[wip] merge#842
Open
tgauth wants to merge 408 commits into
Open
Conversation
feedback/ok tb@ OpenBSD-Commit-ID: e67fa6a26e515c2b1fb7b0d1519d138aafb3e017
Tested on Yubikeys and against SoftHSM2. feedback/ok tb@ OpenBSD-Commit-ID: 90ddb6529f2e12e98e8bba21d8592e60579ce2e4
OpenBSD-Regress-ID: 50067c0716abfea3a526b4a0c8f1fe15e7665c0f
OpenBSD-Commit-ID: 5612e979575d5da933c8b720d296423fd84392f5
keys to be used via PKCS#11 when OpenSSH is built without libcrypto. OpenBSD-Commit-ID: ecf26fdf7591bf2c98bac5136fbc36e0b59c3fc2
483725, ok djm@ OpenBSD-Commit-ID: 47cf7b399c84e102b670b9f97ab6926c9a7256b5
Run 64bit bigendian interop test on NetBSD arm64be instead.
This works on filesystems mounted 'noatime', but on others the stat() resets atime causing the test to fail.
Forwarding (EF) Marking interactive session data with DSCP value EF (RFC3246, RFC3247) helps inform the network on relative priority compared to other traffic. This is especially useful for differentiated treatment over wireless media. Following the reconciled IETF Diffserv to IEEE 802.11 mappings (RFC 8325), traffic marked with DSCP value EF maps to User Priority 6 in QoS Control, in turn mapping to the high priority WMM AC_VO access category. OK djm@ OpenBSD-Commit-ID: aadda7b9da794d70d7c6b381a861a0610afce1b3
keywords Type of Service (ToS) was deprecated in the late nineties and replaced with the Differentiated Services architecture. Diffserv has significant advantages for operators because this mechanism offers more granularity. OpenSSH switched its default IPQoS from ToS to DSCP values in 2018. IPQoS configurations with 'lowdelay', 'reliability', or 'throughput' will be ignored and instead the system default QoS settings apply. Additionally, a debug message is logged about the deprecation with a suggestion to use DSCP. with/OK deraadt@ sthen@ djm@ OpenBSD-Commit-ID: 40c8c0c5cb20151a348728703536af2ec1c754ba
and I-Ds that are more complete and detailed than what we have in the PROTOCOL.* files. Refer to these when possible instead of documenting them here. OpenBSD-Commit-ID: 4fa5b0fcf5d5f24093d33d9e82c7ca4850d50d70
non-interactive traffic It seems the CS1 traffic class mark is considered ambiguous and therefore somewhat unhelpful (see RFC 8622 for more considerations). But, the new 'LE' scavenger class (also proposed in RFC 8622) offers high probability of excessive delays & high packet loss, which would be inappropriate for use with, for example, X11 forwardings. In fact, it is not known to SSH what's appropriate because SSH is not aware of the content of what passing through session forwardings. Therefore, no marking is appropriate. Non-interactive traffic simply is best effort. OK djm@ deraadt@ OpenBSD-Commit-ID: db1da1a432ecd53fc28feb84287aedb6bec80b01
enough information to identify the certificate in addition to the reason why it was being denied. Makes debugging certificate authz problems a bit easier. ok dlg@ OpenBSD-Commit-ID: 4c4621b2e70412754b3fe7540af8f4bf02b722b1
OpenBSD-Commit-ID: 9c481ddd6bad110af7e530ba90db41f6d5fe2273
struct ssh or struct packet_state; one static int escaped this rule, so move it to struct packet_state now. ok millert tb OpenBSD-Commit-ID: bd6737168bf61a836ffbdc99ee4803468db90a53
non-post quantum safe key agreement algorithm. Controlled via a new WarnWeakCrypto ssh_config option, defaulting to on. This option might grow additional weak crypto warnings in the future. More details at https://openssh.com/pq.html mostly by deraadt@ feedback dtucker@ ok deraadt@ OpenBSD-Commit-ID: 974ff243a1eccceac6a1a9d8fab3bcc89d74a2a4
which is only used in user-visible contexts. freebsd 288773 shows their localtime_r() has failed at least once for unknown reason. discussed with djm OpenBSD-Commit-ID: 68f4c92d46b2578d4594b0ed940958d597fd61ac
