summaryrefslogtreecommitdiffstats
path: root/ssh-keyscan.1 (unfollow)
Commit message (Collapse)AuthorFilesLines
2022-03-26Drop leading "v" from release version identifier.Darren Tucker1-2/+2
It's present in the git tags but not in the release tarball names. Also drop extra "/" from URL path.
2022-03-26Use tarballs when testing LibreSSL releases.Darren Tucker1-7/+16
This means they'll still work when the combination of -portable and openbsd github repos no longer match.
2022-03-26Remove now-unused passwd variable.Darren Tucker1-1/+1
2022-03-26Missing semicolon.Darren Tucker1-1/+1
2022-03-26Factor out platform-specific locked account check.Darren Tucker3-47/+55
Also fixes an incorrect free on platforms with both libiaf and shadow passwords (probably only Unixware). Prompted by github PR#284, originally from @c3h2_ctf and stoeckmann@.
2022-03-25Add OpenWRT mips and mipsel test targets.Darren Tucker2-0/+6
2022-03-20upstream: don't leak argument list; bz3404, reported by Baludjm@openbsd.org1-2/+2
Gajjala ok dtucker@ OpenBSD-Commit-ID: fddc32d74e5dd5cff1a49ddd6297b0867eae56a6
2022-03-20upstream: make addargs() and replacearg() a little more robust anddjm@openbsd.org1-9/+18
improve error reporting make freeargs(NULL) a noop like the other free functions ok dtucker as part of bz3403 OpenBSD-Commit-ID: 15f86da83176978b4d1d288caa24c766dfa2983d
2022-03-20upstream: don't try to resolve ListenAddress directives in the sshddjm@openbsd.org3-8/+9
re-exec path - we're never going to use the result and if the operation fails then it can prevent connections from being accepted. Reported by Aaron Poffenberger; with / ok dtucker@ OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
2022-03-20upstream: remove blank linedjm@openbsd.org1-2/+1
OpenBSD-Commit-ID: d5e0182965b2fbfb03ad5f256d1a1ce5706bcddf
2022-03-18upstream: helpful commentdjm@openbsd.org1-1/+2
OpenBSD-Commit-ID: e3315a45cb04e7feeb614d76ec80a9fe4ca0e8c7
2022-03-18upstream: ssh-keygen -Y check-novalidate requires namespace or SEGVdjm@openbsd.org1-1/+7
will ensue. Patch from Mateusz Adamowski via GHPR#307 OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
2022-03-18upstream: improve DEBUG_CHANNEL_POLL debugging messagedjm@openbsd.org1-5/+5
OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
2022-03-18upstream: ssh: xstrdup(): use memcpy(3)cheloha@openbsd.org1-3/+2
Copying the given string into the buffer with strlcpy(3) confers no benefit in this context because we have already determined the string's length with strlen(3) in order to allocate that buffer. Thread: https://marc.info/?l=openbsd-tech&m=164687525802691&w=2 ok dtucker@ millert@ OpenBSD-Commit-ID: f8bfc082e36e2d2dc4e1feece02fe274155ca11a
2022-03-11Resync fmt_scaled. with OpenBSD.Darren Tucker1-13/+19
Fixes underflow reported in bz#3401.
2022-03-08Provide killpg implementation.Darren Tucker3-0/+13
Based on github PR#301 for Tandem NonStop.
2022-03-08Check for missing ftruncate prototype.Darren Tucker2-0/+10
From github PR#301 in conjunction with rsbeckerca.
2022-03-08Default to not using sandbox when cross compiling.Darren Tucker1-2/+2
On most systems poll(2) does not work when the number of FDs is reduced with setrlimit, so assume it doesn't when cross compiling and we can't run the test. bz#3398.
2022-03-01upstream: pack pollfd array before server_accept_loop() ppoll()djm@openbsd.org1-10/+19
call, and terminate sshd if ppoll() returns errno==EINVAL avoids spin in ppoll when MaxStartups > RLIMIT_NOFILE, reported by Daniel Micay feedback/ok deraadt OpenBSD-Commit-ID: dbab1c24993ac977ec24d83283b8b7528f7c2c15
2022-03-01upstream: include rejected signature algorithm in error message andnaddy@openbsd.org1-3/+3
not the (useless) key type; ok djm@ OpenBSD-Commit-ID: d0c0f552a4d9161203e07e95d58a76eb602a76ff
2022-03-01upstream: Remove the char * casts from arguments to do_lstat,dtucker@openbsd.org1-4/+4
do_readdir and do_stat paths since the underlying functions now take a const char *. Patch from vapier at gentoo.org. OpenBSD-Commit-ID: 9e4d964dbfb0ed683a2a2900711b88e7f1c0297b
2022-03-01upstream: save an unneccessary alloc/free, based on patch fromdjm@openbsd.org1-7/+4
Martin Vahlensieck; ok dtucker@ OpenBSD-Commit-ID: 90ffbf1f837e509742f2c31a1fbf2c0fd376fd5f
2022-02-28Remove unused ivbits argument from chacha_keysetupDarren Tucker2-3/+3
2022-02-28Add OPENBSD ORIGINAL marker.Darren Tucker1-0/+2
2022-02-28No unused param warnings for clang-12 and gcc-11.Darren Tucker1-2/+2
These have too many false positives in -Werror tests on the github CI since we often provide empty stub functions for functionality not needed for particular configurations.
