summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-08-16upstream: switch percent_expand() to use sshbuf instead of a limiteddjm@openbsd.org
fixed buffer; ok markus@ OpenBSD-Commit-ID: 3f9ef20bca5ef5058b48c1cac67c53b9a1d15711
2019-08-09upstream: produce a useful error message if the user's shell is setdjm@openbsd.org
incorrectly during "match exec" processing. bz#2791 reported by Dario Bertini; ok dtucker OpenBSD-Commit-ID: cf9eddd6a6be726cb73bd9c3936f3888cd85c03d
2019-08-09upstream: Change description of TCPKeepAlive from "inactive" todtucker@openbsd.org
"unresponsive" to clarify what it checks for. Patch from jblaine at kickflop.net via github pr#129, ok djm@. OpenBSD-Commit-ID: 3682f8ec7227f5697945daa25d11ce2d933899e9
2019-08-08upstream: Allow the maximimum uint32 value for the argument passed todtucker@openbsd.org
-b which allows better error messages from later validation. bz#3050, ok djm@ OpenBSD-Commit-ID: 10adf6876b2401b3dc02da580ebf67af05861673
2019-08-08upstream: Many key types are supported now, so take care to checknaddy@openbsd.org
the size restrictions and apply the default size only to the matching key type. tweak and ok dtucker@ OpenBSD-Commit-ID: b825de92d79cc4cba19b298c61e99909488ff57e
2019-08-08upstream: Remove now-redundant perm_ok arg sincedtucker@openbsd.org
sshkey_load_private_type will now return SSH_ERR_KEY_BAD_PERMISSIONS in that case. Patch from jitendra.sharma at intel.com, ok djm@ OpenBSD-Commit-ID: 07916a17ed0a252591b71e7fb4be2599cb5b0c77
2019-08-05Fix mem leak in unit test.Darren Tucker
Patch from jitendra.sharma at intel.com.
2019-08-02upstream: fix some memleaks in test_helper codedjm@openbsd.org
bz#3037 from Jitendra Sharma OpenBSD-Regress-ID: 71440fa9186f5842a65ce9a27159385c6cb6f751
2019-08-02upstream: typo; from Christian Hessedjm@openbsd.org
OpenBSD-Commit-ID: 82f6de7438ea7ee5a14f44fdf5058ed57688fdc3
2019-07-30upstream: let sshbuf_find/cmp take a void* for thedjm@openbsd.org
search/comparison argument, instead of a u_char*. Saves callers needing to cast. OpenBSD-Commit-ID: d63b69b7c5dd570963e682f758f5a47b825605ed
2019-07-30upstream: When using a combination of a Yubikey+GnuPG+remotemestre@openbsd.org
forwarding the gpg-agent (and options ControlMaster+RemoteForward in ssh_config(5)) then the codepath taken will call mux_client_request_session -> mm_send_fd -> sendmsg(2). Since sendmsg(2) is not allowed in that codepath then pledge(2) kills the process. The solution is to add "sendfd" to pledge(2), which is not too bad considering a little bit later we reduce pledge(2) to only "stdio proc tty" in that codepath. Problem reported and diff provided by Timothy Brown <tbrown at freeshell.org> OK deraadt@ OpenBSD-Commit-ID: 7ce38b6542bbec00e441595d0a178e970a9472ac
2019-07-30upstream: Fix typo in CASignatureAlgorithms wherein what should bedtucker@openbsd.org
a comma is a dot. Patch from hnj2 via github pr#141. OpenBSD-Commit-ID: 01f5a460438ff1af09aab483c0a70065309445f0
2019-07-29Report success of individual tests as well as all.Darren Tucker
This puts the "all tests passed" message back at the end where the test harnesses can find it.
2019-07-29convert to UTF-8; from Mike FrysingerDamien Miller
2019-07-26upstream: Restrict limit-keytype to types supported by build. Thisdtucker@openbsd.org
means we have to skip a couple tests when only one key type is supported. OpenBSD-Regress-ID: 22d05befb9c7ce21ce8dc22acf1ffe9e2ef2e95e
2019-07-25Remove override disabling DH-GEX.Darren Tucker
The DH-GEX override doesn't work when build without OpenSSL, and we'll prefer curve25519 these days, removing the need for it.
2019-07-25upstream: Only use supported key types during KRL test, preferringdtucker@openbsd.org
ed25519 since it's supported by both OpenSSL and non-OpenSSL builds. OpenBSD-Regress-ID: 9f2bb3eadd50fcc8245b1bd8fd6f0e53602f71aa
2019-07-25upstream: Switch keys-command test from rsa to ed25519 since it'sdtucker@openbsd.org
supported for both OpenSSL and non-OpenSSL builds. OpenBSD-Regress-ID: 174be4be876edd493e4a5c851e5bc579885e7a0a
2019-07-25upstream: Make certificate tests work with the supported keydtucker@openbsd.org
algorithms. Allows tests to pass when built without OpenSSL. OpenBSD-Regress-ID: 617169a6dd9d06db3697a449d9a26c284eca20fc
2019-07-24upstream: Construct list of key types to test based on the typesdtucker@openbsd.org
supported by the binaries. OpenBSD-Regress-ID: fcbd115efacec8ab0ecbdb3faef79ac696cb1d62
2019-07-24upstream: Only use DSA key type in tests if binaries support it.dtucker@openbsd.org
OpenBSD-Regress-ID: 770e31fe61dc33ed8eea9c04ce839b33ddb4dc96
2019-07-24Split test targets further.Darren Tucker
Splits test into file-tests, t-exec, unit and interop-tests and their respective dependencies. Should allow running any set individually without having to build the other dependencies that are not needed for that specific test.
