aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-01-22Merge "Merge commit '8241b9c0529228b4b86d88b1a6076fb9f97e4a99' (V_9_6_P1)" ↵HEADmastermainTreehugger Robot
into main
2024-01-22Merge commit '8241b9c0529228b4b86d88b1a6076fb9f97e4a99' (V_9_6_P1)Youkichi Hosoi
Bug: 313918943 Test: arc.PlayFiles.vm Test: crostini.ShareMovies.(bullseye|bookworm)_stable_gaia Test: $ tools/external_updater/updater.sh check external/openssh Test: $ lunch aosp_cf_(arm|x86_)64_phone-trunk_staging-userdebug Test: $ mmma external/openssh Change-Id: Ib7aa3ea25c89c5dbff40518c3b2c4eb91e8fc2b4
2023-12-19crank versionsDamien Miller
2023-12-19dependDamien Miller
2023-12-19upstream: regress test for agent PKCS#11-backed certificatesdjm@openbsd.org
OpenBSD-Regress-ID: 38f681777cb944a8cc3bf9d0ad62959a16764df9
2023-12-19upstream: regress test for constrained PKCS#11 keysdjm@openbsd.org
OpenBSD-Regress-ID: b2f26ae95d609d12257b43aef7cd7714c82618ff
2023-12-19upstream: openssh-9.6djm@openbsd.org
OpenBSD-Commit-ID: 21759837cf0e0092d9a2079f8fb562071c11016b
2023-12-19upstream: ssh-agent: record failed session-bind attemptsdjm@openbsd.org
Record failed attempts to session-bind a connection and refuse signing operations on that connection henceforth. Prevents a future situation where we add a new hostkey type that is not recognised by an older ssh-agent, that consequently causes session-bind to fail (this situation is only likely to arise when people mix ssh(1) and ssh-agent(1) of different versions on the same host). Previously, after such a failure the agent socket would be considered unbound and not subject to restriction. Spotted by Jann Horn OpenBSD-Commit-ID: b0fdd023e920aa4831413f640de4c5307b53552e
2023-12-19upstream: ban user/hostnames with most shell metacharactersdjm@openbsd.org
This makes ssh(1) refuse user or host names provided on the commandline that contain most shell metacharacters. Some programs that invoke ssh(1) using untrusted data do not filter metacharacters in arguments they supply. This could create interactions with user-specified ProxyCommand and other directives that allow shell injection attacks to occur. It's a mistake to invoke ssh(1) with arbitrary untrusted arguments, but getting this stuff right can be tricky, so this should prevent most obvious ways of creating risky situations. It however is not and cannot be perfect: ssh(1) has no practical way of interpreting what shell quoting rules are in use and how they interact with the user's specified ProxyCommand. To allow configurations that use strange user or hostnames to continue to work, this strictness is applied only to names coming from the commandline. Names specified using User or Hostname directives in ssh_config(5) are not affected. feedback/ok millert@ markus@ dtucker@ deraadt@ OpenBSD-Commit-ID: 3b487348b5964f3e77b6b4d3da4c3b439e94b2d9
2023-12-19upstream: stricter handling of channel window limitsdjm@openbsd.org
This makes ssh/sshd more strict in handling non-compliant peers that send more data than the advertised channel window allows. Previously the additional data would be silently discarded. This change will cause ssh/sshd to terminate the connection if the channel window is exceeded by more than a small grace allowance. ok markus@ OpenBSD-Commit-ID: 811e21b41831eba3dd7f67b3d409a438f20d3037
2023-12-19upstream: Make it possible to load certs from PKCS#11 tokensdjm@openbsd.org
Adds a protocol extension to allow grafting certificates supplied by ssh-add to keys loaded from PKCS#11 tokens in the agent. feedback/ok markus@ OpenBSD-Commit-ID: bb5433cd28ede2bc910996eb3c0b53e20f86037f
2023-12-19upstream: apply destination constraints to all p11 keysdjm@openbsd.org
Previously applied only to the first key returned from each token. ok markus@ OpenBSD-Commit-ID: 36df3afb8eb94eec6b2541f063d0d164ef8b488d
2023-12-19upstream: add "ext-info-in-auth@openssh.com" extensiondjm@openbsd.org
This adds another transport protocol extension to allow a sshd to send SSH2_MSG_EXT_INFO during user authentication, after the server has learned the username that is being logged in to. This lets sshd to update the acceptable signature algoritms for public key authentication, and allows these to be varied via sshd_config(5) "Match" directives, which are evaluated after the server learns the username being authenticated. Full details in the PROTOCOL file OpenBSD-Commit-ID: 1de7da7f2b6c32a46043d75fcd49b0cbb7db7779
