Damien Miller [Mon, 11 Aug 2025 05:54:35 +0000 (15:54 +1000)]
support sntrup761x25519-sha512 alias
OpenSSH 9.1 supports the sntrup761x25519-sha512@openssh.com
key agreement algorithm. As part of standardisation, this algorithm
has been assigned the name sntrup761x25519-sha512.
This commit enables the existing algorithm under this new name.
Darren Tucker [Fri, 16 Dec 2022 08:23:07 +0000 (19:23 +1100)]
Backport test workflow config changes.
The self-hosted runner setup has been changed recently and the configs
in the V_9_1 branch no longer work with the current runners. Backport
the changes from master so that the tests on this branch work again.
Darren Tucker [Wed, 30 Nov 2022 00:23:11 +0000 (11:23 +1100)]
Use -fzero-call-used-regs=used on clang 15.
clang 15 seems to have a problem with -fzero-call-used-reg=all which
causes spurious "incorrect signature" failures with ED25519. On those
versions, use -fzero-call-used-regs=used instead. (We may add exceptions
later if specific versions prove to be OK). Also move the GCC version
check to match.
Initial investigation by Daniel Pouzzner (douzzer at mega nu), workaround
suggested by Bill Wendling (morbo at google com). bz#3475, ok djm@
Darren Tucker [Tue, 1 Nov 2022 08:10:30 +0000 (19:10 +1100)]
Always use compat getentropy.
Have it call native getentropy and fall back as required. Should fix
issues of platforms where libc has getentropy but it is not implemented
in the kernel. Based on github PR#354 from simsergey.
Harmen Stoppels [Thu, 13 Oct 2022 14:08:46 +0000 (16:08 +0200)]
Fix snprintf configure test for clang 15
Clang 15 -Wimplicit-int defaults to an error in C99 mode and above.
A handful of tests have "main(..." and not "int main(..." which caused
the tests to produce incorrect results.
upstream: add a RequiredRSASize for checking RSA key length in
ssh(1). User authentication keys that fall beneath this limit will be
ignored. If a host presents a host key beneath this limit then the connection
will be terminated (unfortunately there are no fallbacks in the protocol for
host authentication).
upstream: sftp: Be a bit more clever about completions
There are commands (e.g. "get" or "put") that accept two
arguments, a local path and a remote path. However, the way
current completion is written doesn't take this distinction into
account and always completes remote or local paths.
By expanding CMD struct and "cmds" array this distinction can be
reflected and with small adjustment to completer code the correct
path can be completed.
upstream: sftp: Don't attempt to complete arguments for
non-existent commands
If user entered a non-existent command (e.g. because they made a
typo) there is no point in trying to complete its arguments. Skip
calling complete_match() if that's the case.
upstream: sk_enroll: never drop SSH_SK_USER_VERIFICATION_REQD flag
from response
Now that all FIDO signing calls attempt first without PIN and then
fall back to trying PIN only if that attempt fails, we can remove the
hack^wtrick that removed the UV flag from the keys returned during
enroll.
Darren Tucker [Fri, 2 Sep 2022 04:28:14 +0000 (14:28 +1000)]
Resync arc4random with OpenBSD.
This brings us up to current, including djm's random-reseeding change,
as prompted by logan at cyberstorm.mu in bz#3467. It brings the
platform-specific hooks from LibreSSL Portable, simplified to match our
use case. ok djm@.
Darren Tucker [Fri, 2 Sep 2022 04:20:04 +0000 (14:20 +1000)]
Move OPENBSD ORIGINAL marker.
Putting this after the copyright statement (which doesn't change)
instead of before the version identifier (which does) prevents merge
conflicts when resyncing changes.
Darren Tucker [Fri, 26 Aug 2022 06:26:06 +0000 (16:26 +1000)]
Add cygwin-release test target.
This also moves the cygwin package install from the workflow file to
setup_ci.sh so that we can install different sets of Cygwin packages
for different test configs.
Darren Tucker [Fri, 12 Aug 2022 05:08:47 +0000 (15:08 +1000)]
Add Cygwin (on windows-2019) test target.
