re-merge 9.2

Author: tgauth

.depend

@@ -1,4 +1,10 @@
-[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml)
-[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml)
-[![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml)
+master :
+[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:master)
+[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:master)
+[![Upstream self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml/badge.svg)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/upstream.yml?query=branch:master)
+[![CIFuzz](https://github.com/openssh/openssh-portable/actions/workflows/cifuzz.yml/badge.svg)](https://github.com/openssh/openssh-portable/actions/workflows/cifuzz.yml)
 [![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/openssh.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:openssh)
+
+9.1 :
+[![C/C++ CI](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml/badge.svg?branch=V_9_1)](https://github.com/openssh/openssh-portable/actions/workflows/c-cpp.yml?query=branch:V_9_1)
+[![C/C++ CI self-hosted](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml/badge.svg?branch=V_9_1)](https://github.com/openssh/openssh-portable-selfhosted/actions/workflows/selfhosted.yml?query=branch:V_9_1)

.github/ci-status.md

@@ -9,10 +9,13 @@
 # LTESTS
 
 config=$1
+if [ "$config" = "" ]; then
+	config="default"
+fi
 
 unset CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
 
-TEST_TARGET="tests"
+TEST_TARGET="tests compat-tests"
 LTESTS=""
 SKIP_LTESTS=""
 SUDO=sudo	# run with sudo by default
@@ -108,7 +111,7 @@ case "$config" in
     kitchensink)
 	CONFIGFLAGS="--with-kerberos5 --with-libedit --with-pam"
 	CONFIGFLAGS="${CONFIGFLAGS} --with-security-key-builtin --with-selinux"
-	CONFIGFLAGS="${CONFIGFLAGS} --with-cflags=-DSK_DEBUG"
+	CFLAGS="-DSK_DEBUG -DSANDBOX_SECCOMP_FILTER_DEBUG"
 	;;
     hardenedmalloc)
 	CONFIGFLAGS="--with-ldflags=-lhardened_malloc"
@@ -141,6 +144,11 @@ case "$config" in
 	;;
     openssl-*)
 	LIBCRYPTOFLAGS="--with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath,"
+	# OpenSSL 1.1.1 specifically has a bug in its RNG that breaks reexec
+	# fallback.  See https://bugzilla.mindrot.org/show_bug.cgi?id=3483
+	if [ "$config" = "openssl-1.1.1" ]; then
+		SKIP_LTESTS="reexec"
+	fi
 	;;
     selinux)
 	CONFIGFLAGS="--with-selinux"
@@ -152,7 +160,7 @@ case "$config" in
 	LIBCRYPTOFLAGS="--without-openssl"
 	TEST_TARGET=t-exec
 	;;
-    valgrind-[1-4]|valgrind-unit)
+    valgrind-[1-5]|valgrind-unit)
 	# rlimit sandbox and FORTIFY_SOURCE confuse Valgrind.
 	CONFIGFLAGS="--without-sandbox --without-hardening"
 	CONFIGFLAGS="$CONFIGFLAGS --with-cppflags=-D_FORTIFY_SOURCE=0"
@@ -161,16 +169,19 @@ case "$config" in
 	export TEST_SSH_ELAPSED_TIMES
 	# Valgrind slows things down enough that the agent timeout test
