Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-04-03 | upstream: add allocating variant of the safe utf8 printer; ok | djm@openbsd.org | |
dtucker as part of a larger diff OpenBSD-Commit-ID: 037e2965bd50eacc2ffb49889ecae41552744fa0 | |||
2020-03-17 | upstream: Cast lifetime to u_long for comparison to prevent unsigned | dtucker@openbsd.org | |
comparison warning on 32bit arches. Spotted by deraadt, ok djm. OpenBSD-Commit-ID: 7a75b2540bff5ab4fa00b4d595db1df13bb0515a | |||
2020-03-14 | Include fido.h when checking for fido/credman.h. | Darren Tucker | |
It's required for fido_dev_t, otherwise configure fails with when given --with-security-key-builtin. | |||
2020-03-14 | upstream: some more speeling mistakes from | djm@openbsd.org | |
OpenBSD-Regress-ID: 02471c079805471c546b7a69d9ab1d34e9a57443 | |||
2020-03-14 | upstream: improve error messages for some common PKCS#11 C_Login | djm@openbsd.org | |
failure cases; based on patch from Jacob Hoffman-Andrews in bz3130; ok dtucker OpenBSD-Commit-ID: b8b849621b4a98e468942efd0a1c519c12ce089e | |||
2020-03-14 | upstream: use sshpkt_fatal() for kex_exchange_identification() | djm@openbsd.org | |
errors. This ensures that the logged errors are consistent with other transport- layer errors and that the relevant IP addresses are logged. bz3129 ok dtucker@ OpenBSD-Commit-ID: 2c22891f0b9e1a6cd46771cedbb26ac96ec2e6ab | |||
2020-03-14 | upstream: Don't clear alarm timers in listening sshd. Previously | dtucker@openbsd.org | |
these timers were used for regenerating the SSH1 ephemeral host keys but those are now gone so there's no need to clear the timers either. ok deraadt@ OpenBSD-Commit-ID: 280d2b885e4a1ce404632e8cc38fcb17be7dafc0 | |||
2020-03-14 | upstream: spelling errors in comments; no code change from | djm@openbsd.org | |
OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924 | |||
2020-03-14 | upstream: when downloading FIDO2 resident keys from a token, don't | djm@openbsd.org | |
prompt for a PIN until the token has told us that it needs one. Avoids double-prompting on devices that implement on-device authentication (e.g. a touchscreen PIN pad on the Trezor Model T). ok dtucker@ OpenBSD-Commit-ID: 38b78903dd4422d7d3204095a31692fb69130817 | |||
2020-03-13 | sync fnmatch.c with upstream to fix another typo | Damien Miller | |
2020-03-13 | another spelling error in comment | Damien Miller | |
2020-03-13 | spelling mistakes | Damien Miller | |
from https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html | |||
2020-03-13 | upstream: fix relative includes in sshd_config; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: fa29b0da3c93cbc3a1d4c6bcd58af43c00ffeb5b | |||
2020-03-13 | upstream: fix use-after-free in do_download_sk; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 96b49623d297797d4fc069f1f09e13c8811f8863 | |||
2020-03-13 | upstream: do not leak oprincipals; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 4691d9387eab36f8fda48f5d8009756ed13a7c4c | |||
2020-03-13 | upstream: initialize seconds for debug message; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 293fbefe6d00b4812a180ba02e26170e4c855b81 | |||
2020-03-13 | upstream: correct return code; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 319d09e3b7f4b2bc920c67244d9ff6426b744810 | |||
2020-03-13 | upstream: principalsp is optional, pubkey required; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 2cc3ea5018c28ed97edaccd7f17d2cc796f01024 | |||
2020-03-13 | upstream: remove unused variables in ssh-pkcs11-helper; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 13e572846d0d1b28f1251ddd2165e9cf18135ae1 | |||
2020-03-13 | upstream: return correct error in sshsk_ed25519_sig; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 52bf733df220303c260fee4f165ec64b4a977625 | |||
2020-03-13 | upstream: fix possible null-deref in check_key_not_revoked; ok | markus@openbsd.org | |
djm OpenBSD-Commit-ID: 80855e9d7af42bb6fcc16c074ba69876bfe5e3bf | |||
2020-03-13 | upstream: ssh_fetch_identitylist() returns the return value from | markus@openbsd.org | |
ssh_request_reply() so we should also check against != 0 ok djm OpenBSD-Commit-ID: 28d0028769d03e665688c61bb5fd943e18614952 | |||
2020-03-13 | upstream: sshkey_cert_check_authority requires reason to be set; | markus@openbsd.org | |
ok djm OpenBSD-Commit-ID: 6f7a6f19540ed5749763c2f9530c0897c94aa552 | |||
2020-03-13 | upstream: passphrase depends on kdfname, not ciphername (possible | markus@openbsd.org | |
