Skip to content

Openssh 10.3p1 uplift#194

Open
andrewyounkers wants to merge 648 commits into
open-quantum-safe:OQS-v10from
andrewyounkers:openssh-10.3p1-uplift
Open

Openssh 10.3p1 uplift#194
andrewyounkers wants to merge 648 commits into
open-quantum-safe:OQS-v10from
andrewyounkers:openssh-10.3p1-uplift

Conversation

@andrewyounkers
Copy link
Copy Markdown

@andrewyounkers andrewyounkers commented May 8, 2026
edited
Loading

This PR merges in upstream commits from the OpenSSH-portable V_10_3_P1 tag by running a git merge V_10_3_P1. The main changes that I noticed during the uplift included adding persource penalties work, adding a libcrypto error mapping object, a few protocol/feature additions, and other security/hardening fixes.

I used the following methodology to resolve all merge conflicts

  • Accept current to preserve OQS specific logic
  • Accept any combinations needed to bring in updated upstream code but keep OQS specific code
  • Accept incoming for all other conflicts to bring in new upstream logic

After using this process there were only a few other changes needed to complete the uplift. 830e07e updates the '.depend' file to replace 'openbsd-compat/sha2.h' with 'openbsd-compat/bsd-sha2.h' (upstream logic) and updates the config files added by OpenSSH to have the OQS specific logic generated by autoconf available by default.
d68a34b handles cleaning up a syntax error and addressing two '-Wformat-truncation=' warnings in log.c and misc.c by increasing the max buffer size based on the gcc output. c3994f7 resolves a double free occuring in one of the test files. All of these commits are signed off but upstream commits are not.

After uplifting, the OQS-SSH version output appears as follows:

/opt/oqs-ssh/bin/ssh -V
OpenSSH_10.3-2026-05_p1, Open Quantum Safe 2026-05, OpenSSL 3.5.6 7 Apr 2026

The CI VM.yml checks reported as failing in #191 are still failing and will be addressed in a following PR. This workflow file was added by the upstream in the 10.2 uplift but needs to be updated to use OQS helper scripts so it behaves like the ubuntu.yaml workflow

miod@openbsd.org and others added 30 commits October 31, 2025 11:06
@djmdjm
upstream: Prepare for gcc 3 leaving the building, COMPILER_VERSION
249224a 
can no longer get set to "gcc3".

OpenBSD-Regress-ID: 02351ea947975b80be60b9a8c6e4dbb57789e890
@djmdjm
upstream: don't link hash.c
c2a1789 
OpenBSD-Regress-ID: a145f09c1efb1fcd3924544463f1f94f5d4805c0
@djmdjm
fix linking for sk-dummy.so, used in tests
a5f6385
@djmdjm
rename openbsd-compat sha2.h -> bsd-sha2.h
57e347b 
avoids confusion with system header when included from files under
openbsd-compat/
@djmdjm
add sshlog() replacement to sk-dummy.so
590a260
@djmdjm
skip pkcs11 tests when built --without-openssl
7e2f89b
@djmdjm
check PAM user against previous user, not pw_name
2425d7f 
Avoids early fatal() if the user doesn't exist.

Reported by Viswesh Narayanan; ok dtucker@
@daztucker
Add OpenBSD 7.8 test target.
d87e7f0
@daztucker
Support using git for OpenBSD src tree tests.
7e5d404
@djmdjm
upstream: cleanup file descriptors across PKCS#11 client/helper
f2ff1d9 
execution; ok markus

OpenBSD-Commit-ID: 993628a5b361e30aa48bbb4c07667a280f3f23ab
@djmdjm
upstream: move stringlist_append() and stringlist_free() to misc.c
1399419 
OpenBSD-Commit-ID: 7d047bbff6964b9abbc04e9b3e2e1b4cc1db0aea
@djmdjm
upstream: Remove some unnecessary checks in
9bea081 
sshkey_ec_validate_public()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Checking nQ == infinity is not needed for cofactor 1 curves.
Checking x and y coordinates against order is not needed either.

patch from Szilárd Pfeiffer, with further refinement by tb@
ok tb@

OpenBSD-Commit-ID: ef985e2be7c64e215d064757d3fc65eb181e8ede
@djmdjm
upstream: Cope with recent changes and don't link hash.c.
e57ef43 
OpenBSD-Regress-ID: 577ef2f36ee592528448e8c0f33499e2e3512054
@djmdjm
upstream: link against ed25519-openssl.c instead of ed25519.c
9d8c686 
OpenBSD-Regress-ID: f789d46e99d2598929e3c2d00b45c47cc3102501
@djmdjm
upstream: unit test for stringlist_append() and stringlist_free()
a1c526f 
OpenBSD-Regress-ID: a3a4dae538c831b3810f69abc34ad8504dc3c460
@djmdjm
upstream: sk-dummy.so needs sshlog() stub after ed25519-openssl.c
5794f2a 
change

OpenBSD-Regress-ID: 50b7f49021b8085728d0544275e141fb1bf4a2b5
@djmdjm
upstream: Escape SSH_AUTH_SOCK paths that are sent to the shell as
1f1d63e 
setenv commands.

