Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade to OpenSSH v9.7 #159

Merged
merged 1,789 commits into from
Jul 9, 2024
Merged

Upgrade to OpenSSH v9.7 #159

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1789 commits
Select commit Hold shift + click to select a range
8a6cd08
Update runner OS version for hardenedmalloc test.
daztucker Jun 22, 2023
a95fc5e
gss-serv.c: `MAXHOSTNAMELEN` -> `HOST_NAME_MAX`
SoapGentoo May 12, 2023
94842bf
upstream: add support for unix domain sockets to ssh -W
Jul 4, 2023
7e8800f
upstream: minleft and maxsign are u_int so cast appropriately. Prompted
daztucker Jul 6, 2023
8c7203b
replace deprecate selinux matchpathcon function
djmdjm Jul 12, 2023
4b43bc3
upstream: misplaced debug message
djmdjm Jul 10, 2023
2ee48ad
upstream: add defence-in-depth checks for some unreachable integer
djmdjm Jul 14, 2023
4b94d09
portable-specific int overflow defence-in-depth
djmdjm Jul 14, 2023
20b768f
Fix typo in declaration of nmesg.
daztucker Jul 14, 2023
18ea857
upstream: Include stdint.h for SIZE_MAX. Fixes OPENSSL=no build.
daztucker Jul 14, 2023
449566f
upstream: Support for KRL extensions.
djmdjm Jul 17, 2023
beec17b
upstream: remove vestigal support for KRL signatures
djmdjm Jul 17, 2023
3071d85
upstream: add a "match localnetwork" predicate.
djmdjm Jul 17, 2023
919bc3d
upstream: Add support for configuration tags to ssh(1).
djmdjm Jul 17, 2023
c6fad2c
avoid AF_LINK on platforms that don't define it
djmdjm Jul 17, 2023
05c08e5
upstream: return SSH_ERR_KRL_BAD_MAGIC when a KRL doesn't contain a
djmdjm Jul 17, 2023
ebe1104
upstream: Move RCSID to before license block and away from #includes,
djmdjm Jul 17, 2023
dc1dbe9
upstream: move other RCSIDs to before their respective license blocks
djmdjm Jul 17, 2023
eef4d7e
upstream: configuation -> configuration
jonathangray Jul 17, 2023
f1a9898
upstream: -P before -p in SYNOPSIS;
Jul 17, 2023
6d6e185
upstream: - add -P to usage() - sync the arg name to -J in usage()
Jul 17, 2023
b87b032
upstream: missing match localnetwork negation check
djmdjm Jul 17, 2023
ff04750
conditionalise match localnetwork on ifaddrs.h
djmdjm Jul 18, 2023
750911f
conditionalise stdint.h inclusion on HAVE_STDINT_H
djmdjm Jul 18, 2023
f3f56df
agent_fuzz doesn't want stdint.h conditionalised
djmdjm Jul 19, 2023
892506b
upstream: terminate process if requested to load a PKCS#11 provider
djmdjm Jul 19, 2023
1f2731f
upstream: Disallow remote addition of FIDO/PKCS11 provider
djmdjm Jul 19, 2023
29ef8a0
upstream: Ensure FIDO/PKCS11 libraries contain expected symbols
djmdjm Jul 19, 2023
099cdf5
upstream: Separate ssh-pkcs11-helpers for each p11 module
djmdjm Jul 19, 2023
51fda73
Bring back OPENSSL_HAS_ECC to ssh-pkcs11-client
djmdjm Jul 20, 2023
edc2ef4
depend
djmdjm Jul 20, 2023
5f83342
Handle a couple more OpenSSL no-ecc cases.
daztucker Jul 25, 2023
135e7d5
upstream: tweak the allow-remote-pkcs11 text;
Jul 20, 2023
076aeda
upstream: man page typos; ok jmc@
Jul 23, 2023
2d34205
upstream: make ssh -f (fork after authentication) work properly in
djmdjm Jul 26, 2023
36cdb5d
Retire dfly58 test VM. Add dfly64.
daztucker Jul 27, 2023
0fa803a
Prefer OpenSSL's SHA256 in sk-dummy.so
daztucker Jul 26, 2023
999a288
upstream: increase default KDF work-factor for OpenSSH format
djmdjm Jul 27, 2023
d1ffde6
upstream: make sshd_config AuthorizedPrincipalsCommand and
djmdjm Jul 27, 2023
6958f00
upstream: don't incorrectly truncate logged strings retrieved from
djmdjm Jul 27, 2023
e43f43d
upstream: better error messages
djmdjm May 12, 2023
8eb8899
upstream: test ChrootDirectory in Match block
djmdjm May 12, 2023
f446a44
upstream: add LTESTS_FROM variable to allow skipping of tests up to
djmdjm May 17, 2023
e0f91aa
upstream: don't need to start a command here; use ssh -N instead.
djmdjm Jul 28, 2023
77b8b86
upstream: %C is a callable macro in mdoc(7)
Jul 28, 2023
c88a878
upstream: remove unnecessary if statement.
daztucker Aug 1, 2023
f70010d
upstream: CheckHostIP has defaulted to 'no' for a while; make the
djmdjm Aug 2, 2023
9d92e7b
Fix RNG seeding for OpenSSL w/out self seeding.
daztucker Aug 3, 2023
e535fbe
upstream: Apply ConnectTimeout to multiplexing local socket
daztucker Aug 4, 2023
3961ed0
wrap poll.h include in HAVE_POLL_H
djmdjm Aug 9, 2023
58ca4f0
Only include unistd.h once.
daztucker Aug 10, 2023
78b4dc6
upstream: openssh-9.4
djmdjm Aug 10, 2023
d0cee42
update version in README
djmdjm Aug 10, 2023
0fcb60b
update versions in RPM specs
djmdjm Aug 10, 2023
e962f9b
depend
djmdjm Aug 10, 2023
a8c57bc
upstream: drop a wayward comma, ok jmc@
Aug 10, 2023
f9f1800
upstream: better debug logging of sessions' exit status
djmdjm Aug 10, 2023
fa8da52
Add obsd72 and obsd73 test targets.
daztucker Aug 13, 2023
d1ab7eb
upstream: add message number of SSH2_MSG_NEWCOMPRESS defined in RFC8308
djmdjm Aug 14, 2023
e706bca
upstream: defence-in-depth MaxAuthTries check in monitor; ok markus
djmdjm Aug 16, 2023
803e22e
upstream: fix regression in OpenSSH 9.4 (mux.c r1.99) that caused
djmdjm Aug 18, 2023
25b75e2
Add 9.4 branch to CI status page.
daztucker Aug 14, 2023
