Age | Commit message (Collapse) | Author |
|
keys.
When signing messages in ssh-agent using a FIDO key that has an
application string that does not start with "ssh:", ensure that the
message being signed is one of the forms expected for the SSH protocol
(currently pubkey authentication and sshsig signatures).
This prevents ssh-agent forwarding on a host that has FIDO keys
attached granting the ability for the remote side to sign challenges
for web authentication using those keys too.
Note that the converse case of web browsers signing SSH challenges is
already precluded because no web RP can have the "ssh:" prefix in the
application string that we require.
ok markus@
OpenBSD-Commit-ID: 9ab6012574ed0352d2f097d307f4a988222d1b19
|
|
have sshd log when it starts and stops throttling and periodically while in
this state. bz#3055 ok markus@
OpenBSD-Commit-ID: 2e07a09a62ab45d790d3d2d714f8cc09a9ac7ab9
|
|
interval in a human- friendly format. Switch copyright for this file from BSD
to MIT to make it easier to add Henning's copyright for this function. ok
markus@
OpenBSD-Commit-ID: 414a831c662df7e68893e5233e86f2cac081ccf9
|
|
OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
|
|
in write(2) on config_s[0] if the forked child exits early before finishing
recv_rexec_state (e.g. with fatal()) because config_s[1] stays open in the
parent. this prevents the parent from accepting new connections. ok djm,
deraadt
OpenBSD-Commit-ID: 92ccfeb939ccd55bda914dc3fe84582158c4a9ef
|
|
one more concurrent request that desired. This prevented using sftp(1) in
unpipelined request/response mode, which is useful when debugging. Patch from
Stephen Goetze in bz#3054
OpenBSD-Commit-ID: 41b394ebe57037dbc43bdd0eef21ff0511191f28
|
|
OpenBSD-Commit-ID: a240fc9cbe60bc4e6c3d24d022eb4ab01fe1cb38
|
|
key.
The FIDO 2.1 Client to Authenticator Protocol introduced a "credProtect"
feature to better protect resident keys. This option allows (amone other
possibilities) requiring a PIN prior to all operations that may retrieve
the key handle.
Patch by Pedro Martelletto; ok djm and markus
OpenBSD-Commit-ID: 013bc06a577dcaa66be3913b7f183eb8cad87e73
|
|
fido_init() when SK_DEBUG was defined. Harmless with current libfido2, but
this isn't guaranteed in the future.
OpenBSD-Commit-ID: c7ea20ff2bcd98dd12015d748d3672d4f01f0864
|
|
file across runs of "ssh-keygen -Rf /path". The old behaviour was to remove
all rights for group/other. bz#3146 ok dtucker@
OpenBSD-Commit-ID: dc369d0e0b5dd826430c63fd5f4b269953448a8a
|
|
server, prefer certificate types if the known_hosts files contain a key
marked as a @cert-authority; bz#3157 ok markus@
OpenBSD-Commit-ID: 8f194573e5bb7c01b69bbfaabc68f27c9fa5e0db
|
|
Kihlman
OpenBSD-Commit-ID: 04bcde311de2325d9e45730c744c8de079b49800
|
|
authentictation; mostly from Pedro Martelletto
OpenBSD-Commit-ID: fbe05685a1f99c74b1baca7130c5a03c2df7c0ac
|
|
OpenBSD-Commit-ID: 832e771948fb45f2270e8b8895aac36d176ba17a
|
|
I saw failures on the reexec fallback test on Darwin 19.4 where
fork()ed children of a process that had it's executable removed
would instantly fail. Using ln to preserve the inode avoids this.
|
|
|
|
|
|
Bring back removal of .depend to give the file a known state before
running makedepend, but manually move aside the current .depend file
and restore it as .depend.bak afterwards so the stale .depend check
works as expected.
|
|
|
|
Commit 83657eac4 started removing .depend before running makedepend
to reset the contents of .depend to a known state. Unfortunately
this broke the depend-check step as now .depend.bak would only ever
be created as an empty file.
