summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-12-11upstream commitmarkus@openbsd.org
stricter encoding type checks for ssh-rsa; ok djm@ Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650
2015-12-09Don't set IPV6_V6ONLY on OpenBSDDamien Miller
It isn't necessary and runs afoul of pledge(2) restrictions.
2015-12-07upstream commitdjm@openbsd.org
basic unit tests for rsa-sha2-* signature types Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c
2015-12-07upstream commitmarkus@openbsd.org
prefer rsa-sha2-512 over -256 for hostkeys, too; noticed by naddy@ Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe
2015-12-07upstream committobias@openbsd.org
Properly handle invalid %-format by calling fatal. ok deraadt, djm Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac
2015-12-07upstream commitmarkus@openbsd.org
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2015-12-04upstream commitdjm@openbsd.org
clean up agent_fd handling; properly initialise it to -1 and make tests consistent ok markus@ Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707
2015-12-04upstream commitsemarie@openbsd.org
pledges ssh client: - mux client: which is used when ControlMaster is in use. will end with "stdio proc tty" (proc is to permit sending SIGWINCH to mux master on window resize) - client loop: several levels of pledging depending of your used options ok deraadt@ Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b
2015-12-04upstream commitdoug@openbsd.org
Add "cpath" to the ssh-agent pledge so the cleanup handler can unlink(). ok djm@ Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d
2015-12-04upstream commitdjm@openbsd.org
ssh-agent pledge needs proc for askpass; spotted by todd@ Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a
2015-12-04upstream commitdjm@openbsd.org
basic pledge() for ssh-agent, more refinement needed Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13
2015-11-30Revert "stub for pledge(2) for systems that lack it"Damien Miller
This reverts commit 14c887c8393adde2d9fd437d498be30f8c98535c. dtucker beat me to it :/
2015-11-30revert 7d4c7513: bring back S/Key prototypesDamien Miller
(but leave RCSID changes)
2015-11-30stub for pledge(2) for systems that lack itDamien Miller
2015-11-30upstream commitdjm@openbsd.org
pledge, better fatal() messages; feedback deraadt@ Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f
2015-11-30upstream commitderaadt@openbsd.org
do not leak temp file if there is no known_hosts file from craig leres, ok djm Upstream-ID: c820497fd5574844c782e79405c55860f170e426
2015-11-30Add a null implementation of pledge.Darren Tucker
Fixes builds on almost everything.
2015-11-28upstream commitdjm@openbsd.org
don't include port number in tcpip-forward replies for requests that don't allocate a port; bz#2509 diagnosed by Ron Frederick ok markus Upstream-ID: 77efad818addb61ec638b5a2362f1554e21a970a
2015-11-28upstream commitderaadt@openbsd.org
pledge "stdio rpath wpath cpath fattr tty proc exec" except for the -p option (which sadly has insane semantics...) ok semarie dtucker Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059
2015-11-28upstream commithalex@openbsd.org
allow comment change for all supported formats ok djm@ Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
2015-11-20upstream commitdjm@openbsd.org
add cast to make -Werror clean Upstream-ID: 288db4f8f810bd475be01320c198250a04ff064d
2015-11-20fix multiple authentication using S/Key w/ privsepDamien Miller
bz#2502, patch from Kevin Korb and feandil_
2015-11-19upstream commitdjm@openbsd.org
ban ConnectionAttempts=0, it makes no sense and would cause ssh_connect_direct() to print an uninitialised stack variable; bz#2500 reported by dvw AT phas.ubc.ca Upstream-ID: 32b5134c608270583a90b93a07b3feb3cbd5f7d5
2015-11-19upstream commitdjm@openbsd.org
trailing whitespace Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051
2015-11-19upstream commitdjm@openbsd.org
print host certificate contents at debug level Upstream-ID: 39354cdd8a2b32b308fd03f98645f877f540f00d
2015-11-19upstream commitdjm@openbsd.org
move the certificate validity formatting code to sshkey.[ch] Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
2015-11-18upstream commitdjm@openbsd.org
fix "ssh-keygen -l" of private key, broken in support for multiple plain keys on stdin Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d
2015-11-17upstream commitmillert@openbsd.org
Replace remaining calls to index(3) with strchr(3). OK jca@ krw@ Upstream-ID: 33837d767a0cf1db1489b96055f9e330bc0bab6d
2015-11-17upstream commitdjm@openbsd.org
