Lines Matching +full:feedback +full:- +full:pin
17 upstream: openssh-9.7
19 OpenBSD-Commit-ID: 618ececf58b8cdae016b149787af06240f7b0cbc
46 OpenBSD-Commit-ID: e58f18042b86425405ca09e6e9d7dfa1df9f5f7f
52 upstream: skip more whitespace, fixes find-principals on
56 OpenBSD-Commit-ID: b3a22a2afd753d70766f34bc7f309c03706b5298
67 OpenBSD-Regress-ID: f68d79e7f00caa8d216ebe00ee5f0adbb944062a
73 Prefer openssl binary from --with-ssl-dir directory.
75 Use openssl in the directory specified by --with-ssl-dir as long
86 OpenBSD-Commit-ID: 97d96a166b1ad4b8d229864a553e3e56d3116860
92 upstream: wrap a few PKCS#11-specific bits in ENABLE_PKCS11
94 OpenBSD-Commit-ID: 463e4a69eef3426a43a2b922c4e7b2011885d923
102 Unbreaks "make test" when compiled --without-openssl.
110 add a --without-retpoline configure option
122 OpenBSD-Commit-ID: 208839699939721f452a4418afc028a9f9d3d8af
139 OpenBSD-Commit-ID: 7f196cba634c2a3dba115f3fac3c4635a2199491
157 upstream: explain arguments of internal-sftp GHPR#454 from Niklas
160 MIME-Version: 1.0
161 Content-Type: text/plain; charset=UTF-8
162 Content-Transfer-Encoding: 8bit
164 OpenBSD-Commit-ID: 0335d641ae6b5b6201b9ffd5dd06345ebbd0a3f3
173 MIME-Version: 1.0
174 Content-Type: text/plain; charset=UTF-8
175 Content-Transfer-Encoding: 8bit
177 OpenBSD-Commit-ID: d37bc8786317a11649c62ff5e2936441186ef7a0
185 OpenBSD-Commit-ID: d59c52559f926fa82859035d79749fbb4a3ce18a
195 OpenBSD-Commit-ID: 05b23b772677d48aa82eefd7ebebd369ae758908
205 OpenBSD-Commit-ID: 4e412d59b3f557d431f1d81c715a3bc0491cc677
215 OpenBSD-Commit-ID: e11023aeb3f30b77a674e37b8292c862926d5dc6
223 OpenBSD-Regress-ID: b4c0ccfa4006a1bc5dfd99ccf21c854d3ce2aee0
234 OpenBSD-Regress-ID: dd28d97d48efe7329a396d0d505ee2907bf7fc57
247 OpenBSD-Regress-ID: c25eaccc3c91bc874400f7c85ce40e9032358c1c
255 OpenBSD-Commit-ID: 509bb19bb9762a4b3b589af98bac2e730541b6d4
263 OpenBSD-Commit-ID: b24680bc755b621ea801ff8edf6f0f02b68edae1
292 Add --disable-fd-passing option.
315 OpenBSD-Commit-ID: bf9e4a1049562ee4322684fbdce07142f04fdbb7
334 OpenBSD-Regress-ID: 8780a7250bf742b33010e9336359a1c516f2d7b5
344 OpenBSD-Regress-ID: dfc27b5574e3f19dc4043395594cea5f90b8572a
354 OpenBSD-Commit-ID: 9dd417b6eec3cf67e870f147464a8d93f076dce7
360 upstream: make DSA key support compile-time optional, defaulting to
366 OpenBSD-Commit-ID: 4f8e98fc1fd6de399d0921d5b31b3127a03f581d
374 OpenBSD-Commit-ID: cb07eb06e15fa2334660ac73e98f29b6a1931984
384 OpenBSD-Regress-ID: f10d19f697024e9941acad7c2057f73d6eacb8a2
394 the existing per-channel timeouts added a few releases ago.
396 This supports use-cases like having a session + x11 forwarding channel
403 OpenBSD-Commit-ID: 0054157d24d2eaa5dc1a9a9859afefc13d1d7eb3
409 upstream: adapt ssh_api.c code for kex-strict
413 OpenBSD-Commit-ID: 4d9f256852af2a5b882b12cae9447f8f00f933ac
429 Date: Tue Dec 19 11:48:20 2023 -0500
431 Fix compilation error in ssh-pcks11-client.c
448 OpenBSD-Commit-ID: ad0734fe5916d2dc7dd02b588906cea4df0482fb
454 upstream: fix missing field in users-groups-by-id@openssh.com reply
460 OpenBSD-Commit-ID: ff5733ff6ef4cd24e0758ebeed557aa91184c674
466 upstream: make kex-strict section more explicit about its intent:
470 OpenBSD-Commit-ID: fc33a2d7f3b7013a7fb7500bdbaa8254ebc88116
482 unbreak fuzzers - missing pkcs11_make_cert()
499 upstream: remove ext-info-* in the kex.c code, not in callers;
503 OpenBSD-Commit-ID: c06fe2d3a0605c517ff7d65e38ec7b2d1b0b2799
511 OpenBSD-Commit-ID: 77140b520a43375b886e535eb8bd842a268f9368
519 OpenBSD-Commit-ID: 5a636f6ca7f25bfe775df4952f7aac90a7fcbbee
527 OpenBSD-Commit-ID: 9d01f2e9d59a999d5d42fc3b3efcf8dfb892e31b
533 upstream: sort -C, and add to usage(); ok djm
535 OpenBSD-Commit-ID: 80141b2a5d60c8593e3c65ca3c53c431262c812f
543 OpenBSD-Commit-ID: e289576ee5651528404cb2fb68945556052cf83f
551 OpenBSD-Commit-ID: 9422289747c35ccb7b31d0e1888ccd5e74ad566a
557 better detection of broken -fzero-call-used-regs
563 > for ‘-fzero-call-used-regs’ on this target
565 This extends the autoconf will-it-work test with a similarly-
586 upstream: regress test for agent PKCS#11-backed certificates
588 OpenBSD-Regress-ID: 38f681777cb944a8cc3bf9d0ad62959a16764df9
596 OpenBSD-Regress-ID: b2f26ae95d609d12257b43aef7cd7714c82618ff
602 upstream: openssh-9.6
604 OpenBSD-Commit-ID: 21759837cf0e0092d9a2079f8fb562071c11016b
610 upstream: ssh-agent: record failed session-bind attempts
612 Record failed attempts to session-bind a connection and refuse signing
616 recognised by an older ssh-agent, that consequently causes session-bind
618 and ssh-agent(1) of different versions on the same host). Previously,
624 OpenBSD-Commit-ID: b0fdd023e920aa4831413f640de4c5307b53552e
637 interactions with user-specified ProxyCommand and other directives
652 feedback/ok millert@ markus@ dtucker@ deraadt@
654 OpenBSD-Commit-ID: 3b487348b5964f3e77b6b4d3da4c3b439e94b2d9
662 This makes ssh/sshd more strict in handling non-compliant peers that
670 OpenBSD-Commit-ID: 811e21b41831eba3dd7f67b3d409a438f20d3037
679 ssh-add to keys loaded from PKCS#11 tokens in the agent.
681 feedback/ok markus@
683 OpenBSD-Commit-ID: bb5433cd28ede2bc910996eb3c0b53e20f86037f
695 OpenBSD-Commit-ID: 36df3afb8eb94eec6b2541f063d0d164ef8b488d
701 upstream: add "ext-info-in-auth@openssh.com" extension
714 OpenBSD-Commit-ID: 1de7da7f2b6c32a46043d75fcd49b0cbb7db7779
730 OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
736 better detection of broken -fzero-call-used-regs
757 OpenBSD-Commit-ID: 5cfabc0b7c6c7ab473666df314f377b1f15420b1
765 OpenBSD-Commit-ID: 594f61ad4819ff5c72dfe99ba666a17f0e1030ae
775 OpenBSD-Commit-ID: 2bcddd695872a1bef137cfff7823044dcded90ea
787 Use non-zero arg in compiler test program.
790 can cause divide-by-zero exceptions which might show up in logs.
800 OpenBSD-Commit-ID: bf85362addbe2134c3d8c4b80f16601fbff823b7
808 OpenBSD-Commit-ID: 1c3641be10c2f4fbad2a1b088a441d072e18bf16
823 Add gcc-12 -Werror test on Ubuntu 22.04.
825 Explictly specify gcc-11 on Ubuntu 22.04 (it's the system compiler).
833 ... and since we're testing for flags with -Werror, this caused
834 configure to mis-detect compiler flags.
862 Expand -fzero-call-used-regs test to cover gcc 11.
864 It turns out that gcc also has some problems with -fzero-call-used-regs,
874 Stop using -fzero-call-used-regs=all
877 clang. Only use -fzero-call-used-regs=used which is less
899 OpenBSD-Commit-ID: 29cea900ddd8b04a4d1968da5c4a893be2ebd9e6
911 OpenBSD-Commit-ID: 6c7d7751f6cd055126b2b268a7b64dcafa447439
924 OpenBSD-Commit-ID: c292f738db410f729190f92de100c39ec931a4f1
938 OpenBSD-Commit-ID: 1c177d7c3becc1d71bc8763eecf61873a1d3884c
954 ... instead of relying on installed one. Fixes test failures in -portable
957 OpenBSD-Regress-ID: b6d6ba71c23209c616efc805a60d9a445d53a685
963 Put long-running test targets on hipri runners.
966 reasons, so label them for "libvirt-hipri" runners so that they can
977 OpenBSD-Regress-ID: eb48610282f6371672bdf2a8b5d2aa33cfbd322b
992 OpenBSD-Regress-ID: 70d58df7503db699de579a9479300e5f3735f4ee
1002 OpenBSD-Regress-ID: dbad2f5ece839658ef8af3376cb1fb1cabe2e324
1008 upstream: move PKCS#11 setup code to test-exec.sh so it can be reused
1012 OpenBSD-Regress-ID: 1d29e6be40f994419795d9e660a8d07f538f0acb
1021 SSH_ASKPASS script to directly load the PIN.
1028 OpenBSD-Regress-ID: 07705c31de30bab9601a95daf1ee6bef821dd262
1068 OpenBSD-Regress-ID: f1b20a476734e885078c481f1324c9ea03af991e
1078 OpenBSD-Regress-ID: 7ea21b5f6fc4506165093b2123d88d20ff13a4f0
1086 OpenBSD-Regress-ID: b0abf81c24ac6c21f367233663228ba16fa96a46
1094 OpenBSD-Commit-ID: 95f5dd6107e8902b87dc5b005ef2b53f1ff378b8
1104 OpenBSD-Regress-ID: cbf2701bc347c2f19d907f113779c666f1ecae4a
1116 OpenBSD-Regress-ID: 3b7f65c8f409c328bcd4b704f60cb3d31746f045
1130 Now that configure finds these for us we can remove these -portable
1139 This will let us remove some -portable specific changes from
1140 test-exec.sh.
