RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-12-28 04:52:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,921 Commits 69 Branches 0 Tags 27 MiB
a32c07cbb7
Commit Graph

11921 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Darren Tucker
a32c07cbb7
Run vm startup and shutdown from runner temp dir. 
Should work even if the github workspace dir is on a stale sshfs mount.
 2022-11-08 12:01:33 +11:00
Darren Tucker
2b40a7dfcd
Add valrind-5 test here too. 2022-11-08 11:03:31 +11:00
Darren Tucker
2ea03d1f6d
Update checkout and upload actions. 
Update actions/checkout and actions/upload-artifact to main branch for
compatibility with node.js v16.
 2022-11-08 10:29:32 +11:00
Darren Tucker
4e316ff0f1
Split out rekey test since it runs the longest. 2022-11-08 10:29:32 +11:00
dtucker@openbsd.org
21625a6424
upstream: The IdentityFile option in ssh_config can also be used to 
specify a public key file, as documented in ssh.1 for the -i option. Document
this also for IdentityFile in ssh_config.5, for documentation completeness.
From laalsaas at systemli.org via portable github PR#352, ok jmc@ djm@

OpenBSD-Commit-ID: 2f943be9f96e60ef81a9a4faa25b009999f9883b
 2022-11-07 22:22:18 +11:00
dtucker@openbsd.org
747691604d
upstream: Remove some set but otherwise unused variables, spotted 
in -portable by clang 16's -Wunused-but-set-variable.  ok djm@

OpenBSD-Commit-ID: 3d943ddf2369b38fbf89f5f19728e7dc1daf3982
 2022-11-07 22:22:15 +11:00
dtucker@openbsd.org
1d78d25653
upstream: Check for and disallow MaxStartups values less than or 
equal to zero during config parsing, rather than faling later at runtime.
bz#3489, ok djm@

OpenBSD-Commit-ID: d79c2b7a8601eb9be493629a91245d761154308b
 2022-11-07 22:22:06 +11:00
djm@openbsd.org
a00f59a645
upstream: fix parsing of hex cert expiry time; was checking whether the 
start time began with "0x", not the expiry time.

from Ed Maste

OpenBSD-Commit-ID: 6269242c3e1a130b47c92cfca4d661df15f05739
 2022-11-07 15:43:13 +11:00
Darren Tucker
f58acaf8c7
Fix merge conflict. 2022-11-07 15:10:59 +11:00
Darren Tucker
162e574102
Branch-specific links for master status badges. 2022-11-07 15:07:33 +11:00
Darren Tucker
e4b7c12ab2
Add CIFuzz status badge. 2022-11-07 14:46:38 +11:00
Darren Tucker
b496b9f831
Do not run CIFuzz on selfhosted tree. 
We already run it on the regular tree, no need to double up.
 2022-11-07 14:45:37 +11:00
Darren Tucker
2138b1c4dd
Whitespace change to trigger CIFuzz workflow. 2022-11-07 14:41:58 +11:00
Darren Tucker
4670b97ef8
Run cifuzz workflow on the actions as regular CI. 2022-11-07 14:34:04 +11:00
David Korczynski
79391e66ce
Add CIFuzz integration 2022-11-07 14:31:45 +11:00
dtucker@openbsd.org
c1893364a0
upstream: Import regenerated moduli. 
OpenBSD-Commit-ID: b0e54ee4d703bd6929bbc624068666a7a42ecb1f
 2022-11-07 14:00:57 +11:00
dtucker@openbsd.org
5c3f18fb99
upstream: Fix typo. From pablomh via -portable github PR#344. 
OpenBSD-Commit-ID: d056ee2e73691dc3ecdb44a6de68e6b88cd93827
 2022-11-07 14:00:23 +11:00
Darren Tucker
e1c6fcc142
Link to branch-specific queries for V_9_1 status. 2022-11-07 12:46:58 +11:00
Darren Tucker
4f4a5fad6d
Use "prohibit-password" in -portable comments. 
"without-password" is the deprecated alias for "prohibit-password",
so we should reference the latter. From emaste at freebsd.org.
 2022-11-07 10:54:29 +11:00
Darren Tucker
0f7e1eba55
Fix tracing disable on FreeBSD. 
Some versions of FreeBSD do not support using id 0 to refer to the
current pid for procctl, so pass getpid() explicitly.  From
emaste at freebsd.org.
 2022-11-07 10:54:29 +11:00
Darren Tucker
32fddb982f
Fix setres*id checks to work with clang-16. 
glibc has the prototypes for setresuid and setresgid behind _GNU_SOURCE,
and clang 16 will error out on implicit function definitions, so add
_GNU_SOURCE and the required headers to the configure checks.  From
sam at @gentoo.org via bz#3497.
 2022-11-07 10:39:01 +11:00
Sam James
12af712d11
configure.ac: Fix -Wstrict-prototypes 
Clang 16 now warns on this and it'll be removed in C23, so let's
just be future proof. It also reduces noise when doing general
Clang 16 porting work (which is a big job as it is).  github PR#355.

