[wip] merge#842
Open
tgauth wants to merge 85 commits intoPowerShell:latestw_allfrom
Open
Conversation
behaviour is, and adjust the text for -R to make them more consistent; issue raised by mikhail mp39590; behaviour explained by naddy ok djm OpenBSD-Commit-ID: 15ff3bd1518d86c84fa8e91d7aa72cfdb41dccc8
with "make UNITTEST_BENCHMARK=yes" ok dtucker@ OpenBSD-Regress-ID: 7f16a2e247f860897ca46ff87bccbe6002a32564
on platforms where sig_atomic_t is not the same as int. bz#3811, patch from jlduran at gmail com. OpenBSD-Commit-ID: b6bc9e9006e7f81ade57d41a48623a4323deca6c
The unit tests now use sqrt(), which in some platforms (notably DragonFlyBSD and Solaris) is not in libc but rather libm. Since only the unit tests use this, add TESTLIBS and if necessary put libm in it.
INFINITY is specified in c99, so define if not provided.
Fixes builds on older platforms.
Prevents "unprotected private key file" error when running tests.
truncated after the hostname. Reported by the OpenAI Security Research Team ok deraadt@ OpenBSD-Commit-ID: c0b516d7c80c4779a403826f73bcd8adbbc54ebd
the entire line in one operation and using unbuffered stdio. Usually writes to this file are serialised on the "Are you sure you want to continue connecting?" prompt, but if host key checking is disabled and connections were being made with high concurrency then interleaved writes might have been possible. feedback/ok deraadt@ millert@ OpenBSD-Commit-ID: d11222b49dabe5cfe0937b49cb439ba3d4847b08
than just the preauth process now OpenBSD-Commit-ID: 768c5b674bd77802bb197c31dba78559f1174c02
~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8). This ensures processes (such as Firefox) that have restricted filesystem access that includes /tmp (via unveil(3)) do not have the ability to use keys in an agent. Moving the default directory has the consequence that the OS will no longer clean up stale agent sockets, so ssh-agent now gains this ability. To support $HOME on NFS, the socket path includes a truncated hash of the hostname. ssh-agent will by default only clean up sockets from the same hostname. ssh-agent gains some new flags: -U suppresses the automatic cleanup of stale sockets when it starts. -u forces a cleanup without keeping a running agent, -uu forces a cleanup that ignores the hostname. -T makes ssh-agent put the socket back in /tmp. feedback deraadt@ naddy@, doitdoitdoit deraadt@ OpenBSD-Commit-ID: 8383dabd98092fe5498d5f7f15c7d314b03a93e1
OpenBSD-Commit-ID: e526c97fcb2fd9f0b7b229720972426ab437d7eb
Ignores nanoseconds, but it's checking for >1h old so a few nanoseconds shouldn't matter much. Fixes build on Mac OS X.
Fixes build on some pre-POSIX.1-2008 platforms.
text to the correct place OpenBSD-Commit-ID: 2fb484337a0978c703f61983bb14bc5cbaf898c2
that instead of the much more basic format description we had previously. OpenBSD-Commit-ID: cf01e0727a813fee8626ad7b3aa240621cc92014
feedback/ok tb@, ok deraadt@ OpenBSD-Commit-ID: bfe6ee73c1b676c81a2901030c791f8ec888228f
location rather than inside the homedir. During relink operation, /.ssh/agent was created which is surprising. This test sequence could use some improvement so this is a temporary fix. observed by florian, change ok semarie OpenBSD-Commit-ID: c7246a6b519ac390ca550719f91acfdaef1fa0f0
OpenBSD-Commit-ID: 65577596a15ad6dd9a1ab3fc24c1c31303ee6e2b
OpenBSD-Regress-ID: 7260fb672de5738c17dec06c71a5be0186bb2b09
OpenBSD-Regress-ID: 4f71f8f122eac4cbf7f1d2088a9be45317dd3e4a
…merge-v10.3P1-20260420
- Resolve leftover conflict markers in test_helper.c - Add CLOCK_REALTIME fallback define for Windows unit tests - Add benchmarks() entry point in win32compat unit tests to satisfy benchmark harness linking
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
There was a problem hiding this comment.
Pull request overview
This PR looks like an upstream merge/work-in-progress that (a) refreshes some core OpenSSH sources/docs, (b) extends the unit-test harness to support benchmarking mode, and (c) adds a set of GitHub tooling/scripts and merge/test instructions to support the Windows fork’s upstream-merge workflow.