 	# won't reliably pass, and the unit tests run longer than allowed
-	# by github so split into three separate tests.
-	tests2="rekey integrity try-ciphers"
+	# by github so split into separate tests.
+	tests2="integrity try-ciphers"
 	tests3="krl forward-control sshsig agent-restrict kextype sftp"
 	tests4="cert-userkey cert-hostkey kextype sftp-perm keygen-comment percent"
+	tests5="rekey"
 	case "$config" in
 	    valgrind-1)
-		# All tests except agent-timeout (which is flaky under valgrind)
+		# All tests except agent-timeout (which is flaky under valgrind),
+		# connection-timeout (which doesn't work since it's so slow)
 		# and hostbased (since valgrind won't let ssh exec keysign).
 		# Slow ones are run separately to increase parallelism.
-		SKIP_LTESTS="agent-timeout hostbased ${tests2} ${tests3} ${tests4}"
+		SKIP_LTESTS="agent-timeout connection-timeout hostbased"
+		SKIP_LTESTS="$SKIP_LTESTS ${tests2} ${tests3} ${tests4} ${tests5}"
 		;;
 	    valgrind-2)
 		LTESTS="${tests2}"
@@ -181,6 +192,9 @@ case "$config" in
 	    valgrind-4)
 		LTESTS="${tests4}"
 		;;
+	    valgrind-5)
+		LTESTS="${tests5}"
+		;;
 	    valgrind-unit)
 		TEST_TARGET="unit USE_VALGRIND=1"
 		;;
@@ -210,6 +224,10 @@ case "${TARGET_HOST}" in
 	TEST_TARGET="t-exec TEST_SHELL=bash"
 	SKIP_LTESTS="rekey sftp"
 	;;
+    debian-riscv64)
+	# This machine is fairly slow, so skip the unit tests.
+	TEST_TARGET="t-exec"
+	;;
     dfly58*|dfly60*)
 	# scp 3-way connection hangs on these so skip until sorted.
 	SKIP_LTESTS=scp3
@@ -227,12 +245,15 @@ case "${TARGET_HOST}" in
 	# test that relies on one.
 	# Also, Minix seems to be very limited in the number of select()
 	# calls that can be operating concurrently, so prune additional tests for that.
-	T="addrmatch agent-restrict brokenkeys cfgmatch cfgmatchlisten cfgparse connect
-	    connect-uri exit-status forward-control forwarding hostkey-agent
-	    key-options keyscan knownhosts-command login-timeout multiplex
+	T="addrmatch agent-restrict brokenkeys cfgmatch cfgmatchlisten cfgparse
+	    connect connect-uri exit-status forwarding hostkey-agent
+	    key-options keyscan knownhosts-command login-timeout
 	    reconfigure reexec rekey scp scp-uri scp3 sftp sftp-badcmds
 	    sftp-batch sftp-cmds sftp-glob sftp-perm sftp-uri stderr-data
 	    transfer"
+	# Unix domain sockets don't work quite like we expect, so also skip any tests
+	# that use multiplexing.
+	T="$T connection-timeout dynamic-forward forward-control multiplex"
 	SKIP_LTESTS="$(echo $T)"
 	TEST_TARGET=t-exec
 	SUDO=""
@@ -260,6 +281,8 @@ esac
 case "`./config.guess`" in
 *cygwin)
 	SUDO=""
+	# Don't run compat tests on cygwin as they don't currently compile.
+	TEST_TARGET="tests"
 	;;
 *-darwin*)
 	# Unless specified otherwise, build without OpenSSL on Mac OS since

