Lines Matching +full:noise +full:- +full:sensitive
17 upstream: openssh-9.7
19 OpenBSD-Commit-ID: 618ececf58b8cdae016b149787af06240f7b0cbc
46 OpenBSD-Commit-ID: e58f18042b86425405ca09e6e9d7dfa1df9f5f7f
52 upstream: skip more whitespace, fixes find-principals on
56 OpenBSD-Commit-ID: b3a22a2afd753d70766f34bc7f309c03706b5298
67 OpenBSD-Regress-ID: f68d79e7f00caa8d216ebe00ee5f0adbb944062a
73 Prefer openssl binary from --with-ssl-dir directory.
75 Use openssl in the directory specified by --with-ssl-dir as long
86 OpenBSD-Commit-ID: 97d96a166b1ad4b8d229864a553e3e56d3116860
92 upstream: wrap a few PKCS#11-specific bits in ENABLE_PKCS11
94 OpenBSD-Commit-ID: 463e4a69eef3426a43a2b922c4e7b2011885d923
102 Unbreaks "make test" when compiled --without-openssl.
110 add a --without-retpoline configure option
122 OpenBSD-Commit-ID: 208839699939721f452a4418afc028a9f9d3d8af
139 OpenBSD-Commit-ID: 7f196cba634c2a3dba115f3fac3c4635a2199491
157 upstream: explain arguments of internal-sftp GHPR#454 from Niklas
160 MIME-Version: 1.0
161 Content-Type: text/plain; charset=UTF-8
162 Content-Transfer-Encoding: 8bit
164 OpenBSD-Commit-ID: 0335d641ae6b5b6201b9ffd5dd06345ebbd0a3f3
173 MIME-Version: 1.0
174 Content-Type: text/plain; charset=UTF-8
175 Content-Transfer-Encoding: 8bit
177 OpenBSD-Commit-ID: d37bc8786317a11649c62ff5e2936441186ef7a0
185 OpenBSD-Commit-ID: d59c52559f926fa82859035d79749fbb4a3ce18a
195 OpenBSD-Commit-ID: 05b23b772677d48aa82eefd7ebebd369ae758908
205 OpenBSD-Commit-ID: 4e412d59b3f557d431f1d81c715a3bc0491cc677
215 OpenBSD-Commit-ID: e11023aeb3f30b77a674e37b8292c862926d5dc6
223 OpenBSD-Regress-ID: b4c0ccfa4006a1bc5dfd99ccf21c854d3ce2aee0
234 OpenBSD-Regress-ID: dd28d97d48efe7329a396d0d505ee2907bf7fc57
247 OpenBSD-Regress-ID: c25eaccc3c91bc874400f7c85ce40e9032358c1c
255 OpenBSD-Commit-ID: 509bb19bb9762a4b3b589af98bac2e730541b6d4
263 OpenBSD-Commit-ID: b24680bc755b621ea801ff8edf6f0f02b68edae1
292 Add --disable-fd-passing option.
315 OpenBSD-Commit-ID: bf9e4a1049562ee4322684fbdce07142f04fdbb7
334 OpenBSD-Regress-ID: 8780a7250bf742b33010e9336359a1c516f2d7b5
344 OpenBSD-Regress-ID: dfc27b5574e3f19dc4043395594cea5f90b8572a
354 OpenBSD-Commit-ID: 9dd417b6eec3cf67e870f147464a8d93f076dce7
360 upstream: make DSA key support compile-time optional, defaulting to
366 OpenBSD-Commit-ID: 4f8e98fc1fd6de399d0921d5b31b3127a03f581d
374 OpenBSD-Commit-ID: cb07eb06e15fa2334660ac73e98f29b6a1931984
384 OpenBSD-Regress-ID: f10d19f697024e9941acad7c2057f73d6eacb8a2
394 the existing per-channel timeouts added a few releases ago.
396 This supports use-cases like having a session + x11 forwarding channel
403 OpenBSD-Commit-ID: 0054157d24d2eaa5dc1a9a9859afefc13d1d7eb3
409 upstream: adapt ssh_api.c code for kex-strict
413 OpenBSD-Commit-ID: 4d9f256852af2a5b882b12cae9447f8f00f933ac
429 Date: Tue Dec 19 11:48:20 2023 -0500
431 Fix compilation error in ssh-pcks11-client.c
448 OpenBSD-Commit-ID: ad0734fe5916d2dc7dd02b588906cea4df0482fb
454 upstream: fix missing field in users-groups-by-id@openssh.com reply
460 OpenBSD-Commit-ID: ff5733ff6ef4cd24e0758ebeed557aa91184c674
466 upstream: make kex-strict section more explicit about its intent:
470 OpenBSD-Commit-ID: fc33a2d7f3b7013a7fb7500bdbaa8254ebc88116
482 unbreak fuzzers - missing pkcs11_make_cert()
499 upstream: remove ext-info-* in the kex.c code, not in callers;
503 OpenBSD-Commit-ID: c06fe2d3a0605c517ff7d65e38ec7b2d1b0b2799
511 OpenBSD-Commit-ID: 77140b520a43375b886e535eb8bd842a268f9368
519 OpenBSD-Commit-ID: 5a636f6ca7f25bfe775df4952f7aac90a7fcbbee
527 OpenBSD-Commit-ID: 9d01f2e9d59a999d5d42fc3b3efcf8dfb892e31b
533 upstream: sort -C, and add to usage(); ok djm
535 OpenBSD-Commit-ID: 80141b2a5d60c8593e3c65ca3c53c431262c812f
543 OpenBSD-Commit-ID: e289576ee5651528404cb2fb68945556052cf83f
551 OpenBSD-Commit-ID: 9422289747c35ccb7b31d0e1888ccd5e74ad566a
557 better detection of broken -fzero-call-used-regs
563 > for ‘-fzero-call-used-regs’ on this target
565 This extends the autoconf will-it-work test with a similarly-
586 upstream: regress test for agent PKCS#11-backed certificates
588 OpenBSD-Regress-ID: 38f681777cb944a8cc3bf9d0ad62959a16764df9
596 OpenBSD-Regress-ID: b2f26ae95d609d12257b43aef7cd7714c82618ff
602 upstream: openssh-9.6
604 OpenBSD-Commit-ID: 21759837cf0e0092d9a2079f8fb562071c11016b
610 upstream: ssh-agent: record failed session-bind attempts
612 Record failed attempts to session-bind a connection and refuse signing
616 recognised by an older ssh-agent, that consequently causes session-bind
618 and ssh-agent(1) of different versions on the same host). Previously,
624 OpenBSD-Commit-ID: b0fdd023e920aa4831413f640de4c5307b53552e
637 interactions with user-specified ProxyCommand and other directives
654 OpenBSD-Commit-ID: 3b487348b5964f3e77b6b4d3da4c3b439e94b2d9
662 This makes ssh/sshd more strict in handling non-compliant peers that
670 OpenBSD-Commit-ID: 811e21b41831eba3dd7f67b3d409a438f20d3037
679 ssh-add to keys loaded from PKCS#11 tokens in the agent.
683 OpenBSD-Commit-ID: bb5433cd28ede2bc910996eb3c0b53e20f86037f
695 OpenBSD-Commit-ID: 36df3afb8eb94eec6b2541f063d0d164ef8b488d
701 upstream: add "ext-info-in-auth@openssh.com" extension
714 OpenBSD-Commit-ID: 1de7da7f2b6c32a46043d75fcd49b0cbb7db7779
730 OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
736 better detection of broken -fzero-call-used-regs
757 OpenBSD-Commit-ID: 5cfabc0b7c6c7ab473666df314f377b1f15420b1
765 OpenBSD-Commit-ID: 594f61ad4819ff5c72dfe99ba666a17f0e1030ae
775 OpenBSD-Commit-ID: 2bcddd695872a1bef137cfff7823044dcded90ea
787 Use non-zero arg in compiler test program.
790 can cause divide-by-zero exceptions which might show up in logs.
800 OpenBSD-Commit-ID: bf85362addbe2134c3d8c4b80f16601fbff823b7
808 OpenBSD-Commit-ID: 1c3641be10c2f4fbad2a1b088a441d072e18bf16
823 Add gcc-12 -Werror test on Ubuntu 22.04.
825 Explictly specify gcc-11 on Ubuntu 22.04 (it's the system compiler).
833 ... and since we're testing for flags with -Werror, this caused
834 configure to mis-detect compiler flags.
862 Expand -fzero-call-used-regs test to cover gcc 11.
864 It turns out that gcc also has some problems with -fzero-call-used-regs,
874 Stop using -fzero-call-used-regs=all
877 clang. Only use -fzero-call-used-regs=used which is less
899 OpenBSD-Commit-ID: 29cea900ddd8b04a4d1968da5c4a893be2ebd9e6
911 OpenBSD-Commit-ID: 6c7d7751f6cd055126b2b268a7b64dcafa447439
924 OpenBSD-Commit-ID: c292f738db410f729190f92de100c39ec931a4f1
938 OpenBSD-Commit-ID: 1c177d7c3becc1d71bc8763eecf61873a1d3884c
954 ... instead of relying on installed one. Fixes test failures in -portable
957 OpenBSD-Regress-ID: b6d6ba71c23209c616efc805a60d9a445d53a685
963 Put long-running test targets on hipri runners.
966 reasons, so label them for "libvirt-hipri" runners so that they can
977 OpenBSD-Regress-ID: eb48610282f6371672bdf2a8b5d2aa33cfbd322b
992 OpenBSD-Regress-ID: 70d58df7503db699de579a9479300e5f3735f4ee
1002 OpenBSD-Regress-ID: dbad2f5ece839658ef8af3376cb1fb1cabe2e324
1008 upstream: move PKCS#11 setup code to test-exec.sh so it can be reused
1012 OpenBSD-Regress-ID: 1d29e6be40f994419795d9e660a8d07f538f0acb
1028 OpenBSD-Regress-ID: 07705c31de30bab9601a95daf1ee6bef821dd262
1068 OpenBSD-Regress-ID: f1b20a476734e885078c481f1324c9ea03af991e
1078 OpenBSD-Regress-ID: 7ea21b5f6fc4506165093b2123d88d20ff13a4f0
1086 OpenBSD-Regress-ID: b0abf81c24ac6c21f367233663228ba16fa96a46
1094 OpenBSD-Commit-ID: 95f5dd6107e8902b87dc5b005ef2b53f1ff378b8
1104 OpenBSD-Regress-ID: cbf2701bc347c2f19d907f113779c666f1ecae4a
1116 OpenBSD-Regress-ID: 3b7f65c8f409c328bcd4b704f60cb3d31746f045
1130 Now that configure finds these for us we can remove these -portable
1139 This will let us remove some -portable specific changes from
1140 test-exec.sh.