Changes:
- Add benchmarking mode plumbing to the unit-test helper + propagate
UNITTEST_ARGSthrough unittest makefiles andregress/Makefile. - Refactor known_hosts entry writing in
hostfile.cto format into ansshbufand write in onefwrite(), plus stricter parsing of truncated lines. - Add multiple
.github/tools/*.ps1“merge/build/test” helper scripts and extensive merge/testing documentation.
Reviewed changes
Copilot reviewed 56 out of 56 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| ssh-agent.c | Casts signalled_keydrop for logging format correctness; version bump. |
| scp.1 | Updates option docs for -3 / -R behavior; date/version bump. |
| regress/unittests/win32compat/tests.c | Adds benchmarks() entrypoint (currently delegates to tests()). |
| regress/unittests/utf8/tests.c | Adds benchmarks() stub (“no benchmarks”). |
| regress/unittests/utf8/Makefile | Expands linked sources and passes ${UNITTEST_ARGS} into the test runner. |
| regress/unittests/test_helper/test_helper.h | Adds benchmark macros + new bench_* API declarations and test_is_benchmark(). |
| regress/unittests/test_helper/test_helper.c | Implements benchmark mode CLI flags and timing/statistics collection. |
| regress/unittests/sshsig/tests.c | Adds benchmarks() stub (“no benchmarks”). |
| regress/unittests/sshkey/tests.c | Routes benchmark mode to sshkey_benchmarks(). |
| regress/unittests/sshkey/test_sshkey.c | Adds keygen/sign/verify benchmarks using new BENCH macros. |
| regress/unittests/sshbuf/tests.c | Adds includes + benchmarks() stub (“no benchmarks”). |
| regress/unittests/misc/tests.c | Adds benchmarks() stub (“no benchmarks”). |
| regress/unittests/misc/Makefile | Passes ${UNITTEST_ARGS} into the test runner. |
| regress/unittests/match/tests.c | Adds benchmarks() stub (“no benchmarks”). |
| regress/unittests/match/Makefile | Passes ${UNITTEST_ARGS} into the test runner. |
| regress/unittests/kex/tests.c | Adds benchmarks() entrypoint (delegates to kex_tests()). |
| regress/unittests/kex/test_kex.c | Adds benchmark-aware KEX path and allows cipher/mac overrides in proposals. |
| regress/unittests/kex/Makefile | Passes ${UNITTEST_ARGS} into the test runner. |
| regress/unittests/hostkeys/tests.c | Adds includes + benchmarks() stub (“no benchmarks”). |
| regress/unittests/hostkeys/Makefile | Passes ${UNITTEST_ARGS} into the test runner (while preserving -d testdata). |
| regress/unittests/conversion/tests.c | Adds benchmarks() stub (“no benchmarks”). |
| regress/unittests/conversion/Makefile | Passes ${UNITTEST_ARGS} into the test runner. |
| regress/unittests/bitmap/tests.c | Scales test iteration count with fast/slow modes + adds benchmarks() stub. |
| regress/unittests/bitmap/Makefile | Expands linked sources and passes ${UNITTEST_ARGS} into the test runner. |
| regress/unittests/authopt/tests.c | Adds benchmarks() stub (“no benchmarks”). |
| regress/unittests/authopt/Makefile | Passes ${UNITTEST_ARGS} into the test runner (while preserving -d testdata). |
| regress/unittests/Makefile.inc | Adds -lm, introduces UNITTEST_BENCH* vars, and builds UNITTEST_ARGS incl. -b/-B/-O. |
| regress/Makefile | Adds unit-bench target and threads benchmark/test args through unit test invocations. |
| hostfile.c | Refactors host entry formatting/writing; adds truncated-line handling while parsing hostkeys. |
| defines.h | Adds fallback INFINITY definition when missing. |
| configure.ac | Detects sqrt()/-lm for unit tests and checks for INFINITY declarations. |
| Makefile.in | Appends configured @TESTLIBS@ and adds unit-bench wrapper target. |
| .github/tools/Test-OpenSSHFunctionality.ps1 | Adds Windows E2E functional SSH test script (install service, create user, connect, cleanup). |
| .github/tools/Test-OpenSSHBuild.ps1 | Adds build artifact verification + build log parsing helper. |
| .github/tools/Test-MergePrerequisites.ps1 | Adds pre-merge environment validation (tools, remotes, target tag, clean state). |
| .github/tools/Start-OpenSSHBuild.ps1 | Adds build wrapper around OpenSSHBuildHelper with log-marker based success detection. |