Unbreaks ssh-agent for home directory paths that contain whitespace.

Based on fix from Beat Bolli via bz3884; feedback/ok dtucker@

OpenBSD-Commit-ID: aaf06594e299940df8b4c4b9f0a1d14bef427e02
@djmdjm
escape quotes in yaml
48d8293
@djmdjm
try single quotes instead of escaped quotes
5a104d8
@djmdjm
octal-escape the colon character
d128133 
Apparently these are YAML magic when followed by whitespace
@daztucker
Don't use OpenSSL's ed25519 if built without EC.
08786bb 
Explicitly check for OPENSSL_NO_EC, since otherwise the test will link
but then fail at runtime.
@daztucker
Simplify git command to avoid yaml syntax error.
7cb3ea4
@botovq @djmdjm
upstream: sshkey_ec_validate_public: zap trailing blank I missed on
c09eeba 
review

OpenBSD-Commit-ID: b296bd6056f33fd567ca0d5e9123dac1ec00f037
@djmdjm
upstream: update our ML-KEM implementation to upstream libcrux
84347d6 
v0.0.4

tested/ok tb@

OpenBSD-Commit-ID: 525a62549efbf53492adcb2c57e4872cdbaeed62
@djmdjm
upstream: sync support for systems that lack __builtin_popcount() from
6aba700 
portable

unused on OpenBSD (nothing sets MISSING_BUILTIN_POPCOUNT), but it
makes syncing much easier.

OpenBSD-Commit-ID: 496446300d82615b24f83eca886b8fabdbee445b
@daztucker
upstream: Remove calls to OpenSSL_add_all_algorithms()
d9955e4 
and ERR_load_crypto_strings(). These are no-ops in LibreSSL, and in
Portable have been mostly replaced by a call to OPENSSL_init_crypto()
in the compat layer.  ok tb@

OpenBSD-Commit-ID: 4c3e0af10fe276766054eda34428a37a5606d3ea
@daztucker
Remove remaining OpenSSL_add_all_algorithms() calls.
90501bc 
We already have OPENSSL_init_crypto() in the compat layer (now with a
check of its return code, prompted by tb@). Prompted by github PR#606
from Dimitri John Ledkov.  ok beck@
@Icenowy @daztucker
seccomp sandbox: allow uname(3)
ec41739 
The uname(3) syscall is utilized by zlib-ng on RISC-V to decide whether
the kernel handles VILL bit of V extension properly (by checking the
kernel version against 6.5).

Allow it in the seccomp sandbox.

Signed-off-by: Icenowy Zheng <uwu@icenowy.me>
@daztucker
Move libcrypto init check into entropy.c.
e2b93e1 
This prevents link errors with the openbsd-compat tests when the linker
tries to bring in all the logging bits.
@daztucker
upstream: Ensure both sides of the test are non-NULL instead of just
2fe6e40 
either. Coverity CID 443285.

OpenBSD-Regress-ID: aa90e57b1bc8efce9e50734a07a8ffec0680059a
daztucker and others added 21 commits March 30, 2026 18:51
@daztucker @djmdjm
upstream: Add special handling of
5576e26 
TEST_SSH_HOSTBASED_AUTH=setupandrun.

This will MODIFY THE CONFIG OF THE SYSTEM IT IS RUNNING ON to enable
hostbased authentication to/from itself and run the hostbased tests.  It
won't undo these changes, so don't do this on a system where this matters.

OpenBSD-Regress-ID: ae5a86db1791a2b8f999b07b5c8cc756d40bf645
@daztucker @djmdjm
upstream: Check if host keys exist before adding them, and expand
2ecfcc0 
on the warning about modifying the system config.

OpenBSD-Regress-ID: 68038da909f9c992375b7665dab0331d6af426b7
@daztucker @djmdjm
upstream: Ensure known_hosts file exists when setting up.
445db5c 
OpenBSD-Regress-ID: 92721cad4c219fe62b7b795a73505c22e56f09e0
@daztucker @djmdjm
upstream: Use ~/.shosts for Hostbased test.
55fc7bf 
OpenBSD-Regress-ID: ab64fd0a86422df1eadacde56c0a2cff5d93425d
@djmdjm
upstream: add a regression test for ProxyJump/-J; ok dtucker
607bd87 
OpenBSD-Regress-ID: 400dc1b5fb7f2437d0dfbd2eb9a3583dafb412b3
@daztucker
Add proxyjump.sh omitted from previous commit.
1340d3f
@michaelforney @djmdjm
add missing <stdio.h> include to unit tests for printf
52c01f2 
This fixes the build with --without-openssl on musl. glibc worked
previously because it got stdio.h implicitly through resolv.h.
@michaelforney @djmdjm
avoid k suffix in dd count operand in sftp-resume test
fe86c39 
Not all dd implementations support this. POSIX only specifies
suffixes for block size operands.

