Age | Commit message (Collapse) | Author |
|
some shells.
OpenBSD-Regress-ID: 5dc27ab624c09d34078fd326b10e38c1ce9c741f
|
|
Prevent infinite for loop since i went from ssize_t to size_t. Patch from
eagleoflqj via OpenSSH github PR#178, ok djm@, feedback & ok millert@
|
|
key comments, mostly by loic AT venez.fr (slightly tweaked for portability)
ok dtucker@
OpenBSD-Regress-ID: 8dc6c4feaf4fe58b6d634cd89afac9a13fd19004
|
|
fingerprint of old-format key, key comments were not being displayed. Spotted
by loic AT venez.fr, ok dtucker
OpenBSD-Commit-ID: 2d98e4f9eb168eea733d17e141e1ead9fe26e533
|
|
comment after regression caused by my recent pubkey loading refactor.
Reported by loic AT venez.fr, ok dtucker@
OpenBSD-Commit-ID: f8db49acbee6a6ccb2a4259135693b3cceedb89e
|
|
based on patch from loic AT venez.fr, ok dtucker@
OpenBSD-Commit-ID: 5eff2476b0d8d0614924c55e350fb7bb9c84f45e
|
|
OpenBSD-Commit-ID: c93a6cbb4bf9468fc4c13e64bc1fd4efee201a44
|
|
checking AuthorizedKeysFile first and falling back to AuthorizedKeysCommand
if no key was found in a file. Document this order here; bz3134
OpenBSD-Commit-ID: afce0872cbfcfc1d4910ad7722e50f792a1dce12
|
|
so change the preprocessor test used to include it to check
__OpenBSD__, matching the code that uses the symbols it declares.
|
|
apply to keys loaded from a PKCS11Provider; bz3141, ok dtucker@
OpenBSD-Commit-ID: e3dd6424b94685671fe84c9b9dbe352fb659f677
|
|
not considered for HostbasedAuthentication when the target user is root;
bz3148
OpenBSD-Commit-ID: fe4c1256929e53f23af17068fbef47852f4bd752
|
|
rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow
.shosts files but not .rhosts. ok dtucker@
OpenBSD-Commit-ID: d08d6930ed06377a80cf53923c1955e9589342e9
|
|
sshd_config, not just before any Match blocks; bz3148, ok dtucker@
OpenBSD-Commit-ID: e042467d703bce640b1f42c5d1a62bf3825736e8
|
|
OpenBSD-Commit-ID: e579e4d95eef13059c30931ea1f09ed8296b819c
|
|
In some architecture/libc configurations we need to explicitly include
sys/syscall.h for the syscall number (__NR_xxx) definitions. bz#3085,
patch from blowfist at xroutine.net.
|
|
duplicated code and fixes oss-fuzz#20074 (NULL deref) caused by a missing key
type check in the ECDSA_CERT parsing path.
feedback and ok markus@
OpenBSD-Commit-ID: 4711981d88afb7196d228f7baad9be1d3b20f9c9
|
|
RemoteForward.
OpenBSD-Regress-ID: 90fcbc60d510eb114a2b6eaf4a06ff87ecd80a89
|
|
OpenBSD-Regress-ID: 433708d11165afdb189fe635151d21659dd37a37
|
|
when used for Unix domain socket forwarding. Factor out the code for the
config keywords that use the most common subset of TOKENS into its own
function. bz#3014, ok jmc@ (man page bits) djm@
OpenBSD-Commit-ID: bffc9f7e7b5cf420309a057408bef55171fd0b97
|
|
unencrypted envelope of private key files if not sidecar public key file is
present.
ok markus@
OpenBSD-Commit-ID: 252a0a580e10b9a6311632530d63b5ac76592040
|
|
ok markus@
OpenBSD-Commit-ID: 05a5d46562aafcd70736c792208b1856064f40ad
|
|
Extracts a public key from the unencrypted envelope of a new-style
OpenSSH private key.
ok markus@
OpenBSD-Commit-ID: 44d7ab446e5e8c686aee96d5897b26b3939939aa
|
|
Try new format parser for all key types first, fall back to PEM
parser only for invalid format errors.
