Hi, OpenSSH 5.9 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a couple of new features and changes and bug fixes. Testing of the new sandboxed privilege separation mode (see below) would be particularly appreciated. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via anonymous CVS using the instructions at http://www.openssh.com/portable.html#cvs or via Mercurial at http://hg.mindrot.org/openssh Running the regression tests supplied with Portable OpenSSH does not require installation and is a simply: $ ./configure && make tests Live testing on suitable non-production systems is also appreciated. Please send reports of success or failure to openssh-unix-dev at mindrot.org. Below is a summary of changes. More detail may be found in the ChangeLog in the portable OpenSSH tarballs. Thanks to the many people who contributed to this release. ------------------------------- Features: * Introduce sandboxing of the pre-auth privsep child using a new sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform. This intention is to prevent a compromised privsep child from being used to attack other hosts (by opening sockets and proxying) or probing local kernel attack surface. Three concrete sandbox implementation are provided (selected at configure time): systrace, seatbelt and rlimit. The systrace sandbox uses systrace(4) in unsupervised "fast-path" mode, where a list of permitted syscalls is supplied. Any syscall not on the list results in SIGKILL being sent to the privsep child. Note that this requires a kernel with the new SYSTR_POLICY_KILL option (only OpenBSD has this mode at present). The seatbelt sandbox uses OS X/Darwin sandbox(7) facilities with a strict (kSBXProfilePureComputation) policy that disables access to filesystem and network resources. The rlimit sandbox is a fallback choice for platforms that don't support a better one; it uses setrlimit() to reset the hard-limit of file descriptors and processes to zero, which should prevent the privsep child from forking or opening new network connections. Sandboxing of the privilege separated child process will become the default in a future release. We'd also like to include native sandboxes for other platforms. * Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt These modes are hmac-sha2-256, hmac-sha2-256-96, hmac-sha2-512, and hmac-sha2-512-96, and are available by default in ssh(1) and sshd(8) * The pre-authentication sshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot. * ssh(1) now warns when a server refuses X11 forwarding * sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by space. The undocumented AuthorizedKeysFile2 option is deprecated (though the default for AuthorizedKeysFile includes .ssh/authorized_keys2) * sshd_config(5): similarly deprecate UserKnownHostsFile2 and GlobalKnownHostsFile2 by making UserKnownHostsFile and GlobalKnownHostsFile accept multiple options and default to include known_hosts2 * retain key comments when loading v.2 keys. These will be visible in "ssh-add -l" and other places. bz#439 * ssh(1) and sshd(8): set IPv6 traffic class from IPQoS (as well as IPv4 ToS/DSCP). bz#1855 * ssh_config(5)'s ControlPath option now expands %L to the host portion of the destination host name. * ssh_config(5) "Host" options now support negated Host matching, e.g. Host *.example.org !c.example.org User mekmitasdigoat Will match "a.example.org", "b.example.org", but not "c.example.org" * ssh_config(5): a new RequestTTY option provides control over when a TTY is requested for a connection, similar to the existing -t/-tt/-T ssh(1) commandline options. * sshd(8): allow GSSAPI authentication to detect when a server-side failure causes authentication failure and don't count such failures against MaxAuthTries; bz#1244 * ssh-keygen(1): Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa) for which host keys do not exist, generate the host keys with the default key file path, an empty passphrase, default bits for the key type, and default comment. This is useful for system initialisation scripts. * ssh(1): Allow graceful shutdown of multiplexing: request that a mux server removes its listener socket and refuse future multiplexing requests but don't kill existing connections. This may be requested using "ssh -O stop ..." * ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add - < /path/to/key" * ssh-keysign(8) now signs hostbased authentication challenges correctly using ECDSA keys; bz#1858 Portable OpenSSH Bugfixes: * Fix a compilation error in the SELinux support code. bz#1851 * This release removes support for ssh-rand-helper. OpenSSH now obtains its random numbers directly from OpenSSL or from a PRNGd/EGD instance specified at configure time. * sshd(8) now resets the SELinux process execution context before executing passwd for password changes; bz#1891 * Since gcc >= 4.x ignores all -Wno-options options, test only the corresponding -W-option when trying to determine whether it is accepted. bz#1900, bz#1901 selinux code. Patch from Leonardo Chiquitto * Add ECDSA key generation to the Cygwin ssh-{host,user}-config scripts. Reporting Bugs: ============== - Please read http://www.openssh.com/report.html Security bugs should be reported directly to openssh at openssh.com OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom.