Signed-off-by: Sam James <sam@gentoo.org>
 2022-11-06 18:51:52 +11:00
Sam James
40b0a5eb6e
configure.ac: Add <pty.h> include for openpty 
Another Clang 16ish fix (which makes -Wimplicit-function-declaration
an error by default).  github PR#355.

See: 2efd71da49
See: be19763532
 2022-11-06 18:51:52 +11:00
Rochdi Nassah
6b17e12887
Fix broken zlib link. 2022-11-05 07:33:11 +11:00
Darren Tucker
99500df246
Don't run openbsd-compat tests on Cygwin. 
Add "compat-tests" to the default TEST_TARGET so we can override as
necessary.  Override TEST_TARGET for Cygwin as the tests don't currently
compile there.
 2022-11-04 17:30:58 +11:00
djm@openbsd.org
3cae9f92a3
upstream: replace recently-added valid_domain() check for hostnames 
going to known_hosts with a more relaxed check for bad characters; previous
commit broke address literals. Reported by/feedback from florian@

OpenBSD-Commit-ID: 10b86dc6a4b206adaa0c11b58b6d5933898d43e0
 2022-11-04 09:01:17 +11:00
Darren Tucker
9655217231
Rerun tests on changes to Makefile.in in any dir. 2022-11-03 23:07:50 +11:00
Darren Tucker
3500f0405a
Link libssh into compat tests. 
The cygwin compat code uses xmalloc, so add libssh.a so pick up that.
 2022-11-03 23:04:08 +11:00
Darren Tucker
ec59effcf6
Fix compat regress to work with non-GNU make. 2022-11-03 21:44:23 +11:00
Darren Tucker
73550a218e
Increase selfhosted job timeout. 
The default job timeout of 360 (6h) is not enough to complete the
regress tests for some of the slow VMs depending on the load on the host.
Increase to 600 (10h).
 2022-11-03 13:41:16 +11:00
Darren Tucker
db97d8d0b9
Only run opensslver tests if built with OpenSSL. 2022-11-03 10:00:43 +11:00
Darren Tucker
ba05370963
Add tests for OpenSSL 3.0.7 and LibreSSL 3.6.1. 2022-11-03 08:40:06 +11:00
Darren Tucker
edd24101c7
Run compat regress tests too. 2022-11-03 08:17:39 +11:00
Darren Tucker
fe88d67e75
Compat tests need libcrypto. 
This was moved to CHANNELLIBS during the libs refactor.  Spotted by
rapier at psc.edu.
 2022-11-03 08:14:05 +11:00
Darren Tucker
96b519726b
Include time.h when defining timegm. 
Fixes build on some platforms eg recent AIX.
 2022-11-03 04:25:34 +11:00
Darren Tucker
da6038bd5c
Always use compat getentropy. 
Have it call native getentropy and fall back as required.  Should fix
issues of platforms where libc has getentropy but it is not implemented
in the kernel.  Based on github PR#354 from simsergey.
 2022-11-02 12:20:50 +11:00
Darren Tucker
5ebe18cab6
Check for sockaddr_in.sin_len. 
If found, set SOCK_HAS_LEN which is used in addr.c.  Should fix keyscan
tests on platforms with this (eg old NetBSD).
 2022-11-02 10:51:48 +11:00
dtucker@openbsd.org
a1febadf42
upstream: Use variable for diff options 
instead of unconditionally specifying "-rN". This will make life easier
in -portable where not all diff's understand -N.

