Call for release testing
Knox,William R.
WKNOX at mitre.org
Tue Aug 23 08:37:46 EST 2005
Test on Solaris 8 failed with the below output:
run test multiplex.sh ...
test connection multiplexing: envpass
ssh: otherhost: host/servname not known
environment not found
test connection multiplexing: transfer
ssh: otherhost: host/servname not known
cmp: EOF on /home/m27310/openssh/regress/ls.copy
ssh -Sctl: corrupted copy of /bin/ls
ssh: otherhost: host/servname not known
cmp: EOF on /home/m27310/openssh/regress/ls.copy
ssh -S ctl: corrupted copy of /bin/ls
sftp: failed copy /bin/ls
cmp: /home/m27310/openssh/regress/ls.copy: No such file or directory
sftp: corrupted copy of /bin/ls
test connection multiplexing: status 0
test connection multiplexing: status 1
test connection multiplexing: status 4
test connection multiplexing: status 5
test connection multiplexing: status 44
Master running (pid=27238)
Exit request sent.
failed connection multiplexing
make[1]: *** [t-exec] Error 1
make[1]: Leaving directory `/home/m27310/openssh/regress'
make: *** [tests] Error 2
Built like so:
./configure --without-zlib-version-check --with-tcp-wrappers --with-pam
Tests were run as an unprivileged user. Solaris 8 patch level is
117350-20.
Happy to help with any further information.
Bill Knox
Lead Operating Systems Programmer/Analyst
The MITRE Corporation
-----Original Message-----
From: openssh-unix-dev-bounces+wknox=mitre.org at mindrot.org
[mailto:openssh-unix-dev-bounces+wknox=mitre.org at mindrot.org] On Behalf
Of Damien Miller
Sent: Monday, August 22, 2005 6:41 AM
To: openssh-unix-dev at mindrot.org; openssh-unix-announce at mindrot.org
Subject: Call for release testing
Hi,
We would like to make one of our periodic releases shortly, so once
again we are asking for readers of this list (or anyone else) to
download and test a CVS snapshot of OpenSSH on your favourite
platforms.
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable snapshots are available the mirrors listed at
http://www.openssh.com/portable.html#ftp in the snapshots/
subdirectory
Please test! Running the regression tests supplied with Portable does
not require installation and is a simply:
$ ./configure && make tests
Testing on suitable non-production systems is also appreciated. Please
send reports of success or failure to openssh-unix-dev at mindrot.org.
Also, OpenSSH Portable has a (completely voluntary) configuration
survey. It will collect information about the platform and the
options OpenSSH was configured with and mail it to an archive. We
tried to be careful not to collect anything that might be considered
sensitive, however if anyone has any issues with the data collected
then please let us know).
The raw data will be available only to the development team, however
we may publish summary data at some point in the future. This data
will help us to better support your platforms.
You can view the data that is collected by running "make survey" and
looking at the file "survey" in the build dir. The data is not sent
until you explicitly request it ("make send-survey"). If you have any
doubts at all then ask us (or just don't send it).
Some of the changes in the coming release include:
- Add a new compression method that delays the start of zlib
compression until the user has been authenticated successfully. The
new method "Compression=delayed" is on by default in the server.
This eliminates the risk of another zlib vulnerability leading to
a compromise of the server by a user without authentication
credentials.
NB. Older OpenSSH (<3.5) version have a bug which will cause them
to refuse to connect to any server that does not offer compression
when the client has compression requested. Since the new "delayed"
server mode isn't supported by these older clients, they will
refuse to connect to a new server unless compression is disabled
(on the client end) or the original compression method is enabled
on the server ("Compression=yes" in sshd_config)
- Another round of proactive changes for signed vs unsigned integer
bugs has been completed, including changing the atomicio() API to
encourage safer programming. As a result of these changes, OpenSSH
is now "gcc -Wsign-compare" clean on most platforms.
- Added support for the improved arcfour cipher modes from
draft-harris-ssh-arcfour-fixes-02. The improves the cipher's
resistance to a number of attacks by discarding early keystream
output.
- Increase the default size of new RSA/DSA keys generated by
ssh-keygen from 1024 to 2048 bits.
- Many bugfixes and improvements to connection multiplexing,
including:
- Added ControlMaster=auto/autoask options to support opportunistic
multiplexing (see the ssh_config(5) manpage for details).
- The client will now gracefully fallback to starting a new TCP
connection if it cannot connect to a specified multiplexing
control socket
- Added %h (target hostname), %p (target port) and %r (remote
username) expansion sequences to ControlPath. Also allow
ControlPath=none to disable connection multiplexing.
- Implemented support for X11 and agent forwarding over multiplexed
connections. Because of protocol limitations, the slave
connections inherit the master's DISPLAY and SSH_AUTH_SOCK rather
than distinctly forwarding their own.
- The following bugs from http://bugzilla.mindrot.org/ were closed:
#1025 - Correctly handle disabled special character in ttymodes
#1054 - Don't terminate connection on getpeername() failure
#1046 - AIX 5.3 Garbage on Login
#623 - Don't use $HOME in manpages
#829 - Don't allocate a tty if -n option is set
#471 - Misleading error message if /dev/tty perms wrong
#1033 - Fix compile-time warnings
- Lots of other improvements and fixes. Please refer to the ChangeLog
for details
Thanks to everyone who has contributed patches, problem or test reports.
Regards,
Damien Miller
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list