2019-07-24Add lib dependencies for regress binary targets.Darren Tucker
2019-07-24Make "unit" a dependency of "test".Darren Tucker
2019-07-23upstream rev 1.28: fix comment typo.Darren Tucker
2019-07-23Split regress-binaries into two targets.Darren Tucker
Split the binaries for the unit tests out into a regress-unit-binaries target, and add a dependency on it for only the unit tests. This allows us to run the integration tests only ("make t-exec") without building the unit tests, which allows us to run a subset of the tests when building --without-openssl without trying (and failing) to build the unit tests. This means there are two targets for "unit" which I *think* is valid (it works in testing, and makedepend will generate Makefiles of this form)a but I could be wrong.
2019-07-23upstream: Skip DH group generation test if binaries don't supportdtucker@openbsd.org
DH-GEX. OpenBSD-Regress-ID: 7c918230d969ecf7656babd6191a74526bffbffd
2019-07-23upstream: Only test conversion of key types supported by thedtucker@openbsd.org
binaries. OpenBSD-Regress-ID: e3f0938a0a7407e2dfbb90abc3ec979ab6e8eeea
2019-07-23upstream: Only add ssh-dss to allowed key types if it's supporteddtucker@openbsd.org
by the binary. OpenBSD-Regress-ID: 395a54cab16e9e4ece9aec047ab257954eebd413
2019-07-23Remove sys/cdefs.h include.Darren Tucker
It's not needed on -portable (that's handled by includes.h) and not all platforms have it.
2019-07-23Add headers to prevent warnings w/out OpenSSL.Darren Tucker
2019-07-23Include stdlib.h for free() and calloc().Darren Tucker
2019-07-23Re-apply portability changes to current sha2.{c,h}.Darren Tucker
Rather than attempt to apply 14 years' worth of changes to OpenBSD's sha2 I imported the current versions directly then re-applied the portability changes. This also allowed re-syncing digest-libc.c against upstream.
2019-07-23Import current sha2.c and sha2.h from OpenBSD.Darren Tucker
These are not changed from their original state, the next commit will re-apply the portable changes.
2019-07-23Rename valgrind "errors" to "failures".Darren Tucker
When valgrind is enabled, test-exec.sh counts the number of invocations that valgrind detects failures in, not the total number of errors detected. This makes the name to be more accurate.
2019-07-20Skip running sftp-chroot under Valgrind.Darren Tucker
2019-07-20upstream: Remove the sleeps and thus races from the forwardingdtucker@openbsd.org
test. They were originally required to work with Protocol 1, but now we can use ssh -N and the control socket without the sleeps. While there, suppress output fro the control exit commands. OpenBSD-Regress-ID: 4c51a1d651242f12c90074c18c61008a74c1c790
2019-07-20upstream: Allow SLEEPTIME to be overridden.dtucker@openbsd.org
OpenBSD-Regress-ID: 1596ab168729954be3d219933b2d01cc93687e76
2019-07-20upstream: Move sleep time into a variable so that we can increasedtucker@openbsd.org
it for platforms or configurations that are much slower then usual. OpenBSD-Regress-ID: 88586cabc800062c260d0b876bdcd4ca3f58a872
2019-07-19upstream: add regression tests for scp for out-of-destination path filedjm@openbsd.org
creation by Harry Sintonen via Jakub Jelen in bz3007 OpenBSD-Regress-ID: 01ae5fbc6ce400b2df5a84dc3152a9e31f354c07
2019-07-19upstream: Accept the verbose flag when searching for host keys in knowndjm@openbsd.org
hosts (i.e. "ssh-keygen -vF host") to print the matching host's random- art signature too. bz#3003 "amusing, pretty" deraadt@ OpenBSD-Commit-ID: 686221a5447d6507f40a2ffba5393984d889891f
2019-07-19Revert one dependency per line change.Darren Tucker
It turns out that having such a large number of lines in the .depend file will cause the memory usage of awk during AC_SUBST to blow up on at least NetBSD's awk, causing configure to fail.
2019-07-19fix SIGWINCH delivery of Solaris for mux sessionsDamien Miller
Remove PRIV_PROC_SESSION which was limiting ability to send SIGWINCH signals to other sessions. bz#3030; report and fix from Darren Moffat
2019-07-19Force dependencies one per line.Darren Tucker
Force makedepend to output one dependency per line, which will make reading diffs against it much easier. ok djm@
2019-07-19make depend.Darren Tucker
2019-07-19Show when skipping valgrind for a test.Darren Tucker
2019-07-19Enable connect-privsep test with valgrind.Darren Tucker
connect-privsep seems to work OK with valgrind now so don't skip valgrind on it.
2019-07-19Show valgrind results and error counts.Darren Tucker
2019-07-19Fix format string integer type in error message.Darren Tucker
2019-07-18upstream: fix off-by-one in sshbuf_dtob64() base64 wrapping that coulddjm@openbsd.org
cause extra newlines to be appended at the end of the base64 text (ugly, but harmless). Found and fixed by Sebastian Kinne OpenBSD-Commit-ID: 9fe290bd68f706ed8f986a7704ca5a2bd32d7b68