2023-12-19upstream: implement "strict key exchange" in ssh and sshddjm@openbsd.org
This adds a protocol extension to improve the integrity of the SSH transport protocol, particular in and around the initial key exchange (KEX) phase. Full details of the extension are in the PROTOCOL file. with markus@ OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
2023-12-18better detection of broken -fzero-call-used-regsDamien Miller
Use OSSH_CHECK_CFLAG_LINK() for detection of these flags and extend test program to exercise varargs, which seems to catch more stuff. ok dtucker@
2023-12-13upstream: when invoking KnownHostsCommand to determine the order ofdjm@openbsd.org
host key algorithms to request, ensure that the hostname passed to the command is decorated with the port number for ports other than 22. This matches the behaviour of KnownHostsCommand when invoked to look up the actual host key. bz3643, ok dtucker@ OpenBSD-Commit-ID: 5cfabc0b7c6c7ab473666df314f377b1f15420b1
2023-12-13upstream: prevent leak in sshsig_match_principals; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 594f61ad4819ff5c72dfe99ba666a17f0e1030ae
2023-12-07upstream: short circuit debug log processing early if we're not goingdjm@openbsd.org
to log anything. From Kobe Housen OpenBSD-Commit-ID: 2bcddd695872a1bef137cfff7823044dcded90ea
2023-11-30Merge "Merge commit '80a2f64b8c1d27383cc83d182b73920d1e6a91f1' (V_9_5_P1)" ↵Treehugger Robot
into main
2023-11-30Merge commit '80a2f64b8c1d27383cc83d182b73920d1e6a91f1' (V_9_5_P1)Youkichi Hosoi
Bug: 313918943 Test: arc.PlayFiles.vm Test: crostini.ShareMovies.(bullseye|bookworm)_stable_gaia Test: $ lunch aosp_cf_(arm|x86_)64_phone-trunk_staging-userdebug Test: $ mmma external/openssh Change-Id: If901a3761bf03f927a911de8775f30d2b568c435
2023-11-27Add tests for OpenSSL 3.2.0 and 3.2 stable branch.Darren Tucker
2023-11-25Use non-zero arg in compiler test program.Darren Tucker
Now that we're running the test program, passing zero to the test function can cause divide-by-zero exceptions which might show up in logs.
2023-11-24upstream: Plug mem leak of msg when processing a quit message.dtucker@openbsd.org
Coverity CID#427852, ok djm@ OpenBSD-Commit-ID: bf85362addbe2134c3d8c4b80f16601fbff823b7
2023-11-24upstream: Include existing mux path in debug message.dtucker@openbsd.org
OpenBSD-Commit-ID: 1c3641be10c2f4fbad2a1b088a441d072e18bf16
2023-11-23Add an Ubuntu 22.04 test VM.Darren Tucker
This is the same version as Github's runners so most of the testing on it is over there, but having a local VM makes debugging much easier.
2023-11-23Add gcc-12 -Werror test on Ubuntu 22.04.Darren Tucker
Explictly specify gcc-11 on Ubuntu 22.04 (it's the system compiler).
2023-11-23Check return value from write to prevent warning.Darren Tucker
... and since we're testing for flags with -Werror, this caused configure to mis-detect compiler flags.
2023-11-23Run compiler test program when compiling natively.Darren Tucker
ok djm@
2023-11-23Factor out compiler test program into a macro.Darren Tucker
ok djm@
2023-11-22Add fbsd14 VM to test pool.Darren Tucker
2023-11-21Expand -fzero-call-used-regs test to cover gcc 11.Darren Tucker
It turns out that gcc also has some problems with -fzero-call-used-regs, at least v11 on mips. Previously the test in OSSH_CHECK_CFLAG_COMPILE was sufficient to catch it with "=all", but not sufficient for "=used". Expand the testcase and include it in the other tests for good measure. See bz#3629. ok djm@.
2023-11-21Stop using -fzero-call-used-regs=allDarren Tucker
... since it seems to be problematic with several different versions of clang. Only use -fzero-call-used-regs=used which is less problematic, except with Apple's clang where we don't use it at all. bz#3629, ok djm@
2023-11-21Allow for vendor prefix on clang version numbers.Darren Tucker
Correctly detects the version of OpenBSD's native clang, as well as Apple's. Spotted tb@, ok djm@.