cb4ed12
Fix zlib version check for 1.3 and future version.
daztucker Aug 18, 2023
84efebf
upstream: want stdlib.h for free(3)
djmdjm Aug 21, 2023
1acac79
Add test for zlib development branch.
daztucker Aug 21, 2023
598ca75
Add OpenBSD ARM64 test host.
daztucker Aug 21, 2023
17fa6cd
obsd-arm64 host is real hardware...
daztucker Aug 21, 2023
3c6ab63
Include Portable version in sshd version string.
daztucker Aug 25, 2023
9d7193a
upstream: correct math for ClientAliveInterval that caused the
djmdjm Aug 21, 2023
d2d2479
upstream: Log errors in kex_exchange_identification() with level
tobhe Aug 21, 2023
dce6d80
upstream: Introduce a transport-level ping facility
djmdjm Aug 28, 2023
7603ba7
upstream: Add keystroke timing obfuscation to the client.
djmdjm Aug 28, 2023
3867361
upstream: explicit long long type in timing calculations (doesn't
djmdjm Aug 28, 2023
528da5b
upstream: add spacing for punctuation when macro args;
Aug 28, 2023
01dbf3d
upstream: limit artificial login delay to a reasonable maximum (5s)
djmdjm Aug 28, 2023
cfa6685
upstream: descriptive text shouldn't be under .Cm
djmdjm Aug 28, 2023
f980317
upstream: make PerSourceMaxStartups first-match-wins; ok dtucker@
djmdjm Aug 29, 2023
ff3eda6
Set LLONG_MAX for C89 test.
daztucker Aug 31, 2023
43254b3
upstream: set interactive mode for ControlPersist sessions if they
djmdjm Sep 3, 2023
ccf7d91
upstream: make channel_output_poll() return a flag indicating
djmdjm Sep 4, 2023
b5fd978
upstream: avoid bogus "obfuscate_keystroke_timing: stopping ..."
djmdjm Sep 4, 2023
694150a
upstream: trigger keystroke timing obfucation only if the channels
djmdjm Sep 4, 2023
e1c284d
upstream: Generate Ed25519 keys when invoked without arguments
job Sep 4, 2023
1ee0a16
upstream: handle cr+lf (instead of just cr) in sshsig signature
djmdjm Sep 6, 2023
52dfe3c
upstream: downgrade duplicate Subsystem directives from being a
djmdjm Sep 6, 2023
e19069c
upstream: preserve quoting of Subsystem commands and arguments.
djmdjm Sep 6, 2023
6e52826
upstream: allocate the subsystems array as necessary and remove the
djmdjm Sep 6, 2023
8a1450c
upstream: allow override of Sybsystem directives in sshd Match
djmdjm Sep 6, 2023
0e1f440
upstream: regression test for override of subsystem in match blocks
djmdjm Sep 6, 2023
249d8bd
upstream: fix scp in SFTP mode recursive upload and download of
djmdjm Sep 8, 2023
2de9901
upstream: the sftp code was one of my first contributions to
djmdjm Sep 8, 2023
7c0ce2b
upstream: regress test for recursive copies of directories containing
djmdjm Sep 8, 2023
5e1dfe5
upstream: fix recursive remote-remote copies of directories that
djmdjm Sep 8, 2023
c4f9664
upstream: regress test recursive remote-remote directories copies where
djmdjm Sep 8, 2023
bd1b9e5
upstream: fix sizeof(*ptr) instead sizeof(ptr) in realloc (pointer here
djmdjm Sep 8, 2023
90ccc59
upstream: randomise keystroke obfuscation intervals and average
djmdjm Sep 10, 2023
41232d2
Use zero-call-used-regs=used with Apple compilers.
daztucker Sep 10, 2023
21b79af
upstream: typo in comment
djmdjm Sep 10, 2023
b6b4913
upstream: rename remote_glob() -> sftp_glob() to match other API
djmdjm Sep 10, 2023
6c2c6ff
upstream: typo; from Jim Spath
Sep 19, 2023
12e2d4b
use portable provider allowlist path in manpage
djmdjm Oct 3, 2023
60ec3d5
upstream: fix link to agent draft; spotted by Jann Horn
djmdjm Oct 3, 2023
ffe27e5
upstream: add some cautionary text about % token expansion and
djmdjm Oct 4, 2023
f65f187
upstream: openssh-9.5
djmdjm Oct 4, 2023
80a2f64
crank version numbers
djmdjm Oct 4, 2023
f01f513
upstream: spelling fix;
Oct 4, 2023
cb54bec
upstream: REGRESS_FAIL_EARLY defaults to yes now. So no need to
cjeker Sep 24, 2023
e84517f
upstream: Perform the softhsm2 setup as discrete steps rather than
djmdjm Oct 6, 2023
90b0d73
upstream: typo in error message
djmdjm Oct 6, 2023
8d29ee4
upstream: Reserve a range of "local extension" message numbers that
djmdjm Oct 10, 2023
0354790
upstream: Garbage collect cipher_get_keyiv_len()
botovq Oct 10, 2023
208c2b7
upstream: s/%.100s/%s/ in SSH- banner construction as there's no
djmdjm Oct 11, 2023
c97520d
upstream: in olde rcp/scp protocol mode, when rejecting a path from the
djmdjm Oct 11, 2023
fc77c8e
upstream: mention "none" is a valid argument to IdentityFile; bz3080
djmdjm Oct 11, 2023
76e91e7
upstream: add support for reading ED25519 private keys in PEM PKCS8
djmdjm Oct 11, 2023
a752a6c
upstream: add ChannelTimeout support to the client, mirroring the
djmdjm Oct 11, 2023
64f7ca8
upstream: ssh -Q does not make sense with other command-line options,
djmdjm Oct 11, 2023
531b27a
upstream: sync usage() with ssh.1; spotted by kn@
djmdjm Oct 11, 2023
a612b93
upstream: mask SIGINT/TERM/QUIT/HUP before checking quit_pending
djmdjm Oct 12, 2023
7f3180b
upstream: release GSS OIDs only at end of authentication; bz2982,
djmdjm Oct 12, 2023
98fc34d
upstream: add %j token that expands to the configured ProxyJump
djmdjm Oct 12, 2023
281c791
Solaris: prefer PRIV_XPOLICY to PRIV_LIMIT
djmdjm Oct 12, 2023
f59a94e