On Aug 14 10:30, Damien Miller wrote:> Hi, > > OpenSSH 5.9 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This release contains a > couple of new features and changes and bug fixes. Testing of the new > sandboxed privilege separation mode (see below) would be particularly > appreciated. > > Snapshot releases for portable OpenSSH are available from > http://www.mindrot.org/openssh_snap/ > > The OpenBSD version is available in CVS HEAD: > http://www.openbsd.org/anoncvs.html > > Portable OpenSSH is also available via anonymous CVS using the > instructions at http://www.openssh.com/portable.html#cvs or > via Mercurial at http://hg.mindrot.org/openssh > > Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ ./configure && make testsCurrent CVS builds fine and all tests pass on Cygwin.> Sandboxing of the privilege separated child process will become the > default in a future release. We'd also like to include native > sandboxes for other platforms.I'm still thinking about how to do that for Cygwin. There's no way on Windows to remove user permission to create files in a generic way. But maybe the UAC feature since Vista is a way to accomplish sandboxing at least on Vista and later by starting the process as a low integrity process. I have to take a closer look into this stuff. While I was at it, it occured to me that there's another piece of Cygwin-specific code which can go away. Pipes are always created as binary pipes for quite some time now. There's no supported version of Cygwin left which allowed to create textmode pipes. Therefore, the binary_pipe code can go away. Here's the patch: Index: openbsd-compat/bsd-cygwin_util.c ==================================================================RCS file: /cvs/openssh/openbsd-compat/bsd-cygwin_util.c,v retrieving revision 1.22 diff -u -p -r1.22 bsd-cygwin_util.c --- openbsd-compat/bsd-cygwin_util.c 27 Feb 2010 16:29:33 -0000 1.22 +++ openbsd-compat/bsd-cygwin_util.c 15 Aug 2011 10:59:57 -0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen at cygnus.com> + * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen at redhat.com> * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -34,9 +34,6 @@ #if defined(open) && open == binary_open # undef open #endif -#if defined(pipe) && open == binary_pipe -# undef pipe -#endif #include <sys/types.h> @@ -57,18 +54,6 @@ binary_open(const char *filename, int fl mode = va_arg(ap, mode_t); va_end(ap); return (open(filename, flags | O_BINARY, mode)); -} - -int -binary_pipe(int fd[2]) -{ - int ret = pipe(fd); - - if (!ret) { - setmode(fd[0], O_BINARY); - setmode(fd[1], O_BINARY); - } - return (ret); } int Index: openbsd-compat/bsd-cygwin_util.h ==================================================================RCS file: /cvs/openssh/openbsd-compat/bsd-cygwin_util.h,v retrieving revision 1.12 diff -u -p -r1.12 bsd-cygwin_util.h --- openbsd-compat/bsd-cygwin_util.h 8 Mar 2009 00:40:28 -0000 1.12 +++ openbsd-compat/bsd-cygwin_util.h 15 Aug 2011 10:59:57 -0000 @@ -1,7 +1,7 @@ /* $Id: bsd-cygwin_util.h,v 1.12 2009/03/08 00:40:28 dtucker Exp $ */ /* - * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen at cygnus.com> + * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen at redhat.com> * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -41,13 +41,11 @@ #include <io.h> int binary_open(const char *, int , ...); -int binary_pipe(int fd[2]); int check_ntsec(const char *); char **fetch_windows_environment(void); void free_windows_environment(char **); #define open binary_open -#define pipe binary_pipe #endif /* HAVE_CYGWIN */ Corinna -- Corinna Vinschen Cygwin Project Co-Leader Red Hat
