summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* upstream: man pages: add missing commas between subordinate andnaddy@openbsd.org2022-04-066-21/+21
| | | | | | | | | | | main clauses jmc@ dislikes a comma before "then" in a conditional, so leave those untouched. ok jmc@ OpenBSD-Commit-ID: 9520801729bebcb3c9fe43ad7f9776ab4dd05ea3
* Disable security key on fbsd6 test host.Darren Tucker2022-04-041-0/+4
|
* Specify TEST_SHELL=bash on AIX.Darren Tucker2022-04-041-1/+3
| | | | | | The system shells cause the agent-restrict test to fail due to some quoting so explicitly specify bash until we can get configure to autmatically work around that.
* Only return events from ppoll that were requested.Darren Tucker2022-04-011-3/+3
| | | | | | | | If the underlying system's select() returns bits that were not in the request set, our ppoll() implementation can return revents for events not requested, which can apparently cause a hang. Only return revents for activity in the requested event set. bz#3416, analysis and fix by yaroslav.kuzmin at vmssoftware com, ok djm@
* Only run regression tests on slow VMs.Darren Tucker2022-04-011-0/+1
|
* Increase test timeout to allow slow VMs to finishDarren Tucker2022-04-011-1/+1
|
* Use bash or ksh if available for SH in Makefile.Darren Tucker2022-04-011-0/+2
|
* Set Makefile SHELL as determined by configure.Darren Tucker2022-04-011-2/+1
| | | | | | | This should improve compatibility for users with non-POSIX shells. If using Makefile.in directly (eg make -f Makefile.in distprep) then SHELL will need to be specified on the command line (along with MANFMT in that particular case). ok djm@
* Skip slow tests on (very) slow test targets.Darren Tucker2022-04-011-0/+6
|
* dependDamien Miller2022-03-311-1/+1
|
* upstream: add a sftp client "cp" command that supports server-sidedjm@openbsd.org2022-03-314-6/+155
| | | | | | | copying of files. Useful for this task and for testing the copy-data extension. Patch from Mike Frysinger; ok dtucker@ OpenBSD-Commit-ID: 1bb1b950af0d49f0d5425b1f267e197aa1b57444
* upstream: add support for the "corp-data" protocol extension todjm@openbsd.org2022-03-312-3/+132
| | | | | | | allow server-side copies to be performed without having to go via the client. Patch by Mike Frysinger, ok dtucker@ OpenBSD-Commit-ID: 00aa510940fedd66dab1843b58682de4eb7156d5
* upstream: select post-quantum KEXdjm@openbsd.org2022-03-311-2/+2
| | | | | | sntrup761x25519-sha512@openssh.com as the default; ok markus@ OpenBSD-Commit-ID: f02d99cbfce22dffec2e2ab1b60905fbddf48fb9
* upstream: fix poll() spin when a channel's output fd closes withoutdjm@openbsd.org2022-03-312-106/+120
| | | | | | | data in the channel buffer. Introduce more exact packing of channel fds into the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@ OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
* upstream: ssh is almost out of getopt() characters; note thedjm@openbsd.org2022-03-301-2/+2
| | | | | | remaining remaining available ones in a comment OpenBSD-Commit-ID: 48d38cef59d6bc8e84c6c066f6d601875d3253fd
* upstream: avoid NULL deref via ssh-keygen -Y find-principals.djm@openbsd.org2022-03-301-2/+7
| | | | | | bz3409, reported by Mateusz Adamowski OpenBSD-Commit-ID: a3b2c02438052ee858e0ee18e5a288586b5df2c5
* Add AIX 5.1 test target.Darren Tucker2022-03-281-0/+1
|
* Drop leading "v" from release version identifier.Darren Tucker2022-03-261-2/+2
| | | | | It's present in the git tags but not in the release tarball names. Also drop extra "/" from URL path.
* Use tarballs when testing LibreSSL releases.Darren Tucker2022-03-261-7/+16
| | | | | This means they'll still work when the combination of -portable and openbsd github repos no longer match.
* Remove now-unused passwd variable.Darren Tucker2022-03-261-1/+1
|
* Missing semicolon.Darren Tucker2022-03-261-1/+1
|
* Factor out platform-specific locked account check.Darren Tucker2022-03-263-47/+55
| | | | | | Also fixes an incorrect free on platforms with both libiaf and shadow passwords (probably only Unixware). Prompted by github PR#284, originally from @c3h2_ctf and stoeckmann@.