1150 OpenBSD-Regress-ID: 7de0e00518fb0c8fdc5f243b7f82f523c936049c
1161 OpenBSD-Regress-ID: 8cb898c414fcdb252ca6328896b0687acdaee496
1167 Update openssl-devel dependency in RPM spec.
1170 build with --without-openssl elsewhere.
1189 This lets us compile Portable with -Werror with when OpenSSL doesn't have
1192 OpenBSD-Commit-ID: e02e4b4af351946562a7caee905da60eff16ba29
1198 run t-extra regress tests
1200 This exposes the t-extra regress tests (including agent-pkcs11.sh) as
1201 a new extra-tests target in the top level Makefile and runs them by
1208 Don't use make -j2.
1226 OpenBSD-Regress-ID: 98a2a6b9333743274359e3c0f0e65cf919a591d1
1232 upstream: ensure logs are owned by correct user; feedback/ok
1236 OpenBSD-Regress-ID: c3297af8f07717f1d400a5d34529962f1a76b5a3
1242 upstream: 64 %-expansion keys ought to be enough for anybody; ok
1246 OpenBSD-Commit-ID: 84070f8001ec22ff5d669f836b62f206e08c5787
1254 OpenBSD-Commit-ID: 251c0263e1759a921341c7efe7f1d4c73e1c70f4
1274 OpenBSD-Commit-ID: ce9983f7efe6a178db90dc5c1698df025df5e339
1284 OpenBSD-Commit-ID: 0daa41e0525ae63cae4483519ecaa37ac485d94c
1295 OpenBSD-Commit-ID: 5c14e1aabcddedb95cdf972283d9c0d5083229e7
1303 OpenBSD-Commit-ID: 191a85639477dcb5fa1616d270d93b7c8d5c1dfd
1309 upstream: ssh -Q does not make sense with other command-line options,
1313 OpenBSD-Commit-ID: 00a747f0655c12122bbb77c2796be0013c105361
1323 OpenBSD-Commit-ID: 55630b26f390ac063980cfe7ad8c54b03284ef02
1333 OpenBSD-Commit-ID: 01b85c91757e6b057e9b23b8a23f96415c3c7174
1341 OpenBSD-Commit-ID: 1b4fb590ef731099349a7d468b77f02b240ac926
1353 OpenBSD-Commit-ID: 0bd8db8a595334ca86bca8f36e23fc0395315765
1359 upstream: s/%.100s/%s/ in SSH- banner construction as there's no
1364 OpenBSD-Commit-ID: 0ef73304b9bf3e534c60900cd84ab699f859ebcd
1376 OpenBSD-Commit-ID: 91fa5497c9dc6883064624ac27813a567883fdce
1386 OpenBSD-Commit-ID: e61795b453d4892d2c99ce1039112c4a00250e03
1394 OpenBSD-Regress-ID: 6a8edf0dc39941298e3780b147b10c0a600b4fee
1405 OpenBSD-Regress-ID: b3f1292115fed65765d0a95414df16e27772d81c
1415 OpenBSD-Regress-ID: f063330f1bebbcd373100afccebc91a965b14496
1423 OpenBSD-Commit-ID: 493f95121567e5ab0d9dd1150f873b5535ca0195
1435 upstream: openssh-9.5
1437 OpenBSD-Commit-ID: 5e0af680480bd3b6f5560cf840ad032d48fd6b16
1447 OpenBSD-Commit-ID: aa1450a54fcee2f153ef70368d90edb1e7019113
1455 OpenBSD-Commit-ID: ff5bda21a83ec013db683e282256a85201d2dc4b
1471 OpenBSD-Commit-ID: 2f5fba917b5d4fcf93d9e0b0756c7f63189e228e
1477 upstream: rename remote_glob() -> sftp_glob() to match other API
1479 OpenBSD-Commit-ID: d9dfb3708d824ec02970a84d96cf5937e0887229
1487 OpenBSD-Commit-ID: 69285e0ce962a7c6b0ab5f17a293c60a0a360a18
1493 Use zero-call-used-regs=used with Apple compilers.
1497 have the clang-15 zero-call-used-regs=all bug, so for now use the value
1510 OpenBSD-Commit-ID: 05f61d051ab418fcfc4857ff306e420037502382
1520 OpenBSD-Commit-ID: c61caa4a5a667ee20bb1042098861e6c72c69002
1526 upstream: regress test recursive remote-remote directories copies where
1530 also remove errant `set -x` that snuck in at some point
1532 OpenBSD-Regress-ID: 1c94a48bdbd633ef2285954ee257725cd7bc456f
1538 upstream: fix recursive remote-remote copies of directories that
1542 OpenBSD-Commit-ID: 7e19d2ae09b4f941bf8eecc3955c9120171da37f
1552 OpenBSD-Regress-ID: eaa4c29cc5cddff4e72a16bcce14aeb1ecfc94b9
1560 OpenSSH and it shows - the function names are terrible.
1565 change from returning a pointer to a static variable (error-prone) to
1566 taking a pointer to a caller-provided receiver.
1568 OpenBSD-Commit-ID: eb54d6a72d0bbba4d623e2175cf5cc4c75dc2ba4
1579 OpenBSD-Commit-ID: 9760fda668eaa94a992250d7670dfbc62a45197c
1587 OpenBSD-Regress-ID: 5f8135da3bfda71067084c048d717b0e8793e87c
1597 OpenBSD-Commit-ID: 3911d18a826a2d2fe7e4519075cf3e57af439722
1608 OpenBSD-Commit-ID: e683dfca6bdcbc3cc339bb6c6517c0c4736a547f
1617 subsystem configuration (sftp-server) is unlikely to be affected.
1619 OpenBSD-Commit-ID: 8ffa296aeca981de5b0945242ce75aa6dee479bf
1630 OpenBSD-Commit-ID: fc90ed2cc0c18d4eb8e33d2c5e98d25f282588ce
1640 OpenBSD-Commit-ID: 647460a212b916540016d066568816507375fd7f
1653 OpenBSD-Commit-ID: f498beaad19c8cdcc357381a60df4a9c69858b3f
1662 obfuscatior for non-channels data like ClientAlive probes and also fixes a
1668 OpenBSD-Commit-ID: d98f32dc62d7663ff4660e4556e184032a0db123
1679 OpenBSD-Commit-ID: 5c270d35f7d2974db5c1646e9c64188f9393be31
1690 OpenBSD-Commit-ID: f9776c7b0065ba7c3bbe50431fd3b629f44314d0
1701 OpenBSD-Commit-ID: 72783a26254202e2f3f41a2818a19956fe49a772
1710 by setting -std=gnu99, at which point we won't be testing C89 any more.
1717 upstream: make PerSourceMaxStartups first-match-wins; ok dtucker@
1719 OpenBSD-Commit-ID: dac0c24cb709e3c595b8b4f422a0355dc5a3b4e7
1727 OpenBSD-Commit-ID: b1afaeb456a52bc8a58f4f9f8b2f9fa8f6bf651b
1738 OpenBSD-Commit-ID: 85b364676dd84cf1de0e98fc2fbdcb1a844ce515
1746 OpenBSD-Commit-ID: e80343c16ce0420b2aec98701527cf90371bd0db
1754 matter, since the range is pre-clamped)
1756 OpenBSD-Commit-ID: f786ed902d04a5b8ecc581d068fea1a79aa772de
1764 This attempts to hide inter-keystroke timings by sending interactive
1770 feedback/ok markus@
1772 OpenBSD-Commit-ID: 02231ddd4f442212820976068c34a36e3c1b15be
1778 upstream: Introduce a transport-level ping facility
1783 ext-info message with a string version number of "0".
1787 OpenBSD-Commit-ID: b6b3c4cb2084c62f85a8dc67cf74954015eb547f
1798 feedback from sthen@
1801 OpenBSD-Commit-ID: bd47dab4695b134a44c379f0e9a39eed33047809
1811 OpenBSD-Commit-ID: 641153e7c05117436ddfc58267aa267ca8b80038
1825 obsd-arm64 host is real hardware...
1847 OpenBSD-Commit-ID: 743af3c6e3ce5e6cecd051668f0327a01f44af29
1870 feedback naddy@, ok dtucker@
1872 OpenBSD-Commit-ID: 4d5c6c894664f50149153fd4764f21f43e7d7e5a
1878 upstream: defence-in-depth MaxAuthTries check in monitor; ok markus
1880 OpenBSD-Commit-ID: 65a4225dc708e2dae71315adf93677edace46c21
1888 OpenBSD-Commit-ID: 6c984171c96ed67effd7b5092f3d3975d55d6028
1902 OpenBSD-Commit-ID: 82237567fcd4098797cbdd17efa6ade08e1a36b0
1910 OpenBSD-Commit-ID: 5c11fbb9592a29b37bbf36f66df50db9d38182c6
1934 upstream: openssh-9.4
1936 OpenBSD-Commit-ID: 71fc1e01a4c4ea061b252bd399cda7be757e6e35
1960 OpenBSD-Commit-ID: 2fbe1a36d4a24b98531b2d298a6557c8285dc1b4
1968 When sshd is built with an OpenSSL that does not self-seed, it would
1978 commented- out config option match. From Ed Maste
1980 OpenBSD-Commit-ID: e66e934c45a9077cb1d51fc4f8d3df4505db58d9
1990 OpenBSD-Commit-ID: 2b6b0dde4407e039f58f86c8d2ff584a8205ea55
2000 OpenBSD-Commit-ID: 538cfcddbbb59dc3a8739604319491dcb8e0c0c9
2006 upstream: don't need to start a command here; use ssh -N instead.