upstream: don't dereference NULL pointer when hashing jumphost
djmdjm Oct 12, 2023
5ec0ed7
upstream: 64 %-expansion keys ought to be enough for anybody; ok
djmdjm Oct 12, 2023
c49a3fb
upstream: ensure logs are owned by correct user; feedback/ok
djmdjm Oct 12, 2023
c616e64
upstream: typos and extra debug trace calls
djmdjm Oct 12, 2023
971e0cf
Correct arg order for ED255519 AC_LINK_IFELSE test.
daztucker Oct 12, 2023
637624d
Don't use make -j2.
daztucker Oct 12, 2023
6eee8c9
run t-extra regress tests
djmdjm Oct 13, 2023
62db354
upstream: Move declaration of "len" into the block where it's used.
daztucker Oct 16, 2023
064e09c
Remove reference of dropped sshd.pam.old file
FabioPedretti Oct 16, 2023
c2003d0
Update openssl-devel dependency in RPM spec.
FabioPedretti Oct 16, 2023
fbaa707
upstream: Add interop test with Dropbear.
daztucker Oct 20, 2023
c54a503
upstream: Allow overriding the locations of the Dropbear binaries
daztucker Oct 20, 2023
ff85bec
Have configure find PuTTY and Conch binaries.
daztucker Oct 20, 2023
f993bb5
Resync PuTTY and Conch path handling with upstream.
daztucker Oct 20, 2023
1ca166d
Install Dropbear for interop testing.
daztucker Oct 20, 2023
da951b5
upstream: Use private key that is allowed by sshd defaults in conch
Oct 23, 2023
a611e4d
upstream: ssh conch interop tests requires a controlling terminal;
Oct 25, 2023
d220b9e
upstream: Import regenerated moduli.
daztucker Oct 25, 2023
ea00391
upstream: Skip conch interop tests when not enabled instead of fatal.
daztucker Oct 26, 2023
e612376
upstream: make use of bsd.regress.mk in extra and interop targets; ok
Oct 26, 2023
1d6a878
upstream: Only try to chown logfiles that exist to prevent spurious
daztucker Oct 29, 2023
c5698ab
Don't exit early when setting up on Mac OS X.
daztucker Oct 30, 2023
917ba18
Restore nopasswd sudo rule on Mac OS X.
daztucker Oct 30, 2023
3e21d58
Add OpenSSL 3.3.0 as a known dev version.
daztucker Oct 30, 2023
3cf698c
Add obsd74 test VM and retire obsd69 and obsd70.
daztucker Oct 30, 2023
f82fa22
upstream: tidy and refactor PKCS#11 setup code
djmdjm Oct 30, 2023
3a50659
upstream: move PKCS#11 setup code to test-exec.sh so it can be reused
djmdjm Oct 30, 2023
fc3cc33
upstream: Only try to chmod logfile if we have sudo. If we don't have
daztucker Oct 31, 2023
fb06f9b
upstream: Don't try to use sudo inside sshd log wrapper.
daztucker Oct 31, 2023
7ddf276
upstream: add some tests of forced commands overriding Subsystem
djmdjm Nov 1, 2023
e9fc2c4
Put long-running test targets on hipri runners.
daztucker Nov 1, 2023
c8ed7cc
upstream: Specify ssh binary to use
daztucker Nov 1, 2023
64e0600
Test current releases of LibreSSL and OpenSSL.
daztucker Nov 13, 2023
676377c
upstream: Make sure sftp_get_limits() only returns 0 if 'limits'
tobhe Nov 13, 2023
050c335
upstream: when deciding whether to enable keystroke timing
djmdjm Nov 15, 2023
26f3f3b
upstream: when connecting via socket (the default case), filter
djmdjm Nov 15, 2023
c52db01
upstream: set errno=EAFNOSUPPORT when filtering addresses that don't
djmdjm Nov 20, 2023
2a19e02
Allow for vendor prefix on clang version numbers.
daztucker Nov 21, 2023
ff220d4
Stop using -fzero-call-used-regs=all
daztucker Nov 21, 2023
99a2df5
Expand -fzero-call-used-regs test to cover gcc 11.
daztucker Nov 21, 2023
de304c7
Add fbsd14 VM to test pool.
daztucker Nov 21, 2023
ee0d305
Factor out compiler test program into a macro.
daztucker Nov 22, 2023
cea007d
Run compiler test program when compiling natively.
daztucker Nov 22, 2023
670f5a6
Check return value from write to prevent warning.
daztucker Nov 23, 2023
a93284a
Add gcc-12 -Werror test on Ubuntu 22.04.
daztucker Nov 23, 2023
f299340
Add an Ubuntu 22.04 test VM.
daztucker Nov 23, 2023
1d7f9b6
upstream: Include existing mux path in debug message.
daztucker Nov 23, 2023
3d44a5c
upstream: Plug mem leak of msg when processing a quit message.
daztucker Nov 24, 2023
747dce3
Use non-zero arg in compiler test program.
daztucker Nov 24, 2023
947affa
Add tests for OpenSSL 3.2.0 and 3.2 stable branch.
daztucker Nov 26, 2023
19d3ee2
upstream: short circuit debug log processing early if we're not going
djmdjm Dec 6, 2023
4086bd6
upstream: prevent leak in sshsig_match_principals; ok djm@
mfriedl Dec 8, 2023
aa7b217
upstream: when invoking KnownHostsCommand to determine the order of
djmdjm Dec 13, 2023
59d691b
better detection of broken -fzero-call-used-regs
djmdjm Dec 18, 2023
1edb00c
upstream: implement "strict key exchange" in ssh and sshd
djmdjm Dec 18, 2023
a7ed931
upstream: add "[email protected]" extension
djmdjm Dec 18, 2023
881d9c6
upstream: apply destination constraints to all p11 keys
djmdjm Dec 18, 2023
4448a29
upstream: Make it possible to load certs from PKCS#11 tokens
djmdjm Dec 18, 2023
0cb50ee
upstream: stricter handling of channel window limits
djmdjm Dec 18, 2023
7ef3787
upstream: ban user/hostnames with most shell metacharacters
djmdjm Dec 18, 2023
6d51fea
upstream: ssh-agent: record failed session-bind attempts
djmdjm Dec 18, 2023
cdddd66
upstream: openssh-9.6
djmdjm Dec 18, 2023
2f512f8