| .github/tools/Save-MergeResolution.ps1 | Adds merge-conflict resolution recorder into .git/merge-resolution-log.json. |
| .github/tools/Replay-MergeResolutions.ps1 | Adds conflict-resolution replay tool that writes/stages saved resolutions. |
| .github/tools/Invoke-OpenSSHTests.ps1 | Adds orchestrator to run Unit/Bash/E2E tests via OpenSSHTestHelper on Windows. |
| .github/tools/Invoke-Git.ps1 | Adds structured git operation wrapper (merge/cherry-pick/status/log/diff/etc.) with async I/O. |
| .github/tools/Get-ConflictContext.ps1 | Adds 3-way conflict context extractor for difficult merges. |
| .github/tools/Get-CommitGroups.ps1 | Adds GitHub API-based upstream commit batching tool (CI success or CI presence). |
| .github/setup_ci.sh | Adjusts Cygwin ACL handling and changes Cygwin setup.exe drive path. |
| .github/prompt/merge.prompt.md | Adds merge prompt for agents describing the two-phase merge workflow and tool usage. |
| .github/instructions/testing.instructions.md | Adds comprehensive testing instructions for agents (incl. new tools). |
| .github/instructions/setup.instructions.md | Adds repo setup instructions for agents. |
| .github/instructions/repository-overview.instructions.md | Adds repo structure + Windows compat layer overview. |
| .github/instructions/merge/research.instructions.md | Adds merge research references and heuristics. |
| .github/instructions/merge/merge-process-overview.instructions.md | Adds end-to-end merge workflow instructions (scratch/real branch phases, tooling). |
| .github/instructions/merge/agent-communication-merge.instructions.md | Adds required communication templates for tool output and merge progress. |
| .github/instructions/getting-started.instructions.md | Adds index/entrypoint doc linking to key instructions. |
| .github/instructions/build.instructions.md | Adds build instructions and policies for agents (warnings baseline, paths.targets restore, etc.). |
| .github/instructions/agent-communication.instructions.md | Adds general communication rules for agents (chat vs tool output). |
| .github/ci-status.md | Adds CI badge section for OpenSSH 10.0 branch. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+696
to
+699
| free(bench_samples); | ||
| bench_nalloc = BENCH_SAMPLES_ALLOC; | ||
| bench_samples = xcalloc(sizeof(*bench_samples), bench_nalloc); | ||
| bench_accum_secs = 0; |
There was a problem hiding this comment.
xcalloc() arguments appear swapped: the function takes (nmemb, size), but this call passes (sizeof(*bench_samples), bench_nalloc). This will allocate an unexpectedly large buffer (nmemb=sizeof(timespec), size=8192) and likely OOM/crash; swap the arguments so you allocate bench_nalloc samples.
Comment on lines
+761
to
+767
| /* median */ | ||
| qsort(bench_samples, bench_nruns, sizeof(*bench_samples), tscmp); | ||
| i = bench_nruns / 2; | ||
| med_spr = tstod(&bench_samples[i]); | ||
| if (bench_nruns > 1 && bench_nruns & 1) | ||
| med_spr = (med_spr + tstod(&bench_samples[i - 1])) / 2.0; | ||
| med_rps = (med_spr == 0.0) ? INFINITY : 1.0/med_spr; |
There was a problem hiding this comment.
Median calculation looks incorrect: it averages the two middle samples when bench_nruns is odd (bench_nruns & 1), but the average-of-two should be used when the run count is even. As written, odd-sized samples will report an inflated median and even-sized samples won’t be averaged.
Comment on lines
+771
to
+778
| /* std. dev */ | ||
| std_dev = 0; | ||
| for (i = 0; i < bench_nruns; i++) { | ||
| std_dev = tstod(&bench_samples[i]) - mean_spr; | ||
| std_dev *= std_dev; | ||
| } | ||
| std_dev /= (double)bench_nruns; | ||
| std_dev = sqrt(std_dev); |
There was a problem hiding this comment.
Std. dev computation doesn’t accumulate across samples: the loop overwrites std_dev each iteration instead of summing squared deltas, so the result only reflects the last sample. Accumulate (e.g., add squared deltas) before dividing by bench_nruns.