2010 OpenBSD-Regress-ID: ff678a8cc69160a3b862733d935ec4a383f93cfb
2018 a specific point. e.g. "make LTESTS_FROM=t-sftp" will only run the sftp.sh
2021 OpenBSD-Regress-ID: 07f653de731def074b29293db946042706fcead3
2029 OpenBSD-Regress-ID: a6150262f39065939f025e546af2a346ffe674c1
2037 OpenBSD-Regress-ID: 55e4186604e80259496d841e690ea2090981bc7a
2047 OpenBSD-Commit-ID: 7ed1082f23a13b38c373008f856fd301d50012f9
2056 address/port 4-tuple) as expansion sequences; ok markus
2058 OpenBSD-Commit-ID: ee9a48bf1a74c4ace71b69de69cfdaa2a7388565
2064 upstream: increase default KDF work-factor for OpenSSH format
2066 private keys from 16 to 24; { feedback ok } x { deraadt markus }
2068 OpenBSD-Commit-ID: a3afb1383f8ff0a49613d449f02395d9e8d4a9ec
2074 Prefer OpenSSL's SHA256 in sk-dummy.so
2076 Previously sk-dummy.so used libc's (or compat's) SHA256 since it may be
2099 upstream: make ssh -f (fork after authentication) work properly in
2104 OpenBSD-Commit-ID: a7a2976a54b93e6767dc846b85647e6ec26969ac
2112 OpenBSD-Commit-ID: e6ddfef94b0eb867ad88abe07cedc8ed581c07f0
2118 upstream: tweak the allow-remote-pkcs11 text;
2120 OpenBSD-Commit-ID: bc965460a89edf76865b7279b45cf9cbdebd558a
2126 Handle a couple more OpenSSL no-ecc cases.
2140 Bring back OPENSSL_HAS_ECC to ssh-pkcs11-client
2146 upstream: Separate ssh-pkcs11-helpers for each p11 module
2148 Make ssh-pkcs11-client start an independent helper for each provider,
2152 This also implements reference counting of PKCS#11-hosted keys,
2153 allowing ssh-pkcs11-helper subprocesses to be automatically reaped
2160 OpenBSD-Commit-ID: 0ce188b14fe271ab0568f4500070d96c5657244e
2172 Feedback deraadt; ok markus
2174 OpenBSD-Commit-ID: 1508a5fbd74e329e69a55b56c453c292029aefbe
2182 libraries to ssh-agent by default.
2185 can be restored using `ssh-agent -O allow-remote-pkcs11`.
2188 the `session-bind@openssh.com` extension. Forwarding access to a
2189 ssh-agent socket using non-OpenSSH tools may circumvent this control.
2193 OpenBSD-Commit-ID: 4c2bdf79b214ae7e60cc8c39a45501344fa7bd7c
2203 OpenBSD-Commit-ID: 39532cf18b115881bb4cfaee32084497aadfa05c
2233 OpenBSD-Commit-ID: 9a08ed8dae27d3f38cf280f1b28d4e0ff41a737a
2239 upstream: - add -P to usage() - sync the arg name to -J in usage()
2241 with that in ssh.1 - reformat usage() to match what "man ssh" does on 80width
2243 OpenBSD-Commit-ID: 5235dd7aa42e5bf90ae54579d519f92fc107036e
2249 upstream: -P before -p in SYNOPSIS;
2251 OpenBSD-Commit-ID: 535f5257c779e26c6a662a038d241b017f8cab7c
2257 upstream: configuation -> configuration
2259 OpenBSD-Commit-ID: 4776ced33b780f1db0b2902faec99312f26a726b
2269 OpenBSD-Commit-ID: ef5bf46b57726e4260a63b032b0b5ac3b4fe9cd4
2277 where it caused merge conflict in -portable for each commit :(
2279 OpenBSD-Commit-ID: 756ebac963df3245258b962e88150ebab9d5fc20
2288 to fall back to text revocation lists in some cases; fixes t-cert-hostkey.
2290 OpenBSD-Commit-ID: 5c670a6c0f027e99b7774ef29f18ba088549c7e1
2311 OpenBSD-Commit-ID: dc08358e70e702b59ac3e591827e5a96141b06a3
2326 OpenBSD-Commit-ID: cffb6ff9a3803abfc52b5cad0aa190c5e424c139
2338 Now, some years later, we have SSHSIG support in ssh-keygen that is
2340 semi-finished KRL signing/verification support from OpenSSH and
2341 refactors the remaining code to realise the benefit - primarily, we
2346 OpenBSD-Commit-ID: 517437bab3d8180f695c775410c052340e038804
2360 OpenBSD-Commit-ID: ae2fcde9a22a9ba7f765bd4f36b3f5901d8c3fa7
2368 OpenBSD-Commit-ID: e7c31034a5434f2ead3579b13a7892960651e6b0
2380 portable-specific int overflow defence-in-depth
2389 upstream: add defence-in-depth checks for some unreachable integer
2391 overflows reported by Yair Mizrahi @ JFrog; feedback/ok millert@
2393 OpenBSD-Commit-ID: 52af085f4e7ef9f9d8423d8c1840a6a88bda90bd
2401 OpenBSD-Commit-ID: d0f12af0a5067a756aa707bc39a83fa6f58bf7e5
2410 supposed replacement is is non-existent, so this follows the approach
2423 OpenBSD-Commit-ID: 0514cd51db3ec60239966622a0d3495b15406ddd
2429 upstream: add support for unix domain sockets to ssh -W
2433 OpenBSD-Commit-ID: 3e6d47567b895c7c28855c7bd614e106c987a6d8
2439 gss-serv.c: `MAXHOSTNAMELEN` -> `HOST_NAME_MAX`
2476 OpenBSD-Commit-ID: a992d410c8a78ec982701bc3f91043dbdb359912
2482 upstream: make `ssh -Q CASignatureAlgorithms` only list signature
2488 OpenBSD-Commit-ID: 99c2b072dbac0f44fd1f2269e3ff6c1b5d7d3e59
2498 OpenBSD-Commit-ID: 31cf59c041becc0e5ccb0a77106f812c4cd1cd74
2506 using ssh -W by explicitly decoding PORT_STREAMLOCAL (a negative number) from
2510 OpenBSD-Commit-ID: e5ac5f40d354096c51e8c118a5c1b2d2b7a31384
2518 fixes "no comment" not showing on when running `ssh-keygen -l` on multiple
2522 OpenBSD-Commit-ID: 3cce84456fdcd67dc6b84e369f92c6686d111d9b
2530 INT_MAX. Fixes sign compare warnings systems with 32-bit time_t due to type
2533 OpenBSD-Commit-ID: 48081e9ad35705c5f1705711704a4c2ff94e87b7
2539 fixup! if -s & -p specified, mention 'sftp -P' on
2543 SSH-Copy-ID-Upstream: 32686e7c65b4fa2846e474d3315102dfa0f043b0
2549 Make ssh-copy-id(1) consistent with OpenSSH.
2551 This makes the ssh-copy-id man page more consistent with the rest of the
2553 - new sentence, new line
2554 - no sentences >80
2555 - N.B. -> NB
2556 - zap unused .Pp
2557 - zap trailing whitespace
2561 SSH-Copy-ID-Upstream: d8974cfb6242316460ed22a1ccc662800a50c5d3
2567 if -s & -p specified, mention 'sftp -P' on success
2570 https://github.com/openssh/openssh-portable/pull/321
2574 the lowercase -p in there, even if sftp is in use, is that the sftp call
2575 is using the already-established ssh master connection, so the port was
2578 SSH-Copy-ID-Upstream: 1c124d9bfafdbe28a00b683367ebf5750ce12eb2
2586 SSH-Copy-ID-Upstream: e604fae1cdee35c18055d35dcec530cf12ef00ad
2592 make -x also apply to the target script
2594 SSH-Copy-ID-Upstream: 3c4214704f427bd0654adf9b0fc079253db21cf4
2600 add -t option to specify the target path
2602 Allow the default target path (.ssh/authorized_files) to be over-riden
2606 https://gitlab.com/phil_hands/ssh-copy-id/-/merge_requests/8
2608 SSH-Copy-ID-Upstream: a942a0e076874adb6d8b2f0fb76d6c7918190fcd
2611 Author: Carlos Rodríguez Gili <carlos.rodriguez-gili@upc.edu>
2616 On Solaris 10 and older targets /bin/sh is not POSIX-compliant.
2617 Test -z `...` fails with error 'sh: test: argument expected'.
2621 SSH-Copy-ID-Upstream: 98394072a3f985b2650c1e8eab2fef84e38cc065
2631 SSH-Copy-ID-Upstream: 930d39f238117cd53810240ec989d0356aa1c1f6
2644 SSH-Copy-ID-Upstream: 0e1f5d443a9967483c33945793107ae3f3e4af2d
2650 ssh-copy-id: add -x option (for debugging)
2652 This option causes the ssh-copy-id to run with set -x
2654 SSH-Copy-ID-Upstream: a0ee367ea8c0a29c8b4515245e408d2d349e7844
2662 SSH-Copy-ID-Upstream: c284ed33b361814ea48ff68cbd01ca525b2bf117
2673 OpenBSD-Commit-ID: 1c92e4517284386703936e1d3abaa36cfacf1951
2683 OpenBSD-Commit-ID: 379a5afa8b7a0f3cba0c8a9bcceb4e5e33a5c1ef
2719 Skip agent-peereid test on macos13.
2721 sudo -S nobody doesn't work on the github runners (probably a
2746 OpenBSD-Commit-ID: 3d5f811cfcaed8cc4a97e1db49ac61bdf118113c
2752 Add macos-13 test target.
2768 requests - a misfeature strictly permitted by the protocol but seldom
2772 when the transfer is successful. feedback deraadt@ ok markus@
2774 prompted by https://github.com/openssh/openssh-portable/commit/9b733#commitcomment-110679778
2776 OpenBSD-Commit-ID: 4af7fac75958ad8507b4fea58706f3ff0cfddb1b
2789 OpenBSD-Commit-ID: 80a58e43c3a32f97361282f756ec8d3f37989efd
2797 OpenBSD-Commit-ID: 30c0a34d74d91ddd0e6992525da70d3293392f70
2805 OpenBSD-Commit-ID: 44d3223902fbce5276422bdc8063ab72a4078489
2817 remove unused upper-case const strings in fmtfp
2819 no float format that uses upper-case is supported nor are hex floats.