In addition to installing the requisite Cygwin packages, we also need to
explicitly invoke "sh" for steps that run other scripts since the runner
environment doesn't understand #! paths.
Darren Tucker [Thu, 18 Aug 2022 11:36:39 +0000 (21:36 +1000)]
Check for perms to run agent-getpeereid test.
Ubuntu 22.04 defaults to private home dirs which prevents "nobody"
running ssh-add during the agent-getpeereid test. Check for this and
add the necessary permissions.
Damien Miller [Wed, 17 Aug 2022 06:04:16 +0000 (16:04 +1000)]
on Cygwin, prefer WinHello FIDO device
If no FIDO device was explictly specified, then prefer the
windows://hello FIDO device. An exception to this is when
probing resident FIDO keys, in which case hardware FIDO
devices are preferred.
djm@openbsd.org [Fri, 12 Aug 2022 05:20:28 +0000 (05:20 +0000)]
upstream: sftp-server: support home-directory request
Add support to the sftp-server for the home-directory extension defined
in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the
existing expand-path@openssh.com, but uses a more official protocol name,
and so is a bit more likely to be implemented by non-OpenSSH clients.
Darren Tucker [Thu, 11 Aug 2022 03:33:51 +0000 (13:33 +1000)]
Skip hostbased during Valgrind tests.
Valgrind doesn't let ssh exec ssh-keysign (because it's setuid) so skip
it during the Valgrind based tests.
See https://bugs.kde.org/show_bug.cgi?id=119404 for a discussion of this
(ironically there the problematic binary was ssh(1) back when it could
still be setuid).
times and authorized_keys expiry-time options to accept dates in the UTC time
zone in addition to the default of interpreting them in the system time zone.
YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if
suffixed with a 'Z' character.
Also allow certificate validity intervals to be specified in raw
seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
is intended for use by regress tests and other tools that call
ssh-keygen as part of a CA workflow.
Darren Tucker [Wed, 10 Aug 2022 07:25:24 +0000 (17:25 +1000)]
Rename our getentropy to prevent possible loops.
Since arc4random seeds from getentropy, and we use OpenSSL for that
if enabled, there's the possibility that if we build on a system that
does not have getentropy then run on a system that does have it, then
OpenSSL could end up calling our getentropy and getting stuck in a loop.
Pointed out by deraadt@, ok djm@
Corinna Vinschen [Fri, 11 Feb 2022 13:33:41 +0000 (14:33 +0100)]
sk_sign: set FIDO2 uv attribute explicitely for WinHello
WinHello via libfido2 performs user verification by default.
However, if we stick to that, there's no way to differentiate
between keys created with or without "-O verify-required".
Set FIDO2 uv attribute explicitely to FIDO_OPT_FALSE, then check
if user verification has been requested.
Darren Tucker [Fri, 5 Aug 2022 03:12:27 +0000 (13:12 +1000)]
Factor out getrnd() and rename to getentropy().
Factor out the arc4random seeding into its own file and change the
interface to match getentropy. Use native getentropy if available.
This will make it easier to resync OpenBSD changes to arc4random.
Prompted by bz#3467, ok djm@.
Darren Tucker [Wed, 27 Jul 2022 08:31:14 +0000 (18:31 +1000)]
Move stale-configure check as early as possible.
We added a check in Makefile to catch the case where configure needs to
be rebuilt, however this did not happen until a build was attempted in
which case all of the work done by configure was wasted. Move this check
to the start of configure to catch it as early as possible. ok djm@
Darren Tucker [Thu, 21 Jul 2022 23:24:45 +0000 (09:24 +1000)]
Do not link scp, sftp and sftp-server w/ zlib.
Some of our binaries (eg sftp, sftp-server, scp) do not interact with
the channels code and thus do use libraries such as zlib and libcrypto
although they are linked with them. This adds a CHANNELLIBS and starts
by moving zlib into it, which means the aformentioned binaries are no
longer linked against zlib. ok djm@
projects / thirdparty / openssh-portable.git / log