Comment on lines
+709
to
+717
| void | ||
| bench_case_start(const char *file, int line) | ||
| { | ||
| clock_gettime(CLOCK_REALTIME, &bench_start_time); | ||
| } | ||
|
|
||
| void | ||
| bench_case_finish(const char *file, int line) | ||
| { |
There was a problem hiding this comment.
bench_case_start() and bench_case_finish() accept file/line parameters but don’t use them. If the build enables -Wunused-parameter, this will introduce warnings in the test helper; consider marking them unused (cast to void or apply an unused attribute).
Comment on lines
+304
to
+307
| test "x${UNITTEST_VERBOSE}" = "x" || ARGS="$$ARGS -v"; \ | ||
| test "x${UNITTEST_BENCH_DETAIL}" = "x" || ARGS="$$ARGS -B"; \ | ||
| test "x${UNITTEST_BENCH_ONLY}" = "x" || ARGS="$$ARGS -O ${UNITTEST_BENCH_ONLY}"; \ | ||
| $$V ${.OBJDIR}/unittests/sshbuf/test_sshbuf $${ARGS}; \ |
There was a problem hiding this comment.
UNITTEST_BENCH_ONLY is appended to ARGS without quoting. If the pattern contains spaces or glob characters, the shell will split/expand it and -O will receive the wrong value. Quote the value when constructing ARGS (similar to Makefile.inc).
| ;; | ||
| setup) | ||
| if /cygdrive/c/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then | ||
| if /cygdrive/d/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then |
There was a problem hiding this comment.
Cygwin setup is now hardcoded to /cygdrive/d/setup.exe. If the runner image (or local dev env) only has setup.exe on C: (the previous path), package installation will fail. Consider probing for both locations (or using an env var) and erroring with a clear message if neither exists.
Suggested change
| if /cygdrive/d/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then | |
| cygwin_setup_exe="${CYGWIN_SETUP_EXE:-}" | |
| if [ -z "$cygwin_setup_exe" ]; then | |
| if [ -x /cygdrive/d/setup.exe ]; then | |
| cygwin_setup_exe=/cygdrive/d/setup.exe | |
| elif [ -x /cygdrive/c/setup.exe ]; then | |
| cygwin_setup_exe=/cygdrive/c/setup.exe | |
| else | |
| echo "Could not find Cygwin setup.exe. Set CYGWIN_SETUP_EXE or install setup.exe at /cygdrive/d/setup.exe or /cygdrive/c/setup.exe." | |
| exit 1 | |
| fi | |
| elif [ ! -x "$cygwin_setup_exe" ]; then | |
| echo "Configured CYGWIN_SETUP_EXE is not executable: $cygwin_setup_exe" | |
| exit 1 | |
| fi | |
| if "$cygwin_setup_exe" -q -P "$(echo "$PACKAGES" | tr ' ' ,)"; then |
Comment on lines
+489
to
+491
| if ((r = fwrite(sshbuf_ptr(entry), sshbuf_len(entry), 1, f)) != 1) { | ||
| error_f("fwrite: %s", strerror(errno)); | ||
| goto out; |
There was a problem hiding this comment.
fwrite() returns size_t, but the result is stored in an int. While you’re writing a single item here, using size_t for the return value avoids signed/width warnings and matches the standard library API.
…merge-v10.3P1-20260420
Upstream commit 80162f9 (Move agent listener sockets to ~/.ssh/agent) split agent listener code from session.c and ssh-agent.c into a new file misc-agent.c. Windows fixes: - misc-agent.c: Added include includes.h to pull in win32compat shims. - misc-agent.c: Wrapped socket_is_stale and agent_cleanup_stale in ifndef WINDOWS since they use Unix-only APIs (DT_SOCK, DT_UNKNOWN, dirent.d_type, dirfd, fstatat, unlinkat, st_mtim, timespeccmp, timespecsub, CLOCK_REALTIME) and are only called from upstream ssh-agent.c, which is not built on Windows (Windows uses a separate ssh-agent implementation under contrib/win32/win32compat/ssh-agent). - sshd-auth.vcxproj, sshd-session.vcxproj: Added misc-agent.c so that agent_listener (called from session.c) is linked. Resolves LNK2001 unresolved external symbol agent_listener. agent_listener and its helpers remain available because session.c (built on Windows) calls them; the underlying AF_UNIX socket APIs are supported via win32compat.
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
…merge-v10.3P1-20260420
Upstream removed ssh-dss.c in batch 15 (commit 93e904a). Build was failing with C1083 because libssh.vcxproj still referenced the deleted source file. Unit test errors (KEY_DSA, sshkey.dsa) will be resolved by upstream commits in batch 16.
…merge-v10.3P1-20260420
Collaborator
Author
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR Summary
PR Context