2830 OpenBSD-Commit-ID: a493e628d4d6c08f878c276d998f4313ba61702d
2840 OpenBSD-Commit-ID: 852bf12591ec5a9fb12dcbde9b1fd3945ad0df3c
2850 OpenBSD-Commit-ID: fa3518346c21483e9e01a2e4b9436ae501daf8ea
2858 OpenBSD-Commit-ID: 85bb82fea90478a482e9f65a1bec0aa24227fd66
2871 OpenBSD-Commit-ID: de36e5ad6fde0fe263ca134e986b9095dc59380a
2887 OpenBSD-Commit-ID: eef2403df083c61028969fc679ee370373eacacb
2897 OpenBSD-Commit-ID: 1ffb03038ba1b6b72667be50cf5e5e396b5f2740
2908 OpenBSD-Commit-ID: de1c1130646230c2eda559831fc6bfd1b61d9618
2918 OpenBSD-Commit-ID: 7d0270ad3dd102412ca76add2b3760518abdef75
2926 OpenBSD-Commit-ID: ce66db603a913d3dd57063e330cb5494d70722c4
2936 OpenBSD-Commit-ID: ad42971a6ee5a46feab2d79f7f656f8cf4b119f3
2944 OpenBSD-Commit-ID: 6a0b719f9b1ae9d42ad8c5b144c7962c93792f7c
2954 OpenBSD-Commit-ID: 1a34f4b6896155b80327d15dc7ccf294b538a9f2
2962 OpenBSD-Commit-ID: 4c7d20ef776887b0ba1aabcfc1b14690e4ad0a40
2973 OpenBSD-Commit-ID: 4a95f3f7330394dffee5c749d52713cbf3b54846
2984 OpenBSD-Commit-ID: ab3fde6da384ea588226037c38635a6b2e015295
3003 OpenBSD-Commit-ID: 898a1e817cda9869554b1f586a434f67bcc3b650
3014 OpenBSD-Commit-ID: c0d6089b3fb725015462040cd94e23237449f0c8
3022 If child_set env was called with a NULL env pointer and a non-zero count
3035 OpenBSD-Commit-ID: 710b57ba954c139240895e23feea41f203201f04
3046 OpenBSD-Commit-ID: a01616503a185519b16f00dde25d34ceaf4ae1a3
3056 OpenBSD-Commit-ID: 37f80cb5d075ead5a00ad1b74175684ab1156ff8
3069 OpenBSD-Commit-ID: 85f7404e9d47fd28b222fbc412678f3361d2dffc
3077 since -portable no longer supports them.
3079 OpenBSD-Commit-ID: ea2893783331947cd29a67612b4e56f818f185ff
3087 versions now that -portable has dropped support for those versions.
3089 OpenBSD-Regress-ID: 82a8eacd87aec28e4aa19f17246ddde9d5ce7fe7
3122 Configure with --target instead of deprecated form.
3142 OpenBSD-Regress-ID: c077fd12a38005dd53d878c5b944154dec88d2ff
3152 OpenBSD-Commit-ID: ce5d8e0219b63cded594c17d4c2958c06918ec0d
3158 upstream: fix test: getnameinfo returns a non-zero value on error, not
3160 (neccessarily) -1. From GHPR#384
3162 OpenBSD-Commit-ID: d35e2b71268f66f5543a7ea68751972b3ae22b25
3168 upstream: scp: when copying local->remote, check that source file
3173 OpenBSD-Commit-ID: b4dd68e15bfe22ce4fac9960a1066a2b721e54fb
3300 upstream: openssh-9.3
3302 OpenBSD-Commit-ID: 8011495f2449c1029bb316bd015eab2e00509848
3312 OpenBSD-Commit-ID: f146ba08b1b43af4e0d7ad8c4dae3748b4fa31b6
3323 OpenBSD-Commit-ID: a0a97113f192a7cb1a2c97b932f677f573cda7a4
3334 OpenBSD-Commit-ID: aea023819aa44a2dcb9dd0fbec10561896fc3a09
3344 OpenBSD-Commit-ID: 50204b755f66b2ec7ac3cfe379d07d85ca161d2b
3354 OpenBSD-Commit-ID: 99d8b3da9d0be1d07ca8dd8e98800a890349e9b5
3370 OpenBSD-Commit-ID: 8212ca05d01966fb5e72205c592b2257708a2aac
3388 OpenBSD-Commit-ID: 051429dd07af8db3fec10d82cdc78d90bb051729
3396 first-match-wins. sshd_config.5 was fixed in r1.348, this is the same for
3399 OpenBSD-Commit-ID: 7be55b9351cde449b136afcc52d07aa4113b215e
3405 upstream: Remove no-op (int) > INT_MAX checks
3409 OpenBSD-Commit-ID: 9df3783b181e056595e2bb9edf7ed41d61cf8e84
3418 mkstemp created the world-writable. Wrap mkstemp to set and restore
3431 OpenBSD-Commit-ID: 19c10baa46ae559474409f75a5cb3d0eade7a9b8
3437 upstream: Re-split the merge of the reorder-hostkeys test.
