Darren Tucker [Wed, 26 Feb 2025 07:16:03 +0000 (18:16 +1100)]
Check for le32toh, le64toh, htole64 individually.
It appears that at least some versions of endian.h in glibc do not have
the latter two, so check for and replace each one individually.
bz#3794, ok djm@
Damien Miller [Mon, 24 Feb 2025 06:27:50 +0000 (17:27 +1100)]
Try to fix github tcmalloc target failure
tcmalloc may, depending on the stacktrace generator it uses, create
pipe(2) fds during shared library initialisation. These will later
get clobbered by ssh/sshd calling closefrom() and chaos will ensue.
Tell tcmalloc to use an unwinder that doesn't pull this stuff.
djm@openbsd.org [Sat, 15 Feb 2025 01:50:47 +0000 (01:50 +0000)]
upstream: Add support for "Match sessiontype" to ssh_config. Allows
matching on the type of session requested, either "shell" for interactive
sessions, "exec" for command execution sessions, "subsystem" for subsystem
requests, such as sftp, or "none" for transport/forwarding-only sessions.
upstream: In a section 1 manual, use the plain English words
"standard output" rather than the overly technical abbreviation "stdout" - we
are not talking about a device file or a FILE * object here. Issue reported
by <onf at disroot dot org> on the groff mailing list.
upstream: Call log_init in sshd-auth and sshd-session immediately
after parsing the config file so that any log settings set in the config file
take effect immediately. Move version banners to immediately after that, and
make them distinct per binary. ok djm@
Skip 2038 key expiry test on 64 bit time_t systems.
This allows testing Y2038 with system time set to after that (i.e. 2040),
so that actual Y2038 issues can be exposed, and not masked by key expiry
errors.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
upstream: Prevent integer overflow in x11 port handling. These are
theoretically possible if the admin misconfigures X11DisplayOffset or the
user misconfigures their own $DISPLAY, but don't happen in normal operation.
From Suhov Roman via bz#3730, ok djm@
upstream: Remove fallback to compiled-in gropup for dhgex when the
moduli file exists, but does not contain moduli within the client-requested
range. The fallback behaviour remains for the case where the moduli file does
not exist (typically, running tests prior to installing). From bz#2793, based
in part on patch from Joe Testa, ok djm@
Damien Miller [Wed, 4 Dec 2024 13:01:33 +0000 (00:01 +1100)]
Support systemd-style socket activation in agent
Adds support for systemd LISTEN_PID/LISTEN_FDS socket activation to
ssh-agent. Activated when these environment variables are set and
the agent is started with the -d or -D option and no socket path
is set.
Based on GHPR502 by Daniel Kahn Gillmor, ok dtucker
Jeremy Stott [Fri, 18 Oct 2024 23:10:52 +0000 (12:10 +1300)]
Add make target for standalone sk-libfido2
Add a Makefile target for sk-libfido2, the standalone fido2 security
key shared library, suitable for use with the SecurityKeyProvider
option.
Add a new configure option `--with-security-key-standalone` that
optionally sets the shared library target sk-libfido2$(SHLIBEXT), and
adds it to $(TARGETS).
misc.h is required when SK_STANDALONE is defined, because of the use
of `monotime_tv` in `sk_select_by_touch`.
Sets the shared library extension for sk-libfido2 is by setting
`SHLIBEXT` depending on the platform in configure.ac.
Add the shared library to the CI builds in the `sk` target config to
make sure it can compile under the same conditions as
`--with-security-key-builtin`.
Add a libssh-pic.a static library that compiles with `-fPIC` reusing
.c.lo method in sk-dummy.so for use in the shared library sk-libfido2.
Note, a separate static library libssh-pic.a is needed, since defining
-DSK_STANDALONE excludes some symbols needed in sshkey.lo.
djm@openbsd.org [Tue, 26 Nov 2024 22:01:37 +0000 (22:01 +0000)]
upstream: Explicitly specify the signature algorithm when signing
hostkeys-prove requests.
Fixes a corner-case triggered by UpdateHostKeys with one or more unknown
host keys stored in ssh-agent where sshd refuses to accept the signature
coming back from the agent.
Darren Tucker [Fri, 8 Nov 2024 18:14:16 +0000 (05:14 +1100)]
Reshuffle OpenWRT test configs.
Move the the flags used by the OpenWRT distro to mipsel target and
enable OpenSSL on all targets to improve coverage.
Explicitly disable security key and openssl on mips target so that host
end of the bigendian interop tests don't attempt them and fail (since
they're not enabled on the target side).
Darren Tucker [Sat, 2 Nov 2024 07:05:41 +0000 (18:05 +1100)]
Test bigendian interop.
Where our test target is a bigendian system, do an additional build on
the runner host (which is little endian) and test interop between the two.
Should hopefully catch obvious endianness bugs.
djm@openbsd.org [Wed, 6 Nov 2024 22:51:26 +0000 (22:51 +0000)]
upstream: ssh-agent implemented an all-or-nothing allow-list of
FIDO application IDs for security key-backed keys, to prevent web key handles
from being used remotely as this would likely lead to unpleasant surprises.
By default, only application IDs that start with "ssh:*" are allowed.
This adds a -Owebsafe-allow=... argument that can override the default
list with a more or less restrictive one. The default remains unchanged.
jca@openbsd.org [Mon, 4 Nov 2024 21:59:15 +0000 (21:59 +0000)]
upstream: Ignore extra groups that don't fit in the buffer passed
to getgrouplist(3)
Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents
an admin from adding a user to more groups. With that tweak we'll keep
on ignoring them instead of potentially reading past the buffer passed to
getgrouplist(3). That behavior is explicitely described in initgroups(3).
Darren Tucker [Fri, 25 Oct 2024 08:04:30 +0000 (19:04 +1100)]
Retire the minix3 test config.
It got broken by the sshd-auth change, it's not obvious why, and the
platform lacks the debugging tools (eg gdb, strace) to figure it out.
The upstream project seems effectively dead (6 years since the last
commit, 10 since the last release). It was useful while it lasted
(we found a real bug because of it) but its time seems to have passed.
projects / thirdparty / openssh-portable.git / log