1150 OpenBSD-Regress-ID: 7de0e00518fb0c8fdc5f243b7f82f523c936049c
1161 OpenBSD-Regress-ID: 8cb898c414fcdb252ca6328896b0687acdaee496
1167 Update openssl-devel dependency in RPM spec.
1170 build with --without-openssl elsewhere.
1189 This lets us compile Portable with -Werror with when OpenSSL doesn't have
1192 OpenBSD-Commit-ID: e02e4b4af351946562a7caee905da60eff16ba29
1198 run t-extra regress tests
1200 This exposes the t-extra regress tests (including agent-pkcs11.sh) as
1201 a new extra-tests target in the top level Makefile and runs them by
1208 Don't use make -j2.
1226 OpenBSD-Regress-ID: 98a2a6b9333743274359e3c0f0e65cf919a591d1
1236 OpenBSD-Regress-ID: c3297af8f07717f1d400a5d34529962f1a76b5a3
1242 upstream: 64 %-expansion keys ought to be enough for anybody; ok
1246 OpenBSD-Commit-ID: 84070f8001ec22ff5d669f836b62f206e08c5787
1254 OpenBSD-Commit-ID: 251c0263e1759a921341c7efe7f1d4c73e1c70f4
1274 OpenBSD-Commit-ID: ce9983f7efe6a178db90dc5c1698df025df5e339
1284 OpenBSD-Commit-ID: 0daa41e0525ae63cae4483519ecaa37ac485d94c
1295 OpenBSD-Commit-ID: 5c14e1aabcddedb95cdf972283d9c0d5083229e7
1303 OpenBSD-Commit-ID: 191a85639477dcb5fa1616d270d93b7c8d5c1dfd
1309 upstream: ssh -Q does not make sense with other command-line options,
1313 OpenBSD-Commit-ID: 00a747f0655c12122bbb77c2796be0013c105361
1323 OpenBSD-Commit-ID: 55630b26f390ac063980cfe7ad8c54b03284ef02
1333 OpenBSD-Commit-ID: 01b85c91757e6b057e9b23b8a23f96415c3c7174
1341 OpenBSD-Commit-ID: 1b4fb590ef731099349a7d468b77f02b240ac926
1353 OpenBSD-Commit-ID: 0bd8db8a595334ca86bca8f36e23fc0395315765
1359 upstream: s/%.100s/%s/ in SSH- banner construction as there's no
1364 OpenBSD-Commit-ID: 0ef73304b9bf3e534c60900cd84ab699f859ebcd
1376 OpenBSD-Commit-ID: 91fa5497c9dc6883064624ac27813a567883fdce
1386 OpenBSD-Commit-ID: e61795b453d4892d2c99ce1039112c4a00250e03
1394 OpenBSD-Regress-ID: 6a8edf0dc39941298e3780b147b10c0a600b4fee
1405 OpenBSD-Regress-ID: b3f1292115fed65765d0a95414df16e27772d81c
1415 OpenBSD-Regress-ID: f063330f1bebbcd373100afccebc91a965b14496
1423 OpenBSD-Commit-ID: 493f95121567e5ab0d9dd1150f873b5535ca0195
1435 upstream: openssh-9.5
1437 OpenBSD-Commit-ID: 5e0af680480bd3b6f5560cf840ad032d48fd6b16
1447 OpenBSD-Commit-ID: aa1450a54fcee2f153ef70368d90edb1e7019113
1455 OpenBSD-Commit-ID: ff5bda21a83ec013db683e282256a85201d2dc4b
1471 OpenBSD-Commit-ID: 2f5fba917b5d4fcf93d9e0b0756c7f63189e228e
1477 upstream: rename remote_glob() -> sftp_glob() to match other API
1479 OpenBSD-Commit-ID: d9dfb3708d824ec02970a84d96cf5937e0887229
1487 OpenBSD-Commit-ID: 69285e0ce962a7c6b0ab5f17a293c60a0a360a18
1493 Use zero-call-used-regs=used with Apple compilers.
1497 have the clang-15 zero-call-used-regs=all bug, so for now use the value
1510 OpenBSD-Commit-ID: 05f61d051ab418fcfc4857ff306e420037502382
1520 OpenBSD-Commit-ID: c61caa4a5a667ee20bb1042098861e6c72c69002
1526 upstream: regress test recursive remote-remote directories copies where
1530 also remove errant `set -x` that snuck in at some point
1532 OpenBSD-Regress-ID: 1c94a48bdbd633ef2285954ee257725cd7bc456f
1538 upstream: fix recursive remote-remote copies of directories that
1542 OpenBSD-Commit-ID: 7e19d2ae09b4f941bf8eecc3955c9120171da37f
1552 OpenBSD-Regress-ID: eaa4c29cc5cddff4e72a16bcce14aeb1ecfc94b9
1560 OpenSSH and it shows - the function names are terrible.
1565 change from returning a pointer to a static variable (error-prone) to
1566 taking a pointer to a caller-provided receiver.
1568 OpenBSD-Commit-ID: eb54d6a72d0bbba4d623e2175cf5cc4c75dc2ba4
1579 OpenBSD-Commit-ID: 9760fda668eaa94a992250d7670dfbc62a45197c
1587 OpenBSD-Regress-ID: 5f8135da3bfda71067084c048d717b0e8793e87c
1597 OpenBSD-Commit-ID: 3911d18a826a2d2fe7e4519075cf3e57af439722
1608 OpenBSD-Commit-ID: e683dfca6bdcbc3cc339bb6c6517c0c4736a547f
1617 subsystem configuration (sftp-server) is unlikely to be affected.
1619 OpenBSD-Commit-ID: 8ffa296aeca981de5b0945242ce75aa6dee479bf
1630 OpenBSD-Commit-ID: fc90ed2cc0c18d4eb8e33d2c5e98d25f282588ce
1640 OpenBSD-Commit-ID: 647460a212b916540016d066568816507375fd7f
1653 OpenBSD-Commit-ID: f498beaad19c8cdcc357381a60df4a9c69858b3f
1662 obfuscatior for non-channels data like ClientAlive probes and also fixes a
1668 OpenBSD-Commit-ID: d98f32dc62d7663ff4660e4556e184032a0db123
1679 OpenBSD-Commit-ID: 5c270d35f7d2974db5c1646e9c64188f9393be31
1690 OpenBSD-Commit-ID: f9776c7b0065ba7c3bbe50431fd3b629f44314d0
1701 OpenBSD-Commit-ID: 72783a26254202e2f3f41a2818a19956fe49a772
1710 by setting -std=gnu99, at which point we won't be testing C89 any more.
1717 upstream: make PerSourceMaxStartups first-match-wins; ok dtucker@
1719 OpenBSD-Commit-ID: dac0c24cb709e3c595b8b4f422a0355dc5a3b4e7
1727 OpenBSD-Commit-ID: b1afaeb456a52bc8a58f4f9f8b2f9fa8f6bf651b
1738 OpenBSD-Commit-ID: 85b364676dd84cf1de0e98fc2fbdcb1a844ce515
1746 OpenBSD-Commit-ID: e80343c16ce0420b2aec98701527cf90371bd0db
1754 matter, since the range is pre-clamped)
1756 OpenBSD-Commit-ID: f786ed902d04a5b8ecc581d068fea1a79aa772de
1764 This attempts to hide inter-keystroke timings by sending interactive
1772 OpenBSD-Commit-ID: 02231ddd4f442212820976068c34a36e3c1b15be
1778 upstream: Introduce a transport-level ping facility
1783 ext-info message with a string version number of "0".
1787 OpenBSD-Commit-ID: b6b3c4cb2084c62f85a8dc67cf74954015eb547f
1801 OpenBSD-Commit-ID: bd47dab4695b134a44c379f0e9a39eed33047809
1811 OpenBSD-Commit-ID: 641153e7c05117436ddfc58267aa267ca8b80038
1825 obsd-arm64 host is real hardware...
1847 OpenBSD-Commit-ID: 743af3c6e3ce5e6cecd051668f0327a01f44af29
1872 OpenBSD-Commit-ID: 4d5c6c894664f50149153fd4764f21f43e7d7e5a
1878 upstream: defence-in-depth MaxAuthTries check in monitor; ok markus
1880 OpenBSD-Commit-ID: 65a4225dc708e2dae71315adf93677edace46c21
1888 OpenBSD-Commit-ID: 6c984171c96ed67effd7b5092f3d3975d55d6028
1902 OpenBSD-Commit-ID: 82237567fcd4098797cbdd17efa6ade08e1a36b0
1910 OpenBSD-Commit-ID: 5c11fbb9592a29b37bbf36f66df50db9d38182c6
1934 upstream: openssh-9.4
1936 OpenBSD-Commit-ID: 71fc1e01a4c4ea061b252bd399cda7be757e6e35
1960 OpenBSD-Commit-ID: 2fbe1a36d4a24b98531b2d298a6557c8285dc1b4
1968 When sshd is built with an OpenSSL that does not self-seed, it would
1978 commented- out config option match. From Ed Maste
1980 OpenBSD-Commit-ID: e66e934c45a9077cb1d51fc4f8d3df4505db58d9
1990 OpenBSD-Commit-ID: 2b6b0dde4407e039f58f86c8d2ff584a8205ea55
2000 OpenBSD-Commit-ID: 538cfcddbbb59dc3a8739604319491dcb8e0c0c9
2006 upstream: don't need to start a command here; use ssh -N instead.