3444 OpenBSD-Commit-ID: a7469f25a738db5567395d1881e32479a7ffc9de
3454 OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f
3479 OpenBSD-Commit-ID: 175f09349387c292f626da68f65f334faaa085f2
3485 upstream: ssh-pkcs11: synchronize error messages with errors
3492 OpenBSD-Commit-ID: 165a15db52f75b31e1804b043480c36af09f3411
3502 OpenBSD-Commit-ID: 7be168a570264d59e96a7d2d22e927d45fee0e4c
3518 OpenBSD-Commit-ID: fe1382e2fdf23fcae631308e72342bad56066a56
3528 OpenBSD-Commit-ID: 0ef414cc363a832f9fab92a5da0234448bce2eba
3536 Coverity CID 405048 which was a false-positive fd leak; ok dtucker@
3538 OpenBSD-Commit-ID: fc55ec2af622a017defb9b768bf26faefc792c00
3554 OpenBSD-Commit-ID: 9f9e4ba3cac003e6f81da3bcebd1b9ec43e7f353
3562 OpenBSD-Regress-ID: bdb211d80d572a08bf14b49fe2a58b9ff265c006
3572 OpenBSD-Commit-ID: cdc2d98e6478b7e7f3a36976845adae3820429d8
3582 OpenBSD-Commit-ID: 2eb017d10705bb623d4418691f961c930eafaec0
3596 OpenBSD-Commit-ID: f2f99da4aae2233cb18bf9c749320c5e040a9c7b
3604 If multiple -Ocheckpoint= options are passed, the earlier ones would
3608 OpenBSD-Commit-ID: a4d9d15f572926f841788912e2b282485ad09e8b
3618 OpenBSD-Commit-ID: 9b1aba2d049741ae21c8dc4560a7e29ab17310f4
3630 OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
3641 OpenBSD-Commit-ID: 356685bfa1fc3d81bd95722d3fc47101cc1a4972
3652 OpenBSD-Commit-ID: a50e0541cf823f8d1c72f71ccde925d3dbe6dfac
3658 upstream: Check for non-NULL before string
3662 OpenBSD-Commit-ID: 0d9b2e0cac88a311b5766b1aef737082583c285f
3668 upstream: guard against getsockname(-1, ...) from Coverity CID
3672 OpenBSD-Commit-ID: e58d5227327917d189229b7f0b37d2780f360d5f
3678 upstream: some options are not first-match-wins. Mention that there
3683 OpenBSD-Commit-ID: 3b74728446fa6fc8742769eeb8c3674e233e84c4
3693 OpenBSD-Commit-ID: b074b52bf138b75f08264e8da15880b29c7a630f
3707 OpenBSD-Commit-ID: 19fb1b53072826d00c67df677731d2f6c1dd602b
3718 OpenBSD-Commit-ID: c69c4c3152cdaab953706db4ccf4d5fd682f7d8d
3728 OpenBSD-Commit-ID: 2097c7db3cf657f1e3a6c5077041bacc63143cab
3738 OpenBSD-Regress-ID: 6cf22fda32a89c16915f31a6ed9bbdbef2a3bac9
3751 OpenBSD-Regress-ID: 9c44fb9cd418e6ff31165e7a6c1f9f11a6d19f5b
3759 OpenBSD-Regress-ID: 3823d9063127169736aa274b1784cb28e15b64d4
3771 OpenBSD-Commit-ID: 73c7ccc5d4fcc235f54c6b20767a2815408525ef
3779 before creating new ones. In -portable some platforms don't like
3782 OpenBSD-Regress-ID: 7e7ddc0beb73e945e1c4c58d51c8a125b518120f
3810 OpenBSD-Regress-ID: f802aa9e7fa51d1a01225c05fb0412d015c33e24
3820 OpenBSD-Commit-ID: 74e8d228ac00552e96e9e968dfcccf8dd1f46ad5
3830 OpenBSD-Commit-ID: fdc5287dcee0860b5a493186414226c655b0eb0a
3840 OpenBSD-Commit-ID: de28476025db29820a9a2e56e98b964d8a02861c
3904 feedback/ok dtucker@
3906 OpenBSD-Commit-ID: f4affee067cec7c182f3e0b307d758e0472762a3
3919 OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137
3957 upstream: Remove now-unused compat bit SSH_BUG_RSASIGMD5. The code
3962 OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda
3968 upstream: Remove now-unused compat bit SSH_BUG_BIGENDIANAES. This
3973 OpenBSD-Commit-ID: 326426ea328707fc9e83305291ab135c87f678af
3995 OpenBSD-Commit-ID: b92c21f56fe4b7f9a54790d6a9650725c226820b
4006 OpenBSD-Commit-ID: ea13318b1937795d9db4790d3ce0a6ed01584dab
4014 OpenBSD-Commit-ID: 6141610cfca037700730e41f868d1d9124958f8c
4022 OpenBSD-Commit-ID: abc95e550be9e6d9a7ff64b65c104c7be21ab19e
4030 OpenBSD-Commit-ID: dacd9da33277d5669a51213d880632599c890c1e
4046 upstream: test -Ohashalg=... and that the default output contains both
4050 OpenBSD-Regress-ID: 26f309208c8d8b8fa9c5f419767b85f1e9b22f51
4056 upstream: let ssh-keygen and ssh-keyscan accept
4058 -Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm
4061 OpenBSD-Commit-ID: e6e07fe21318a873bd877f333e189eb963a11b3d
4067 upstream: add a `sshd -G` option that parses and prints the
4073 bz3460 feedback/ok dtucker@
4075 OpenBSD-Commit-ID: 774504f629023fc25a559ab1d95401adb3a7fb29
4081 upstream: make `ssh -Q CASignatureAlgorithms` work as the manpage says
4085 OpenBSD-Commit-ID: 0ddb17b3fcbd99bfb5baea4ac5e449620cbd3adc
4099 OpenBSD-Regress-ID: 5fc3010ac450195b3fbdeb68e875564968800365
4105 upstream: ssh-agent doesn't actually take -v,
4107 so the recently-added ones will result in the test not cleaning up
4110 OpenBSD-Regress-ID: 1fc8283568f5bf2f918517c2c1e778072cf61b1a
4121 OpenBSD-Commit-ID: fa8d90698da1886570512b96f051e266eac105e0
4140 Similarly, the sandboxed process in sshd is a single-threaded program
4147 in nearby Linux kernel code, e.g. CVE-2020-29368, CVE-2020-29374 and
4148 CVE-2022-42703.
4150 Feedback Jann Horn, ok dtucker@
4176 OpenBSD-Regress-ID: 0e404ee264db546f9fdbf53390689ab5f8d38bf2
4187 OpenBSD-Regress-ID: 731b96ae74d02d5744e1f1a8e51d09877ffd9b6d
4193 upstream: openssh-9.2
4195 OpenBSD-Commit-ID: f7389f32413c74d6e2055f05cf65e7082de03923
4201 upstream: fix double-free caused by compat_kex_proposal(); bz3522
4205 OpenBSD-Commit-ID: 2bfc37cd2d41f67dad64c17a64cf2cd3806a5c80
4211 Skip connection-timeout test on minix3.
4214 skip connection-timeout test on that platform. While there, group
4221 fix libfido2 detection without pkg-config
4232 OpenBSD-Commit-ID: e1dc11143f83082e3154d6094f9136d0dc2637ad
4242 binary is tested with the new sshd -V option before installation. As the
4243 binary layout is now semi-unknown (meaning relative, fixed, and gadget
4248 OpenBSD-Commit-ID: 1e0a2692b7e20b126dda60bf04999d1d30d959d8
4256 OpenBSD-Commit-ID: df71ce4180c58202dfdc1d92626cfe900b91b7c3
4262 Skip connection-timeout test under Valgrind.
4271 Skip connection-timeout when missing FD passing.
4280 upstream: when restoring non-blocking mode to stdio fds, restore
4287 OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
4293 upstream: Add a -V (version) option to sshd like the ssh client
4297 OpenBSD-Commit-ID: abe990ec3e636fb040132aab8cbbede98f0c413e
4303 upstream: For "ssh -V" always exit 0, there is no need to check opt
4308 OpenBSD-Commit-ID: 5583e5d8f6d62a8a4215cfa95a69932f344c8120
4318 OpenBSD-Regress-ID: 55c0fb61f3bf9e092b0a53f9041d3d2012f14003
4326 OpenBSD-Regress-ID: 7f29001374a68e71e5e078f69e4520cf4bcca084
4336 OpenBSD-Regress-ID: 3750ec98d5d409ce6a93406fedde6f220d2ea2ac
4345 complements the recently-added ChannelTimeout option that terminates inactive
4350 OpenBSD-Commit-ID: ca983be74c0350364c11f8ba3bd692f6f24f5da9
4358 OpenBSD-Regress-ID: 4b3e7ba7ee486ae8a0b4790f8112eded2bb7dcd5
4372 OpenBSD-Commit-ID: 1bc0fd624cb6af440905b8ba74ac7c03311b8e3b
4389 OpenBSD-Regress-ID: 6696b2eeefe128099fc3d7ea9f23252cc35156f9
4395 upstream: Instead of skipping the all-tokens test if we don't have
4400 OpenBSD-Regress-ID: c79ecba64250ed3b6417294b6c965e6b12ca5eea
4408 OpenBSD-Commit-ID: 671e6c8dc5e9230518b2bbfa143daaa88adc66c2
4416 OpenBSD-Commit-ID: f695742d39e34ecdcc3c861c3739a84648a4bce5
4434 commit to add scp to the test sshd's path causes the t-envpass test to fail
4438 OpenBSD-Regress-ID: 7533dc1c4265c1de716abb062957994195b36df4
4447 PATH) then add its path to the under-test sshd's PATH so we can find
4450 OpenBSD-Regress-ID: 7df4f5a0be3aa135495b7e5a6719d3cbc26cc4c0
4466 upstream: Add a "Host" line to the output of ssh -G showing the
4471 OpenBSD-Commit-ID: 59c0f60a222113a44d0650cd394376e3beecc883
4479 -oUserKnownHostsFile=none and a hostkey in one of the system known hosts file
4482 OpenBSD-Commit-ID: 7ca87614bfc6da491315536a7f2301434a9fe614
4492 OpenBSD-Commit-ID: c4965f62fa0ba850940fd66ae3f60cf516bbcd56
4502 OpenBSD-Commit-ID: c5b023e0954693ba9a5376e4280c739b5db575f8
4510 OpenBSD-Commit-ID: 1ec524ff2fbb9387d731601437c82008f35a60f4
4519 Github integration tests for openssh-portable
4521 OpenBSD-Regress-ID: 5451cad59ba0d43ae9eeda48ec80f54405fee969
4547 communication with it's ssh sub-processes. We no longer need to reserve two
4548 descriptors to ensure that we don't end up using fd 0-2 unexpectedly, that is
4552 OpenBSD-Commit-ID: b80c372faac462471e955ddeab9480d668a2e48d
4560 OpenBSD-Commit-ID: 229c493452766d70a78b0f02f6ff9894f9028858
4566 try to improve logging for dynamic-forward test
4576 Skip dynamic-forward test on minix3.
4596 OpenBSD-Regress-ID: 49a375b2cf61ccb95b52e75e2e025cd10988ebb2
4602 Use our own netcat for dynamic-forward test.
4605 second-guess the behaviour of various netcat implementations.
4636 OpenBSD-Regress-ID: 109e40b06de1c006a3b8e0d8745b790b2c5870a0
4644 OpenBSD-Regress-ID: 280bfbefcfa415428ad744e43f69a8dede8ad685
4652 OpenBSD-Regress-ID: 0497cdb66e003b2f50ed77291a9104fba2e017e9
4660 OpenBSD-Regress-ID: 01f8fb12d08e5aaadd4bd4e71f456b6588be9a94
4672 OpenBSD-Regress-ID: 86e2aa4bbd1dff1bc4ebb2969c0d6474485be046
4706 OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
4720 OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
4733 OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
4747 usual state-machine logic). So this adds an extra "force" argument to the
4752 OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
4760 feedback markus / ok markus dtucker
4762 OpenBSD-Commit-ID: c5ec4f2d52684cdb788cd9cbc1bcf89464014be2
4772 OpenBSD-Commit-ID: 3335268ca135b3ec15a947547d7cfbb8ff929ead
4780 OpenBSD-Commit-ID: 8a3ab7176764da55f60bfacfeae9b82d84e3908f
4788 OpenBSD-Regress-ID: 8271aafbf5c21950cd5bf966f08e585cebfe630c
4800 OpenBSD-Commit-ID: c5678a39f1ff79993d5ae3cfac5746a4ae148ea5
4810 OpenBSD-Commit-ID: d776dd03d0b882ca9c83b84f6b384f6f9bd7de4a
4818 reference to legacy flag. Spotted by, feedback and ok jmc@
4820 OpenBSD-Commit-ID: 9dfe04966f52e941966b46c7a2972147f95281b3
4837 OpenBSD-Commit-ID: 77078c0b1c53c780269fc0c416f121d05e3010ae
4843 upstream: add -X to usage();
4845 OpenBSD-Commit-ID: 1bdc3df7de11d766587b0428318336dbffe4a9d0
4851 upstream: add a -X option to both scp(1) and sftp(1) to allow
4857 Previously these could be controlled in sftp(1) using the -b/-R options.
4863 OpenBSD-Commit-ID: 27502bffc589776f5da1f31df8cb51abe9a15f1c
4876 OpenBSD-Commit-ID: 65b9a49a68e22ff3a0ebd593f363e9f22dd73fea
4918 obsdsnap test VMs runs-on libvirt too.
4946 OpenBSD-Commit-ID: 2a0a13132000cf8d3593133c1b49768aa3c95977
4958 OpenBSD-Commit-ID: 46ff67518cccf9caf47e06393e2a121ee5aa258a
4966 userspace: remove vestigial '?' cases from top-level getopt(3) loops
4975 Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2
4979 OpenBSD-Commit-ID: b2f89346538ce4f5b33ab8011a23e0626a67e66e
4987 OpenBSD-Regress-ID: 3b04faced6511bb5e74648c6a4ef4bf2c4decf03
5003 Reported by Peter sec-openssh-com.22.fichtner AT 0sg.net
5007 Date: Tue Nov 29 15:12:54 2022 -0500
5027 OpenBSD-Commit-ID: b9186638a05cb8b56ef7c0de521922b6723644ea
5037 OpenBSD-Commit-ID: c7a3d77c0b8c153d463398606a8d57569186a0c3
5043 Restore ssh-agent permissions on exit.
5045 ...enough that subsequent builds can overwrite ssh-agent if necessary.
5051 upstream: Clean up ssh-add and ssh-agent logs.