2023-11-20upstream: set errno=EAFNOSUPPORT when filtering addresses that don'tdjm@openbsd.org
match AddressFamily; yields slightly better error message if no address matches. bz#3526 OpenBSD-Commit-ID: 29cea900ddd8b04a4d1968da5c4a893be2ebd9e6
2023-11-16upstream: when connecting via socket (the default case), filterdjm@openbsd.org
addresses by AddressFamily if one was specified. Fixes the case where, if CanonicalizeHostname is enabled, ssh may ignore AddressFamily. bz5326; ok dtucker OpenBSD-Commit-ID: 6c7d7751f6cd055126b2b268a7b64dcafa447439
2023-11-16upstream: when deciding whether to enable keystroke timingdjm@openbsd.org
obfuscation, only consider enabling it when a channel with a tty is open. Avoids turning on the obfucation when X11 forwarding only is in use, which slows it right down. Reported by Roger Marsh OpenBSD-Commit-ID: c292f738db410f729190f92de100c39ec931a4f1
2023-11-16upstream: Make sure sftp_get_limits() only returns 0 if 'limits'tobhe@openbsd.org
was initialized. This fixes a potential uninitialized use of 'limits' in sftp_init() if sftp_get_limits() returned early because of an unexpected message type. ok djm@ OpenBSD-Commit-ID: 1c177d7c3becc1d71bc8763eecf61873a1d3884c
2023-11-13Test current releases of LibreSSL and OpenSSL.Darren Tucker
Retire some of the older releases.
2023-11-01upstream: Specify ssh binary to usedtucker@openbsd.org
... instead of relying on installed one. Fixes test failures in -portable when running tests prior to installation. OpenBSD-Regress-ID: b6d6ba71c23209c616efc805a60d9a445d53a685
2023-11-01Put long-running test targets on hipri runners.Darren Tucker
Some of the selfhosted test targets take a long time to run for various reasons, so label them for "libvirt-hipri" runners so that they can start immediately. This should reduce the time to complete all tests.
2023-11-01upstream: add some tests of forced commands overriding Subsystemdjm@openbsd.org
directives OpenBSD-Regress-ID: eb48610282f6371672bdf2a8b5d2aa33cfbd322b
2023-10-31upstream: Don't try to use sudo inside sshd log wrapper.dtucker@openbsd.org
We still need to check if we're using sudo since we don't want to chown unecessarily, as on some platforms this causes an error which pollutes stderr. We also don't want to unnecessarily invoke sudo, since it's running in the context of the proxycommand, on *other* platforms it may not be able to authenticate, and if we're using SUDO then it should already be privileged. OpenBSD-Regress-ID: 70d58df7503db699de579a9479300e5f3735f4ee
2023-10-31upstream: Only try to chmod logfile if we have sudo. If we don't havedtucker@openbsd.org
sudo then we won't need to chmod. OpenBSD-Regress-ID: dbad2f5ece839658ef8af3376cb1fb1cabe2e324
2023-10-31upstream: move PKCS#11 setup code to test-exec.sh so it can be reuseddjm@openbsd.org
elsewhere OpenBSD-Regress-ID: 1d29e6be40f994419795d9e660a8d07f538f0acb
2023-10-31upstream: tidy and refactor PKCS#11 setup codedjm@openbsd.org
Replace the use of a perl script to delete the controlling TTY with a SSH_ASKPASS script to directly load the PIN. Move PKCS#11 setup code to functions in anticipation of it being used elsewhere in additional tests. Reduce stdout spam OpenBSD-Regress-ID: 07705c31de30bab9601a95daf1ee6bef821dd262
2023-10-30Add obsd74 test VM and retire obsd69 and obsd70.Darren Tucker
2023-10-30Add OpenSSL 3.3.0 as a known dev version.Darren Tucker
2023-10-30Restore nopasswd sudo rule on Mac OS X.Darren Tucker
This seems to be missing from some (but not all) github runners, so restore it if it seems to be missing.
2023-10-30Don't exit early when setting up on Mac OS X.Darren Tucker
We probably need some of the other bits in there (specifically, setting the perms on the home directory) so make it less of a special snowflake.
2023-10-29upstream: Only try to chown logfiles that exist to prevent spuriousdtucker@openbsd.org
errors. OpenBSD-Regress-ID: f1b20a476734e885078c481f1324c9ea03af991e
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-02 23:32:01 +0000