* Add OpenWRT mips and mipsel test targets.Darren Tucker2022-03-262-0/+6
|
* upstream: don't leak argument list; bz3404, reported by Baludjm@openbsd.org2022-03-201-2/+2
| | | | | | Gajjala ok dtucker@ OpenBSD-Commit-ID: fddc32d74e5dd5cff1a49ddd6297b0867eae56a6
* upstream: make addargs() and replacearg() a little more robust anddjm@openbsd.org2022-03-201-9/+18
| | | | | | | | | | improve error reporting make freeargs(NULL) a noop like the other free functions ok dtucker as part of bz3403 OpenBSD-Commit-ID: 15f86da83176978b4d1d288caa24c766dfa2983d
* upstream: don't try to resolve ListenAddress directives in the sshddjm@openbsd.org2022-03-203-8/+9
| | | | | | | | re-exec path - we're never going to use the result and if the operation fails then it can prevent connections from being accepted. Reported by Aaron Poffenberger; with / ok dtucker@ OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
* upstream: remove blank linedjm@openbsd.org2022-03-201-2/+1
| | | | OpenBSD-Commit-ID: d5e0182965b2fbfb03ad5f256d1a1ce5706bcddf
* upstream: helpful commentdjm@openbsd.org2022-03-181-1/+2
| | | | OpenBSD-Commit-ID: e3315a45cb04e7feeb614d76ec80a9fe4ca0e8c7
* upstream: ssh-keygen -Y check-novalidate requires namespace or SEGVdjm@openbsd.org2022-03-181-1/+7
| | | | | | will ensue. Patch from Mateusz Adamowski via GHPR#307 OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
* upstream: improve DEBUG_CHANNEL_POLL debugging messagedjm@openbsd.org2022-03-181-5/+5
| | | | OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
* upstream: ssh: xstrdup(): use memcpy(3)cheloha@openbsd.org2022-03-181-3/+2
| | | | | | | | | | | | Copying the given string into the buffer with strlcpy(3) confers no benefit in this context because we have already determined the string's length with strlen(3) in order to allocate that buffer. Thread: https://marc.info/?l=openbsd-tech&m=164687525802691&w=2 ok dtucker@ millert@ OpenBSD-Commit-ID: f8bfc082e36e2d2dc4e1feece02fe274155ca11a
* Resync fmt_scaled. with OpenBSD.Darren Tucker2022-03-111-13/+19
| | | | Fixes underflow reported in bz#3401.
* Provide killpg implementation.Darren Tucker2022-03-093-0/+13
| | | | Based on github PR#301 for Tandem NonStop.
* Check for missing ftruncate prototype.Darren Tucker2022-03-092-0/+10
| | | | From github PR#301 in conjunction with rsbeckerca.
* Default to not using sandbox when cross compiling.Darren Tucker2022-03-081-2/+2
| | | | | | On most systems poll(2) does not work when the number of FDs is reduced with setrlimit, so assume it doesn't when cross compiling and we can't run the test. bz#3398.
* upstream: pack pollfd array before server_accept_loop() ppoll()djm@openbsd.org2022-03-011-10/+19
| | | | | | | | | | | call, and terminate sshd if ppoll() returns errno==EINVAL avoids spin in ppoll when MaxStartups > RLIMIT_NOFILE, reported by Daniel Micay feedback/ok deraadt OpenBSD-Commit-ID: dbab1c24993ac977ec24d83283b8b7528f7c2c15
* upstream: include rejected signature algorithm in error message andnaddy@openbsd.org2022-03-011-3/+3
| | | | | | not the (useless) key type; ok djm@ OpenBSD-Commit-ID: d0c0f552a4d9161203e07e95d58a76eb602a76ff
* upstream: Remove the char * casts from arguments to do_lstat,dtucker@openbsd.org2022-03-011-4/+4
| | | | | | | do_readdir and do_stat paths since the underlying functions now take a const char *. Patch from vapier at gentoo.org. OpenBSD-Commit-ID: 9e4d964dbfb0ed683a2a2900711b88e7f1c0297b
* upstream: save an unneccessary alloc/free, based on patch fromdjm@openbsd.org2022-03-011-7/+4
| | | | | | Martin Vahlensieck; ok dtucker@ OpenBSD-Commit-ID: 90ffbf1f837e509742f2c31a1fbf2c0fd376fd5f
* Remove unused ivbits argument from chacha_keysetupDarren Tucker2022-03-012-3/+3
|
* Add OPENBSD ORIGINAL marker.Darren Tucker2022-03-011-0/+2
|
* No unused param warnings for clang-12 and gcc-11.Darren Tucker2022-02-281-2/+2
| | | | | | These have too many false positives in -Werror tests on the github CI since we often provide empty stub functions for functionality not needed for particular configurations.
* Add debian-i386 test target.Darren Tucker2022-02-261-0/+2
|
* Allow ppoll_time64 in seccomp sandbox.Darren Tucker2022-02-261-0/+3
| | | | | | Should fix sandbox violations on (some? at least i386 and armhf) 32bit Linux platforms. Patch from chutzpahu at gentoo.org and cjwatson at debian.org via bz#3396.
* Improve handling of _getshort and _getlong.Darren Tucker2022-02-251-8/+9
| | | | | | If the system native ones are exactly as required then use them, otherwise use the local versions mapped to another name to prevent name collisions.
* Constify utimes in compat library to match specs.Darren Tucker2022-02-252-2/+2
| | | | Patch from vapier at chromium.org.
* ANSIfy getshort and getlong.Darren Tucker2022-02-251-10/+8
| | | | | These functions appear to have come from OpenBSD's lib/libc/net/res_comp.c which made this change in 2005.
* Use PICFLAG instead of hard coding -fPIC.Darren Tucker2022-02-251-1/+1
|
* Add tests for latest releases of {Libre,Open}SSL.Darren Tucker2022-02-251-0/+3
|
* Improve detection of -fzero-call-used-regs=all supportColin Watson2022-02-251-0/+3
| | | | | GCC doesn't tell us whether this option is supported unless it runs into the situation where it would need to emit corresponding code.
View Lorry Controller Status