2010 OpenBSD-Regress-ID: ff678a8cc69160a3b862733d935ec4a383f93cfb
2018 a specific point. e.g. "make LTESTS_FROM=t-sftp" will only run the sftp.sh
2021 OpenBSD-Regress-ID: 07f653de731def074b29293db946042706fcead3
2029 OpenBSD-Regress-ID: a6150262f39065939f025e546af2a346ffe674c1
2037 OpenBSD-Regress-ID: 55e4186604e80259496d841e690ea2090981bc7a
2047 OpenBSD-Commit-ID: 7ed1082f23a13b38c373008f856fd301d50012f9
2056 address/port 4-tuple) as expansion sequences; ok markus
2058 OpenBSD-Commit-ID: ee9a48bf1a74c4ace71b69de69cfdaa2a7388565
2064 upstream: increase default KDF work-factor for OpenSSH format
2068 OpenBSD-Commit-ID: a3afb1383f8ff0a49613d449f02395d9e8d4a9ec
2074 Prefer OpenSSL's SHA256 in sk-dummy.so
2076 Previously sk-dummy.so used libc's (or compat's) SHA256 since it may be
2099 upstream: make ssh -f (fork after authentication) work properly in
2104 OpenBSD-Commit-ID: a7a2976a54b93e6767dc846b85647e6ec26969ac
2112 OpenBSD-Commit-ID: e6ddfef94b0eb867ad88abe07cedc8ed581c07f0
2118 upstream: tweak the allow-remote-pkcs11 text;
2120 OpenBSD-Commit-ID: bc965460a89edf76865b7279b45cf9cbdebd558a
2126 Handle a couple more OpenSSL no-ecc cases.
2140 Bring back OPENSSL_HAS_ECC to ssh-pkcs11-client
2146 upstream: Separate ssh-pkcs11-helpers for each p11 module
2148 Make ssh-pkcs11-client start an independent helper for each provider,
2152 This also implements reference counting of PKCS#11-hosted keys,
2153 allowing ssh-pkcs11-helper subprocesses to be automatically reaped
2160 OpenBSD-Commit-ID: 0ce188b14fe271ab0568f4500070d96c5657244e
2174 OpenBSD-Commit-ID: 1508a5fbd74e329e69a55b56c453c292029aefbe
2182 libraries to ssh-agent by default.
2185 can be restored using `ssh-agent -O allow-remote-pkcs11`.
2188 the `session-bind@openssh.com` extension. Forwarding access to a
2189 ssh-agent socket using non-OpenSSH tools may circumvent this control.
2193 OpenBSD-Commit-ID: 4c2bdf79b214ae7e60cc8c39a45501344fa7bd7c
2203 OpenBSD-Commit-ID: 39532cf18b115881bb4cfaee32084497aadfa05c
2233 OpenBSD-Commit-ID: 9a08ed8dae27d3f38cf280f1b28d4e0ff41a737a
2239 upstream: - add -P to usage() - sync the arg name to -J in usage()
2241 with that in ssh.1 - reformat usage() to match what "man ssh" does on 80width
2243 OpenBSD-Commit-ID: 5235dd7aa42e5bf90ae54579d519f92fc107036e
2249 upstream: -P before -p in SYNOPSIS;
2251 OpenBSD-Commit-ID: 535f5257c779e26c6a662a038d241b017f8cab7c
2257 upstream: configuation -> configuration
2259 OpenBSD-Commit-ID: 4776ced33b780f1db0b2902faec99312f26a726b
2269 OpenBSD-Commit-ID: ef5bf46b57726e4260a63b032b0b5ac3b4fe9cd4
2277 where it caused merge conflict in -portable for each commit :(
2279 OpenBSD-Commit-ID: 756ebac963df3245258b962e88150ebab9d5fc20
2288 to fall back to text revocation lists in some cases; fixes t-cert-hostkey.
2290 OpenBSD-Commit-ID: 5c670a6c0f027e99b7774ef29f18ba088549c7e1
2311 OpenBSD-Commit-ID: dc08358e70e702b59ac3e591827e5a96141b06a3
2326 OpenBSD-Commit-ID: cffb6ff9a3803abfc52b5cad0aa190c5e424c139
2338 Now, some years later, we have SSHSIG support in ssh-keygen that is
2340 semi-finished KRL signing/verification support from OpenSSH and
2341 refactors the remaining code to realise the benefit - primarily, we
2346 OpenBSD-Commit-ID: 517437bab3d8180f695c775410c052340e038804
2360 OpenBSD-Commit-ID: ae2fcde9a22a9ba7f765bd4f36b3f5901d8c3fa7
2368 OpenBSD-Commit-ID: e7c31034a5434f2ead3579b13a7892960651e6b0
2380 portable-specific int overflow defence-in-depth
2389 upstream: add defence-in-depth checks for some unreachable integer
2393 OpenBSD-Commit-ID: 52af085f4e7ef9f9d8423d8c1840a6a88bda90bd
2401 OpenBSD-Commit-ID: d0f12af0a5067a756aa707bc39a83fa6f58bf7e5
2410 supposed replacement is is non-existent, so this follows the approach
2423 OpenBSD-Commit-ID: 0514cd51db3ec60239966622a0d3495b15406ddd
2429 upstream: add support for unix domain sockets to ssh -W
2433 OpenBSD-Commit-ID: 3e6d47567b895c7c28855c7bd614e106c987a6d8
2439 gss-serv.c: `MAXHOSTNAMELEN` -> `HOST_NAME_MAX`
2476 OpenBSD-Commit-ID: a992d410c8a78ec982701bc3f91043dbdb359912
2482 upstream: make `ssh -Q CASignatureAlgorithms` only list signature
2488 OpenBSD-Commit-ID: 99c2b072dbac0f44fd1f2269e3ff6c1b5d7d3e59
2498 OpenBSD-Commit-ID: 31cf59c041becc0e5ccb0a77106f812c4cd1cd74
2506 using ssh -W by explicitly decoding PORT_STREAMLOCAL (a negative number) from
2510 OpenBSD-Commit-ID: e5ac5f40d354096c51e8c118a5c1b2d2b7a31384
2518 fixes "no comment" not showing on when running `ssh-keygen -l` on multiple
2522 OpenBSD-Commit-ID: 3cce84456fdcd67dc6b84e369f92c6686d111d9b
2530 INT_MAX. Fixes sign compare warnings systems with 32-bit time_t due to type
2533 OpenBSD-Commit-ID: 48081e9ad35705c5f1705711704a4c2ff94e87b7
2539 fixup! if -s & -p specified, mention 'sftp -P' on
2543 SSH-Copy-ID-Upstream: 32686e7c65b4fa2846e474d3315102dfa0f043b0
2549 Make ssh-copy-id(1) consistent with OpenSSH.
2551 This makes the ssh-copy-id man page more consistent with the rest of the
2553 - new sentence, new line
2554 - no sentences >80
2555 - N.B. -> NB
2556 - zap unused .Pp
2557 - zap trailing whitespace
2561 SSH-Copy-ID-Upstream: d8974cfb6242316460ed22a1ccc662800a50c5d3
2567 if -s & -p specified, mention 'sftp -P' on success
2570 https://github.com/openssh/openssh-portable/pull/321
2574 the lowercase -p in there, even if sftp is in use, is that the sftp call
2575 is using the already-established ssh master connection, so the port was
2578 SSH-Copy-ID-Upstream: 1c124d9bfafdbe28a00b683367ebf5750ce12eb2
2586 SSH-Copy-ID-Upstream: e604fae1cdee35c18055d35dcec530cf12ef00ad
2592 make -x also apply to the target script
2594 SSH-Copy-ID-Upstream: 3c4214704f427bd0654adf9b0fc079253db21cf4
2600 add -t option to specify the target path
2602 Allow the default target path (.ssh/authorized_files) to be over-riden
2606 https://gitlab.com/phil_hands/ssh-copy-id/-/merge_requests/8
2608 SSH-Copy-ID-Upstream: a942a0e076874adb6d8b2f0fb76d6c7918190fcd
2611 Author: Carlos Rodríguez Gili <carlos.rodriguez-gili@upc.edu>
2616 On Solaris 10 and older targets /bin/sh is not POSIX-compliant.
2617 Test -z `...` fails with error 'sh: test: argument expected'.
2621 SSH-Copy-ID-Upstream: 98394072a3f985b2650c1e8eab2fef84e38cc065
2631 SSH-Copy-ID-Upstream: 930d39f238117cd53810240ec989d0356aa1c1f6
2644 SSH-Copy-ID-Upstream: 0e1f5d443a9967483c33945793107ae3f3e4af2d
2650 ssh-copy-id: add -x option (for debugging)
2652 This option causes the ssh-copy-id to run with set -x
2654 SSH-Copy-ID-Upstream: a0ee367ea8c0a29c8b4515245e408d2d349e7844
2662 SSH-Copy-ID-Upstream: c284ed33b361814ea48ff68cbd01ca525b2bf117
2673 OpenBSD-Commit-ID: 1c92e4517284386703936e1d3abaa36cfacf1951
2683 OpenBSD-Commit-ID: 379a5afa8b7a0f3cba0c8a9bcceb4e5e33a5c1ef
2719 Skip agent-peereid test on macos13.
2721 sudo -S nobody doesn't work on the github runners (probably a
2746 OpenBSD-Commit-ID: 3d5f811cfcaed8cc4a97e1db49ac61bdf118113c
2752 Add macos-13 test target.
2768 requests - a misfeature strictly permitted by the protocol but seldom
2774 prompted by https://github.com/openssh/openssh-portable/commit/9b733#commitcomment-110679778
2776 OpenBSD-Commit-ID: 4af7fac75958ad8507b4fea58706f3ff0cfddb1b
2789 OpenBSD-Commit-ID: 80a58e43c3a32f97361282f756ec8d3f37989efd
2797 OpenBSD-Commit-ID: 30c0a34d74d91ddd0e6992525da70d3293392f70
2805 OpenBSD-Commit-ID: 44d3223902fbce5276422bdc8063ab72a4078489
2817 remove unused upper-case const strings in fmtfp
2819 no float format that uses upper-case is supported nor are hex floats.