null-deref); ok djm OpenBSD-Commit-ID: 0d39668edf5e790b5837df4926ee1141cec5471c | |||
2020-03-13 | upstream: consistently check packet_timeout_ms against 0; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: e8fb8cb2c96c980f075069302534eaf830929928 | |||
2020-03-13 | upstream: initialize cname in case ai_canonname is NULL or too | markus@openbsd.org | |
long; ok djm OpenBSD-Commit-ID: c27984636fdb1035d1642283664193e91aab6e37 | |||
2020-03-13 | upstream: fix uninitialized pointers for forward_cancel; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 612778e6d87ee865d0ba97d0a335f141cee1aa37 | |||
2020-03-13 | upstream: exit on parse failures in input_service_request; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 6a7e1bfded26051d5aa893c030229b1ee6a0d5d2 | |||
2020-03-13 | upstream: fix null-deref on calloc failure; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: a313519579b392076b7831ec022dfdefbec8724a | |||
2020-03-13 | upstream: exit if ssh_krl_revoke_key_sha256 fails; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 0864ad4fe8bf28ab21fd1df766e0365c11bbc0dc | |||
2020-03-13 | upstream: pkcs11_register_provider: return < 0 on error; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: cfc8321315b787e4d40da4bdb2cbabd4154b0d97 | |||
2020-03-13 | upstream: sshsig: return correct error, fix null-deref; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 1d1af7cd538b8b23e621cf7ab84f11e7a923edcd | |||
2020-03-13 | upstream: vasnmprintf allocates str and returns -1; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: dae4c9e83d88471bf3b3f89e3da7a107b44df11c | |||
2020-03-13 | upstream: sshpkt_fatal() does not return; ok djm | markus@openbsd.org | |
OpenBSD-Commit-ID: 7dfe847e28bd78208eb227b37f29f4a2a0929929 | |||
2020-02-28 | upstream: no-touch-required certificate option should be an | djm@openbsd.org | |
extension, not a critical option. OpenBSD-Commit-ID: 626b22c5feb7be8a645e4b9a9bef89893b88600d | |||
2020-02-28 | upstream: better error message when trying to use a FIDO key | djm@openbsd.org | |
function and SecurityKeyProvider is empty OpenBSD-Commit-ID: e56602c2ee8c82f835d30e4dc8ee2e4a7896be24 | |||
2020-02-28 | upstream: Drop leading space from line count that was confusing | dtucker@openbsd.org | |
ssh-keygen's screen mode. OpenBSD-Commit-ID: 3bcae7a754db3fc5ad3cab63dd46774edb35b8ae | |||
2020-02-28 | upstream: change explicit_bzero();free() to freezero() | jsg@openbsd.org | |
While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a | |||
2020-02-26 | upstream: Have sftp reject "-1" in the same way as ssh(1) and | dtucker@openbsd.org | |
scp(1) do instead of accepting and silently ignoring it since protocol 1 support has been removed. Spotted by shivakumar2696 at gmail.com, ok deraadt@ OpenBSD-Commit-ID: b79f95559a1c993214f4ec9ae3c34caa87e9d5de | |||
2020-02-26 | upstream: Remove obsolete XXX comment. ok deraadt@ | dtucker@openbsd.org | |
OpenBSD-Commit-ID: bc462cc843947feea26a2e21c750b3a7469ff01b | |||
2020-02-24 | upstream: Fix typo. Patch from itoama at live.jp via github PR#173. | dtucker@openbsd.org | |
OpenBSD-Commit-ID: 5cdaafab38bbdea0d07e24777d00bfe6f972568a | |||
2020-02-22 | Switch %define to %global for redhat/openssh.spec | Nico Kadel-Garcia | |
2020-02-21 | fix some typos and sentence | mkontani | |
2020-02-21 | upstream: Fix some typos and an incorrect word in docs. Patch from | dtucker@openbsd.org | |
itoama at live.jp via github PR#172. OpenBSD-Commit-ID: 166ee8f93a7201fef431b9001725ab8b269d5874 | |||
2020-02-21 | upstream: Update moduli generation script to new ssh-keygen | dtucker@openbsd.org | |
generation and screening command line flags. OpenBSD-Commit-ID: 5010ff08f7ad92082e87dde098b20f5c24921a8f | |||
2020-02-21 | upstream: Import regenerated moduli. | dtucker@openbsd.org | |
OpenBSD-Commit-ID: 7b7b619c1452a459310b0cf4391c5757c6bdbc0f | |||
2020-02-20 | Import regenerated moduli. | Darren Tucker | |
2020-02-18 | Fix typos in INSTALL: s/avilable/available/ s/suppports/supports/ | HARUYAMA Seigo | |
2020-02-18 | upstream: Ensure that the key lifetime provided fits within the | dtucker@openbsd.org | |
values allowed by the wire format (u32). Prevents integer wraparound of the timeout values. bz#3119, ok markus@ djm@ OpenBSD-Commit-ID: 8afe6038b5cdfcf63360788f012a7ad81acc46a2 | |||
2020-02-18 | upstream: Detect and prevent simple configuration loops when using | dtucker@openbsd.org | |
ProxyJump. bz#3057, ok djm@ OpenBSD-Commit-ID: 077d21c564c886c98309d871ed6f8ef267b9f037 |