.github/configs

@@ -139,16 +139,29 @@ if [ "yes" = "$INSTALL_FIDO_PPA" ]; then
     sudo apt-add-repository -y ppa:yubico/stable
 fi
 
-if [ "x" != "x$PACKAGES" ]; then
+tries=3
+while [ ! -z "$PACKAGES" ] && [ "$tries" -gt "0" ]; do
     case "$PACKAGER" in
     apt)
 	sudo apt update -qq
-	sudo apt install -qy $PACKAGES
+	if sudo apt install -qy $PACKAGES; then
+		PACKAGES=""
+	fi
 	;;
     setup)
-	/cygdrive/c/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`
+	if /cygdrive/c/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then
+		PACKAGES=""
+	fi
 	;;
     esac
+    if [ ! -z "$PACKAGES" ]; then
+	sleep 90
+    fi
+    tries=$(($tries - 1))
+done
+if [ ! -z "$PACKAGES" ]; then
+	echo "Package installation failed."
+	exit 1
 fi
 
 if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then

.github/setup_ci.sh

@@ -1,118 +1,118 @@
 name: C/C++ CI
 
 on:
-  push:
-    branches: [ master, ci, V_9_0 ]
-    paths: [ '**.c', '**.h', '**.m4', '**.sh', '.github/**', 'Makefile.in', 'configure.ac' ]
-  pull_request:
-    branches: [ master ]
-    paths: [ '**.c', '**.h', '**.m4', '**.sh', '.github/**', 'Makefile.in', 'configure.ac' ]
-
+  workflow_dispatch:
+  
 jobs:
   ci:
     if: github.repository != 'openssh/openssh-portable-selfhosted'
     strategy:
       fail-fast: false
       matrix:
         # First we test all OSes in the default configuration.
-        os: [ubuntu-20.04, ubuntu-22.04, macos-11, macos-12, windows-2019, windows-2022]
-        configs: [default]
+        target: [ubuntu-20.04, ubuntu-22.04, macos-11, macos-12, windows-2019, windows-2022]
+        config: [default]
         # Then we include any extra configs we want to test for specific VMs.
         # Valgrind slows things down quite a bit, so start them first.
         include:
-          - { os: windows-2019, configs: cygwin-release }
-          - { os: windows-2022, configs: cygwin-release }
-          - { os: ubuntu-20.04, configs: valgrind-1 }
-          - { os: ubuntu-20.04, configs: valgrind-2 }
-          - { os: ubuntu-20.04, configs: valgrind-3 }
-          - { os: ubuntu-20.04, configs: valgrind-4 }
-          - { os: ubuntu-20.04, configs: valgrind-unit }
-          - { os: ubuntu-20.04, configs: c89 }
-          - { os: ubuntu-20.04, configs: clang-6.0 }
-          - { os: ubuntu-20.04, configs: clang-8 }
-          - { os: ubuntu-20.04, configs: clang-9 }
-          - { os: ubuntu-20.04, configs: clang-10 }
-          - { os: ubuntu-20.04, configs: clang-11 }
-          - { os: ubuntu-20.04, configs: clang-12-Werror }
-          - { os: ubuntu-20.04, configs: clang-sanitize-address }
-          - { os: ubuntu-20.04, configs: clang-sanitize-undefined }
-          - { os: ubuntu-20.04, configs: gcc-sanitize-address }
-          - { os: ubuntu-20.04, configs: gcc-sanitize-undefined }
-          - { os: ubuntu-20.04, configs: gcc-7 }
-          - { os: ubuntu-20.04, configs: gcc-8 }
-          - { os: ubuntu-20.04, configs: gcc-10 }
-          - { os: ubuntu-20.04, configs: gcc-11-Werror }
-          - { os: ubuntu-20.04, configs: pam }
-          - { os: ubuntu-20.04, configs: kitchensink }
-          - { os: ubuntu-20.04, configs: hardenedmalloc }
-          - { os: ubuntu-20.04, configs: tcmalloc }
-          - { os: ubuntu-20.04, configs: musl }
-          - { os: ubuntu-latest, configs: libressl-master }
-          - { os: ubuntu-latest, configs: libressl-2.2.9 }
-          - { os: ubuntu-latest, configs: libressl-2.8.3 }
-          - { os: ubuntu-latest, configs: libressl-3.0.2 }
-          - { os: ubuntu-latest, configs: libressl-3.2.6 }
-          - { os: ubuntu-latest, configs: libressl-3.3.6 }
-          - { os: ubuntu-latest, configs: libressl-3.4.3 }
-          - { os: ubuntu-latest, configs: libressl-3.5.3 }
-          - { os: ubuntu-latest, configs: openssl-master }