Hi there... Just downloaded openssh-SNAP-20110815.tar.gz and run the usual $ ./configure && make tests And i get the usual "all tests passed", no errors reported. I have runned this on a FreeBSD 8.2 Release #0 amd64. Regards Fred --- Frederico Costa fredports at mufley.com On Sun, 14 Aug 2011 10:30:10 +1000 (EST), Damien Miller wrote:> Hi, > > OpenSSH 5.9 is almost ready for release, so we would appreciate > testing > on as many platforms and systems as possible. This release contains a > couple of new features and changes and bug fixes. Testing of the new > sandboxed privilege separation mode (see below) would be particularly > appreciated. > > Snapshot releases for portable OpenSSH are available from > http://www.mindrot.org/openssh_snap/ > > The OpenBSD version is available in CVS HEAD: > http://www.openbsd.org/anoncvs.html > > Portable OpenSSH is also available via anonymous CVS using the > instructions at http://www.openssh.com/portable.html#cvs or > via Mercurial at http://hg.mindrot.org/openssh > > Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ ./configure && make tests > > Live testing on suitable non-production systems is also > appreciated. Please send reports of success or failure to > openssh-unix-dev at mindrot.org. > > Below is a summary of changes. More detail may be found in the > ChangeLog > in the portable OpenSSH tarballs. > > Thanks to the many people who contributed to this release. > > ------------------------------- > > Features: > > * Introduce sandboxing of the pre-auth privsep child using a new > sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables > mandatory restrictions on the syscalls the privsep child can > perform. > This intention is to prevent a compromised privsep child from > being > used to attack other hosts (by opening sockets and proxying) or > probing > local kernel attack surface. > > Three concrete sandbox implementation are provided (selected at > configure time): systrace, seatbelt and rlimit. > > The systrace sandbox uses systrace(4) in unsupervised "fast-path" > mode, where a list of permitted syscalls is supplied. Any syscall > not > on the list results in SIGKILL being sent to the privsep child. > Note > that this requires a kernel with the new SYSTR_POLICY_KILL option > (only OpenBSD has this mode at present). > > The seatbelt sandbox uses OS X/Darwin sandbox(7) facilities with a > strict (kSBXProfilePureComputation) policy that disables access to > filesystem and network resources. > > The rlimit sandbox is a fallback choice for platforms that don't > support a better one; it uses setrlimit() to reset the hard-limit > of file descriptors and processes to zero, which should prevent > the privsep child from forking or opening new network connections. > > Sandboxing of the privilege separated child process will become > the > default in a future release. We'd also like to include native > sandboxes for other platforms. > > * Add new SHA256-based HMAC transport integrity modes from > http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt > These modes are hmac-sha2-256, hmac-sha2-256-96, hmac-sha2-512, > and hmac-sha2-512-96, and are available by default in ssh(1) and > sshd(8) > > * The pre-authentication sshd(8) privilege separation slave process > now logs via a socket shared with the master process, avoiding the > need to maintain /dev/log inside the chroot. > > * ssh(1) now warns when a server refuses X11 forwarding > > * sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, > separated