upstream: regress test for constrained PKCS#11 keys
djmdjm Dec 18, 2023
e48cdee
upstream: regress test for agent PKCS#11-backed certificates
djmdjm Dec 18, 2023
2f2c65c
depend
djmdjm Dec 18, 2023
8241b9c
crank versions
djmdjm Dec 18, 2023
1036d77
better detection of broken -fzero-call-used-regs
djmdjm Dec 22, 2023
430ef86
upstream: match flag type (s/int/u_int)
djmdjm Dec 18, 2023
5413b1c
upstream: correct section numbers; from Ed Maste
djmdjm Dec 19, 2023
503fbe9
upstream: sort -C, and add to usage(); ok djm
Dec 19, 2023
64ddf77
upstream: spelling; ok markus@
jonathangray Dec 20, 2023
f0cbd26
upstream: Import regenerated moduli.
daztucker Jan 4, 2024
86f9e96
upstream: fix typo; spotted by Albert Chin
djmdjm Jan 8, 2024
a72833d
upstream: remove ext-info-* in the kex.c code, not in callers;
djmdjm Jan 8, 2024
9ea0a45
unbreak fuzzers for clang16
djmdjm Jan 8, 2024
fc332cb
unbreak fuzzers - missing pkcs11_make_cert()
djmdjm Jan 8, 2024
698fe6f
update fuzzer example makefile to clang16
djmdjm Jan 8, 2024
f64cede
upstream: make kex-strict section more explicit about its intent:
djmdjm Jan 8, 2024
4c3cf36
upstream: fix missing field in [email protected] reply
djmdjm Jan 8, 2024
219c813
upstream: Remove outdated note from PROTOCOL.mux
djmdjm Jan 8, 2024
6b8be2c
Fix compilation error in ssh-pcks11-client.c
AZero13 Dec 19, 2023
690bc12
README.platform: update tuntap url
sevan Dec 27, 2023
42ba34a
nite that recent OSX tun/tap is unsupported
djmdjm Jan 8, 2024
602f4be
upstream: adapt ssh_api.c code for kex-strict
djmdjm Jan 9, 2024
b31b12d
upstream: add a "global" ChannelTimeout type to ssh(1) and sshd(8)
djmdjm Jan 9, 2024
9707c81
upstream: extend ChannelTimeout regression test to exercise multiplexed
djmdjm Jan 9, 2024
afcc902
upstream: fix incorrect capitalisation;
Jan 10, 2024
4e83812
upstream: make DSA key support compile-time optional, defaulting to
djmdjm Jan 11, 2024
f9311e8
upstream: ensure key_fd is filled when DSA is disabled; spotted by
djmdjm Jan 11, 2024
415c94c
upstream: make DSA testing optional, defaulting to on
djmdjm Jan 11, 2024
50080fa
upstream: don't disable RSA test when DSA is disabled; bug introduced
djmdjm Jan 11, 2024
0d96b15
skip tests that use multiplexing on Windows
djmdjm Jan 16, 2024
c283f29
upstream: whitespace
djmdjm Feb 1, 2024
3ad669f
ignore some vim droppings
djmdjm Feb 1, 2024
0f6a8a0
Use "skip" function instead doing it ourselves.
daztucker Feb 6, 2024
be5ed8e
Add --disable-fd-passing option.
daztucker Feb 6, 2024
91898bf
Put privsep dir on OS X on /usr/local.
daztucker Feb 6, 2024
cbbdf86
Interop test against PuTTY snapshot and releases.
daztucker Feb 7, 2024
efde85d
Improve error message for OpenSSL header check.
daztucker Feb 19, 2024
4dbc5a3
upstream: whitespace
djmdjm Feb 2, 2024
d31c21c
upstream: clean sshd random relinking kit; ok miod@
Feb 10, 2024
bbf541e
upstream: Factor out PuTTY setup.
daztucker Feb 9, 2024
84046f9
upstream: Exapnd PuTTY test coverage.
daztucker Feb 9, 2024
e27f032
upstream: Always define puttysetup function.
daztucker Feb 19, 2024
ee6d932
upstream: don't append a gratuitous space to the end of subsystem
djmdjm Feb 20, 2024
9844aa2
upstream: fix proxy multiplexing mode, broken when keystroke timing
djmdjm Feb 21, 2024
ab73f96
upstream: fix typo in match directive predicate (s/tagged/tag) GHPR#462
djmdjm Feb 21, 2024
d410e17
upstream: .Cm for a keyword. Part of GHPR#454 from Niklas Hambüchen
djmdjm Feb 21, 2024
d1164cb
upstream: clarify permissions requirements for ChrootDirectory Part
djmdjm Feb 21, 2024
9ee335a
upstream: explain arguments of internal-sftp GHPR#454 from Niklas
djmdjm Feb 21, 2024
d86bf8a
more descriptive configure test name
djmdjm Feb 22, 2024
6886e1b
Add nbsd10 test target.
daztucker Feb 22, 2024
65a44a8
upstream: Separate parsing of string array options from applying them
djmdjm Mar 4, 2024
3deb501
upstream: fix leak of CanonicalizePermittedCNAMEs on error path;
djmdjm Mar 4, 2024
668d270
add a --without-retpoline configure option
djmdjm Mar 5, 2024
d52b650
disable RSA tests when algorithm is not supported
djmdjm Mar 6, 2024
2427428
upstream: wrap a few PKCS#11-specific bits in ENABLE_PKCS11
djmdjm Mar 6, 2024
c47e1c9
upstream: fix memory leak in mux proxy mode when requesting forwarding.
djmdjm Mar 6, 2024
9b3f0be
Prefer openssl binary from --with-ssl-dir directory.
daztucker Mar 7, 2024
2f9d2af
upstream: Invoke ProxyCommand that uses stderr redirection via
daztucker Mar 8, 2024
cd82f75
upstream: skip more whitespace, fixes find-principals on
djmdjm Mar 8, 2024
a6a740a
upstream: avoid logging in signal handler by converting mainloop to
djmdjm Mar 9, 2024
26b09b4
quote regexes used to test for algorithm support
djmdjm Mar 10, 2024
8fc109c
Test against current OpenSSL and LibreSSL releases.
daztucker Mar 11, 2024
3876a3b
upstream: openssh-9.7
djmdjm Mar 11, 2024
2827214
crank RPM spec versions
djmdjm Mar 11, 2024
86bdd38
version number in README
djmdjm Mar 11, 2024
490ff89
Upgrade to OpenSSH v9.7
geedo0 Jun 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 33 additions & 40 deletions .depend
View file
Open in desktop