5053 OpenBSD-Regress-ID: 9eda8e4c3714d7f943ab2e73ed58a233bd29cd2c
5059 upstream: Log output of ssh-agent and ssh-add
5063 OpenBSD-Regress-ID: 5974b02651f428d7e1079b41304c498ca7e306c8
5071 OpenBSD-Commit-ID: 7e964a641ce4a0a0a11f047953b29929d7a4b866
5079 feedback, ok & testing in snaps deraadt@
5081 OpenBSD-Commit-ID: aecf4d49d28586dfbcc74328d9333398fef9eb58
5093 feedback deraadt@ dtucker@; tested in snaps for a while
5095 OpenBSD-Commit-ID: 7e277595d60acb8263118dcb66554472257b387a
5106 OpenBSD-Commit-ID: 4aef50fa9be7c0b138188814c8fe3dccc196f61e
5112 Use -fzero-call-used-regs=used on clang 15.
5114 clang 15 seems to have a problem with -fzero-call-used-reg=all which
5116 versions, use -fzero-call-used-regs=used instead. (We may add exceptions
5137 - multiple tests that ran on the same target (eg multiple build
5139 - it needed manual balancing of VMs over host machines.
5144 and VMs with persistent disks (eg the constantly-updated snapshot ones)
5155 This will allow us to create ephemeral disk images per-runner.
5185 Remove unused self-hosted test targets.
5225 -R processing. bz#3499, ok djm@
5227 OpenBSD-Commit-ID: 194ee4cfe7ed0e2b8ad0727f493c798a50454208
5235 This was added for the benefit of platforms using ssh-rand-helper to
5238 ssh-random-helper is long gone, and since the re-exec happens before the
5239 chroot the re-execed sshd can reseed itself normally. ok djm@
5258 OpenBSD-Commit-ID: 8a0c164a6a25eef0eedfc30df95bfa27644e35cf
5268 OpenBSD-Commit-ID: fc28466ebc7b74e0072331947a89bdd239c160d3
5277 "hostkeys-prove00@openssh.com" message; no functional change
5279 OpenBSD-Commit-ID: 31e09bd3cca6eed26855b88fb8beed18e9bd026d
5287 OpenBSD-Commit-ID: 39c58f41e0f32d1ff31731fa6f5bbbc3ad25084a
5340 Add valrind-5 test here too.
5348 Update actions/checkout and actions/upload-artifact to main branch for
5363 specify a public key file, as documented in ssh.1 for the -i option. Document
5367 OpenBSD-Commit-ID: 2f943be9f96e60ef81a9a4faa25b009999f9883b
5375 in -portable by clang 16's -Wunused-but-set-variable. ok djm@
5377 OpenBSD-Commit-ID: 3d943ddf2369b38fbf89f5f19728e7dc1daf3982
5388 OpenBSD-Commit-ID: d79c2b7a8601eb9be493629a91245d761154308b
5400 OpenBSD-Commit-ID: 6269242c3e1a130b47c92cfca4d661df15f05739
5412 Branch-specific links for master status badges.
5452 OpenBSD-Commit-ID: b0e54ee4d703bd6929bbc624068666a7a42ecb1f
5458 upstream: Fix typo. From pablomh via -portable github PR#344.
5460 OpenBSD-Commit-ID: d056ee2e73691dc3ecdb44a6de68e6b88cd93827
5466 Link to branch-specific queries for V_9_1 status.
5472 Use "prohibit-password" in -portable comments.
5474 "without-password" is the deprecated alias for "prohibit-password",
5491 Fix setres*id checks to work with clang-16.
5502 configure.ac: Fix -Wstrict-prototypes
5508 Signed-off-by: Sam James <sam@gentoo.org>
5516 Another Clang 16ish fix (which makes -Wimplicit-function-declaration
5532 Don't run openbsd-compat tests on Cygwin.
5534 Add "compat-tests" to the default TEST_TARGET so we can override as
5542 upstream: replace recently-added valid_domain() check for hostnames
5545 commit broke address literals. Reported by/feedback from florian@
5547 OpenBSD-Commit-ID: 10b86dc6a4b206adaa0c11b58b6d5933898d43e0
5567 Fix compat regress to work with non-GNU make.
5639 instead of unconditionally specifying "-rN". This will make life easier
5640 in -portable where not all diff's understand -N.
5642 OpenBSD-Regress-ID: 8b8a407115546be1c6d72d350b1e4f1f960d3cd3
5660 OpenBSD-Commit-ID: 99eec58abe382ecd14b14043b195ee1babb9cf6e
5666 upstream: allow ssh-keyscan(1) to accept CIDR address ranges, e.g.
5668 ssh-keyscan 192.168.0.0/24
5671 addresses in the range including the all-0s and all-1s addresses.
5673 bz#976 feedback/ok markus@
5675 OpenBSD-Commit-ID: ce6c5211f936ac0053fd4a2ddb415277931e6c4b
5689 feedback/ok markus@
5691 OpenBSD-Commit-ID: f5ca6932fdaf840a5e8250becb38315a29b5fc9f
5699 feedback/ok markus@
5701 OpenBSD-Commit-ID: 61e0fe989897901294efe7c3b6d670cefaf44cbd
5709 feedback/ok markus@
5711 OpenBSD-Commit-ID: 35d742992e223eaca3537e6fb3d3002c08eed4f6
5719 feedback/ok markus@
5721 OpenBSD-Commit-ID: 368e662c128c99d05cc043b1308d2b6c71a4d3cc
5729 feedback/ok markus@
5731 OpenBSD-Commit-ID: 1f46c0cbb8060ee9666a02749594ad6658c8e283
5739 feedback/ok markus@
5741 OpenBSD-Commit-ID: e5dbe7a3545930c50f70ee75c867a1e08b382b53
5749 feedback/ok markus@
5751 OpenBSD-Commit-ID: 5b4211bff4de8d9adb84bc72857a8c42c44e7ceb
5759 feedback/ok markus@
5761 OpenBSD-Commit-ID: 0d93b7a56e31cd06a8bb0d2191d084ce254b0971
5769 feedback/ok markus@
5771 OpenBSD-Commit-ID: a3570c4b97290c5662890aea7328d87f55939033
5779 feedback/ok markus@
5781 OpenBSD-Commit-ID: 1368ba114cb37732fe6ec3d89c7e6d27ea6fdc94
5789 Move keytype data and some of the type-specific code (allocation,
5791 commits will move more, with the goal of having each key-*.c file
5794 lots of feedback + ok markus@
5796 OpenBSD-Commit-ID: 0f2b4334f73914344e9e5b3d33522d41762a57ec
5808 OpenBSD-Commit-ID: ba9b25fa8b5490b49398471e0c9657b0cbc7a5ad
5818 OpenBSD-Regress-ID: 0cc5cc9ea4a6fd170dc61b9212f15badaafb3bbd
5835 OpenBSD-Commit-ID: d8a3773f53015ba811fddba7473769a2fd343e11
5843 OpenBSD-Commit-ID: d6c882c2e8a42ff831a5b3cbc2c961ecb2dd6143
5849 upstream: ssh-agent.1: - use Nm not Xr for self-ref - while here,
5853 ssh-agent.c:
5854 - add -O to usage()
5856 OpenBSD-Commit-ID: 855dac4695cef22e96d69c53436496bc408ca389
5862 upstream: document "-O no-restrict-websafe"; spotted by Ross L
5866 OpenBSD-Commit-ID: fe9eaa50237693a14ebe5b5614bf32a02145fe8b
5895 Clang 15 -Wimplicit-int defaults to an error in C99 mode and above.
5903 skip bsd-poll.h if poll.h found; ok dtucker
5913 OpenBSD-Commit-ID: fe1b9e15fc9a4f49fc338e848ce14d8727abe82d
5954 remove mention of --with-security-key-builtin
5980 upstream: openssh-9.1
5982 OpenBSD-Commit-ID: 5a467b2ee81da01a86adf1ad93b62b1728494e56
5990 OpenBSD-Commit-ID: a134c9b4039e48803fc6a87f955b0f4a03181497
5998 -o; spotted by jmc@
6000 OpenBSD-Commit-ID: fe871408cf6f9d3699afeda876f8adbac86a035e
6014 avoid Wuninitialized false positive in gcc-12ish
6020 upstream: use users-groups-by-id@openssh.com sftp-server extension
6023 Implement a client-side cache of see uid/gid=>user/group names. ok markus@
6025 OpenBSD-Commit-ID: f239aeeadfa925a37ceee36ee8b256b8ccf4466e
6033 users-groups-by-id@openssh.com; ok markus@
6035 OpenBSD-Commit-ID: ddb2f33a2da6349a9a89a8b5bcb9ca7c999394de
6041 upstream: extend sftp-common.c:extend ls_file() to support supplied
6045 OpenBSD-Commit-ID: c70c70498b1fdcf158531117e405b6245863bfb0
6051 upstream: sftp-server(8): add a "users-groups-by-id@openssh.com"
6061 OpenBSD-Commit-ID: 7ebabde0bcb95ef949c4840fe89e697e30df47d3
6069 OpenBSD-Commit-ID: d16a307a0711499c971807f324484ed3a6036640
6077 beneath this limit will be ignored for user and host-based authentication.