ok dtucker
|
|
|
|
When the test's child signals its parent and it exits the result of
getppid changes. On Ubuntu 20.04 this results in the ppid being that
of the GDM session, causing it to exit. Analysis and testing from pedro
at ambientworks.net
|
|
ok dtucker@
|
|
OpenBSD-Commit-ID: c8831ec88b9c750f5816aed9051031fb535d22c1
|
|
a desynchronising error; reminded by Aymeric Vincent ok deraadt markus
OpenBSD-Commit-ID: 2ea611d34d8ff6d703a7a8bf858aa5dbfbfa7381
|
|
On at least HP-UX 11.11, the localtime_r declararation is behind
ifdef _REENTRANT. Check for and add if needed.
|
|
|
|
new format were actually in the old format; fix from Michael Forney
OpenBSD-Regress-ID: a41a5c43a61b0f0b1691994dbf16dfb88e8af933
|
|
expect. This script was written before OpenSSH switched to new-format private
keys by default and was never updated to the change (until now) From Michael
Forney
OpenBSD-Regress-ID: 38cf354715c96852e5b71c2393fb6e7ad28b7ca7
|
|
if the input does not contain one; from Michael Forney
OpenBSD-Regress-ID: 9190c3ddf0d2562ccc02c4a95fce0e392196bfc7
|
|
OpenBSD-Regress-ID: 6384ba889594e217d166908ed8253718ab0866da
|
|
|
|
Not every tail supports +N and we can do with out it so just remove it.
Prompted by mforney at mforney.org.
|
|
use it and save a bunch of redundant code.
Patch from loic AT venez.fr; ok markus@ djm@
OpenBSD-Commit-ID: f93e030a0ebcd0fd9054ab30db501ec63454ea5f
|
|
If we don't have LLONG_{MIN,MAX} but do have LONG_LONG_{MIN,MAX}
then use those instead. We do calculate these values in configure,
but it turns out that at least one compiler (old HP ANSI C) can't
parse "-9223372036854775808LL" without mangling it. (It can parse
"-9223372036854775807LL" which is presumably why its limits.h defines
LONG_LONG_MIN as the latter minus 1.)
Fixes rekey test when compiled with the aforementioned compiler.
|
|
most a single error response after the file has been opened. Otherwise the
source() and sink() can become desyncronised. Reported by Daniel Goujot,
Georges-Axel Jaloyan, Ryan Lahfa, and David Naccache.
ok deraadt@ markus@
OpenBSD-Commit-ID: 6c14d233c97349cb811a8f7921ded3ae7d9e0035
|
|
deraadt
OpenBSD-Commit-ID: 2e80cea441c599631a870fd40307d2ade5a7f9b5
|
|
ssh.com private keys using "ssh-keygen -i"; spotted by Michael Forney
OpenBSD-Commit-ID: 2e56e6d26973967d11d13f56ea67145f435bf298
|
|
On some platforms (at least older HP-UXes such as 11.11, possibly others)
setting SA_RESTART on signal handers will cause it to not interrupt
select(), at least for calls that do not specify a timeout. Try to
detect this and if found, don't use SA_RESTART.
POSIX says "If SA_RESTART has been set for the interrupting signal, it
is implementation-dependent whether select() restarts or returns with
[EINTR]" so this behaviour is within spec.
|
|
|
|
|
|
OpenBSD-Regress-ID: 8bb84ee500c2eaa5616044314dd0247709a1790f
|
|
OpenBSD-Commit-ID: 41895450ce2294ec44a5713134491cc31f0c09fd
|
|
kumar
OpenBSD-Commit-ID: 8d134d22ab25979078a3b48d058557d49c402e65
|
|
OpenBSD-Commit-ID: 77994fc8c7ca02d88e6d0d06d0f0fe842a935748
|
|
hashing in the middleware layer rather than in ssh code. This allows
middlewares that call APIs that perform the hashing implicitly (including
Microsoft's AFAIK). ok markus@
OpenBSD-Commit-ID: c9fc8630aba26c75d5016884932f08a5a237f37d
|
|
OpenBSD-Commit-ID: 3565f056003707a5e678e60e03f7a3efd0464a2b
|
|
that had slipped in. ok deraadt markus djm.
OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6
|
|
These are usually in netinet/in.h but on HP-UX they are not defined if
_XOPEN_SOURCE_EXTENDED is set. Only needed for netcat in the regression
tests.
|
|
Fixes warnings or link errors when building against older OpenSSLs.
ok djm
|