by space. The undocumented AuthorizedKeysFile2 option is > deprecated (though the default for AuthorizedKeysFile includes > .ssh/authorized_keys2) > > * sshd_config(5): similarly deprecate UserKnownHostsFile2 and > GlobalKnownHostsFile2 by making UserKnownHostsFile and > GlobalKnownHostsFile accept multiple options and default to > include > known_hosts2 > > * retain key comments when loading v.2 keys. These will be visible > in > "ssh-add -l" and other places. bz#439 > > * ssh(1) and sshd(8): set IPv6 traffic class from IPQoS (as well as > IPv4 ToS/DSCP). bz#1855 > > * ssh_config(5)'s ControlPath option now expands %L to the host > portion of the destination host name. > > * ssh_config(5) "Host" options now support negated Host matching, > e.g. > > Host *.example.org !c.example.org > User mekmitasdigoat > > Will match "a.example.org", "b.example.org", but not > "c.example.org" > > * ssh_config(5): a new RequestTTY option provides control over when > a > TTY is requested for a connection, similar to the existing > -t/-tt/-T > ssh(1) commandline options. > > * sshd(8): allow GSSAPI authentication to detect when a server-side > failure causes authentication failure and don't count such > failures > against MaxAuthTries; bz#1244 > > * ssh-keygen(1): Add -A option. For each of the key types (rsa1, > rsa, > dsa and ecdsa) for which host keys do not exist, generate the host > keys with the default key file path, an empty passphrase, default > bits for the key type, and default comment. This is useful for > system initialisation scripts. > > * ssh(1): Allow graceful shutdown of multiplexing: request that a > mux > server removes its listener socket and refuse future multiplexing > requests but don't kill existing connections. This may be > requested > using "ssh -O stop ..." > > * ssh-add(1) now accepts keys piped from standard input. E.g. > "ssh-add - < /path/to/key" > > * ssh-keysign(8) now signs hostbased authentication > challenges correctly using ECDSA keys; bz#1858 > > Portable OpenSSH Bugfixes: > > * Fix a compilation error in the SELinux support code. bz#1851 > > * This release removes support for ssh-rand-helper. OpenSSH now > obtains its random numbers directly from OpenSSL or from > a PRNGd/EGD instance specified at configure time. > > * sshd(8) now resets the SELinux process execution context before > executing passwd for password changes; bz#1891 > > * Since gcc >= 4.x ignores all -Wno-options options, test only the > corresponding -W-option when trying to determine whether it is > accepted. bz#1900, bz#1901 > selinux code. Patch from Leonardo Chiquitto > > * Add ECDSA key generation to the Cygwin ssh-{host,user}-config > scripts. > > Reporting Bugs: > ==============> > - Please read http://www.openssh.com/report.html > Security bugs should be reported directly to openssh at openssh.com > > OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de > Raadt, > Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice > and > Ben Lindstrom. > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Compiled SNAP-20110816 on x86 slackware-13.0.0 x86 slackware-13.37.0 x86_64 slackware-13.37.0 Default configuration results in sandbox=rlimit, and with this option, all tests work on both verions of slackware. I also compiled it with --with-sandbox=no, with no problems. Now for the problems. 1. ./configure --help --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY --with-default-path= Specify default \$PATH environment for server Is there a reason to escape dollar signs here? 2. ./configure --help --with-sandbox=style Specify privilege separation sandbox (no, rlimit, systrace) This is different from option stated in the mail (systrace, seatbelt and rlimit), and may be misleading.