2022-02-26Add debian-i386 test target.Darren Tucker1-0/+2
2022-02-26Allow ppoll_time64 in seccomp sandbox.Darren Tucker1-0/+3
Should fix sandbox violations on (some? at least i386 and armhf) 32bit Linux platforms. Patch from chutzpahu at gentoo.org and cjwatson at debian.org via bz#3396.
2022-02-25Improve handling of _getshort and _getlong.Darren Tucker1-8/+9
If the system native ones are exactly as required then use them, otherwise use the local versions mapped to another name to prevent name collisions.
2022-02-25Constify utimes in compat library to match specs.Darren Tucker2-2/+2
Patch from vapier at chromium.org.
2022-02-25ANSIfy getshort and getlong.Darren Tucker1-10/+8
These functions appear to have come from OpenBSD's lib/libc/net/res_comp.c which made this change in 2005.
2022-02-25Use PICFLAG instead of hard coding -fPIC.Darren Tucker1-1/+1
2022-02-25Add tests for latest releases of {Libre,Open}SSL.Darren Tucker1-0/+3
2022-02-25Improve detection of -fzero-call-used-regs=all supportColin Watson1-0/+3
GCC doesn't tell us whether this option is supported unless it runs into the situation where it would need to emit corresponding code.
2022-02-23upstream: free(3) wants stdlib.hdjm@openbsd.org1-2/+3
OpenBSD-Commit-ID: 227a8c70a95b4428c49e46863c9ef4bd318a3b8a
2022-02-23upstream: put back the scp manpage changes for SFTP mode toodjm@openbsd.org1-10/+14
OpenBSD-Commit-ID: 05dc53921f927e1b5e5694e1f3aa314549f2e768
2022-02-23upstream: and we go back to testing sftp-scp after the 8.9deraadt@openbsd.org1-2/+2
release... OpenBSD-Commit-ID: a80440168258adca543a4607b871327a279c569c
2022-02-23makedependV_8_9_P1Damien Miller1-1/+1
2022-02-23upstream: avoid integer overflow of auth attempts (harmless, caughtdjm@openbsd.org1-1/+4
by monitor) OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86
2022-02-23upstream: randomise the password used in fakepwdjm@openbsd.org1-3/+13
OpenBSD-Commit-ID: 34e159f73b1fbf0a924a9c042d8d61edde293947
2022-02-23upstream: use asprintf to construct .rhosts pathsdjm@openbsd.org1-13/+23
OpenBSD-Commit-ID: 8286e8d3d2c6ff916ff13d041d1713073f738a8b
2022-02-23upstream: openssh-8.9djm@openbsd.org1-2/+2
OpenBSD-Commit-ID: 5c5f791c87c483cdab6d9266b43acdd9ca7bde0e
2022-02-22Extend select+rlimit sanbox test to include poll.Darren Tucker1-5/+23
POSIX specifies that poll() shall fail if "nfds argument is greater than {OPEN_MAX}". The setrlimit sandbox sets this to effectively zero so this causes poll() to fail in the preauth privsep process. This is likely the underlying cause for the previously observed similar behaviour of select() on plaforms where it is implement in userspace on top of poll().
2022-02-22Add Alpine Linux test VM.Darren Tucker1-0/+1
2022-02-22Include sys/param.h if present.Darren Tucker2-0/+4
Needed for howmany() on MUSL systems such as Alpine.
2022-02-22Only include sys/poll.h if we don't have poll.h.Darren Tucker1-2/+1
Prevents warnings on MUSL based systems such as Alpine.
2022-02-22disable agent-restrict test on minix3Damien Miller1-1/+3
Minix seems to have a platform-wide limit on the number of select(2) syscalls that can be concurrently issued. This test seems to exceed this limit. Refer to: https://github.com/Stichting-MINIX-Research-Foundation/minix/blob/R3.3.0/minix/servers/vfs/select.c#L114 https://github.com/Stichting-MINIX-Research-Foundation/minix/blob/R3.3.0/minix/servers/vfs/select.c#L30-L31
2022-02-21Skip agent-getpeereid when running as root.Darren Tucker1-0/+3
2022-02-20upstream: Aproximate realpath on the expected output by dedupingdtucker@openbsd.org1-2/+3
leading slashes. Fixes test failure when user's home dir is / which is possible in some portable configurations. OpenBSD-Regress-ID: 53b8c53734f8893806961475c7106397f98d9f63
2022-02-20Really move DSA to end of list.Darren Tucker1-2/+2
In commit ad16a84e syncing from OpenBSD, RSA was accidentally moved to the end of the list instead of DSA. Spotted by andrew at fyfe.gb.net.
2022-02-18Add test configs for MUSL C library.Darren Tucker3-0/+10