2830 OpenBSD-Commit-ID: a493e628d4d6c08f878c276d998f4313ba61702d
2840 OpenBSD-Commit-ID: 852bf12591ec5a9fb12dcbde9b1fd3945ad0df3c
2850 OpenBSD-Commit-ID: fa3518346c21483e9e01a2e4b9436ae501daf8ea
2858 OpenBSD-Commit-ID: 85bb82fea90478a482e9f65a1bec0aa24227fd66
2871 OpenBSD-Commit-ID: de36e5ad6fde0fe263ca134e986b9095dc59380a
2887 OpenBSD-Commit-ID: eef2403df083c61028969fc679ee370373eacacb
2897 OpenBSD-Commit-ID: 1ffb03038ba1b6b72667be50cf5e5e396b5f2740
2908 OpenBSD-Commit-ID: de1c1130646230c2eda559831fc6bfd1b61d9618
2918 OpenBSD-Commit-ID: 7d0270ad3dd102412ca76add2b3760518abdef75
2926 OpenBSD-Commit-ID: ce66db603a913d3dd57063e330cb5494d70722c4
2936 OpenBSD-Commit-ID: ad42971a6ee5a46feab2d79f7f656f8cf4b119f3
2944 OpenBSD-Commit-ID: 6a0b719f9b1ae9d42ad8c5b144c7962c93792f7c
2954 OpenBSD-Commit-ID: 1a34f4b6896155b80327d15dc7ccf294b538a9f2
2962 OpenBSD-Commit-ID: 4c7d20ef776887b0ba1aabcfc1b14690e4ad0a40
2973 OpenBSD-Commit-ID: 4a95f3f7330394dffee5c749d52713cbf3b54846
2984 OpenBSD-Commit-ID: ab3fde6da384ea588226037c38635a6b2e015295
3003 OpenBSD-Commit-ID: 898a1e817cda9869554b1f586a434f67bcc3b650
3014 OpenBSD-Commit-ID: c0d6089b3fb725015462040cd94e23237449f0c8
3022 If child_set env was called with a NULL env pointer and a non-zero count
3035 OpenBSD-Commit-ID: 710b57ba954c139240895e23feea41f203201f04
3046 OpenBSD-Commit-ID: a01616503a185519b16f00dde25d34ceaf4ae1a3
3056 OpenBSD-Commit-ID: 37f80cb5d075ead5a00ad1b74175684ab1156ff8
3069 OpenBSD-Commit-ID: 85f7404e9d47fd28b222fbc412678f3361d2dffc
3077 since -portable no longer supports them.
3079 OpenBSD-Commit-ID: ea2893783331947cd29a67612b4e56f818f185ff
3087 versions now that -portable has dropped support for those versions.
3089 OpenBSD-Regress-ID: 82a8eacd87aec28e4aa19f17246ddde9d5ce7fe7
3122 Configure with --target instead of deprecated form.
3142 OpenBSD-Regress-ID: c077fd12a38005dd53d878c5b944154dec88d2ff
3152 OpenBSD-Commit-ID: ce5d8e0219b63cded594c17d4c2958c06918ec0d
3158 upstream: fix test: getnameinfo returns a non-zero value on error, not
3160 (neccessarily) -1. From GHPR#384
3162 OpenBSD-Commit-ID: d35e2b71268f66f5543a7ea68751972b3ae22b25
3168 upstream: scp: when copying local->remote, check that source file
3173 OpenBSD-Commit-ID: b4dd68e15bfe22ce4fac9960a1066a2b721e54fb
3300 upstream: openssh-9.3
3302 OpenBSD-Commit-ID: 8011495f2449c1029bb316bd015eab2e00509848
3312 OpenBSD-Commit-ID: f146ba08b1b43af4e0d7ad8c4dae3748b4fa31b6
3323 OpenBSD-Commit-ID: a0a97113f192a7cb1a2c97b932f677f573cda7a4
3334 OpenBSD-Commit-ID: aea023819aa44a2dcb9dd0fbec10561896fc3a09
3344 OpenBSD-Commit-ID: 50204b755f66b2ec7ac3cfe379d07d85ca161d2b
3354 OpenBSD-Commit-ID: 99d8b3da9d0be1d07ca8dd8e98800a890349e9b5
3370 OpenBSD-Commit-ID: 8212ca05d01966fb5e72205c592b2257708a2aac
3388 OpenBSD-Commit-ID: 051429dd07af8db3fec10d82cdc78d90bb051729
3396 first-match-wins. sshd_config.5 was fixed in r1.348, this is the same for
3399 OpenBSD-Commit-ID: 7be55b9351cde449b136afcc52d07aa4113b215e
3405 upstream: Remove no-op (int) > INT_MAX checks
3409 OpenBSD-Commit-ID: 9df3783b181e056595e2bb9edf7ed41d61cf8e84
3418 mkstemp created the world-writable. Wrap mkstemp to set and restore
3431 OpenBSD-Commit-ID: 19c10baa46ae559474409f75a5cb3d0eade7a9b8
3437 upstream: Re-split the merge of the reorder-hostkeys test.