ok markus@
OpenBSD-Commit-ID: 0173bbb3a5cface77b0679d4dca0e15eb5600b77
|
|
new-style private decoding; ok markus@
OpenBSD-Commit-ID: 04d44b3a34ce12ce5187fb6f6e441a88c8c51662
|
|
private key
(this public key is currently unusued)
ok markus@
OpenBSD-Commit-ID: 634a60b5e135d75f48249ccdf042f3555112049c
|
|
Split out the base64 decoding and private section decryption steps in
to separate functions. This will make the decryption step easier to fuzz
as well as making it easier to write a "load public key from new-format
private key" function.
ok markus@
OpenBSD-Commit-ID: 7de31d80fb9062aa01901ddf040c286b64ff904e
|
|
Fixes problem where unsuitable chacha20 code in libressl would be used
unintentionally.
|
|
|
|
OpenBSD-Regress-ID: 409a7b0e59d1272890fda507651c0c3d2d3c0d89
|
|
Solaris' native "id" doesn't support the options we use but the one
in /usr/bin/xp4g does, so use that instead.
|
|
short hostname instead.
OpenBSD-Regress-ID: ebcf36a6fdf287c9336b0d4f6fc9f793c05307a7
|
|
OpenBSD-Regress-ID: 94d1366e8105274858b88a1f9ad2e62801e49770
|
|
|
|
local hostname and it doesn't work on any machine except mine... spotted by
djm@
OpenBSD-Regress-ID: 2d4c3585b9fcbbff14f4a5a5fde51dbd0d690401
|
|
OpenBSD-Commit-ID: 1af8851fd7a99e4a887b19aa8f4c41a6b3d25477
|
|
OpenBSD-Commit-ID: 5b00e8db37c2b0a54c7831fed9e5f4db53ada332
|
|
OpenBSD-Commit-ID: 1d29c51ac844b287c4c8bcaf04c63c7d9ba3b8c7
|
|
OpenBSD-Regress-ID: 445040036cec714d28069a20da25553a04a28451
|
|
OpenBSD-Regress-ID: a41c14fd6a0b54d66aa1e9eebfb9ec962b41232f
|
|
Darren and his tinderbox tests
OpenBSD-Commit-ID: 3b4587c3d9d46a7be9bdf028704201943fba96c2
|
|
mode; requested in bz3135; ok dtucker
OpenBSD-Commit-ID: 5ad2ed0e6440562ba9c84b666a5bbddc1afe2e2b
|
|
Based on patch from Yuriy M. Kaminskiy. ok + lots of assistance along the
way at a2k20 tb@
OpenBSD-Commit-ID: 5e08754c13d31258bae6c5e318cc96219d6b10f0
|
|
part of a larger diff at a2k20
OpenBSD-Commit-ID: a4609b7263284f95c9417ef60ed7cdbb7bf52cfd
|
|
OpenBSD-Commit-ID: 42c6edeeda5ce88b51a20d88c93be3729ce6b916
|
|
committed earlier had an off-by-one. Fix this and add some debugging that
would have made it apparent sooner.
OpenBSD-Commit-ID: 082f8f72b1423bd81bbdad750925b906e5ac6910
|
|
remote user not local user.
OpenBSD-Commit-ID: 80f1d976938f2a55ee350c11d8b796836c8397e2
|
|
OpenBSD-Regress-ID: 7283be8b2733ac1cbefea3048a23d02594485288
|
|
the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker
OpenBSD-Commit-ID: ef4b4808de0a419c17579b1081da768625c1d735
|
|
percent_expansions more consistent. - %C is moved into its own function and
added to Match Exec. - move the common (global) options into a macro. This
is ugly but it's the least-ugly way I could come up with. - move
IdentityAgent and ForwardAgent percent expansion to before the config dump
to make it regression-testable. - document all of the above
ok jmc@ for man page bits, "makes things less terrible" djm@ for the rest.
OpenBSD-Commit-ID: 4b65664bd6d8ae2a9afaf1a2438ddd1b614b1d75
|
|
binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker
OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
|