[wip] merge#842
Open
tgauth wants to merge 257 commits into
Open
Conversation
Prevents "unprotected private key file" error when running tests.
truncated after the hostname. Reported by the OpenAI Security Research Team ok deraadt@ OpenBSD-Commit-ID: c0b516d7c80c4779a403826f73bcd8adbbc54ebd
the entire line in one operation and using unbuffered stdio. Usually writes to this file are serialised on the "Are you sure you want to continue connecting?" prompt, but if host key checking is disabled and connections were being made with high concurrency then interleaved writes might have been possible. feedback/ok deraadt@ millert@ OpenBSD-Commit-ID: d11222b49dabe5cfe0937b49cb439ba3d4847b08
than just the preauth process now OpenBSD-Commit-ID: 768c5b674bd77802bb197c31dba78559f1174c02
~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8). This ensures processes (such as Firefox) that have restricted filesystem access that includes /tmp (via unveil(3)) do not have the ability to use keys in an agent. Moving the default directory has the consequence that the OS will no longer clean up stale agent sockets, so ssh-agent now gains this ability. To support $HOME on NFS, the socket path includes a truncated hash of the hostname. ssh-agent will by default only clean up sockets from the same hostname. ssh-agent gains some new flags: -U suppresses the automatic cleanup of stale sockets when it starts. -u forces a cleanup without keeping a running agent, -uu forces a cleanup that ignores the hostname. -T makes ssh-agent put the socket back in /tmp. feedback deraadt@ naddy@, doitdoitdoit deraadt@ OpenBSD-Commit-ID: 8383dabd98092fe5498d5f7f15c7d314b03a93e1
OpenBSD-Commit-ID: e526c97fcb2fd9f0b7b229720972426ab437d7eb
Ignores nanoseconds, but it's checking for >1h old so a few nanoseconds shouldn't matter much. Fixes build on Mac OS X.
Fixes build on some pre-POSIX.1-2008 platforms.
text to the correct place OpenBSD-Commit-ID: 2fb484337a0978c703f61983bb14bc5cbaf898c2
that instead of the much more basic format description we had previously. OpenBSD-Commit-ID: cf01e0727a813fee8626ad7b3aa240621cc92014
feedback/ok tb@, ok deraadt@ OpenBSD-Commit-ID: bfe6ee73c1b676c81a2901030c791f8ec888228f
location rather than inside the homedir. During relink operation, /.ssh/agent was created which is surprising. This test sequence could use some improvement so this is a temporary fix. observed by florian, change ok semarie OpenBSD-Commit-ID: c7246a6b519ac390ca550719f91acfdaef1fa0f0
OpenBSD-Commit-ID: 65577596a15ad6dd9a1ab3fc24c1c31303ee6e2b
OpenBSD-Regress-ID: 7260fb672de5738c17dec06c71a5be0186bb2b09
OpenBSD-Regress-ID: 4f71f8f122eac4cbf7f1d2088a9be45317dd3e4a
OpenBSD-Regress-ID: 4424d2eaf0bce3887318ef6d18de6c06f3617d6e
This makes things easier in -portable, where on Solaris an derivatives "sun" is defined to "1", causing compilation errors. ok deraadt@. OpenBSD-Commit-ID: 0669043afb49856b57b382f0489221bd98305d3b
On those, the subsequent stat() should catch the sockets.
When the ssh-agent service is configured to be launched under systemd
socket-activation, the user can inspect the status of the agent with
something like:
systemctl --user status ssh-agent.service
If the user does:
systemctl --user stop ssh-agent.service
it causes the `systemd --user` supervisor to send a SIGTERM to the
agent, which terminates while leaving the systemd-managed socket in
place. That's good, and as expected. (If the user wants to close the
socket, they can do "systemctl --user stop ssh-agent.socket" instead)
But because ssh-agent exits with code 2 in response to a SIGTERM, the
supervisor marks the service as "failed", even though the state of the
supervised service is exactly the same as during session startup (not
running, ready to launch when a client connects to the socket).
This change makes ssh-agent exit cleanly (code 0) in response to a
SIGTERM when launched under socket activation. This aligns the systemd
supervisor's understanding of the state of supervised ssh-agent with
reality.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Fixes build on pre-POSIX.1 2008 systems.
Some platforms (eg Old BSDs) in some configurations define DIR to "void *", which causes compile errors in the no-op implementation.
Should fix oss-fuzz test.
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
…merge-v10.3P1-20260420
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
Commit 0cf38d7 added #include monitor_wrap.h to sshd.c. On Windows GSSAPI is defined for the sshd listener (sshd.vcxproj), so monitor_wrap.h references Gssctxt/gss_OID, which require ssh-gss.h to be included first. sshd-session.c and sshd-auth.c already include ssh-gss.h before monitor_wrap.h; mirror that pattern in sshd.c (guarded by #ifdef GSSAPI).
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR Summary
PR Context