OpenBSD-Commit-ID: 8f223da7633752162c64a659c6cf55202703d870
platforms. OpenBSD-Commit-ID: 15644234b58abc9c6da2994f0422a5aa344a9e89
platforms. OpenBSD-Commit-ID: 46c6063284d318f7e4dc922479a3e394c94b0588
platforms. OpenBSD-Commit-ID: afadd741622f16c6733d461c0d6053ed52868a57
Previously we only allowed __NR_futex, but some 32-bit systems apparently support __NR_futex_time64. We had support for this in the sandbox, but because of a macro error only __NR_futex was allowlisted. ok dtucker@
Allow getsockname(2), getpeername(2) and getsockopt(2). Also allow setsockopt(2) but only IP_TOS and IPV6_TCLASS. Note that systems that use the older socketcall(2) mux syscall will not have IP_TOS and IPV6_TCLASS allowlisted. On these platforms, these calls will be soft-blocked (i.e. will fail rather than terminate the whole process with a sandbox violation). Needed for upcoming IPQoS change; ok dtucker@
file doesn't work in this program as logging already goes via the parent sshd-session process. ok dtucker@ OpenBSD-Commit-ID: 73325b9e69364117c18305f896c620a3abcf4f87
channels; ok deraadt@ (as part of bigger diff) OpenBSD-Commit-ID: 7f691e25366c5621d7ed6f7f9018d868f7511c0d
channels/sessions ok deraadt@ OpenBSD-Commit-ID: 12f88a5044bca40ef5f41ff61b1755d0e25df901
channels/sessions ok deraadt@ OpenBSD-Commit-ID: 9955cb6d157c6d7aa23a819e8ef61b1edabc8b7d
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
Upstream commits f807a59 (ssh) and dc51470 (sshd) added SIGINFO handlers to dump active channels. SIGINFO is BSD-specific and undefined on Windows, causing C2065 errors. Guard the handler functions and signal registrations with #ifdef SIGINFO, matching the existing portable idiom used in sshd.c and session.c.
…merge-v10.3P1-20260420
… refactor Upstream 2892390 changed ssh_packet_set_interactive to take only (ssh, interactive) and now manages IP QoS continually via the channel layer (ssh_packet_set_qos). It removed the set_interactive calls from do_exec_no_pty/do_exec_pty in session.c. Mirror that removal in the Windows w32-doexec.c port to fix C2197 too-many-arguments errors.
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
Previously Get-CommitCIStatus/Get-CommitDetails caught all exceptions (including HTTP 403 rate-limit) and returned unknown/null, so a rate-limited scan silently continued and emitted a batch from incomplete CI data. Added Test-IsRateLimitError + Invoke-GitHubApi wrapper that throws a marked terminating error on rate-limit, a proactive /rate_limit budget pre-check, and a per-commit loop guard that exits non-zero on mid-scan exhaustion.
…merge-v10.3P1-20260420
Upstream's KNF header-reordering commits removed #ifdef HAVE_*_H guards around system headers (paths.h, util.h, ifaddrs.h, netgroup.h, nlist.h, endian.h), making the includes unconditional. These headers do not exist on Windows, causing C1083 build errors. Restore the guards so the includes are skipped on Windows where the macros are undefined.
Upstream's unit-test benchmark framework (test_helper.c) and misc-agent.c call clock_gettime() unconditionally. Windows win32compat provided no clock_gettime, so the linker resolved the symbol from the vcpkg-auto-linked fido2.lib, pulling in fido2.lib(clock_gettime.c.obj) and emitting 'LNK4099: PDB fido2.pdb was not found' in every unit test (e.g. unittest-bitmap). Provide a real clock_gettime() in win32compat (plus clockid_t / CLOCK_REALTIME / CLOCK_MONOTONIC) so the symbol resolves from posix_compat.lib instead, removing the accidental fido2 dependency and the warning.
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR Summary
PR Context