Large diffs are not rendered by default.

17 changes: 14 additions & 3 deletions .github/ci-status.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,15 @@
[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml)
[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml)
[![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml)
master :
[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:master)
[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:master)
[![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml?query=branch:master)
[![CIFuzz](https://github.com/openssh/openssh-portable/actions/workflows/cifuzz.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/cifuzz.yml)
[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh)
[![Coverity Status](https://scan.coverity.com/projects/21341/badge.svg)](https://scan.coverity.com/projects/openssh-portable)

9.4 :
[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_9_4)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_9_4)
[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_4)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_4)

9.3 :
[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_9_3)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_9_3)
[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_3)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_3)
210 changes: 184 additions & 26 deletions .github/configs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,13 @@
# LTESTS

config=$1
if [ "$config" = "" ]; then
config="default"
fi

unset CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO

TEST_TARGET="tests"
TEST_TARGET="tests compat-tests"
LTESTS=""
SKIP_LTESTS=""
SUDO=sudo # run with sudo by default
Expand All @@ -25,26 +30,97 @@ case "$config" in
default|sol64)
;;
c89)
# If we don't have LLONG_MAX, configure will figure out that it can
# get it by setting -std=gnu99, at which point we won't be testing
# C89 any more. To avoid this, feed it in via CFLAGS.
llong_max=`gcc -E -dM - </dev/null | \
awk '$2=="__LONG_LONG_MAX__"{print $3}'`
CPPFLAGS="-DLLONG_MAX=${llong_max}"