3444 OpenBSD-Commit-ID: a7469f25a738db5567395d1881e32479a7ffc9de
3454 OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f
3479 OpenBSD-Commit-ID: 175f09349387c292f626da68f65f334faaa085f2
3485 upstream: ssh-pkcs11: synchronize error messages with errors
3492 OpenBSD-Commit-ID: 165a15db52f75b31e1804b043480c36af09f3411
3502 OpenBSD-Commit-ID: 7be168a570264d59e96a7d2d22e927d45fee0e4c
3518 OpenBSD-Commit-ID: fe1382e2fdf23fcae631308e72342bad56066a56
3528 OpenBSD-Commit-ID: 0ef414cc363a832f9fab92a5da0234448bce2eba
3536 Coverity CID 405048 which was a false-positive fd leak; ok dtucker@
3538 OpenBSD-Commit-ID: fc55ec2af622a017defb9b768bf26faefc792c00
3554 OpenBSD-Commit-ID: 9f9e4ba3cac003e6f81da3bcebd1b9ec43e7f353
3562 OpenBSD-Regress-ID: bdb211d80d572a08bf14b49fe2a58b9ff265c006
3572 OpenBSD-Commit-ID: cdc2d98e6478b7e7f3a36976845adae3820429d8
3582 OpenBSD-Commit-ID: 2eb017d10705bb623d4418691f961c930eafaec0
3596 OpenBSD-Commit-ID: f2f99da4aae2233cb18bf9c749320c5e040a9c7b
3604 If multiple -Ocheckpoint= options are passed, the earlier ones would
3608 OpenBSD-Commit-ID: a4d9d15f572926f841788912e2b282485ad09e8b
3618 OpenBSD-Commit-ID: 9b1aba2d049741ae21c8dc4560a7e29ab17310f4
3630 OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
3641 OpenBSD-Commit-ID: 356685bfa1fc3d81bd95722d3fc47101cc1a4972
3652 OpenBSD-Commit-ID: a50e0541cf823f8d1c72f71ccde925d3dbe6dfac
3658 upstream: Check for non-NULL before string
3662 OpenBSD-Commit-ID: 0d9b2e0cac88a311b5766b1aef737082583c285f
3668 upstream: guard against getsockname(-1, ...) from Coverity CID
3672 OpenBSD-Commit-ID: e58d5227327917d189229b7f0b37d2780f360d5f
3678 upstream: some options are not first-match-wins. Mention that there
3683 OpenBSD-Commit-ID: 3b74728446fa6fc8742769eeb8c3674e233e84c4
3693 OpenBSD-Commit-ID: b074b52bf138b75f08264e8da15880b29c7a630f
3707 OpenBSD-Commit-ID: 19fb1b53072826d00c67df677731d2f6c1dd602b
3718 OpenBSD-Commit-ID: c69c4c3152cdaab953706db4ccf4d5fd682f7d8d
3728 OpenBSD-Commit-ID: 2097c7db3cf657f1e3a6c5077041bacc63143cab
3738 OpenBSD-Regress-ID: 6cf22fda32a89c16915f31a6ed9bbdbef2a3bac9
3751 OpenBSD-Regress-ID: 9c44fb9cd418e6ff31165e7a6c1f9f11a6d19f5b
3759 OpenBSD-Regress-ID: 3823d9063127169736aa274b1784cb28e15b64d4
3771 OpenBSD-Commit-ID: 73c7ccc5d4fcc235f54c6b20767a2815408525ef
3779 before creating new ones. In -portable some platforms don't like
3782 OpenBSD-Regress-ID: 7e7ddc0beb73e945e1c4c58d51c8a125b518120f
3810 OpenBSD-Regress-ID: f802aa9e7fa51d1a01225c05fb0412d015c33e24
3820 OpenBSD-Commit-ID: 74e8d228ac00552e96e9e968dfcccf8dd1f46ad5
3830 OpenBSD-Commit-ID: fdc5287dcee0860b5a493186414226c655b0eb0a
3840 OpenBSD-Commit-ID: de28476025db29820a9a2e56e98b964d8a02861c
3906 OpenBSD-Commit-ID: f4affee067cec7c182f3e0b307d758e0472762a3
3919 OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137
3957 upstream: Remove now-unused compat bit SSH_BUG_RSASIGMD5. The code
3962 OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda
3968 upstream: Remove now-unused compat bit SSH_BUG_BIGENDIANAES. This
3973 OpenBSD-Commit-ID: 326426ea328707fc9e83305291ab135c87f678af
3995 OpenBSD-Commit-ID: b92c21f56fe4b7f9a54790d6a9650725c226820b
4006 OpenBSD-Commit-ID: ea13318b1937795d9db4790d3ce0a6ed01584dab
4014 OpenBSD-Commit-ID: 6141610cfca037700730e41f868d1d9124958f8c
4022 OpenBSD-Commit-ID: abc95e550be9e6d9a7ff64b65c104c7be21ab19e
4030 OpenBSD-Commit-ID: dacd9da33277d5669a51213d880632599c890c1e
4046 upstream: test -Ohashalg=... and that the default output contains both
4050 OpenBSD-Regress-ID: 26f309208c8d8b8fa9c5f419767b85f1e9b22f51
4056 upstream: let ssh-keygen and ssh-keyscan accept
4058 -Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm
4061 OpenBSD-Commit-ID: e6e07fe21318a873bd877f333e189eb963a11b3d
4067 upstream: add a `sshd -G` option that parses and prints the
4075 OpenBSD-Commit-ID: 774504f629023fc25a559ab1d95401adb3a7fb29
4081 upstream: make `ssh -Q CASignatureAlgorithms` work as the manpage says
4085 OpenBSD-Commit-ID: 0ddb17b3fcbd99bfb5baea4ac5e449620cbd3adc
4099 OpenBSD-Regress-ID: 5fc3010ac450195b3fbdeb68e875564968800365
4105 upstream: ssh-agent doesn't actually take -v,
4107 so the recently-added ones will result in the test not cleaning up
4110 OpenBSD-Regress-ID: 1fc8283568f5bf2f918517c2c1e778072cf61b1a
4121 OpenBSD-Commit-ID: fa8d90698da1886570512b96f051e266eac105e0
4140 Similarly, the sandboxed process in sshd is a single-threaded program
4147 in nearby Linux kernel code, e.g. CVE-2020-29368, CVE-2020-29374 and
4148 CVE-2022-42703.
4176 OpenBSD-Regress-ID: 0e404ee264db546f9fdbf53390689ab5f8d38bf2
4187 OpenBSD-Regress-ID: 731b96ae74d02d5744e1f1a8e51d09877ffd9b6d
4193 upstream: openssh-9.2
4195 OpenBSD-Commit-ID: f7389f32413c74d6e2055f05cf65e7082de03923
4201 upstream: fix double-free caused by compat_kex_proposal(); bz3522
4205 OpenBSD-Commit-ID: 2bfc37cd2d41f67dad64c17a64cf2cd3806a5c80
4211 Skip connection-timeout test on minix3.
4214 skip connection-timeout test on that platform. While there, group
4221 fix libfido2 detection without pkg-config
4232 OpenBSD-Commit-ID: e1dc11143f83082e3154d6094f9136d0dc2637ad
4242 binary is tested with the new sshd -V option before installation. As the
4243 binary layout is now semi-unknown (meaning relative, fixed, and gadget
4248 OpenBSD-Commit-ID: 1e0a2692b7e20b126dda60bf04999d1d30d959d8
4256 OpenBSD-Commit-ID: df71ce4180c58202dfdc1d92626cfe900b91b7c3
4262 Skip connection-timeout test under Valgrind.
4271 Skip connection-timeout when missing FD passing.
4280 upstream: when restoring non-blocking mode to stdio fds, restore
4287 OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
4293 upstream: Add a -V (version) option to sshd like the ssh client
4297 OpenBSD-Commit-ID: abe990ec3e636fb040132aab8cbbede98f0c413e
4303 upstream: For "ssh -V" always exit 0, there is no need to check opt
4308 OpenBSD-Commit-ID: 5583e5d8f6d62a8a4215cfa95a69932f344c8120
4318 OpenBSD-Regress-ID: 55c0fb61f3bf9e092b0a53f9041d3d2012f14003
4326 OpenBSD-Regress-ID: 7f29001374a68e71e5e078f69e4520cf4bcca084
4336 OpenBSD-Regress-ID: 3750ec98d5d409ce6a93406fedde6f220d2ea2ac
4345 complements the recently-added ChannelTimeout option that terminates inactive
4350 OpenBSD-Commit-ID: ca983be74c0350364c11f8ba3bd692f6f24f5da9
4358 OpenBSD-Regress-ID: 4b3e7ba7ee486ae8a0b4790f8112eded2bb7dcd5
4372 OpenBSD-Commit-ID: 1bc0fd624cb6af440905b8ba74ac7c03311b8e3b
4389 OpenBSD-Regress-ID: 6696b2eeefe128099fc3d7ea9f23252cc35156f9
4395 upstream: Instead of skipping the all-tokens test if we don't have
4400 OpenBSD-Regress-ID: c79ecba64250ed3b6417294b6c965e6b12ca5eea
4408 OpenBSD-Commit-ID: 671e6c8dc5e9230518b2bbfa143daaa88adc66c2
4416 OpenBSD-Commit-ID: f695742d39e34ecdcc3c861c3739a84648a4bce5
4434 commit to add scp to the test sshd's path causes the t-envpass test to fail
4438 OpenBSD-Regress-ID: 7533dc1c4265c1de716abb062957994195b36df4
4447 PATH) then add its path to the under-test sshd's PATH so we can find
4450 OpenBSD-Regress-ID: 7df4f5a0be3aa135495b7e5a6719d3cbc26cc4c0
4466 upstream: Add a "Host" line to the output of ssh -G showing the
4471 OpenBSD-Commit-ID: 59c0f60a222113a44d0650cd394376e3beecc883
4479 -oUserKnownHostsFile=none and a hostkey in one of the system known hosts file
4482 OpenBSD-Commit-ID: 7ca87614bfc6da491315536a7f2301434a9fe614
4492 OpenBSD-Commit-ID: c4965f62fa0ba850940fd66ae3f60cf516bbcd56
4502 OpenBSD-Commit-ID: c5b023e0954693ba9a5376e4280c739b5db575f8
4510 OpenBSD-Commit-ID: 1ec524ff2fbb9387d731601437c82008f35a60f4
4519 Github integration tests for openssh-portable
4521 OpenBSD-Regress-ID: 5451cad59ba0d43ae9eeda48ec80f54405fee969
4547 communication with it's ssh sub-processes. We no longer need to reserve two
4548 descriptors to ensure that we don't end up using fd 0-2 unexpectedly, that is
4552 OpenBSD-Commit-ID: b80c372faac462471e955ddeab9480d668a2e48d
4560 OpenBSD-Commit-ID: 229c493452766d70a78b0f02f6ff9894f9028858
4566 try to improve logging for dynamic-forward test
4576 Skip dynamic-forward test on minix3.
4596 OpenBSD-Regress-ID: 49a375b2cf61ccb95b52e75e2e025cd10988ebb2
4602 Use our own netcat for dynamic-forward test.
4605 second-guess the behaviour of various netcat implementations.
4636 OpenBSD-Regress-ID: 109e40b06de1c006a3b8e0d8745b790b2c5870a0
4644 OpenBSD-Regress-ID: 280bfbefcfa415428ad744e43f69a8dede8ad685
4652 OpenBSD-Regress-ID: 0497cdb66e003b2f50ed77291a9104fba2e017e9
4660 OpenBSD-Regress-ID: 01f8fb12d08e5aaadd4bd4e71f456b6588be9a94
4672 OpenBSD-Regress-ID: 86e2aa4bbd1dff1bc4ebb2969c0d6474485be046
4706 OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
4720 OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
4733 OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
4747 usual state-machine logic). So this adds an extra "force" argument to the
4752 OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
4762 OpenBSD-Commit-ID: c5ec4f2d52684cdb788cd9cbc1bcf89464014be2
4772 OpenBSD-Commit-ID: 3335268ca135b3ec15a947547d7cfbb8ff929ead
4780 OpenBSD-Commit-ID: 8a3ab7176764da55f60bfacfeae9b82d84e3908f
4788 OpenBSD-Regress-ID: 8271aafbf5c21950cd5bf966f08e585cebfe630c
4800 OpenBSD-Commit-ID: c5678a39f1ff79993d5ae3cfac5746a4ae148ea5
4810 OpenBSD-Commit-ID: d776dd03d0b882ca9c83b84f6b384f6f9bd7de4a
4820 OpenBSD-Commit-ID: 9dfe04966f52e941966b46c7a2972147f95281b3
4837 OpenBSD-Commit-ID: 77078c0b1c53c780269fc0c416f121d05e3010ae
4843 upstream: add -X to usage();
4845 OpenBSD-Commit-ID: 1bdc3df7de11d766587b0428318336dbffe4a9d0
4851 upstream: add a -X option to both scp(1) and sftp(1) to allow
4857 Previously these could be controlled in sftp(1) using the -b/-R options.
4863 OpenBSD-Commit-ID: 27502bffc589776f5da1f31df8cb51abe9a15f1c
4876 OpenBSD-Commit-ID: 65b9a49a68e22ff3a0ebd593f363e9f22dd73fea
4918 obsdsnap test VMs runs-on libvirt too.
4946 OpenBSD-Commit-ID: 2a0a13132000cf8d3593133c1b49768aa3c95977
4958 OpenBSD-Commit-ID: 46ff67518cccf9caf47e06393e2a121ee5aa258a
4966 userspace: remove vestigial '?' cases from top-level getopt(3) loops
4975 Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2
4979 OpenBSD-Commit-ID: b2f89346538ce4f5b33ab8011a23e0626a67e66e
4987 OpenBSD-Regress-ID: 3b04faced6511bb5e74648c6a4ef4bf2c4decf03
5003 Reported by Peter sec-openssh-com.22.fichtner AT 0sg.net
5007 Date: Tue Nov 29 15:12:54 2022 -0500
5027 OpenBSD-Commit-ID: b9186638a05cb8b56ef7c0de521922b6723644ea
5037 OpenBSD-Commit-ID: c7a3d77c0b8c153d463398606a8d57569186a0c3
5043 Restore ssh-agent permissions on exit.
5045 ...enough that subsequent builds can overwrite ssh-agent if necessary.