6079 Feedback deraadt@ ok markus@
6081 OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
6094 feedback deraadt, Dmitry Belyavskiy; ok markus@
6096 OpenBSD-Commit-ID: 430e339b2a79fa9ecc63f2837b06fdd88a7da13a
6106 OpenBSD-Commit-ID: de77cd5b11594297eda82edc594b0d32b8535134
6112 upstream: actually hook up restrict_websafe; the command-line flag
6116 OpenBSD-Commit-ID: 0b363518ac4c2819dbaa3dfad4028633ab9cdff1
6124 OpenBSD-Commit-ID: 780efcbad76281f11f14b2a5ff04eb6db3dfdad4
6143 OpenBSD-Commit-ID: 1396d921c4eb1befd531f5c4a8ab47e7a74b610b
6151 non-existent commands
6153 If user entered a non-existent command (e.g. because they made a
6159 OpenBSD-Commit-ID: cf39c811a68cde2aeb98fc85addea4000ef6b07a
6169 Now that all FIDO signing calls attempt first without PIN and then
6170 fall back to trying PIN only if that attempt fails, we can remove the
6176 OpenBSD-Commit-ID: 684517608c8491503bf80cd175425f0178d91d7f
6184 OpenBSD-Commit-ID: edf1601c1d0905f6da4c713f4d9cecc7d1c0295a
6190 upstream: ssh-agent: attempt FIDO key signing without PIN and use
6192 the error to determine whether a PIN is required and prompt only if
6195 OpenBSD-Commit-ID: dd6be6a0b7148608e834ee737c3479b3270b00dd
6201 upstream: .Li -> .Vt where appropriate; from josiah frentsos,
6207 OpenBSD-Commit-ID: 565046e3ce68b46c2f440a93d67c2a92726de8ed
6215 OpenBSD-Commit-ID: 6765daefe26a6b648cc15cadbbe337596af709b7
6225 OpenBSD-Commit-ID: ade2f2e9cc519d01a586800c25621d910bce384a
6231 openbsd-compat/bsd-asprintf: add <stdio.h> include for vsnprintf
6235 …-asprintf.c:51:8: error: call to undeclared library function 'vsnprintf' with type 'int (char *, u…
6237 implicit function declarations [-Wimplicit-function-declaration]
6240 …bsd-asprintf.c:51:8: note: include the header <stdio.h> or explicitly provide a declaration for 'v…
6256 This brings us up to current, including djm's random-reseeding change,
6258 platform-specific hooks from LibreSSL Portable, simplified to match our
6284 upstream: sk-usbhid: fix key_lookup() on tokens with built-in UV
6286 explicitly test whether the token performs built-in UV (e.g. biometric
6289 OpenBSD-Commit-ID: 007eb7e387d27cf3029ab06b88224e03eca62ccd
6295 Move sftp from valgrind-2 to 3 to rebalance.
6303 OpenBSD-Commit-ID: c2bcbf93610d3d62ed206cdf9bf9ff98c6aaf232
6315 cross-sign allowed_signers with PGP key
6325 Add libcrypt-devel to cygwin-release deps.
6327 Based on feedback from vinschen at redhat.com.
6339 Add cygwin-release test target.
6351 OpenBSD-Commit-ID: a5d015efbfd228dc598ffdef612d2da3a579e5d8
6359 OpenBSD-Commit-ID: d297e4387935d4aef091c5e9432578c2e513f538
6377 upstream: attemp FIDO key signing without PIN and use the error
6379 code returned to fall back only if necessary. Avoids PIN prompts for FIDO
6382 OpenBSD-Commit-ID: 4f752aaf9f2e7c28bcaaf3d4f8fc290131bd038e
6392 OpenBSD-Commit-ID: 4cab364d518470e29e624af3d3f9ffa9c92b6f01
6400 ssh-keyscan and prevent a one-byte buffer overflow. Patch from Qualys, ok
6403 OpenBSD-Commit-ID: 6ae664f9f4db6e8a0589425f74cd0bbf3aeef4e4
6421 Add Cygwin (on windows-2019) test target.
6433 OpenBSD-Commit-ID: 39f35e16ba878c8d02b4d01d8826d9b321be26d4
6439 Check for perms to run agent-getpeereid test.
6442 running ssh-add during the agent-getpeereid test. Check for this and
6465 OpenBSD-Commit-ID: 432c8ff70e270378df9dbceb9bdeaa5b43b5a832
6473 OpenBSD-Commit-ID: 7f80a53d54857ac6ae49ea6ad93c5bd12231d1e4
6486 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6497 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6503 upstream: sftp-server: support home-directory request
6505 Add support to the sftp-server for the home-directory extension defined
6506 in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the
6507 existing expand-path@openssh.com, but uses a more official protocol name,
6508 and so is a bit more likely to be implemented by non-OpenSSH clients.
6512 OpenBSD-Commit-ID: bfc580d05cc0c817831ae7ecbac4a481c23566ab
6518 Replace deprecated ubuntu-18.04 runners with 22.04
6540 Valgrind doesn't let ssh exec ssh-keysign (because it's setuid) so skip
6555 OpenBSD-Regress-ID: ea07ca31c2f3847a38df028ca632763ae44e8759
6563 times and authorized_keys expiry-time options to accept dates in the UTC time
6569 seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
6571 ssh-keygen as part of a CA workflow.
6575 OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13
6629 PIN anyway. Might avoid some unneccessary PIN prompts.
6633 OpenBSD-Commit-ID: bd5342ffc353ee37d39617906867c305564d1ce2
6643 between keys created with or without "-O verify-required".
6647 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6659 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6667 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6690 upstream: avoid double-free in error path introduced in r1.70; report
6692 and fix based on GHPR#332 by v-rzh ok dtucker@
6694 OpenBSD-Commit-ID: 3d21aa127b1f37cfc5bdc21461db369a663a951f
6706 Move stale-configure check as early as possible.
6719 This will result in sftp, sftp-server and scp no longer being linked
6726 Remove seed_rng calls from scp, sftp, sftp-server.
6744 Do not link scp, sftp and sftp-server w/ zlib.
6746 Some of our binaries (eg sftp, sftp-server, scp) do not interact with
6756 Remove workarounds for OpenSSL missing AES-CTR.
6767 Remove workarounds for OpenSSL missing AES-GCM.
6780 OpenBSD-Regress-ID: 38783f9676ec348c5a792caecee9a16e354b37b0
6788 executable. No-op on most platforms but should prevent warnings in -portable
6791 OpenBSD-Regress-ID: e39d79867b8065e33d0c5926fa1a31f85659d2a4
6810 scp -3 ends up using the scp that's in the remote path and will fail if
6817 crank SSH_SK_VERSION_MAJOR in sk-dummy.so
6823 upstream: ssh-keygen: fix touch prompt, pin retries;
6827 OpenBSD-Commit-ID: 75d1005bd2ef8f29fa834c90d2684e73556fffe8
6833 upstream: sk-usbhid: preserve error code returned by key_lookup()
6835 it conveys useful information, such as the supplied pin being wrong.
6839 OpenBSD-Commit-ID: c0647eb9290f793add363d81378439b273756c1b
6852 NB. cranks SSH_SK_VERSION_MAJOR, so any third-party FIDO middleware
6855 OpenBSD-Commit-ID: e45e9f1bf2b2f32d9850669e7a8dbd64acc5fca4
6865 OpenBSD-Commit-ID: bf34f76b8283cc1d3f54633e0d4f13613d87bb2f
6924 README.platform has general platform-specific information, having it
6935 prefix the "configure --help" example command with a "./" so it's likely
6936 to work as-is in more shells. From bz#3461.
6946 supporting md5-style passwords).
6974 OpenSSL has a potential RCE in its RSA implementation (CVE-2022-2274)
6987 Test against openssl-3.0.5.
6995 - remove clang-sanitize-memory for now. It takes so long that the test
6997 - add gcc sanitize-address and sanitize-undefined test targets.
7018 skip those on a re-run.
7020 OpenBSD-Regress-ID: a7570dd29a58df59f2cca647c3c2ec989b49f247
7055 OpenBSD-Commit-ID: 460e2290875d7ae64971a7e669c244b1d1c0ae2e
7065 OpenBSD-Commit-ID: 3de33572733ee7fcfd7db33d37db23d2280254f0
7084 OpenBSD-Commit-ID: e79aa550d91ade6a80f081bda689da24c086d66b
7095 This is a roll-forward of the previous rollback now that the required
7098 OpenBSD-Commit-ID: c7cd93730b3b9f53cdad3ae32462922834ef73eb
7109 OpenBSD-Commit-ID: 9171616da3307612d0ede086fd511142f91246e4
7120 OpenBSD-Commit-ID: 63d8e13276869eebac6d7a05d5a96307f9026e47
7126 upstream: reflect the update to -D arg name in usage();
7128 OpenBSD-Commit-ID: abdcde4f92b1ef094ae44210ee99d3b0155aad9c
7140 upstream: allow arguments to sftp -D option, e.g. sftp -D
7142 "/usr/libexec/sftp-server -el debug3"
7146 OpenBSD-Commit-ID: 5a002b9f3a7aef2731fc0ffa9c921cf15f38ecce
7157 OpenBSD-Commit-ID: 1c7a88a0d5033f42f88ab9bec58ef1cf72c81ad0
7168 OpenBSD-Commit-ID: b2f6e5f60f2bba293b831654328a8a0035ef4a1b
7176 Prevents us from trying to link them into ssh-sk-helper and failing to
7207 OpenBSD-Commit-ID: d180a905fec9ff418a75c07bb96ea41c9308c3f9
7219 OpenBSD-Commit-ID: e384c4e05d5521e7866b3d53ca59acd2a86eef99
7229 OpenBSD-Commit-ID: 4c54d20a8e8e4e9912c38a7b4ef5bfc5ca2e05c2
7237 connection. bz#3447, from vincent-openssh at vinc17 net, ok djm@
7239 OpenBSD-Commit-ID: 9d59f19872b94900a5c79da2d57850241ac5df94
7245 automatically enable built-in FIDO support
7247 If libfido2 is found and usable, then enable the built-in
7248 security key support unless --without-security-key-builtin
7270 OpenBSD-Commit-ID: a089870b95101cd8881a2dff65b2f1627d13e88d
7278 auth2-pubkeyfile.c too; they make more sense there.
7280 OpenBSD-Commit-ID: 9970d99f900e1117fdaab13e9e910a621b7c60ee
7286 upstream: test setenv in both client and server, test first-match-wins
7290 OpenBSD-Regress-ID: 4c8804f9db38a02db480b9923317457b377fe34b
7296 upstream: Make SetEnv directives first-match-wins in both
7305 OpenBSD-Commit-ID: 797909c1e0262c0d00e09280459d7ab00f18273b
7311 upstream: Add missing *-sk types to ssh-keyscan manpage. From
7315 OpenBSD-Commit-ID: fda2c869cdb871f3c90a89fb3f985370bb5d25c0
7325 OpenBSD-Commit-ID: bd60809803c4bfd3ebb7c5c4d918b10e275266f2
7331 upstream: ssh-keygen -A: do not generate DSA keys by default.
