Age | Commit message (Collapse) | Author |
|
Allow RekeyLimits in excess of 4G up to 2**63 bits
(limited by the return type of scan_scaled). Part of bz#2521, ok djm.
Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979
|
|
Account for packets buffered but not yet processed when
computing whether or not it is time to perform rekeying. bz#2521, based
loosely on a patch from olo at fb.com, ok djm@
Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c
|
|
change old $FreeBSD version string in comment so it doesn't
become an RCS ident downstream; requested by des AT des.no
Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722
|
|
make the debug messages a bit more useful here
Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
|
|
Zero a stack buffer with explicit_bzero() instead of
memset() when returning from client_loop() for consistency with
buffer_free()/sshbuf_free().
ok dtucker@ deraadt@ djm@
Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66
|
|
Include sys/time.h for gettimeofday. From sortie at
maxsi.org.
Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b
|
|
fd leaks; report Qualys Security Advisory team; ok
deraadt@
Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
|
|
remove roaming support; ok djm@
Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
|
|
Disable experimental client-side roaming support. Server
side was disabled/gutted for years already, but this aspect was surprisingly
forgotten. Thanks for report from Qualys
Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df
|
|
|
|
|
|
|
|
eliminate fallback from untrusted X11 forwarding to trusted
forwarding when the X server disables the SECURITY extension; Reported by
Thomas Hoger; ok deraadt@
Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
|
|
use explicit_bzero() more liberally in the buffer code; ok
deraadt
Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
|
|
Includes a pre-auth privsep sandbox and several pledge()
emulations. bz#2511, patch by Alex Wilson.
ok dtucker@
|
|
fix three bugs in KRL code related to (unused) signature
support: verification length was being incorrectly calculated, multiple
signatures were being incorrectly processed and a NULL dereference that
occurred when signatures were verified. Reported by Carl Jackson
Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
|
|
unused prototype
Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97
|
|
Use pread/pwrite instead separate lseek+read/write for
lastlog. Cast to off_t before multiplication to avoid truncation on ILP32
ok kettenis@ mmcc@
Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf
|
|
adjust pledge promises for ControlMaster: when using
"ask" or "autoask", the process will use ssh-askpass for asking confirmation.
problem found by halex@
ok halex@
Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80
|
|
unbreak connections with peers that set
first_kex_follows; fix from Matt Johnston va bz#2515
Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
|
|
Add "id" to ssh-agent pledge for subprocess support.
Found the hard way by Jan Johansson when using ssh-agent with X. Also,
rearranged proc/exec and retval to match other pledge calls in the tree.
ok djm@
Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db
|
|
Remove NULL-checks before sshbuf_free().
ok djm@
Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
|
|
include remote port number in a few more messages; makes
tying log messages together into a session a bit easier; bz#2503 ok dtucker@
Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e
|
|
don't try to load SSHv1 private key when compiled without
SSHv1 support. From Iain Morgan bz#2505
Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7
|
|
use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
reading key files. Increase it to match the size of the buffers already being
used.
Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
|
|
Remove NULL-checks before sshkey_free().
ok djm@
Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
|
|
fflush stdout so that output is seen even when running in
debug mode when output may otherwise not be flushed. Patch from dustin at
null-ptr.net.
Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc
|
|
- remove configure --with-rsh, because this option isn't supported anymore
- replace last occurrence of BuildPreReq by BuildRequires
- update grep statement to query the krb5 include directory
Patch from CarstenGrohmann via github, ok djm.
|
|
Patch from Mike Frysinger via github.
|
|
Patch from doughdemon via github.
|
|
Should allow it it compile with MUSL libc. Based on patch from
doughdemon via github.
|
|
correct error messages; from Tomas Kuthan bz#2507
Upstream-ID: 7454a0affeab772398052954c79300aa82077093
|
|
Pass (char *)NULL rather than (char *)0 to execl and
execlp.
ok dtucker@
Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492
|
|
Remove NULL-checks before free().
ok dtucker@
Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
|
|
Fix a couple "the the" typos. ok dtucker@
Upstream-ID: ec364c5af32031f013001fd28d1bd3dfacfe9a72
|
|
stricter encoding type checks for ssh-rsa; ok djm@
Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650
|
|
It isn't necessary and runs afoul of pledge(2) restrictions.
|
|
basic unit tests for rsa-sha2-* signature types
Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c
|
|
prefer rsa-sha2-512 over -256 for hostkeys, too; noticed
by naddy@
Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe
|
|
Properly handle invalid %-format by calling fatal.
ok deraadt, djm
Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac
|
|
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
(user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
draft-ssh-ext-info-04.txt; with & ok djm@
Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
|
|
clean up agent_fd handling; properly initialise it to -1
and make tests consistent
ok markus@
Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707
|
|
pledges ssh client: - mux client: which is used when
ControlMaster is in use. will end with "stdio proc tty" (proc is to
permit sending SIGWINCH to mux master on window resize)
- client loop: several levels of pledging depending of your used options
ok deraadt@
Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b
|
|
Add "cpath" to the ssh-agent pledge so the cleanup
handler can unlink().
ok djm@
Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d
|
|
ssh-agent pledge needs proc for askpass; spotted by todd@
Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a
|
|
basic pledge() for ssh-agent, more refinement needed
Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13
|
|
This reverts commit 14c887c8393adde2d9fd437d498be30f8c98535c.
dtucker beat me to it :/
|
|
(but leave RCSID changes)
|
|
|
|
pledge, better fatal() messages; feedback deraadt@
Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f
|