> Three concrete sandbox implementation are provided (selected at > configure time): systrace, seatbelt and rlimit.3. I did try, just out of curiosity, to configure with --with-sandbox=seatbelt option, and got the following error: configure: error: unsupported -with-sandbox There is a typo here (-with as opposed to --with) and (probably) user-supplied option is omitted. 4. Attempt to run `./configure --with-sandbox=systrace' succeeds, but compilation of sandbox-systrace.c fails as follows (on slackware-13.37.0 x86 and x86_64): gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -fno-builtin-memset -fstack-protector-all -I. -I. -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c sandbox-systrace.c sandbox-systrace.c:28:26: fatal error: dev/systrace.h: No such file or directory compilation terminated. make: *** [sandbox-systrace.o] Error 1 It is true that my machine does not have systrace.h header file, but maybe this should be caught at configuration time? On slackware-13.0.0, compilation also fails but in a somewhat different manner: gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -fno-builtin-memset -fstack-protector-all -std=gnu99 -I. -I. -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c sandbox-systrace.c sandbox-systrace.c:28:26: error: dev/systrace.h: No such file or directory sandbox-systrace.c:51: error: 'SYSTR_POLICY_NEVER' undeclared here (not in a function) sandbox-systrace.c:53: error: 'SYS___sysctl' undeclared here (not in a function) sandbox-systrace.c:53: error: 'SYSTR_POLICY_PERMIT' undeclared here (not in a function) sandbox-systrace.c: In function 'ssh_sandbox_parent': sandbox-systrace.c:118: error: storage size of 'policy' isn't known sandbox-systrace.c:132: error: 'STRIOCCLONE' undeclared (first use in this function) sandbox-systrace.c:132: error: (Each undeclared identifier is reported only once sandbox-systrace.c:132: error: for each function it appears in.) sandbox-systrace.c:132: warning: passing argument 2 of 'ioctl' makes integer from pointer without a cast sandbox-systrace.c:137: error: 'STRIOCATTACH' undeclared (first use in this function) sandbox-systrace.c:137: warning: passing argument 2 of 'ioctl' makes integer from pointer without a cast sandbox-systrace.c:142: warning: passing argument 2 of 'bzero' makes integer from pointer without a cast sandbox-systrace.c:143: error: request for member 'strp_op' in something not a structure or union sandbox-systrace.c:143: error: 'SYSTR_POLICY_NEW' undeclared (first use in this function) sandbox-systrace.c:143: warning: statement with no effect sandbox-systrace.c:144: error: request for member 'strp_maxents' in something not a structure or union sandbox-systrace.c:144: error: 'SYS_MAXSYSCALL' undeclared (first use in this function) sandbox-systrace.c:144: warning: statement with no effect sandbox-systrace.c:145: error: 'STRIOCPOLICY' undeclared (first use in this function) sandbox-systrace.c:145: warning: passing argument 2 of 'ioctl' makes integer from pointer without a cast sandbox-systrace.c:149: error: request for member 'strp_op' in something not a structure or union sandbox-systrace.c:149: error: 'SYSTR_POLICY_ASSIGN' undeclared (first use in this function) sandbox-systrace.c:149: warning: statement with no effect sandbox-systrace.c:150: error: request for member 'strp_pid' in something not a structure or union