-04-161-3/+3
| | | | | | of IgnoreUserKnownHosts. Patch from Martin Vahlensieck via tech@ OpenBSD-Commit-ID: 9b7784f054fa5aa4d63cb36bd563889477127215
* Resync moduli.5 with upstream.Darren Tucker2022-04-161-5/+4
| | | | | 1.18: remove duplicate publication year; carsten dot kunze at arcor dot de 1.19: ssh-keygen's -G/-T have been replaced with -M generate/screen.
* Retire fbsd6 test VM.Darren Tucker2022-04-161-2/+0
| | | | | It's long since out of support, relatively slow (it's i686) and the compiler has trouble with PIE.
* upstream: clear io_want/io_ready flags at start of poll() cycle;djm@openbsd.org2022-04-121-2/+7
| | | | | | | avoids plausible spin during rekeying if channel io_want flags are reused across cycles. ok markus@ deraadt@ OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
* upstream: Note that curve25519-sha256 was later published indtucker@openbsd.org2022-04-121-1/+3
| | | | | | RFC8731. ok djm@ OpenBSD-Commit-ID: 2ac2b5d642d4cf5918eaec8653cad9a4460b2743
* upstream: two defensive changes from Tobias Stoeckmann via GHPR287djm@openbsd.org2022-04-121-3/+6
| | | | | | | | | | enforce stricter invarient for sshbuf_set_parent() - never allow a buffer to have a previously-set parent changed. In sshbuf_reset(), if the reallocation fails, then zero the entire buffer and not the (potentially smaller) default initial alloc size. OpenBSD-Commit-ID: 14583203aa5d50ad38d2e209ae10abaf8955e6a9
* Revert "update build-aux files to match autoconf-2.71"Damien Miller2022-04-113-1917/+2044
| | | | | | | | This reverts commit 0a8ca39fac6ad19096b6c263436f8b2dd51606f2. It turns out that the checked-in copies of these files are actually newer than autoconf-2.71's copies, so this was effectively a downgrade. Spotted by Bo Anderson via github
* update build-aux files to match autoconf-2.71Damien Miller2022-04-083-2044/+1917
| | | | i.e. config.guess, config.sub and install-sh
* update version numbers for releaseV_9_0_P1Damien Miller2022-04-063-3/+3
|
* upstream: openssh-9.0djm@openbsd.org2022-04-061-2/+2
| | | | OpenBSD-Commit-ID: 0dfb461188f4513ec024c1534da8c1ce14c20b64
* upstream: ssh: document sntrup761x25519-sha512@openssh.com asnaddy@openbsd.org2022-04-062-5/+5
| | | | | | default KEX OpenBSD-Commit-ID: 12545bfa10bcbf552d04d9d9520d0f4e98b0e171
* upstream: man pages: add missing commas between subordinate andnaddy@openbsd.org2022-04-066-21/+21
| | | | | | | | | | | main clauses jmc@ dislikes a comma before "then" in a conditional, so leave those untouched. ok jmc@ OpenBSD-Commit-ID: 9520801729bebcb3c9fe43ad7f9776ab4dd05ea3
* Disable security key on fbsd6 test host.Darren Tucker2022-04-041-0/+4
|
* Specify TEST_SHELL=bash on AIX.Darren Tucker2022-04-041-1/+3
| | | | | | The system shells cause the agent-restrict test to fail due to some quoting so explicitly specify bash until we can get configure to autmatically work around that.
* Only return events from ppoll that were requested.Darren Tucker2022-04-011-3/+3
| | | | | | | | If the underlying system's select() returns bits that were not in the request set, our ppoll() implementation can return revents for events not requested, which can apparently cause a hang. Only return revents for activity in the requested event set. bz#3416, analysis and fix by yaroslav.kuzmin at vmssoftware com, ok djm@
* Only run regression tests on slow VMs.Darren Tucker2022-04-011-0/+1
|
* Increase test timeout to allow slow VMs to finishDarren Tucker2022-04-011-1/+1
|
* Use bash or ksh if available for SH in Makefile.Darren Tucker2022-04-011-0/+2
|
* Set Makefile SHELL as determined by configure.Darren Tucker2022-04-011-2/+1
| | | | | | | This should improve compatibility for users with non-POSIX shells. If using Makefile.in directly (eg make -f Makefile.in distprep) then SHELL will need to be specified on the command line (along with MANFMT in that particular case). ok djm@
* Skip slow tests on (very) slow test targets.Darren Tucker2022-04-011-0/+6
|
* dependDamien Miller2022-03-311-1/+1
|
* upstream: add a sftp client "cp" command that supports server-sidedjm@openbsd.org2022-03-314-6/+155
| | | | | | | copying of files. Useful for this task and for testing the copy-data extension. Patch from Mike Frysinger; ok dtucker@ OpenBSD-Commit-ID: 1bb1b950af0d49f0d5425b1f267e197aa1b57444
* upstream: add support for the "corp-data" protocol extension todjm@openbsd.org2022-03-312-3/+132
| | | | | | | allow server-side copies to be performed without having to go via the client. Patch by Mike Frysinger, ok dtucker@ OpenBSD-Commit-ID: 00aa510940fedd66dab1843b58682de4eb7156d5
* upstream: select post-quantum KEXdjm@openbsd.org2022-03-311-2/+2
| | | | | | sntrup761x25519-sha512@openssh.com as the default; ok markus@ OpenBSD-Commit-ID: f02d99cbfce22dffec2e2ab1b60905fbddf48fb9
* upstream: fix poll() spin when a channel's output fd closes withoutdjm@openbsd.org2022-03-312-106/+120
| | | | | | | data in the channel buffer. Introduce more exact packing of channel fds into the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@ OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
* upstream: ssh is almost out of getopt() characters; note thedjm@openbsd.org2022-03-301-2/+2
| | | | | | remaining remaining available ones in a comment OpenBSD-Commit-ID: 48d38cef59d6bc8e84c6c066f6d601875d3253fd
* upstream: avoid NULL deref via ssh-keygen -Y find-principals.djm@openbsd.org2022-03-301-2/+7
| | | | | | bz3409, reported by Mateusz Adamowski OpenBSD-Commit-ID: a3b2c02438052ee858e0ee18e5a288586b5df2c5
* Add AIX 5.1 test target.Darren Tucker2022-03-281-0/+1
|
* Drop leading "v" from release version identifier.Darren Tucker2022-03-261-2/+2
| | | | | It's present in the git tags but not in the release tarball names. Also drop extra "/" from URL path.
* Use tarballs when testing LibreSSL releases.Darren Tucker2022-03-261-7/+16
| | | | | This means they'll still work when the combination of -portable and openbsd github repos no longer match.
* Remove now-unused passwd variable.Darren Tucker2022-03-261-1/+1
|
* Missing semicolon.Darren Tucker2022-03-261-1/+1
|
* Factor out platform-specific locked account check.Darren Tucker2022-03-263-47/+55
| | | | | | Also fixes an incorrect free on platforms with both libiaf and shadow passwords (probably only Unixware). Prompted by github PR#284, originally from @c3h2_ctf and stoeckmann@.
View Lorry Controller Status