-
Notifications
You must be signed in to change notification settings - Fork 324
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merge upstream 9.8 #737
Merge upstream 9.8 #737
Conversation
Should better detect problems with gcc 13 on m68k. bz#3673 from Colin Watson via bz#3673 and https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110934 Signed-off-by: Darren Tucker <[email protected]>
Handle replacement of 'id' the same way as we do other Portable specific replacements in test-exec.sh. This brings percent.sh back into sync with upstream.
OK djm@ OpenBSD-Commit-ID: 524ddae97746b3563ad4a887dfd0a6e6ba114c50
OpenBSD-Commit-ID: ad3d1486d105b008c93e952d158e5af4d9d4c531
version is 0. Patch from cjwatson at debian.org via bz#3671. OpenBSD-Regress-ID: 835ed03c1b04ad46be82e674495521f11b840191
the test VMs are slow enough for this to matter. OpenBSD-Regress-ID: 6a83a693602eb0312f06a4ad2cd6f40d99d24b26
from portable. In some shells, "case" will reset the value of $?, so save it first. OpenBSD-Regress-ID: da32e5be19299cb4f0f7de7f29c11257a62d6949
redirect stdout, and use printf instead of relying on echo to do \n substitution. Reduces diff vs Portable. Also resync somewhat with upstream. OpenBSD-Regress-ID: 9ae876a8ec4c4725f1e9820a0667360ee2398337
OpenBSD-Regress-ID: 5039bde24d33d809aebfa8d3ad7fe9053224e6f8
OpenBSD-Regress-ID: b4852bf97ac8fb2e3530f2d5f999edd66058d7bc
diff vs Portable. OpenBSD-Regress-ID: 6f31cd6e231e3b8c5c2ca0307573ccb7484bff7d
Some plaforms don't have the latter so this makes things easier in -portable. OpenBSD-Regress-ID: ff82260eb0db1f11130200b25d820cf73753bbe3
From dkg via GHPR479; ok dtucker@ OpenBSD-Commit-ID: 1ac1f9c45da44eabbae89375393c662349239257
Wrong function signature in configure.ac prevents openssh from enabling the recently new support for ED25519 priv keys in PEM PKCS8 format.
Verified in person and via signature with old key. Will remove old key in a bit.
Instead of trying to infer the type of the self hosted tests in each of the driver scripts (inconsistently...), set one of the following variables to "true" in the workflow: VM: tests run in a virtual machine. EPHEMERAL: tests run on an ephemeral virtual machine. PERSISTENT: tests run on a persistent virtual machine REMOTE: tests run on a physical remote host. EPHEMERAL VMs can have multiple instances of any given VM can exist simultaneously and are run by a runner pool. The other types have a dedicated runner instance and can only run a single test at a time. Other settings: SSHFS: We need to sshfs mount over the repo so the workflow can collect build artifacts. This also implies the tests must be run over ssh. DEBUG_ACTIONS: enable "set -x" in scripts for debugging.
This changes SSH_AUTH_INFO_0 to be exposed to PAM auth modules also when a password authentication method is in use and not only when a keyboard-interactive authentication method is in use.
private keys in blob. From Jakub Jelen via GHPR430 OpenBSD-Commit-ID: d17dbf47554de2d752061592f95b5d772baab50b
If --enable/disable-dsa-keys is not specified, set based on what OpenSSL supports. If specified as enabled, but not supported by OpenSSL error out. ok djm@
Should get them working again.
Do we know if this PR should fix CVEs listed at openssh.com/security.html or cvedetail.com? We need those fixed to be allowed to use to OpenSSH in our Windows infrastructure. |
Please see PowerShell/Announcements#63 regarding CVE-2024-6387. |
servconf.c
Outdated
match_user(NULL, NULL, NULL, arg) == -1) | ||
fatal("%s line %d: empty %s pattern", | ||
filename, linenum, keyword); | ||
if (*arg == '\0') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is this change for?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this fixes the duplicate issue from merging - the #ifdef WINDOWS
code is still defined below
PR Summary
PR Context
Windows specific changes:
contrib\win32\openssh\sshd-session.vcxproj
contrib\win32\win32compat\wmain_sshd-session.c
sshd
to still supportdebug_flag
andinetd_flag
withsshd-session
_PATH_SSHD_SESSION
to sshd-session.exe and de-relativize path inservconf.c
log.c
removals surface some compilation errors (false positives) related to uninitialized vars inssh-sk-helper.c
andssh-pkcs11-client.c
, but add initializations with #ifdefscontrib/win32/win32compat/inc/signal.h