5051 upstream: Clean up ssh-add and ssh-agent logs.
5053 OpenBSD-Regress-ID: 9eda8e4c3714d7f943ab2e73ed58a233bd29cd2c
5059 upstream: Log output of ssh-agent and ssh-add
5063 OpenBSD-Regress-ID: 5974b02651f428d7e1079b41304c498ca7e306c8
5071 OpenBSD-Commit-ID: 7e964a641ce4a0a0a11f047953b29929d7a4b866
5081 OpenBSD-Commit-ID: aecf4d49d28586dfbcc74328d9333398fef9eb58
5095 OpenBSD-Commit-ID: 7e277595d60acb8263118dcb66554472257b387a
5106 OpenBSD-Commit-ID: 4aef50fa9be7c0b138188814c8fe3dccc196f61e
5112 Use -fzero-call-used-regs=used on clang 15.
5114 clang 15 seems to have a problem with -fzero-call-used-reg=all which
5116 versions, use -fzero-call-used-regs=used instead. (We may add exceptions
5137 - multiple tests that ran on the same target (eg multiple build
5139 - it needed manual balancing of VMs over host machines.
5144 and VMs with persistent disks (eg the constantly-updated snapshot ones)
5155 This will allow us to create ephemeral disk images per-runner.
5185 Remove unused self-hosted test targets.
5225 -R processing. bz#3499, ok djm@
5227 OpenBSD-Commit-ID: 194ee4cfe7ed0e2b8ad0727f493c798a50454208
5235 This was added for the benefit of platforms using ssh-rand-helper to
5238 ssh-random-helper is long gone, and since the re-exec happens before the
5239 chroot the re-execed sshd can reseed itself normally. ok djm@
5258 OpenBSD-Commit-ID: 8a0c164a6a25eef0eedfc30df95bfa27644e35cf
5268 OpenBSD-Commit-ID: fc28466ebc7b74e0072331947a89bdd239c160d3
5277 "hostkeys-prove00@openssh.com" message; no functional change
5279 OpenBSD-Commit-ID: 31e09bd3cca6eed26855b88fb8beed18e9bd026d
5287 OpenBSD-Commit-ID: 39c58f41e0f32d1ff31731fa6f5bbbc3ad25084a
5340 Add valrind-5 test here too.
5348 Update actions/checkout and actions/upload-artifact to main branch for
5363 specify a public key file, as documented in ssh.1 for the -i option. Document
5367 OpenBSD-Commit-ID: 2f943be9f96e60ef81a9a4faa25b009999f9883b
5375 in -portable by clang 16's -Wunused-but-set-variable. ok djm@
5377 OpenBSD-Commit-ID: 3d943ddf2369b38fbf89f5f19728e7dc1daf3982
5388 OpenBSD-Commit-ID: d79c2b7a8601eb9be493629a91245d761154308b
5400 OpenBSD-Commit-ID: 6269242c3e1a130b47c92cfca4d661df15f05739
5412 Branch-specific links for master status badges.
5452 OpenBSD-Commit-ID: b0e54ee4d703bd6929bbc624068666a7a42ecb1f
5458 upstream: Fix typo. From pablomh via -portable github PR#344.
5460 OpenBSD-Commit-ID: d056ee2e73691dc3ecdb44a6de68e6b88cd93827
5466 Link to branch-specific queries for V_9_1 status.
5472 Use "prohibit-password" in -portable comments.
5474 "without-password" is the deprecated alias for "prohibit-password",
5491 Fix setres*id checks to work with clang-16.
5502 configure.ac: Fix -Wstrict-prototypes
5505 just be future proof. It also reduces noise when doing general
5508 Signed-off-by: Sam James <sam@gentoo.org>
5516 Another Clang 16ish fix (which makes -Wimplicit-function-declaration
5532 Don't run openbsd-compat tests on Cygwin.
5534 Add "compat-tests" to the default TEST_TARGET so we can override as
5542 upstream: replace recently-added valid_domain() check for hostnames
5547 OpenBSD-Commit-ID: 10b86dc6a4b206adaa0c11b58b6d5933898d43e0
5567 Fix compat regress to work with non-GNU make.
5639 instead of unconditionally specifying "-rN". This will make life easier
5640 in -portable where not all diff's understand -N.
5642 OpenBSD-Regress-ID: 8b8a407115546be1c6d72d350b1e4f1f960d3cd3
5660 OpenBSD-Commit-ID: 99eec58abe382ecd14b14043b195ee1babb9cf6e
5666 upstream: allow ssh-keyscan(1) to accept CIDR address ranges, e.g.
5668 ssh-keyscan 192.168.0.0/24
5671 addresses in the range including the all-0s and all-1s addresses.
5675 OpenBSD-Commit-ID: ce6c5211f936ac0053fd4a2ddb415277931e6c4b
5691 OpenBSD-Commit-ID: f5ca6932fdaf840a5e8250becb38315a29b5fc9f
5701 OpenBSD-Commit-ID: 61e0fe989897901294efe7c3b6d670cefaf44cbd
5711 OpenBSD-Commit-ID: 35d742992e223eaca3537e6fb3d3002c08eed4f6
5721 OpenBSD-Commit-ID: 368e662c128c99d05cc043b1308d2b6c71a4d3cc
5731 OpenBSD-Commit-ID: 1f46c0cbb8060ee9666a02749594ad6658c8e283
5741 OpenBSD-Commit-ID: e5dbe7a3545930c50f70ee75c867a1e08b382b53
5751 OpenBSD-Commit-ID: 5b4211bff4de8d9adb84bc72857a8c42c44e7ceb
5761 OpenBSD-Commit-ID: 0d93b7a56e31cd06a8bb0d2191d084ce254b0971
5771 OpenBSD-Commit-ID: a3570c4b97290c5662890aea7328d87f55939033
5781 OpenBSD-Commit-ID: 1368ba114cb37732fe6ec3d89c7e6d27ea6fdc94
5789 Move keytype data and some of the type-specific code (allocation,
5791 commits will move more, with the goal of having each key-*.c file
5796 OpenBSD-Commit-ID: 0f2b4334f73914344e9e5b3d33522d41762a57ec
5808 OpenBSD-Commit-ID: ba9b25fa8b5490b49398471e0c9657b0cbc7a5ad
5818 OpenBSD-Regress-ID: 0cc5cc9ea4a6fd170dc61b9212f15badaafb3bbd
5835 OpenBSD-Commit-ID: d8a3773f53015ba811fddba7473769a2fd343e11
5843 OpenBSD-Commit-ID: d6c882c2e8a42ff831a5b3cbc2c961ecb2dd6143
5849 upstream: ssh-agent.1: - use Nm not Xr for self-ref - while here,
5853 ssh-agent.c:
5854 - add -O to usage()
5856 OpenBSD-Commit-ID: 855dac4695cef22e96d69c53436496bc408ca389
5862 upstream: document "-O no-restrict-websafe"; spotted by Ross L
5866 OpenBSD-Commit-ID: fe9eaa50237693a14ebe5b5614bf32a02145fe8b
5895 Clang 15 -Wimplicit-int defaults to an error in C99 mode and above.
5903 skip bsd-poll.h if poll.h found; ok dtucker
5913 OpenBSD-Commit-ID: fe1b9e15fc9a4f49fc338e848ce14d8727abe82d
5954 remove mention of --with-security-key-builtin
5980 upstream: openssh-9.1
5982 OpenBSD-Commit-ID: 5a467b2ee81da01a86adf1ad93b62b1728494e56
5990 OpenBSD-Commit-ID: a134c9b4039e48803fc6a87f955b0f4a03181497
5998 -o; spotted by jmc@
6000 OpenBSD-Commit-ID: fe871408cf6f9d3699afeda876f8adbac86a035e
6014 avoid Wuninitialized false positive in gcc-12ish
6020 upstream: use users-groups-by-id@openssh.com sftp-server extension
6023 Implement a client-side cache of see uid/gid=>user/group names. ok markus@
6025 OpenBSD-Commit-ID: f239aeeadfa925a37ceee36ee8b256b8ccf4466e
6033 users-groups-by-id@openssh.com; ok markus@
6035 OpenBSD-Commit-ID: ddb2f33a2da6349a9a89a8b5bcb9ca7c999394de
6041 upstream: extend sftp-common.c:extend ls_file() to support supplied
6045 OpenBSD-Commit-ID: c70c70498b1fdcf158531117e405b6245863bfb0
6051 upstream: sftp-server(8): add a "users-groups-by-id@openssh.com"
6061 OpenBSD-Commit-ID: 7ebabde0bcb95ef949c4840fe89e697e30df47d3
6069 OpenBSD-Commit-ID: d16a307a0711499c971807f324484ed3a6036640
6077 beneath this limit will be ignored for user and host-based authentication.
