[openssh-commits] [openssh] branch master updated (8235dc3d8 -> e914e61eb)

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Sep 25 18:25:30 AEST 2025 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a change to branch master
in repository openssh.

    from 8235dc3d8 upstream: fix some one-off leaks in ssh.c; ok dtucker@
     new 1362f6c0f Add #ifdefs in pwfree to match those in pwcopy.
     new 7ce382354 Merge all putty tests into a single test.
     new 35f3e2a41 Update pledge() interface to match current OpenBSD.
     new e914e61eb Remove status bits from OpenSSL >=3 version check.

The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Detailed log of new commits:

commit e914e61eb88e22e5b725c399698256c54589ca32
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Thu Sep 25 17:50:07 2025 +1000

    Remove status bits from OpenSSL >=3 version check.
    
    OpenSSL traditionally did not guarantee ABI compatibility across release
    (and development) versions.  Because of this, OpenSSH checked the lower 4
    "status" bits returned by OpenSSL_version_num(), which were originally
    set to 0 for development versions and 0xf for release versions and, if
    they did not match, would report the discrepancy and exit.
    
    OpenSSL (unintentionally) changed these bits in the 3.0.0 and subsequent
    3.x releases, setting them to zero in the release versions (which happened
    to also match the documentation), then changed them back in the 3.5.3
    release.  If OpenSSL was upgraded to (or from) this version without
    recompiling OpenSSH, it would cause OpenSSH flag it as potentially
    incompatible and refuse to use it.  Ultimately OpenSSL rolled this
    back, but the check now has no value so is being removed for OpenSSL
    versions >=3.
    
    bz#3865 and https://github.com/openssl/openssl/issues/28575, ok djm@

commit 35f3e2a41c2afe7a68a8a4efb3eb385e7f8d247d
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Thu Sep 25 18:06:55 2025 +1000

    Update pledge() interface to match current OpenBSD.
    
    ok djm@

commit 7ce3823547578a3b083085744c1fea39237197a2
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Tue Sep 23 22:12:19 2025 +1000

    Merge all putty tests into a single test.
    
    The lets us reuse the built OpenSSH binaries and replaces 12*4min of
    tests with a single 14min one.

commit 1362f6c0f4ca3306a201a6572bb9ec0d47d8edb3
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Thu Sep 25 18:20:53 2025 +1000

    Add #ifdefs in pwfree to match those in pwcopy.
    
    Fixes build on many platforms.

Summary of changes:
 .github/install_putty.sh        | 37 +++++++++++++++++++++++++++++++++++++
 .github/run_test.sh             | 11 +++++++++++
 .github/setup_ci.sh             | 22 ++--------------------
 .github/workflows/c-cpp.yml     | 15 +--------------
 misc.c                          |  4 ++++
 openbsd-compat/bsd-misc.c       |  2 +-
 openbsd-compat/bsd-misc.h       |  2 +-
 openbsd-compat/openssl-compat.c |  9 +++++----
 8 files changed, 62 insertions(+), 40 deletions(-)
 create mode 100755 .github/install_putty.sh

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list