Allow fingerprinting from standard input "ssh-keygen -lf -" Support fingerprinting multiple plain keys in a file and authorized_keys files too (bz#1319) ok markus@ Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77
2015-11-17upstream commitdjm@openbsd.org
always call privsep_preauth_child() regardless of whether sshd was started by root; it does important priming before sandboxing and failing to call it could result in sandbox violations later; ok markus@ Upstream-ID: c8a6d0d56c42f3faab38460dc917ca0d1705d383
2015-11-17upstream commitdjm@openbsd.org
improve sshkey_read() semantics; only update *cpp when a key is successfully read; ok markus@ Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089
2015-11-17upstream commitlogan@openbsd.org
1) Use xcalloc() instead of xmalloc() to check for potential overflow. (Feedback from both mmcc@ and djm@) 2) move set_size just before the for loop. (suggested by djm@) OK djm@ Upstream-ID: 013534c308187284756c3141f11d2c0f33c47213
2015-11-16upstream commitdjm@openbsd.org
Add a new authorized_keys option "restrict" that includes all current and future key restrictions (no-*-forwarding, etc). Also add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty". This simplifies the task of setting up restricted keys and ensures they are maximally-restricted, regardless of any permissions we might implement in the future. Example: restrict,pty,command="nethack" ssh-ed25519 AAAAC3NzaC1lZDI1... Idea from Jann Horn; ok markus@ Upstream-ID: 04ceb9d448e46e67e13887a7ae5ea45b4f1719d0
2015-11-16upstream commitjmc@openbsd.org
correct section number for ssh-agent; Upstream-ID: 44be72fd8bcc167635c49b357b1beea8d5674bd6
2015-11-16upstream commitjmc@openbsd.org
do not confuse mandoc by presenting "Dd"; Upstream-ID: 1470fce171c47b60bbc7ecd0fc717a442c2cfe65
2015-11-16upstream commitjcs@openbsd.org
Add an AddKeysToAgent client option which can be set to 'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a private key that is used during authentication will be added to ssh-agent if it is running (with confirmation enabled if set to 'confirm'). Initial version from Joachim Schipper many years ago. ok markus@ Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4
2015-11-16upstream commitdjm@openbsd.org
send SSH2_MSG_UNIMPLEMENTED replies to unexpected messages during KEX; bz#2949, ok dtucker@ Upstream-ID: 2b3abdff344d53c8d505f45c83a7b12e84935786
2015-11-16upstream commitdjm@openbsd.org
Support "none" as an argument for sshd_config ForceCommand and ChrootDirectory. Useful inside Match blocks to override a global default. bz#2486 ok dtucker@ Upstream-ID: 7ef478d6592bc7db5c7376fc33b4443e63dccfa5
2015-11-16upstream commitdjm@openbsd.org
support multiple certificates (one per line) and reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@ Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db
2015-11-16upstream commitdjm@openbsd.org
list a couple more options usable in Match blocks; bz#2489 Upstream-ID: e4d03f39d254db4c0cc54101921bb89fbda19879
2015-11-16upstream commitdjm@openbsd.org
improve PEEK/POKE macros: better casts, don't multiply evaluate arguments; ok deraadt@ Upstream-ID: 9a1889e19647615ededbbabab89064843ba92d3e
2015-11-16upstream commitdjm@openbsd.org
remove prototypes for long-gone s/key support; ok dtucker@ Upstream-ID: db5bed3c57118af986490ab23d399df807359a79
2015-11-14read back from libcrypto RAND when privdroppingDamien Miller
makes certain libcrypto implementations cache a /dev/urandom fd in preparation of sandboxing. Based on patch by Greg Hartman.
2015-11-10Fix compiler warnings in the openssl header check.Darren Tucker
Noted by Austin English.
2015-11-09upstream commitjmc@openbsd.org
-c before -H, in SYNOPSIS and usage(); Upstream-ID: 25e8c58a69e1f37fcd54ac2cd1699370acb5e404
2015-11-09upstream commitdjm@openbsd.org
Add "ssh-keyscan -c ..." flag to allow fetching certificates instead of plain keys; ok markus@ Upstream-ID: 0947e2177dba92339eced9e49d3c5bf7dda69f82
2015-11-09upstream commitjmc@openbsd.org
remove slogin links; ok deraadt markus djm Upstream-ID: 39ba08548acde4c54f2d4520c202c2a863a3c730
2015-11-09upstream commitdjm@openbsd.org
fix OOB read in packet code caused by missing return statement found by Ben Hawkes; ok markus@ deraadt@ Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62
2015-11-09upstream commitmmcc@openbsd.org
1. rlogin and rsh are long gone 2. protocol version isn't of core relevance here, and v1 is going away ok markus@, deraadt@ Upstream-ID: 8b46bc94cf1ca7c8c1a75b1c958b2bb38d7579c8
2015-11-09upstream commitjmc@openbsd.org
"commandline" -> "command line", since there are so few examples of the former in the pages, so many of the latter, and in some of these pages we had multiple spellings; prompted by tj Upstream-ID: 78459d59bff74223f8139d9001ccd56fc4310659