sandbox-systrace.c:150: warning: statement with no effect sandbox-systrace.c:151: warning: passing argument 2 of 'ioctl' makes integer from pointer without a cast sandbox-systrace.c:156: warning: comparison between pointer and integer sandbox-systrace.c:164: error: request for member 'strp_op' in something not a structure or union sandbox-systrace.c:164: error: 'SYSTR_POLICY_MODIFY' undeclared (first use in this function) sandbox-systrace.c:164: warning: statement with no effect sandbox-systrace.c:165: error: request for member 'strp_code' in something not a structure or union sandbox-systrace.c:165: warning: statement with no effect sandbox-systrace.c:166: error: request for member 'strp_policy' in something not a structure or union sandbox-systrace.c:167: error: 'SYSTR_POLICY_KILL' undeclared (first use in this function) sandbox-systrace.c:167: warning: pointer/integer type mismatch in conditional expression sandbox-systrace.c:167: warning: statement with no effect sandbox-systrace.c:170: warning: passing argument 2 of 'ioctl' makes integer from pointer without a cast sandbox-systrace.c:118: warning: unused variable 'policy' make: *** [sandbox-systrace.o] Error 1 Regards, Andy Dr Andy Tsouladze Sr Unix/Storage SysAdmin
[2011-08-14 00:30:10 -0000] Damien Miller:> Live testing on suitable non-production systems is also > appreciated. Please send reports of success or failure to > openssh-unix-dev at mindrot.org.It looks like ssh-copy-id misses a backslash on line 28: GET_ID="cat "${ID_FILE}\"" should be: GET_ID="cat \"${ID_FILE}\"" Apart from that, I detected no issue on an up-to-date Arch Linux x86_64 system; everything works as expected. Cheers. -- Gaetan
fixed - thanks! On Mon, 15 Aug 2011, Gaetan Bisson wrote:> [2011-08-14 00:30:10 -0000] Damien Miller: > > Live testing on suitable non-production systems is also > > appreciated. Please send reports of success or failure to > > openssh-unix-dev at mindrot.org. > > It looks like ssh-copy-id misses a backslash on line 28: > > GET_ID="cat "${ID_FILE}\"" > > should be: > > GET_ID="cat \"${ID_FILE}\"" > > Apart from that, I detected no issue on an up-to-date Arch Linux x86_64 > system; everything works as expected. > > Cheers. > > -- > Gaetan > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >
Using openssh-SNAP-20110818.tar.gz ./configure && make tests OS Build_Target CC OpenSSL BUILD TEST ============== =========================== ================================ ===== =====================RH 6.2 i686-pc-linux-gnu egcs 2.91.66 0.9.8j YES all tests passed RH 8.0 i686-pc-linux-gnu gcc 3.2.2-5 0.9.7a YES all tests passed RHEL 2.1 i686-pc-linux-gnu gcc 2.96-116.7.2 0.9.6b YES all tests passed RHEL 3.0 tu6 i686-pc-linux-gnu gcc 3.2.3-53 0.9.7a YES all tests passed RHEL 4.0 tu6 i686-pc-linux-gnu gcc 3.4.6 0.9.7a YES all tests passed RHEL 4.0 nu8 x86_64-unknown-linux-gnu gcc 3.4.6-8 0.9.7a YES all tests passed RHEL 4.0 nu7 powerpc64-unknown-linux-gnu gcc 3.4.6 0.9.7a YES all tests passed RHEL 5.1 x86_64-redhat-linux gcc 4.1.2-14 0.9.8b YES all tests passed RHEL 5.3 x86_64-redhat-linux gcc 4.1.2-44 0.9.8e-fips-rhel5 YES all tests passed RHEL 5.4 i686-pc-linux-gnu gcc 4.1.2-46 0.9.8e-fips-rhel5 YES all tests passed RHEL 5.4 x86_64-redhat-linux gcc 4.1.2-46 0.9.8e-fips-rhel5 YES all tests passed RHEL 5.5 i686-pc-linux-gnu gcc 4.1.2-48 0.9.8e-fips-rhel5 YES all tests passed RHEL 5.5 x86_64-redhat-linux gcc 4.1.2-48 0.9.8e-fips-rhel5 YES all tests passed RHEL 5.6 i686-pc-linux-gnu gcc 4.1.2-50 0.9.8e-fips-rhel5 YES all tests passed RHEL 5.6 x86_64-redhat-linux gcc 4.1.2-50 