CC="gcc"
CFLAGS="-Wall -std=c89 -pedantic -Werror=vla"
CONFIGFLAGS="--without-zlib"
LIBCRYPTOFLAGS="--without-openssl"
TEST_TARGET=t-exec
;;
cygwin-release)
CONFIGFLAGS="--with-libedit --with-xauth=/usr/bin/xauth --disable-strip --with-security-key-builtin"
# See https://cygwin.com/git/?p=git/cygwin-packages/openssh.git;a=blob;f=openssh.cygport;hb=HEAD
CONFIGFLAGS="--with-xauth=/usr/bin/xauth --with-security-key-builtin"
CONFIGFLAGS="$CONFIGFLAGS --with-kerberos5=/usr --with-libedit --disable-strip"
;;
clang-12-Werror)
CC="clang-12"
# clang's implicit-fallthrough requires that the code be annotated with
# __attribute__((fallthrough)) and does not understand /* FALLTHROUGH */
CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough"
CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough -Wno-error=unused-parameter"
CONFIGFLAGS="--with-pam --with-Werror"
;;
*-sanitize-*)
case "$config" in
gcc-*)
CC=gcc
;;
clang-*)
# Find the newest available version of clang
for i in `seq 10 99`; do
clang="`which clang-$i 2>/dev/null`"
[ -x "$clang" ] && CC="$clang"
done
;;
esac
# Put Sanitizer logs in regress dir.
SANLOGS=`pwd`/regress
# - We replace chroot with chdir so that the sanitizer in the preauth
# privsep process can read /proc.
# - clang does not recognizes explicit_bzero so we use bzero
# (see https://github.com/google/sanitizers/issues/1507
# - openssl and zlib trip ASAN.
# - sp_pwdp returned by getspnam trips ASAN, hence disabling shadow.
case "$config" in
*-sanitize-address)
CFLAGS="-fsanitize=address -fno-omit-frame-pointer"
LDFLAGS="-fsanitize=address"
CPPFLAGS='-Dchroot=chdir -Dexplicit_bzero=bzero -D_FORTIFY_SOURCE=0 -DASAN_OPTIONS=\"detect_leaks=0:log_path='$SANLOGS'/asan.log\"'
CONFIGFLAGS=""
TEST_TARGET="t-exec"
;;
clang-sanitize-memory)
CFLAGS="-fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer"
LDFLAGS="-fsanitize=memory"
CPPFLAGS='-Dchroot=chdir -Dexplicit_bzero=bzero -DMSAN_OPTIONS=\"log_path='$SANLOGS'/msan.log\"'
CONFIGFLAGS="--without-zlib --without-shadow"
LIBCRYPTOFLAGS="--without-openssl"
TEST_TARGET="t-exec"
;;
*-sanitize-undefined)
CFLAGS="-fsanitize=undefined"
LDFLAGS="-fsanitize=undefined"
;;
*)
echo unknown sanitize option;
exit 1;;
esac
features="--disable-security-key --disable-pkcs11"
hardening="--without-sandbox --without-hardening --without-stackprotect"
privsep="--with-privsep-user=root"
CONFIGFLAGS="$CONFIGFLAGS $features $hardening $privsep"
# Because we hobble chroot we can't test it.
SKIP_LTESTS=sftp-chroot
;;
gcc-11-Werror)
CC="gcc"
CC="gcc-11"
# -Wnoformat-truncation in gcc 7.3.1 20180130 fails on fmt_scaled
# -Wunused-result ignores (void) so is not useful. See
# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425
CFLAGS="-O2 -Wno-format-truncation -Wimplicit-fallthrough=4 -Wno-unused-parameter -Wno-unused-result"
CONFIGFLAGS="--with-pam --with-Werror"
;;
gcc-12-Werror)
CC="gcc-12"
# -Wnoformat-truncation in gcc 7.3.1 20180130 fails on fmt_scaled
CFLAGS="-Wall -Wextra -Wno-format-truncation -O2 -Wimplicit-fallthrough=4"
# -Wunused-result ignores (void) so is not useful. See
# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425
CFLAGS="-O2 -Wno-format-truncation -Wimplicit-fallthrough=4 -Wno-unused-parameter -Wno-unused-result"
CONFIGFLAGS="--with-pam --with-Werror"
;;
clang*|gcc*)
Expand All @@ -53,7 +129,7 @@ case "$config" in
kitchensink)
CONFIGFLAGS="--with-kerberos5 --with-libedit --with-pam"
CONFIGFLAGS="${CONFIGFLAGS} --with-security-key-builtin --with-selinux"
CONFIGFLAGS="${CONFIGFLAGS} --with-cflags=-DSK_DEBUG"
CFLAGS="-DSK_DEBUG -DSANDBOX_SECCOMP_FILTER_DEBUG"
;;
hardenedmalloc)
CONFIGFLAGS="--with-ldflags=-lhardened_malloc"
Expand Down Expand Up @@ -81,11 +157,25 @@ case "$config" in
CONFIGFLAGS="--with-pam"
SSHD_CONFOPTS="UsePam yes"
;;
boringssl)
CONFIGFLAGS="--disable-pkcs11"
LIBCRYPTOFLAGS="--with-ssl-dir=/opt/boringssl --with-rpath=-Wl,-rpath,"
;;
libressl-*)
LIBCRYPTOFLAGS="--with-ssl-dir=/opt/libressl --with-rpath=-Wl,-rpath,"
;;
putty-*)
CONFIGFLAGS="--with-plink=/usr/local/bin/plink --with-puttygen=/usr/local/bin/puttygen"
# We don't need to rerun the regular tests, just the interop ones.
TEST_TARGET=interop-tests
;;
openssl-*)
LIBCRYPTOFLAGS="--with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath,"
# OpenSSL 1.1.1 specifically has a bug in its RNG that breaks reexec
# fallback. See https://bugzilla.mindrot.org/show_bug.cgi?id=3483
if [ "$config" = "openssl-1.1.1" ]; then
SKIP_LTESTS="reexec"
fi
;;
selinux)
CONFIGFLAGS="--with-selinux"
Expand All @@ -97,7 +187,7 @@ case "$config" in
LIBCRYPTOFLAGS="--without-openssl"
TEST_TARGET=t-exec
;;
valgrind-[1-4]|valgrind-unit)
valgrind-[1-5]|valgrind-unit)
# rlimit sandbox and FORTIFY_SOURCE confuse Valgrind.
CONFIGFLAGS="--without-sandbox --without-hardening"
CONFIGFLAGS="$CONFIGFLAGS --with-cppflags=-D_FORTIFY_SOURCE=0"
Expand All @@ -106,15 +196,19 @@ case "$config" in
export TEST_SSH_ELAPSED_TIMES
# Valgrind slows things down enough that the agent timeout test
# won't reliably pass, and the unit tests run longer than allowed
# by github so split into three separate tests.
tests2="rekey integrity try-ciphers sftp"
tests3="krl forward-control sshsig agent-restrict kextype"
# by github so split into separate tests.
tests2="integrity try-ciphers"
tests3="krl forward-control sshsig agent-restrict kextype sftp"
tests4="cert-userkey cert-hostkey kextype sftp-perm keygen-comment percent"
tests5="rekey"
case "$config" in
valgrind-1)
# All tests except agent-timeout (which is flaky under valgrind)
#) and slow ones that run separately to increase parallelism.
SKIP_LTESTS="agent-timeout ${tests2} ${tests3} ${tests4}"
# All tests except agent-timeout (which is flaky under valgrind),
# connection-timeout (which doesn't work since it's so slow)
# and hostbased (since valgrind won't let ssh exec keysign).
# Slow ones are run separately to increase parallelism.
SKIP_LTESTS="agent-timeout connection-timeout hostbased"
SKIP_LTESTS="$SKIP_LTESTS ${tests2} ${tests3} ${tests4} ${tests5}"
;;
valgrind-2)
LTESTS="${tests2}"
Expand All @@ -125,11 +219,18 @@ case "$config" in
valgrind-4)
LTESTS="${tests4}"
;;
valgrind-5)
LTESTS="${tests5}"
;;
valgrind-unit)
TEST_TARGET="unit USE_VALGRIND=1"
;;
esac
;;
zlib-develop)
INSTALL_ZLIB=develop
CONFIGFLAGS="--with-zlib=/opt/zlib --with-rpath=-Wl,-rpath,"
;;
*)
echo "Unknown configuration $config"
exit 1
Expand All @@ -139,28 +240,53 @@ esac
# The Solaris 64bit targets are special since they need a non-flag arg.
case "$config" in
sol64*)
CONFIGFLAGS="x86_64 --with-cflags=-m64 --with-ldflags=-m64 ${CONFIGFLAGS}"
LIBCRYPTOFLAGS="--with-ssl-dir=/usr/local/ssl64"
CONFIGFLAGS="--target=x86_64 --with-cflags=-m64 --with-ldflags=-m64 ${CONFIGFLAGS}"
LIBCRYPTOFLAGS="--with-ssl-dir=/usr/local/ssl64 --with-rpath=-Wl,-rpath,"
;;
esac