-          - { os: ubuntu-latest, configs: openssl-noec }
-          - { os: ubuntu-latest, configs: openssl-1.0.1 }
-          - { os: ubuntu-latest, configs: openssl-1.0.1u }
-          - { os: ubuntu-latest, configs: openssl-1.0.2u }
-          - { os: ubuntu-latest, configs: openssl-1.1.0h }
-          - { os: ubuntu-latest, configs: openssl-1.1.1 }
-          - { os: ubuntu-latest, configs: openssl-1.1.1k }
-          - { os: ubuntu-latest, configs: openssl-1.1.1n }
-          - { os: ubuntu-latest, configs: openssl-1.1.1p }
-          - { os: ubuntu-latest, configs: openssl-3.0.0 }
-          - { os: ubuntu-latest, configs: openssl-3.0.5 }
-          - { os: ubuntu-latest, configs: openssl-1.1.1_stable } # stable branch
-          - { os: ubuntu-latest, configs: openssl-3.0 }          # stable branch
-          - { os: ubuntu-22.04, configs: pam }
-          - { os: ubuntu-22.04, configs: krb5 }
-          - { os: ubuntu-22.04, configs: heimdal }
-          - { os: ubuntu-22.04, configs: libedit }
-          - { os: ubuntu-22.04, configs: sk }
-          - { os: ubuntu-22.04, configs: selinux }
-          - { os: ubuntu-22.04, configs: kitchensink }
-          - { os: ubuntu-22.04, configs: without-openssl }
-          - { os: macos-11, configs: pam }
-          - { os: macos-12, configs: pam }
-    runs-on: ${{ matrix.os }}
+          - { target: windows-2019, config: cygwin-release }
+          - { target: windows-2022, config: cygwin-release }
+          - { target: ubuntu-20.04, config: valgrind-1 }
+          - { target: ubuntu-20.04, config: valgrind-2 }
+          - { target: ubuntu-20.04, config: valgrind-3 }
+          - { target: ubuntu-20.04, config: valgrind-4 }
+          - { target: ubuntu-20.04, config: valgrind-5 }
+          - { target: ubuntu-20.04, config: valgrind-unit }
+          - { target: ubuntu-20.04, config: c89 }
+          - { target: ubuntu-20.04, config: clang-6.0 }
+          - { target: ubuntu-20.04, config: clang-8 }
+          - { target: ubuntu-20.04, config: clang-9 }
+          - { target: ubuntu-20.04, config: clang-10 }
+          - { target: ubuntu-20.04, config: clang-11 }
+          - { target: ubuntu-20.04, config: clang-12-Werror }
+          - { target: ubuntu-20.04, config: clang-sanitize-address }
+          - { target: ubuntu-20.04, config: clang-sanitize-undefined }
+          - { target: ubuntu-20.04, config: gcc-sanitize-address }
+          - { target: ubuntu-20.04, config: gcc-sanitize-undefined }
+          - { target: ubuntu-20.04, config: gcc-7 }
+          - { target: ubuntu-20.04, config: gcc-8 }
+          - { target: ubuntu-20.04, config: gcc-10 }
+          - { target: ubuntu-20.04, config: gcc-11-Werror }
+          - { target: ubuntu-20.04, config: pam }
+          - { target: ubuntu-20.04, config: kitchensink }
+          - { target: ubuntu-20.04, config: hardenedmalloc }
+          - { target: ubuntu-20.04, config: tcmalloc }
+          - { target: ubuntu-20.04, config: musl }
+          - { target: ubuntu-latest, config: libressl-master }
+          - { target: ubuntu-latest, config: libressl-2.2.9 }
+          - { target: ubuntu-latest, config: libressl-2.8.3 }
+          - { target: ubuntu-latest, config: libressl-3.0.2 }
+          - { target: ubuntu-latest, config: libressl-3.2.6 }
+          - { target: ubuntu-latest, config: libressl-3.3.6 }
+          - { target: ubuntu-latest, config: libressl-3.4.3 }
+          - { target: ubuntu-latest, config: libressl-3.5.3 }
+          - { target: ubuntu-latest, config: libressl-3.6.1 }
+          - { target: ubuntu-latest, config: libressl-3.7.0 }
+          - { target: ubuntu-latest, config: openssl-master }
+          - { target: ubuntu-latest, config: openssl-noec }
+          - { target: ubuntu-latest, config: openssl-1.0.1 }
+          - { target: ubuntu-latest, config: openssl-1.0.1u }