0.9.8e-fips-rhel5 YES all tests passed RHEL 6.x x86_64-unknown-linux-gnu gcc 4.4.4 1.0.0d YES all tests passwd Fedora Core r2 i686-pc-linux-gnu gcc 3.3.3-7 0.9.7a YES all tests passed Ubuntu 8.04 i686-pc-linux-gnu gcc 4.2.4-1ubuntu4 0.9.8g YES all tests passwd Ubuntu 10.10 x86_64-linux-gnu gcc 4.4.4-14ubuntu5 0.9.8o YES all tests passwd AIX 5200-10-04 powerpc-ibm-aix5.2.0.0 gcc 3.3.2 0.9.8f YES all tests passwd AIX 5300-07-02 powerpc-ibm-aix5.3.0.0 gcc 4.2.0 0.9.8k YES all tests passed AIX 6100-04-06 powerpc-ibm-aix6.1.0.0 gcc 4.2.0 0.9.8k YES all tests passed AIX 7100-00-03 powerpc-ibm-aix7.1.0.0 xlc 11.1.0.6 0.9.8m YES all tests passwd HP-UX 11.11 hppa2.0w-hp-hpux11.11 gcc 3.4.3 0.9.7m YES privsep FAIL 1* HP-UX 11.23 ia64-hp-hpux11.23 gcc 4.1.1 0.9.8o YES privsep FAIL 1* HP-UX 11.31 ia64-hp-hpux11.31 gcc 4.3.3 0.9.8n YES privsep FAIL 1* HP-UX 11.31 ia64-hp-hpux11.31 C/aC++ A.06.20 0.9.8n YES privsep FAIL 1* *1 - all HPUX builds failed 'make tests' at the same point: run test connect-privsep.sh ... Connection closed by UNKNOWN ssh privsep/sandbox+proxyconnect protocol 1 failed Connection closed by UNKNOWN ssh privsep/sandbox+proxyconnect protocol 2 failed failed proxy connect with privsep gmake[1]: *** [t-exec] Error 1 gmake[1]: Leaving directory `/var/tmp/ssh/openssh/regress' gmake: *** [tests] Error 2 -- # include <stddisclaimer.h> /* Kevin Brott <Kevin.Brott at gmail.com> */
On Sun, Aug 14, 2011 at 10:30:10AM +1000, Damien Miller wrote:> OpenSSH 5.9 is almost ready for release, so we would appreciate > testing on as many platforms and systems as possible. This release > contains a couple of new features and changes and bug fixes. Testing > of the new sandboxed privilege separation mode (see below) would be > particularly appreciated.On Solaris 9, make tests failed. The last few lines are: run test connect.sh ... ok simple connect run test proxy-connect.sh ... ok proxy connect run test connect-privsep.sh ... Connection closed by UNKNOWN ssh privsep/sandbox+proxyconnect protocol 2 failed failed proxy connect with privsep make[1]: *** [t-exec] Error 1 make[1]: Leaving directory `/export/home/morty/src/openssh/regress' make: *** [tests] Error 2 On Solaris 10, same failure: run test connect.sh ... ok simple connect run test proxy-connect.sh ... ok proxy connect run test connect-privsep.sh ... Write failed: Broken pipe ssh privsep/sandbox+proxyconnect protocol 1 failed Write failed: Broken pipe ssh privsep/sandbox+proxyconnect protocol 2 failed failed proxy connect with privsep make[1]: *** [t-exec] Error 1 make[1]: Leaving directory `/export/home/morty/src/openssh/regress' make: *** [tests] Error 2 Both are with openssh-SNAP-20110818.tar.gz, ./configure --with-pam. On the plus side, ssh to various ScreenOS versions succeeds. Presumably this is due to RequestTTY=auto making PTY allocation failure non-fatal again. scp to ScreenOS is still broken. - Morty
All tests passed under OS X 10.6.8 Darwin xxxxxxx.xxx.xxx 10.8.0 Darwin Kernel Version 10.8.0: Tue Jun 7 16:33:36 PDT 2011; root:xnu-1504.15.3~1/RELEASE_I386 i386
Successful "./configure" and "make tests" under Ubuntu 11.04
using: openssh-SNAP-20110820.tar.gz HP-UX (11.11 -> 11.31) using both gcc and HP C/C++ still failing 'make tests' here *ok proxy connect* *run test connect-privsep.sh ...* *Connection closed by UNKNOWN* *ssh privsep/sandbox+proxyconnect protocol 1 failed* *Connection closed by UNKNOWN* *ssh privsep/sandbox+proxyconnect protocol 2 failed* All other tested systems (RH 6.2, 8.0, RHEL 2.1->6.0, FC2, Ubuntu 8.04,10.10, AIX 5.2->7.1) are OK.