case "${TARGET_HOST}" in
aix*)
CONFIGFLAGS="--disable-security-key"
LIBCRYPTOFLAGS="--without-openssl"
# These are slow real or virtual machines so skip the slowest tests
# (which tend to be thw ones that transfer lots of data) so that the
# test run does not time out.
# The agent-restrict test fails due to some quoting issue when run
# with sh or ksh so specify bash for now.
TEST_TARGET="t-exec unit TEST_SHELL=bash"
SKIP_LTESTS="rekey sftp"
;;
debian-riscv64)
# This machine is fairly slow, so skip the unit tests.
TEST_TARGET="t-exec"
;;
dfly58*|dfly60*)
# scp 3-way connection hangs on these so skip until sorted.
SKIP_LTESTS=scp3
;;
fbsd6)
# Native linker is not great with PIC so OpenSSL is built w/out.
CONFIGFLAGS="${CONFIGFLAGS} --disable-security-key"
;;
hurd)
SKIP_LTESTS="forwarding multiplex proxy-connect hostkey-agent agent-ptrace"
;;
minix3)
LIBCRYPTOFLAGS="--without-openssl --disable-security-key"
CONFIGFLAGS="${CONFIGFLAGS} --disable-security-key"
# Unix domain sockets don't work quite like we expect, so also
# disable FD passing (and thus multiplexing).
CONFIGFLAGS="${CONFIGFLAGS} --disable-fd-passing"
LIBCRYPTOFLAGS="--without-openssl"