6081 OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
6096 OpenBSD-Commit-ID: 430e339b2a79fa9ecc63f2837b06fdd88a7da13a
6106 OpenBSD-Commit-ID: de77cd5b11594297eda82edc594b0d32b8535134
6112 upstream: actually hook up restrict_websafe; the command-line flag
6116 OpenBSD-Commit-ID: 0b363518ac4c2819dbaa3dfad4028633ab9cdff1
6124 OpenBSD-Commit-ID: 780efcbad76281f11f14b2a5ff04eb6db3dfdad4
6143 OpenBSD-Commit-ID: 1396d921c4eb1befd531f5c4a8ab47e7a74b610b
6151 non-existent commands
6153 If user entered a non-existent command (e.g. because they made a
6159 OpenBSD-Commit-ID: cf39c811a68cde2aeb98fc85addea4000ef6b07a
6176 OpenBSD-Commit-ID: 684517608c8491503bf80cd175425f0178d91d7f
6184 OpenBSD-Commit-ID: edf1601c1d0905f6da4c713f4d9cecc7d1c0295a
6190 upstream: ssh-agent: attempt FIDO key signing without PIN and use
6195 OpenBSD-Commit-ID: dd6be6a0b7148608e834ee737c3479b3270b00dd
6201 upstream: .Li -> .Vt where appropriate; from josiah frentsos,
6207 OpenBSD-Commit-ID: 565046e3ce68b46c2f440a93d67c2a92726de8ed
6215 OpenBSD-Commit-ID: 6765daefe26a6b648cc15cadbbe337596af709b7
6225 OpenBSD-Commit-ID: ade2f2e9cc519d01a586800c25621d910bce384a
6231 openbsd-compat/bsd-asprintf: add <stdio.h> include for vsnprintf
6235 …-asprintf.c:51:8: error: call to undeclared library function 'vsnprintf' with type 'int (char *, u…
6237 implicit function declarations [-Wimplicit-function-declaration]
6240 …bsd-asprintf.c:51:8: note: include the header <stdio.h> or explicitly provide a declaration for 'v…
6256 This brings us up to current, including djm's random-reseeding change,
6258 platform-specific hooks from LibreSSL Portable, simplified to match our
6284 upstream: sk-usbhid: fix key_lookup() on tokens with built-in UV
6286 explicitly test whether the token performs built-in UV (e.g. biometric
6289 OpenBSD-Commit-ID: 007eb7e387d27cf3029ab06b88224e03eca62ccd
6295 Move sftp from valgrind-2 to 3 to rebalance.
6303 OpenBSD-Commit-ID: c2bcbf93610d3d62ed206cdf9bf9ff98c6aaf232
6315 cross-sign allowed_signers with PGP key
6325 Add libcrypt-devel to cygwin-release deps.
6339 Add cygwin-release test target.
6351 OpenBSD-Commit-ID: a5d015efbfd228dc598ffdef612d2da3a579e5d8
6359 OpenBSD-Commit-ID: d297e4387935d4aef091c5e9432578c2e513f538
6382 OpenBSD-Commit-ID: 4f752aaf9f2e7c28bcaaf3d4f8fc290131bd038e
6392 OpenBSD-Commit-ID: 4cab364d518470e29e624af3d3f9ffa9c92b6f01
6400 ssh-keyscan and prevent a one-byte buffer overflow. Patch from Qualys, ok
6403 OpenBSD-Commit-ID: 6ae664f9f4db6e8a0589425f74cd0bbf3aeef4e4
6421 Add Cygwin (on windows-2019) test target.
6433 OpenBSD-Commit-ID: 39f35e16ba878c8d02b4d01d8826d9b321be26d4
6439 Check for perms to run agent-getpeereid test.
6442 running ssh-add during the agent-getpeereid test. Check for this and
6465 OpenBSD-Commit-ID: 432c8ff70e270378df9dbceb9bdeaa5b43b5a832
6473 OpenBSD-Commit-ID: 7f80a53d54857ac6ae49ea6ad93c5bd12231d1e4
6486 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6497 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6503 upstream: sftp-server: support home-directory request
6505 Add support to the sftp-server for the home-directory extension defined
6506 in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the
6507 existing expand-path@openssh.com, but uses a more official protocol name,
6508 and so is a bit more likely to be implemented by non-OpenSSH clients.
6512 OpenBSD-Commit-ID: bfc580d05cc0c817831ae7ecbac4a481c23566ab
6518 Replace deprecated ubuntu-18.04 runners with 22.04
6540 Valgrind doesn't let ssh exec ssh-keysign (because it's setuid) so skip
6555 OpenBSD-Regress-ID: ea07ca31c2f3847a38df028ca632763ae44e8759
6563 times and authorized_keys expiry-time options to accept dates in the UTC time
6569 seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
6571 ssh-keygen as part of a CA workflow.
6575 OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13
6633 OpenBSD-Commit-ID: bd5342ffc353ee37d39617906867c305564d1ce2
6643 between keys created with or without "-O verify-required".
6647 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6659 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6667 Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
6690 upstream: avoid double-free in error path introduced in r1.70; report
6692 and fix based on GHPR#332 by v-rzh ok dtucker@
6694 OpenBSD-Commit-ID: 3d21aa127b1f37cfc5bdc21461db369a663a951f
6706 Move stale-configure check as early as possible.
6719 This will result in sftp, sftp-server and scp no longer being linked
6726 Remove seed_rng calls from scp, sftp, sftp-server.
6744 Do not link scp, sftp and sftp-server w/ zlib.
6746 Some of our binaries (eg sftp, sftp-server, scp) do not interact with
6756 Remove workarounds for OpenSSL missing AES-CTR.
6767 Remove workarounds for OpenSSL missing AES-GCM.
6780 OpenBSD-Regress-ID: 38783f9676ec348c5a792caecee9a16e354b37b0
6788 executable. No-op on most platforms but should prevent warnings in -portable
6791 OpenBSD-Regress-ID: e39d79867b8065e33d0c5926fa1a31f85659d2a4
6810 scp -3 ends up using the scp that's in the remote path and will fail if
6817 crank SSH_SK_VERSION_MAJOR in sk-dummy.so
6823 upstream: ssh-keygen: fix touch prompt, pin retries;
6827 OpenBSD-Commit-ID: 75d1005bd2ef8f29fa834c90d2684e73556fffe8
6833 upstream: sk-usbhid: preserve error code returned by key_lookup()
6839 OpenBSD-Commit-ID: c0647eb9290f793add363d81378439b273756c1b
6852 NB. cranks SSH_SK_VERSION_MAJOR, so any third-party FIDO middleware
6855 OpenBSD-Commit-ID: e45e9f1bf2b2f32d9850669e7a8dbd64acc5fca4
6865 OpenBSD-Commit-ID: bf34f76b8283cc1d3f54633e0d4f13613d87bb2f
6924 README.platform has general platform-specific information, having it
6935 prefix the "configure --help" example command with a "./" so it's likely
6936 to work as-is in more shells. From bz#3461.
6946 supporting md5-style passwords).
6974 OpenSSL has a potential RCE in its RSA implementation (CVE-2022-2274)
6987 Test against openssl-3.0.5.
6995 - remove clang-sanitize-memory for now. It takes so long that the test
6997 - add gcc sanitize-address and sanitize-undefined test targets.
7018 skip those on a re-run.
7020 OpenBSD-Regress-ID: a7570dd29a58df59f2cca647c3c2ec989b49f247
7055 OpenBSD-Commit-ID: 460e2290875d7ae64971a7e669c244b1d1c0ae2e
7065 OpenBSD-Commit-ID: 3de33572733ee7fcfd7db33d37db23d2280254f0
7084 OpenBSD-Commit-ID: e79aa550d91ade6a80f081bda689da24c086d66b
7095 This is a roll-forward of the previous rollback now that the required
7098 OpenBSD-Commit-ID: c7cd93730b3b9f53cdad3ae32462922834ef73eb
7109 OpenBSD-Commit-ID: 9171616da3307612d0ede086fd511142f91246e4
7120 OpenBSD-Commit-ID: 63d8e13276869eebac6d7a05d5a96307f9026e47
7126 upstream: reflect the update to -D arg name in usage();
7128 OpenBSD-Commit-ID: abdcde4f92b1ef094ae44210ee99d3b0155aad9c
7140 upstream: allow arguments to sftp -D option, e.g. sftp -D
7142 "/usr/libexec/sftp-server -el debug3"
7146 OpenBSD-Commit-ID: 5a002b9f3a7aef2731fc0ffa9c921cf15f38ecce
7157 OpenBSD-Commit-ID: 1c7a88a0d5033f42f88ab9bec58ef1cf72c81ad0
7168 OpenBSD-Commit-ID: b2f6e5f60f2bba293b831654328a8a0035ef4a1b
7176 Prevents us from trying to link them into ssh-sk-helper and failing to
7207 OpenBSD-Commit-ID: d180a905fec9ff418a75c07bb96ea41c9308c3f9
7219 OpenBSD-Commit-ID: e384c4e05d5521e7866b3d53ca59acd2a86eef99
7229 OpenBSD-Commit-ID: 4c54d20a8e8e4e9912c38a7b4ef5bfc5ca2e05c2
7237 connection. bz#3447, from vincent-openssh at vinc17 net, ok djm@
7239 OpenBSD-Commit-ID: 9d59f19872b94900a5c79da2d57850241ac5df94
7245 automatically enable built-in FIDO support
7247 If libfido2 is found and usable, then enable the built-in
7248 security key support unless --without-security-key-builtin
7270 OpenBSD-Commit-ID: a089870b95101cd8881a2dff65b2f1627d13e88d
7278 auth2-pubkeyfile.c too; they make more sense there.
7280 OpenBSD-Commit-ID: 9970d99f900e1117fdaab13e9e910a621b7c60ee
7286 upstream: test setenv in both client and server, test first-match-wins
7290 OpenBSD-Regress-ID: 4c8804f9db38a02db480b9923317457b377fe34b
7296 upstream: Make SetEnv directives first-match-wins in both
7305 OpenBSD-Commit-ID: 797909c1e0262c0d00e09280459d7ab00f18273b
7311 upstream: Add missing *-sk types to ssh-keyscan manpage. From
7315 OpenBSD-Commit-ID: fda2c869cdb871f3c90a89fb3f985370bb5d25c0
7325 OpenBSD-Commit-ID: bd60809803c4bfd3ebb7c5c4d918b10e275266f2
7331 upstream: ssh-keygen -A: do not generate DSA keys by default.
7336 OpenBSD-Commit-ID: 5c4c57bdd7063ff03381cfb6696659dd3f9f5b9f
7342 upstream: ssh-keygen: implement "verify-required" certificate option.
7344 This was already documented when support for user-verified FIDO
7345 keys was added, but the ssh-keygen(1) code was missing.