+          - { target: ubuntu-latest, config: openssl-1.0.2u }
+          - { target: ubuntu-latest, config: openssl-1.1.0h }
+          - { target: ubuntu-latest, config: openssl-1.1.1 }
+          - { target: ubuntu-latest, config: openssl-1.1.1k }
+          - { target: ubuntu-latest, config: openssl-1.1.1n }
+          - { target: ubuntu-latest, config: openssl-1.1.1q }
+          - { target: ubuntu-latest, config: openssl-1.1.1s }
+          - { target: ubuntu-latest, config: openssl-3.0.0 }
+          - { target: ubuntu-latest, config: openssl-3.0.5 }
+          - { target: ubuntu-latest, config: openssl-3.0.7 }
+          - { target: ubuntu-latest, config: openssl-1.1.1_stable }
+          - { target: ubuntu-latest, config: openssl-3.0 }  # stable branch
+          - { target: ubuntu-22.04, config: pam }
+          - { target: ubuntu-22.04, config: krb5 }
+          - { target: ubuntu-22.04, config: heimdal }
+          - { target: ubuntu-22.04, config: libedit }
+          - { target: ubuntu-22.04, config: sk }
+          - { target: ubuntu-22.04, config: selinux }
+          - { target: ubuntu-22.04, config: kitchensink }
+          - { target: ubuntu-22.04, config: without-openssl }
+          - { target: macos-11, config: pam }
+          - { target: macos-12, config: pam }
+    runs-on: ${{ matrix.target }}
     steps:
     - name: set cygwin git params
-      if: ${{ startsWith(matrix.os, 'windows') }}
+      if: ${{ startsWith(matrix.target, 'windows') }}
       run: git config --global core.autocrlf input
     - name: install cygwin
-      if: ${{ startsWith(matrix.os, 'windows') }}
+      if: ${{ startsWith(matrix.target, 'windows') }}
       uses: cygwin/cygwin-install-action@master
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@main
     - name: setup CI system
-      run: sh ./.github/setup_ci.sh ${{ matrix.configs }}
+      run: sh ./.github/setup_ci.sh ${{ matrix.config }}
     - name: autoreconf
       run: sh -c autoreconf
     - name: configure
-      run: sh ./.github/configure.sh ${{ matrix.configs }}
+      run: sh ./.github/configure.sh ${{ matrix.config }}
     - name: save config
-      uses: actions/upload-artifact@v2
+      uses: actions/upload-artifact@main
       with:
-        name: ${{ matrix.os }}-${{ matrix.configs }}-config
+        name: ${{ matrix.target }}-${{ matrix.config }}-config
         path: config.h
     - name: make clean
       run: make clean
     - name: make
       run: make -j2
     - name: make tests
-      run: sh ./.github/run_test.sh ${{ matrix.configs }}
+      run: sh ./.github/run_test.sh ${{ matrix.config }}
       env:
         TEST_SSH_UNSAFE_PERMISSIONS: 1
         TEST_SSH_HOSTBASED_AUTH: yes
     - name: save logs
       if: failure()
-      uses: actions/upload-artifact@v2
+      uses: actions/upload-artifact@main
       with:
-        name: ${{ matrix.os }}-${{ matrix.configs }}-logs
+        name: ${{ matrix.target }}-${{ matrix.config }}-logs
         path: |
           config.h
           config.log

.github/workflows/c-cpp.yml

@@ -0,0 +1,29 @@
+name: CIFuzz
+on:
+  workflow_dispatch:
+
+jobs:
+  Fuzzing:
+    if: github.repository != 'openssh/openssh-portable-selfhosted'
+    runs-on: ubuntu-latest
+    steps:
+    - name: Build Fuzzers
+      id: build
+      uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+      with:
+        oss-fuzz-project-name: 'openssh'
+        dry-run: false
+        language: c++
+    - name: Run Fuzzers
+      uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+      with:
+        oss-fuzz-project-name: 'openssh'
+        fuzz-seconds: 600
+        dry-run: false
+        language: c++
+    - name: Upload Crash
+      uses: actions/upload-artifact@main
+      if: failure() && steps.build.outcome == 'success'
+      with:
+        name: artifacts
+        path: ./out/artifacts