# Minix does not have a loopback interface so we have to skip any
# test that relies on one.
# Also, Minix seems to be very limited in the number of select()
# calls that can be operating concurrently, so prune additional tests for that.
T="addrmatch agent-restrict brokenkeys cfgmatch cfgmatchlisten cfgparse connect
connect-uri exit-status forward-control forwarding hostkey-agent
key-options keyscan knownhosts-command login-timeout multiplex
T="addrmatch agent-restrict brokenkeys cfgmatch cfgmatchlisten cfgparse
connect connect-uri dynamic-forward exit-status forwarding
forward-control
hostkey-agent key-options keyscan knownhosts-command login-timeout
reconfigure reexec rekey scp scp-uri scp3 sftp sftp-badcmds
sftp-batch sftp-cmds sftp-glob sftp-perm sftp-uri stderr-data
transfer"
Expand All @@ -173,6 +299,11 @@ case "${TARGET_HOST}" in
# SHA256 functions in sha2.h conflict with OpenSSL's breaking sk-dummy
CONFIGFLAGS="${CONFIGFLAGS} --without-hardening --disable-security-key"
;;
openwrt-*)
CONFIGFLAGS="${CONFIGFLAGS} --without-zlib"
LIBCRYPTOFLAGS="--without-openssl"
TEST_TARGET="t-exec"
;;
sol10|sol11)
# sol10 VM is 32bit and the unit tests are slow.
# sol11 has 4 test configs so skip unit tests to speed up.
Expand All @@ -184,23 +315,50 @@ case "${TARGET_HOST}" in
;;
esac

# Unless specified otherwise, build without OpenSSL on Mac OS since
# modern versions don't ship with libcrypto.
case "`./config.guess`" in
host=`./config.guess`
case "$host" in
*cygwin)
SUDO=""
# Don't run compat tests on cygwin as they don't currently compile.
TEST_TARGET="tests"
;;
*-darwin*)
# Unless specified otherwise, build without OpenSSL on Mac OS since
# modern versions don't ship with libcrypto.
LIBCRYPTOFLAGS="--without-openssl"
TEST_TARGET=t-exec

# On some OS X runners we can't write to /var/empty.
CONFIGFLAGS="${CONFIGFLAGS} --with-privsep-path=/usr/local/empty"

case "$host" in
*-darwin22.*)
# sudo -S nobody doesn't work on macos 13 for some reason.
SKIP_LTESTS="agent-getpeereid" ;;
esac
;;
esac

# If we have a local openssl/libressl, use that.
# Unless specifically configured, search for a suitable version of OpenSSL,
# otherwise build without it.
if [ -z "${LIBCRYPTOFLAGS}" ]; then
LIBCRYPTOFLAGS="--without-openssl"
# last-match
for i in /usr/local /usr/local/ssl /usr/local/opt/openssl; do
for i in /usr /usr/local /usr/local/ssl /usr/local/opt/openssl; do
ver="none"
if [ -x ${i}/bin/openssl ]; then
LIBCRYPTOFLAGS="--with-ssl-dir=${i}"
ver="$(${i}/bin/openssl version)"
fi
case "$ver" in
none) ;;
"OpenSSL 0."*|"OpenSSL 1.0."*|"OpenSSL 1.1.0"*) ;;
"LibreSSL 2."*|"LibreSSL 3.0."*) ;;
*) LIBCRYPTOFLAGS="--with-ssl-dir=${i}" ;;
esac
done
if [ "${LIBCRYPTOFLAGS}" = "--without-openssl" ]; then
TEST_TARGET="t-exec"
fi
fi

CONFIGFLAGS="${CONFIGFLAGS} ${LIBCRYPTOFLAGS}"
Expand All @@ -210,5 +368,5 @@ if [ -x "$(which plink 2>/dev/null)" ]; then
export REGRESS_INTEROP_PUTTY
fi

export CC CFLAGS LTESTS SUDO
export CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
export TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS TEST_SSH_FAIL_FATAL
2 changes: 1 addition & 1 deletion .github/configure.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,4 @@ if [ "x$LDFLAGS" != "x" ]; then
fi

echo ./configure ${CONFIGFLAGS}
./configure ${CONFIGFLAGS}
./configure ${CONFIGFLAGS} 2>&1
16 changes: 15 additions & 1 deletion .github/run_test.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,22 @@

set -ex

# If we want to test hostbased auth, set up the host for it.
if [ ! -z "$SUDO" ] && [ ! -z "$TEST_SSH_HOSTBASED_AUTH" ]; then
sshconf=/usr/local/etc
hostname | $SUDO tee $sshconf/shosts.equiv >/dev/null
echo "EnableSSHKeysign yes" | $SUDO tee $sshconf/ssh_config >/dev/null
$SUDO mkdir -p $sshconf
$SUDO cp -p /etc/ssh/ssh_host*key* $sshconf
$SUDO make install
for key in $sshconf/ssh_host*key*.pub; do
echo `hostname` `cat $key` | \
$SUDO tee -a $sshconf/ssh_known_hosts >/dev/null
done
fi

output_failed_logs() {
for i in regress/failed*; do
for i in regress/failed*.log; do
if [ -f "$i" ]; then
echo -------------------------------------------------------------------------
echo LOGFILE $i
Expand Down
Loading