Merge upstream 9.8 #737
Merged
Merge upstream 9.8 #737
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Should better detect problems with gcc 13 on m68k. bz#3673 from Colin Watson via bz#3673 and https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110934 Signed-off-by: Darren Tucker <[email protected]>
Handle replacement of 'id' the same way as we do other Portable specific replacements in test-exec.sh. This brings percent.sh back into sync with upstream.
OK djm@ OpenBSD-Commit-ID: 524ddae97746b3563ad4a887dfd0a6e6ba114c50
OpenBSD-Commit-ID: ad3d1486d105b008c93e952d158e5af4d9d4c531
version is 0. Patch from cjwatson at debian.org via bz#3671. OpenBSD-Regress-ID: 835ed03c1b04ad46be82e674495521f11b840191
the test VMs are slow enough for this to matter. OpenBSD-Regress-ID: 6a83a693602eb0312f06a4ad2cd6f40d99d24b26
from portable. In some shells, "case" will reset the value of $?, so save it first. OpenBSD-Regress-ID: da32e5be19299cb4f0f7de7f29c11257a62d6949
redirect stdout, and use printf instead of relying on echo to do \n substitution. Reduces diff vs Portable. Also resync somewhat with upstream. OpenBSD-Regress-ID: 9ae876a8ec4c4725f1e9820a0667360ee2398337
OpenBSD-Regress-ID: 5039bde24d33d809aebfa8d3ad7fe9053224e6f8
OpenBSD-Regress-ID: b4852bf97ac8fb2e3530f2d5f999edd66058d7bc
diff vs Portable. OpenBSD-Regress-ID: 6f31cd6e231e3b8c5c2ca0307573ccb7484bff7d
Some plaforms don't have the latter so this makes things easier in -portable. OpenBSD-Regress-ID: ff82260eb0db1f11130200b25d820cf73753bbe3
From dkg via GHPR479; ok dtucker@ OpenBSD-Commit-ID: 1ac1f9c45da44eabbae89375393c662349239257
Wrong function signature in configure.ac prevents openssh from enabling the recently new support for ED25519 priv keys in PEM PKCS8 format.
Verified in person and via signature with old key. Will remove old key in a bit.
Instead of trying to infer the type of the self hosted tests in each of the driver scripts (inconsistently...), set one of the following variables to "true" in the workflow: VM: tests run in a virtual machine. EPHEMERAL: tests run on an ephemeral virtual machine. PERSISTENT: tests run on a persistent virtual machine REMOTE: tests run on a physical remote host. EPHEMERAL VMs can have multiple instances of any given VM can exist simultaneously and are run by a runner pool. The other types have a dedicated runner instance and can only run a single test at a time. Other settings: SSHFS: We need to sshfs mount over the repo so the workflow can collect build artifacts. This also implies the tests must be run over ssh. DEBUG_ACTIONS: enable "set -x" in scripts for debugging.
This changes SSH_AUTH_INFO_0 to be exposed to PAM auth modules also when a password authentication method is in use and not only when a keyboard-interactive authentication method is in use.
private keys in blob. From Jakub Jelen via GHPR430 OpenBSD-Commit-ID: d17dbf47554de2d752061592f95b5d772baab50b
If --enable/disable-dsa-keys is not specified, set based on what OpenSSL supports. If specified as enabled, but not supported by OpenSSL error out. ok djm@
Should get them working again.
|
Do we know if this PR should fix CVEs listed at openssh.com/security.html or cvedetail.com? We need those fixed to be allowed to use to OpenSSH in our Windows infrastructure. |
Please see PowerShell/Announcements#63 regarding CVE-2024-6387. |
vthiebaut10
reviewed
Sep 16, 2024
servconf.c
Outdated
| match_user(NULL, NULL, NULL, arg) == -1) | ||
| fatal("%s line %d: empty %s pattern", | ||
| filename, linenum, keyword); | ||
| if (*arg == '\0') |
There was a problem hiding this comment.
What is this change for?
There was a problem hiding this comment.
this fixes the duplicate issue from merging - the #ifdef WINDOWS code is still defined below
anmenaga
approved these changes
Sep 17, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR Summary
PR Context
Windows specific changes:
contrib\win32\openssh\sshd-session.vcxprojcontrib\win32\win32compat\wmain_sshd-session.csshdto still supportdebug_flagandinetd_flagwithsshd-session_PATH_SSHD_SESSIONto sshd-session.exe and de-relativize path inservconf.clog.cremovals surface some compilation errors (false positives) related to uninitialized vars inssh-sk-helper.candssh-pkcs11-client.c, but add initializations with #ifdefscontrib/win32/win32compat/inc/signal.h