7336 OpenBSD-Commit-ID: 5c4c57bdd7063ff03381cfb6696659dd3f9f5b9f
7342 upstream: ssh-keygen: implement "verify-required" certificate option.
7344 This was already documented when support for user-verified FIDO
7345 keys was added, but the ssh-keygen(1) code was missing.
7349 OpenBSD-Commit-ID: f660f973391b593fea4b7b25913c9a15c3eb8a06
7359 OpenBSD-Commit-ID: f146a19d7d5c9374c3b9c520da43b2732d7d1a4e
7392 upstream: split the low-level file handling functions out from
7394 auth2-pubkey.c
7396 Put them in a new auth2-pubkeyfile.c to make it easier to refer to them
7402 OpenBSD-Commit-ID: 3fdca2c61ad97dc1b8d4a7346816f83dc4ce2217
7410 remove "struct ssh *" from arguments - this was only used to pass the
7416 OpenBSD-Commit-ID: 9d4373d013edc4cc4b5c21a599e1837ac31dda0d
7429 OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
7435 upstream: Avoid kill with -1 argument. The out_ctx label can be
7437 reached before fork has been called. If this happens, then kill -1 would be
7442 OpenBSD-Commit-ID: 6277af1207d81202f5daffdccfeeaed4c763b1a8
7452 OpenBSD-Commit-ID: 7115ac351b129205f1f1ffa6bbfd62abd76be7c5
7460 OpenBSD-Commit-ID: 457c79afaca2f89ec2606405c1059b98b30d8b0d
7470 OpenBSD-Commit-ID: 10298513ee32db8390aecb0397d782d68cb14318
7474 Date: Tue May 24 10:21:25 2022 -0700
7484 upstream: regress test for in-place transfers and clobbering larger
7488 OpenBSD-Regress-ID: 19de4e88dd3a4f7e5c1618c9be3c32415bd93bc2
7494 upstream: Only run agent-ptrace.sh if gdb is available as all
7498 OpenBSD-Regress-ID: ec53e928803e6b87f9ac142d38888ca79a45348d
7504 upstream: fix in-place copies; r1.163 incorrectly skipped truncation in
7509 OpenBSD-Commit-ID: b189f19cd68119548c8e24e39c79f61e115bf92c
7525 OpenBSD-Commit-ID: ca39fdd39e0ec1466b9666f15cbcfddea6aaa179
7531 upstream: Remove errant apostrophe. From haruyama at queen-ml org.
7533 OpenBSD-Commit-ID: dc6b294567cb84b384ad6ced9ca469f2bbf0bd10
7539 upstream: Allow existing -U (use agent) flag to work with "-Y sign"
7544 OpenBSD-Commit-ID: a7bc69873b99c32c42c7628ed9ea91565ba08c2f
7550 upstream: improve error message when 'ssh-keygen -Y sign' is unable to
7554 OpenBSD-Commit-ID: bb57b285e67bea536ef81b1055467be2fc380e74
7562 bcrypt_pbkdf.o is duplicated in the openbsd-compat Makefile's object
7580 OpenBSD-Commit-ID: 4f647f58482cbad3d58b1eab7f6a1691433deeef
7611 OpenBSD-Commit-ID: 876884c3f0e62e8fd8d1594bab06900f971c9c85
7622 OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
7630 OpenBSD-Commit-ID: 69a1a93a55986c7c2ad9f733c093b46a47184341
7636 upstream: make sure stdout is non-blocking; ok djm@
7638 OpenBSD-Commit-ID: 64940fffbd1b882eda2d7c8c7a43c79368309c0d
7647 to fit the man page. Then move the -O bits into the new section as is already
7649 trade-offs of resident keys. While here, consistently refer to the FIDO
7654 OpenBSD-Commit-ID: dd98748d7644df048f78dcf793b3b63db9ab1d25
7665 OpenBSD-Commit-ID: db2c89879c29bf083df996bd830abfb1e70d62bf
7674 Felgenhauer, but fixed in a different way. feedback/ok tb@
7676 OpenBSD-Commit-ID: 81cbc6dd3a21c57bd6fadea10e44afe37bca558e
7684 specifying a mask length; allow only 0-9. From khaleesicodes via GHPR#278; ok
7687 OpenBSD-Commit-ID: e267746c047ea86665cdeccef795a8a56082eeb2
7707 Remove now-empty int32_minmax.inc.
7713 upstream: mention that the helpers are used by ssh(1), ssh-agent(1)
7715 and ssh-keygen(1). Previously only ssh(1) was mentioned. From Pedro
7718 OpenBSD-Commit-ID: 30f880f989d4b329589c1c404315685960a5f153
7728 OpenBSD-Commit-ID: 17d11327545022e727d95fd08b213171c5a4585d
7734 upstream: fix memleak on session-bind path; from Pedro Martelletto, ok
7738 OpenBSD-Commit-ID: e85899a26ba402b4c0717b531317e8fc258f0a7e
7746 OpenBSD-Commit-ID: 9d24671e10a84141b7c504396cabad600e47a941
7754 OpenBSD-Commit-ID: f735a17d1a6f2bee63bfc609d76ef8db8c090890
7764 OpenBSD-Commit-ID: af0315bc3e44aa406daa7e0ae7c2d719a974483f
7774 OpenBSD-Commit-ID: a6debb5fb0c8a44e43e8d5ca7cc70ad2f3ea31c3
7783 files, ssh-xmss.c does not include xmss_commons.h so ssh-xmss.c must include
7786 OpenBSD-Commit-ID: 70e28a9818cee3da1be2ef6503d4b396dd421e6b
7796 options->send_env. From Martin Vahlensieck
7798 OpenBSD-Commit-ID: 2c9db31e3f4d3403b49642c64ee048b2a0a39351
7804 Add debian-riscv64 test target.
7838 OpenBSD-Regress-ID: 8246f00f22b14e49d2ff1744c94897ead33d457b
7844 upstream: Use ssh -f and ControlPersist ..
7846 to start up test forwards and ssh -O stop to shut them down intead of
7849 OpenBSD-Regress-ID: eb3db5f805100919b092a3b2579c611fba3e83e7
7855 upstream: Simplify forward-control test.
7858 commands on the other end of the connection and can use ssh -N instead.
7861 OpenBSD-Regress-ID: 32e94ce272820cc398f30b848b2b0f080d10302c
7869 OpenBSD-Regress-ID: c96bea9edde3a384b254785e7f9b2b24a81cdf82
7877 OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
7886 should make ~-escapes work in the client (e.g. to exit) if the connection
7889 OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
7897 OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
7908 OpenBSD-Commit-ID: 24e1795ed2283fdeacf16413c2f07503bcdebb31
7918 OpenBSD-Commit-ID: 9b7784f054fa5aa4d63cb36bd563889477127215
7927 1.19: ssh-keygen's -G/-T have been replaced with -M generate/screen.
7947 OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
7953 upstream: Note that curve25519-sha256 was later published in
7957 OpenBSD-Commit-ID: 2ac2b5d642d4cf5918eaec8653cad9a4460b2743
7965 enforce stricter invarient for sshbuf_set_parent() - never allow
7966 a buffer to have a previously-set parent changed.
7971 OpenBSD-Commit-ID: 14583203aa5d50ad38d2e209ae10abaf8955e6a9
7977 Revert "update build-aux files to match autoconf-2.71"
7981 It turns out that the checked-in copies of these files are actually newer
7982 than autoconf-2.71's copies, so this was effectively a downgrade.
7989 update build-aux files to match autoconf-2.71
7991 i.e. config.guess, config.sub and install-sh
8003 upstream: openssh-9.0
8005 OpenBSD-Commit-ID: 0dfb461188f4513ec024c1534da8c1ce14c20b64
8011 upstream: ssh: document sntrup761x25519-sha512@openssh.com as
8015 OpenBSD-Commit-ID: 12545bfa10bcbf552d04d9d9520d0f4e98b0e171
8030 OpenBSD-Commit-ID: 9520801729bebcb3c9fe43ad7f9776ab4dd05ea3
8044 The system shells cause the agent-restrict test to fail due to some
8084 This should improve compatibility for users with non-POSIX shells. If
8085 using Makefile.in directly (eg make -f Makefile.in distprep) then SHELL
8105 upstream: add a sftp client "cp" command that supports server-side
8107 copying of files. Useful for this task and for testing the copy-data
8110 OpenBSD-Commit-ID: 1bb1b950af0d49f0d5425b1f267e197aa1b57444
8116 upstream: add support for the "corp-data" protocol extension to
8118 allow server-side copies to be performed without having to go via the client.
8121 OpenBSD-Commit-ID: 00aa510940fedd66dab1843b58682de4eb7156d5
8127 upstream: select post-quantum KEX
8129 sntrup761x25519-sha512@openssh.com as the default; ok markus@
8131 OpenBSD-Commit-ID: f02d99cbfce22dffec2e2ab1b60905fbddf48fb9
8142 OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
8152 OpenBSD-Commit-ID: 48d38cef59d6bc8e84c6c066f6d601875d3253fd
8158 upstream: avoid NULL deref via ssh-keygen -Y find-principals.
8162 OpenBSD-Commit-ID: a3b2c02438052ee858e0ee18e5a288586b5df2c5
8185 This means they'll still work when the combination of -portable and
8192 Remove now-unused passwd variable.
8204 Factor out platform-specific locked account check.
8224 OpenBSD-Commit-ID: fddc32d74e5dd5cff1a49ddd6297b0867eae56a6
8238 OpenBSD-Commit-ID: 15f86da83176978b4d1d288caa24c766dfa2983d
8246 re-exec path - we're never going to use the result and if the operation fails
8250 OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
8258 OpenBSD-Commit-ID: d5e0182965b2fbfb03ad5f256d1a1ce5706bcddf
8266 OpenBSD-Commit-ID: e3315a45cb04e7feeb614d76ec80a9fe4ca0e8c7
8272 upstream: ssh-keygen -Y check-novalidate requires namespace or SEGV
8276 OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
8284 OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
8296 Thread: https://marc.info/?l=openbsd-tech&m=164687525802691&w=2
8300 OpenBSD-Commit-ID: f8bfc082e36e2d2dc4e1feece02fe274155ca11a