OpenBSD-Regress-ID: 8b8a407115546be1c6d72d350b1e4f1f960d3cd3
 2022-11-01 11:10:48 +11:00
Darren Tucker
f6d3ed9a8a
OpenSSL dev branch is 302 not 320. 
While there, also accept 301 which it shat it was previously.
 2022-10-31 05:13:02 +11:00
djm@openbsd.org
25c8a2bbcc
upstream: put sshkey_check_rsa_length() back in sshkey.c to unbreak 
OPENSSL=no builds

OpenBSD-Commit-ID: 99eec58abe382ecd14b14043b195ee1babb9cf6e
 2022-10-28 13:49:01 +11:00
djm@openbsd.org
1192588546
upstream: allow ssh-keyscan(1) to accept CIDR address ranges, e.g. 
ssh-keyscan 192.168.0.0/24

If a CIDR range is passed, then it will be expanded to all possible
addresses in the range including the all-0s and all-1s addresses.

bz#976 feedback/ok markus@

OpenBSD-Commit-ID: ce6c5211f936ac0053fd4a2ddb415277931e6c4b
 2022-10-28 13:39:35 +11:00
Damien Miller
64af420930
fix merge botch 2022-10-28 12:54:35 +11:00
djm@openbsd.org
2726764269
upstream: refactor sshkey_private_deserialize 
feedback/ok markus@

OpenBSD-Commit-ID: f5ca6932fdaf840a5e8250becb38315a29b5fc9f
 2022-10-28 12:47:01 +11:00
djm@openbsd.org
2519a7077a
upstream: refactor sshkey_private_serialize_opt() 
feedback/ok markus@

OpenBSD-Commit-ID: 61e0fe989897901294efe7c3b6d670cefaf44cbd
 2022-10-28 12:47:01 +11:00
djm@openbsd.org
11a768adf9
upstream: refactor certify 
feedback/ok markus@

OpenBSD-Commit-ID: 35d742992e223eaca3537e6fb3d3002c08eed4f6
 2022-10-28 12:47:00 +11:00
djm@openbsd.org
3fbc58bb24
upstream: refactor sshkey_sign() and sshkey_verify() 
feedback/ok markus@

OpenBSD-Commit-ID: 368e662c128c99d05cc043b1308d2b6c71a4d3cc
 2022-10-28 12:47:00 +11:00
djm@openbsd.org
a1deb6cdbb
upstream: refactor sshkey_from_blob_internal() 
feedback/ok markus@

OpenBSD-Commit-ID: 1f46c0cbb8060ee9666a02749594ad6658c8e283
 2022-10-28 12:46:59 +11:00
djm@openbsd.org
7d00799c93
upstream: refactor sshkey_from_private() 
feedback/ok markus@

OpenBSD-Commit-ID: e5dbe7a3545930c50f70ee75c867a1e08b382b53
 2022-10-28 12:46:59 +11:00
djm@openbsd.org
262647c2e9
upstream: factor out key generation 
feedback/ok markus@

OpenBSD-Commit-ID: 5b4211bff4de8d9adb84bc72857a8c42c44e7ceb
 2022-10-28 12:46:58 +11:00
djm@openbsd.org
401c74e7dc
upstream: refactor and simplify sshkey_read() 
feedback/ok markus@

OpenBSD-Commit-ID: 0d93b7a56e31cd06a8bb0d2191d084ce254b0971
 2022-10-28 12:46:57 +11:00