Age | Commit message (Collapse) | Author |
|
|
|
Disables and removes dependency on OpenSSL. Many features don't
work and the set of crypto options is greatly restricted. This
will only work on system with native arc4random or /dev/urandom.
Considered highly experimental for now.
|
|
|
|
avoid BIGNUM in KRL code by using a simple bitmap;
feedback and ok markus
|
|
update sftp client and server to new buffer API. pretty
much just mechanical changes; with & ok markus
|
|
switch to sshbuf/sshkey; with & ok djm@
|
|
Disables and removes dependency on OpenSSL. Many features don't
work and the set of crypto options is greatly restricted. This
will only work on system with native arc4random or /dev/urandom.
Considered highly experimental for now.
|
|
avoid an warning for the !OPENSSL case
|
|
swith auth-options to new sshbuf/sshkey; ok djm@
|
|
make non-OpenSSL aes-ctr work on sshd w/ privsep; ok
markus@
|
|
remove unneeded includes, sync my copyright across files
& whitespace; ok djm@
|
|
adapt mac.c to ssherr.h return codes (de-fatal) and
simplify dependencies ok djm@
|
|
sync changes from libopenssh; prepared by markus@ mostly
debug output tweaks, a couple of error return value changes and some other
minor stuff
|
|
Allows disabling support for SSH protocol 1.
|
|
add sshd_config HostbasedAcceptedKeyTypes and
PubkeyAcceptedKeyTypes options to allow sshd to control what public key types
will be accepted. Currently defaults to all. Feedback & ok markus@
|
|
unbreak parsing of pubkey comments; with gerhard; ok
djm/deraadt
|
|
missing error assigment on sshbuf_put_string()
|
|
apparently memcpy(x, NULL, 0) is undefined behaviour
according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls
when length==0; ok markus@
|
|
free->sshkey_free; ok djm@
|
|
allow WITH_OPENSSL w/o WITH_SSH1; ok djm@
|
|
adjust for sshkey_load_file() API change
|
|
fix ssh_config FingerprintHash evaluation order; from Petr
Lautrbach
|
|
reorder hostbased key attempts to better match the
default hostkey algorithms order in myproposal.h; ok markus@
|
|
deprecate key_load_private_pem() and
sshkey_load_private_pem() interfaces. Refactor the generic key loading API to
not require pathnames to be specified (they weren't really used).
Fixes a few other things en passant:
Makes ed25519 keys work for hostbased authentication (ssh-keysign
previously used the PEM-only routines).
Fixes key comment regression bz#2306: key pathnames were being lost as
comment fields.
ok markus@
|
|
workaround for the Meyer, et al, Bleichenbacher Side
Channel Attack. fake up a bignum key before RSA decryption. discussed/ok djm
markus
|
|
KNF and add a little more debug()
|
|
add fingerprinthash to the options list;
|
|
tweak previous;
|
|
If an invalid rdclass was passed to getrrsetbyname() then
this would execute a free on an uninitialised pointer.
OpenSSH only ever calls this with a fixed and valid rdclass.
Reported by Joshua Rogers
|
|
Includes fix for 1 byte output overflow for large key length
requests (not reachable in OpenSSH).
Pointed out by Joshua Rogers
|
|
patch from writeonce AT midipix.org via bz#2296
|
|
|
|
mention ssh -Q feature to list supported { MAC, cipher,
KEX, key } algorithms in more places and include the query string used to
list the relevant information; bz#2288
|
|
tweak previous;
|
|
regression test for multiple required pubkey authentication;
ok markus@
|
|
correct description of what will happen when a
AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd
will refuse to start)
|
|
make internal handling of filename arguments of "none"
more consistent with ssh. "none" arguments are now replaced with NULL when
the configuration is finalised.
Simplifies checking later on (just need to test not-NULL rather than
that + strcmp) and cleans up some inconsistencies. ok markus@
|
|
remember which public keys have been used for
authentication and refuse to accept previously-used keys.
This allows AuthenticationMethods=publickey,publickey to require
that users authenticate using two _different_ pubkeys.
ok markus@
|
|
fix passing of wildcard forward bind addresses when
connection multiplexing is in use; patch from Sami Hartikainen via bz#2324;
ok dtucker@
|
|
make this slightly easier to diff against portable
|
|
|
|
adjust for new SHA256 key fingerprints and
slightly-different MD5 hex fingerprint format
|
|
poll changes to netcat (usr.bin/netcat.c r1.125) broke
this test; fix it by ensuring more stdio fds are sent to devnull
|
|
tweak previous;
|
|
document FingerprintHash here too
|
|
|
|
Add FingerprintHash option to control algorithm used for
key fingerprints. Default changes from MD5 to SHA256 and format from hex to
base64.
Feedback and ok naddy@ markus@
|
|
don't count partial authentication success as a failure
against MaxAuthTries; ok deraadt@
|
|
revert chunk I didn't mean to commit yet; via jmc@
|
|
revision 1.2
date: 2014/12/08 03:45:00; author: bcook; state: Exp; lines: +2 -2; commitid: 7zWEBgJJOCZ2hvTV;
avoid left shift overflow in reallocarray.
Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting
1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with
(size_t)1 so that we get the correct constant size for the platform.
discussed with tedu@ & deraadt@
|