Instead, just use 1024k to avoid the special case. This also removes
an incorrect redirection operator that appeared in the 1m case.
@djmdjm
properly bail out when PAM changes username
5d72f18 
OpenSSH doesn't support PAM changing its conception of the
username via a module calling pam_set_item(h, PAM_USER, ...).
We were supposed to bail out here, but I messed up while "fixing"
this last time and dropped a return statement.

Reported by Mike Damm
@djmdjm
upstream: Fix possible sshd crash when sshd_config set MaxStartups
78d5498 
to a value <10 using the single-argument form of MaxStartups (e.g.
MaxStartups=3). This doesn't affect the three-argument form of the directive
(e.g. MaxStartups 3:20:5).

Patch from Peter Kaestle via bz3941

OpenBSD-Commit-ID: 1ad093cae69f55ebfdea1ab24318aefd593d63b8
@djmdjm
upstream: add missing askpass check when using
c805b97 
ControlMaster=ask/autoask and "ssh -O proxy ..."; reported by Michalis
Vasileiadis

OpenBSD-Commit-ID: 8dd7b9b96534e9a8726916b96d36bed466d3836a
@djmdjm
upstream: when downloading files as root in legacy (-O) mode and
487e8ac 
without the -p (preserve modes) flag set, clear setuid/setgid bits from
downloaded files as one might expect.

AFAIK this bug dates back to the original Berkeley rcp program.

Reported by Christos Papakonstantinou of Cantina and Spearbit.

OpenBSD-Commit-ID: 49e902fca8dd933a92a9b547ab31f63e86729fa1
@djmdjm
upstream: correctly match ECDSA signature algorithms against
fd1c7e1 
algorithm allowlists: HostKeyAlgorithms, PubkeyAcceptedAlgorithms and
HostbasedAcceptedAlgorithms.

Previously, if any ECDSA type (say "ecdsa-sha2-nistp521") was
present in one of these lists, then all ECDSA algorithms would
be permitted.

Reported by Christos Papakonstantinou of Cantina and Spearbit.

OpenBSD-Commit-ID: c790e2687c35989ae34a00e709be935c55b16a86
@djmdjm
upstream: move username validity check for usernames specified on
76685c9 
the commandline to earlier in main(), specifically before some contexts where
a username with shell characters might be expanded by a %u directive in
ssh_config.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We continue to recommend against using untrusted input on
the SSH commandline. Mitigations like this are not 100%
guarantees of safety because we can't control every
combination of user shell and configuration where they are
used.

Reported by Florian Kohnhäuser

OpenBSD-Commit-ID: 25ef72223f5ccf1c38d307ae77c23c03f59acc55
@djmdjm
upstream: openssh-10.3
eb3a5bb 
OpenBSD-Commit-ID: 05e22de74e090e5a174998fa5799317d70ad19c4
@djmdjm
upstream: adapt to username validity check change
5aa0992 
OpenBSD-Regress-ID: d22c66ca60f0d934a75e6ca752c4c11b9f4a5324
@djmdjm
Update versions in RPM spec files
f8b9d69
@djmdjm
depend
4168c90
@djmdjm
update release notes URL
500b203
@djmdjm
autogenerated files for release
2d98db9
@andrewyounkers
merge openssh tag V_10_3_P1
40a472c
@andrewyounkers andrewyounkers self-assigned this May 8, 2026
@andrewyounkers andrewyounkers force-pushed the openssh-10.3p1-uplift branch from 2371b45 to d14da62 Compare May 8, 2026 13:43
@andrewyounkers
depend/config updates after 10.3 uplift
830e07e 
When uplifting to OpenSSH 10.3, the current changes were kept when resolving merge conflicts. The change to replace 'openbsd-compat/sha2.h' with 'openbsd-compat/bsd-sha2.h' is brought in with this change while preserving oqs specific targets. This commit also adds oqs specific logic to the upstream config files generated by autoconf

Signed-off-by: Andrew Younkers <ayounkers44@gmail.com>
@andrewyounkers
address build failures and gcc warnings
d68a34b 
This commit addresses two '-Wformat-truncation=' warnings in log.c and misc.c. The change is to increase the buffer size to prevent possible truncation and doesn't affect the non-truncated cases.

Signed-off-by: Andrew Younkers <ayounkers44@gmail.com>
@andrewyounkers
fix double free in test_sshbuf
c3994f7 
Signed-off-by: Andrew Younkers <ayounkers44@gmail.com>
@andrewyounkers andrewyounkers force-pushed the openssh-10.3p1-uplift branch from d14da62 to c3994f7 Compare May 8, 2026 13:46
alharrison
alharrison approved these changes May 11, 2026
View reviewed changes
Comment thread misc.c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alharrison alharrison alharrison approved these changes

@dstebila dstebila Awaiting requested review from dstebila

Assignees

@andrewyounkers andrewyounkers

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.