Age | Commit message (Collapse) | Author |
|
revision 1.39
date: 2012/01/20 07:09:42; author: tedu; state: Exp; lines: +4 -4;
the glob stat limit is way too low. bump to 2048.
while here, failed stats should count against the limit too.
ok deraadt sthen stsp
|
|
probed to see if they own a key handle. Handle this case so the find_device()
look can work for them. Reported by Michael Forney
OpenBSD-Commit-ID: 2ccd5b30a6ddfe4dba228b7159bf168601bd9166
|
|
|
|
|
|
using the (default) build-in security key support.
OpenBSD-Commit-ID: 4707643aaa7124501d14e92d1364b20f312a6428
|
|
path too
OpenBSD-Commit-ID: c7628bf80505c1aefbb1de7abc8bb5ee51826829
|
|
OpenBSD-Commit-ID: 2482c99d2ce448f39282493050f8a01e3ffc39ab
|
|
fall back to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment
variable is set.
OpenBSD-Commit-ID: cda753726b13fb797bf7a9f7a0b3022d9ade4520
|
|
OpenBSD-Commit-ID: 8ea4455a2d9364a0a04f9e4a2cbfa4c9fcefe77e
|
|
spotted by dtucker@
|
|
|
|
linking against the (previously external) USB HID middleware. The dlopen()
capability still exists for alternate middlewares, e.g. for Bluetooth, NFC
and test/debugging.
OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069
|
|
signatures left on a shielded key, we need to transfer the number of
signatures left from the private to the public key. ok djm@
OpenBSD-Commit-ID: 8a5d0d260aeace47d372695fdae383ce9b962574
|
|
OpenBSD-Commit-ID: 34198084e4afb424a859f52c04bb2c9668a52867
|
|
noification prior to the SSH2 protocol banner according to RFC4253 section
4.2. ok djm@ deraadt@ markus@
OpenBSD-Commit-ID: e5dabcb722d54dea18eafb336d50b733af4f9c63
|
|
to delay the call to shield until we have received key specific options. -
when serializing xmss keys for shield we need to deal with all optional
components (e.g. state might not be loaded). ok djm@
OpenBSD-Commit-ID: cc2db82524b209468eb176d6b4d6b9486422f41f
|
|
return value from glob() is sufficient. discussed with djm
OpenBSD-Commit-ID: c91203322db9caaf7efaf5ae90c794a91070be3c
|
|
OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513
|
|
Fixes build against OpenSSL configured without ECC.
|
|
|
|
seccomp: Allow clock_nanosleep() to make OpenSSH working with latest
glibc. Patch from Jakub Jelen <jjelen@redhat.com> via bz #3093.
|
|
|
|
Prevents compile errors due to missing definitions (eg va_list) on
non-AIX platforms.
|
|
Spotted by balu.gajjala@gmail.com via bz#3092.
|
|
security key enrollment - these are possible for tokens that only offer self-
attestation. This also needs support from the middleware.
ok markus@
OpenBSD-Commit-ID: 135eeeb937088ef6830a25ca0bbe678dfd2c57cc
|
|
order to perform a signature operation. Notify the user when this is expected
via the TTY (if available) or $SSH_ASKPASS if we can.
ok markus@
OpenBSD-Commit-ID: 0ef90a99a85d4a2a07217a58efb4df8444818609
|
|
OpenBSD-Commit-ID: 08d46712e5e5f1bad0aea68e7717b7bec1ab8959
|
|
SSH_ASKPASS
OpenBSD-Commit-ID: 9484aea33aff5b62ce3642bf259546c7639f23f3
|
|
OpenBSD-Commit-ID: e5e3671c05c121993b034db935bce1a7aa372247
|
|
|
|
OpenBSD-Commit-ID: 7672d9d0278b4bf656a12d3aab0c0bfe92a8ae47
|
|
OpenBSD-Commit-ID: 1a1e6a85b5f465d447a3800f739e35c5b74e0abc
|
|
OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e
|
|
OpenBSD-Commit-ID: 77aa4d5b6ab17987d8a600907b49573940a0044a
|
|
OpenBSD-Commit-ID: af9ec838b9bc643786310b5caefc4ca4754e68c6
|
|
OpenBSD-Commit-ID: f422d0052c6d948fe0e4b04bc961f37fdffa0910
|
|
OpenBSD-Commit-ID: 1524042e09d81e54c4470d7bfcc0194c5b46fe19
|
|
OpenBSD-Commit-ID: 07e41997b542f670a15d7e2807143fe01efef584
|
|
OpenBSD-Commit-ID: 2313761a3a84ccfe032874d638d3c363e0f14026
|
|
OpenBSD-Commit-ID: 37906d93948a1e3d237c20e713d6ca8fbf7d13f6
|
|
|
|
wrote a stack protector for reverse-stack architectures, and i don't think
anyone else did either. a warning per compiled file is just annoying.
OpenBSD-Commit-ID: 14806a59353152f843eb349e618abbf6f4dd3ada
|
|
OpenBSD-Commit-ID: 64c81caa0cb5798de3621eca16b7dd22e5d0d8a7
|
|
Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's
SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable,
and ssh-keygen's new -w and -x options.
Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal
substitutions.
ok djm@
OpenBSD-Commit-ID: ef2e8f83d0c0ce11ad9b8c28945747e5ca337ac4
|
|
and remove it from the specific binary targets.
|
|
eg on old NetBSDs.
|
|
|
|
|
|
.. since we use symbols defined only when it is when using the compat
fnmatch.
|
|
This requires moving the U2F bits to below the OpenSSL parts so we have
the required information. ok djm@
|