7349 OpenBSD-Commit-ID: f660f973391b593fea4b7b25913c9a15c3eb8a06
7359 OpenBSD-Commit-ID: f146a19d7d5c9374c3b9c520da43b2732d7d1a4e
7385 mostly redundant to authopt_fuzz, but it's sensitive code so IMO it
7392 upstream: split the low-level file handling functions out from
7394 auth2-pubkey.c
7396 Put them in a new auth2-pubkeyfile.c to make it easier to refer to them
7402 OpenBSD-Commit-ID: 3fdca2c61ad97dc1b8d4a7346816f83dc4ce2217
7410 remove "struct ssh *" from arguments - this was only used to pass the
7416 OpenBSD-Commit-ID: 9d4373d013edc4cc4b5c21a599e1837ac31dda0d
7429 OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
7435 upstream: Avoid kill with -1 argument. The out_ctx label can be
7437 reached before fork has been called. If this happens, then kill -1 would be
7442 OpenBSD-Commit-ID: 6277af1207d81202f5daffdccfeeaed4c763b1a8
7452 OpenBSD-Commit-ID: 7115ac351b129205f1f1ffa6bbfd62abd76be7c5
7460 OpenBSD-Commit-ID: 457c79afaca2f89ec2606405c1059b98b30d8b0d
7470 OpenBSD-Commit-ID: 10298513ee32db8390aecb0397d782d68cb14318
7474 Date: Tue May 24 10:21:25 2022 -0700
7484 upstream: regress test for in-place transfers and clobbering larger
7488 OpenBSD-Regress-ID: 19de4e88dd3a4f7e5c1618c9be3c32415bd93bc2
7494 upstream: Only run agent-ptrace.sh if gdb is available as all
7498 OpenBSD-Regress-ID: ec53e928803e6b87f9ac142d38888ca79a45348d
7504 upstream: fix in-place copies; r1.163 incorrectly skipped truncation in
7509 OpenBSD-Commit-ID: b189f19cd68119548c8e24e39c79f61e115bf92c
7525 OpenBSD-Commit-ID: ca39fdd39e0ec1466b9666f15cbcfddea6aaa179
7531 upstream: Remove errant apostrophe. From haruyama at queen-ml org.
7533 OpenBSD-Commit-ID: dc6b294567cb84b384ad6ced9ca469f2bbf0bd10
7539 upstream: Allow existing -U (use agent) flag to work with "-Y sign"
7544 OpenBSD-Commit-ID: a7bc69873b99c32c42c7628ed9ea91565ba08c2f
7550 upstream: improve error message when 'ssh-keygen -Y sign' is unable to
7554 OpenBSD-Commit-ID: bb57b285e67bea536ef81b1055467be2fc380e74
7562 bcrypt_pbkdf.o is duplicated in the openbsd-compat Makefile's object
7580 OpenBSD-Commit-ID: 4f647f58482cbad3d58b1eab7f6a1691433deeef
7611 OpenBSD-Commit-ID: 876884c3f0e62e8fd8d1594bab06900f971c9c85
7622 OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
7630 OpenBSD-Commit-ID: 69a1a93a55986c7c2ad9f733c093b46a47184341
7636 upstream: make sure stdout is non-blocking; ok djm@
7638 OpenBSD-Commit-ID: 64940fffbd1b882eda2d7c8c7a43c79368309c0d
7647 to fit the man page. Then move the -O bits into the new section as is already
7649 trade-offs of resident keys. While here, consistently refer to the FIDO
7654 OpenBSD-Commit-ID: dd98748d7644df048f78dcf793b3b63db9ab1d25
7665 OpenBSD-Commit-ID: db2c89879c29bf083df996bd830abfb1e70d62bf
7676 OpenBSD-Commit-ID: 81cbc6dd3a21c57bd6fadea10e44afe37bca558e
7684 specifying a mask length; allow only 0-9. From khaleesicodes via GHPR#278; ok
7687 OpenBSD-Commit-ID: e267746c047ea86665cdeccef795a8a56082eeb2
7707 Remove now-empty int32_minmax.inc.
7713 upstream: mention that the helpers are used by ssh(1), ssh-agent(1)
7715 and ssh-keygen(1). Previously only ssh(1) was mentioned. From Pedro
7718 OpenBSD-Commit-ID: 30f880f989d4b329589c1c404315685960a5f153
7728 OpenBSD-Commit-ID: 17d11327545022e727d95fd08b213171c5a4585d
7734 upstream: fix memleak on session-bind path; from Pedro Martelletto, ok
7738 OpenBSD-Commit-ID: e85899a26ba402b4c0717b531317e8fc258f0a7e
7746 OpenBSD-Commit-ID: 9d24671e10a84141b7c504396cabad600e47a941
7754 OpenBSD-Commit-ID: f735a17d1a6f2bee63bfc609d76ef8db8c090890
7764 OpenBSD-Commit-ID: af0315bc3e44aa406daa7e0ae7c2d719a974483f
7774 OpenBSD-Commit-ID: a6debb5fb0c8a44e43e8d5ca7cc70ad2f3ea31c3
7783 files, ssh-xmss.c does not include xmss_commons.h so ssh-xmss.c must include
7786 OpenBSD-Commit-ID: 70e28a9818cee3da1be2ef6503d4b396dd421e6b
7796 options->send_env. From Martin Vahlensieck
7798 OpenBSD-Commit-ID: 2c9db31e3f4d3403b49642c64ee048b2a0a39351
7804 Add debian-riscv64 test target.
7838 OpenBSD-Regress-ID: 8246f00f22b14e49d2ff1744c94897ead33d457b
7844 upstream: Use ssh -f and ControlPersist ..
7846 to start up test forwards and ssh -O stop to shut them down intead of
7849 OpenBSD-Regress-ID: eb3db5f805100919b092a3b2579c611fba3e83e7
7855 upstream: Simplify forward-control test.
7858 commands on the other end of the connection and can use ssh -N instead.
7861 OpenBSD-Regress-ID: 32e94ce272820cc398f30b848b2b0f080d10302c
7869 OpenBSD-Regress-ID: c96bea9edde3a384b254785e7f9b2b24a81cdf82
7877 OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
7886 should make ~-escapes work in the client (e.g. to exit) if the connection
7889 OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
7897 OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
7908 OpenBSD-Commit-ID: 24e1795ed2283fdeacf16413c2f07503bcdebb31
7918 OpenBSD-Commit-ID: 9b7784f054fa5aa4d63cb36bd563889477127215
7927 1.19: ssh-keygen's -G/-T have been replaced with -M generate/screen.
7947 OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
7953 upstream: Note that curve25519-sha256 was later published in
7957 OpenBSD-Commit-ID: 2ac2b5d642d4cf5918eaec8653cad9a4460b2743
7965 enforce stricter invarient for sshbuf_set_parent() - never allow
7966 a buffer to have a previously-set parent changed.
7971 OpenBSD-Commit-ID: 14583203aa5d50ad38d2e209ae10abaf8955e6a9
7977 Revert "update build-aux files to match autoconf-2.71"
7981 It turns out that the checked-in copies of these files are actually newer
7982 than autoconf-2.71's copies, so this was effectively a downgrade.
7989 update build-aux files to match autoconf-2.71
7991 i.e. config.guess, config.sub and install-sh
8003 upstream: openssh-9.0
8005 OpenBSD-Commit-ID: 0dfb461188f4513ec024c1534da8c1ce14c20b64
8011 upstream: ssh: document sntrup761x25519-sha512@openssh.com as
8015 OpenBSD-Commit-ID: 12545bfa10bcbf552d04d9d9520d0f4e98b0e171
8030 OpenBSD-Commit-ID: 9520801729bebcb3c9fe43ad7f9776ab4dd05ea3
8044 The system shells cause the agent-restrict test to fail due to some
8084 This should improve compatibility for users with non-POSIX shells. If
8085 using Makefile.in directly (eg make -f Makefile.in distprep) then SHELL
8105 upstream: add a sftp client "cp" command that supports server-side
8107 copying of files. Useful for this task and for testing the copy-data
8110 OpenBSD-Commit-ID: 1bb1b950af0d49f0d5425b1f267e197aa1b57444
8116 upstream: add support for the "corp-data" protocol extension to
8118 allow server-side copies to be performed without having to go via the client.
8121 OpenBSD-Commit-ID: 00aa510940fedd66dab1843b58682de4eb7156d5
8127 upstream: select post-quantum KEX
8129 sntrup761x25519-sha512@openssh.com as the default; ok markus@
8131 OpenBSD-Commit-ID: f02d99cbfce22dffec2e2ab1b60905fbddf48fb9
8142 OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
8152 OpenBSD-Commit-ID: 48d38cef59d6bc8e84c6c066f6d601875d3253fd
8158 upstream: avoid NULL deref via ssh-keygen -Y find-principals.
8162 OpenBSD-Commit-ID: a3b2c02438052ee858e0ee18e5a288586b5df2c5
8185 This means they'll still work when the combination of -portable and
8192 Remove now-unused passwd variable.
8204 Factor out platform-specific locked account check.
8224 OpenBSD-Commit-ID: fddc32d74e5dd5cff1a49ddd6297b0867eae56a6
8238 OpenBSD-Commit-ID: 15f86da83176978b4d1d288caa24c766dfa2983d
8246 re-exec path - we're never going to use the result and if the operation fails
8250 OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
8258 OpenBSD-Commit-ID: d5e0182965b2fbfb03ad5f256d1a1ce5706bcddf
8266 OpenBSD-Commit-ID: e3315a45cb04e7feeb614d76ec80a9fe4ca0e8c7
8272 upstream: ssh-keygen -Y check-novalidate requires namespace or SEGV
8276 OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
8284 OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
8296 Thread: https://marc.info/?l=openbsd-tech&m=164687525802691&w=2
8300 OpenBSD-Commit-ID: f8bfc082e36e2d2dc4e1feece02fe274155ca11a