summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-01-23upstream commitdjm@openbsd.org
try harder to preserve errno during ssh_connect_direct() to make the final error message possibly accurate; bz#2814, ok dtucker@ OpenBSD-Commit-ID: 57de882cb47381c319b04499fef845dd0c2b46ca
2018-01-23upstream commitdjm@openbsd.org
unbreak support for clients that advertise a protocol version of "1.99" (indicating both v2 and v1 support). Busted by me during SSHv1 purge in r1.358; bz2810, ok dtucker OpenBSD-Commit-ID: e8f9c2bee11afc16c872bb79d6abe9c555bd0e4b
2018-01-23upstream commitdjm@openbsd.org
don't attempt to force hostnames that are addresses to lowercase, but instead canonicalise them through getnameinfo/getaddrinfo to remove ambiguities (e.g. ::0001 => ::1) before they are matched against known_hosts; bz#2763, ok dtucker@ OpenBSD-Commit-ID: ba0863ff087e61e5c65efdbe53be3cb92c9aefa0
2018-01-23upstream commitdjm@openbsd.org
avoid modifying pw->pw_passwd; let endpwent() clean up for us, but keep a scrubbed copy; bz2777, ok dtucker@ OpenBSD-Commit-ID: 715afc0f59c6b82c4929a73279199ed241ce0752
2018-01-23upstream commitnaddy@openbsd.org
clarify authorship; prodded by and ok markus@ OpenBSD-Commit-ID: e1938eee58c89b064befdabe232835fa83bb378c
2018-01-23upstream commitmarkus@openbsd.org
group shared source files (e.g. SRCS_KEX) and allow compilation w/o OPENSSL ok djm@ OpenBSD-Commit-ID: fa728823ba21c4b45212750e1d3a4b2086fd1a62
2018-01-23upstream commitmarkus@openbsd.org
move subprocess() so scp/sftp do not need uidswap.o; ok djm@ OpenBSD-Commit-ID: 6601b8360388542c2e5fef0f4085f8e54750bea8
2018-01-23upstream commitmarkus@openbsd.org
switch ssh-pkcs11-helper to new API; ok djm@ OpenBSD-Commit-ID: e0c0ed2a568e25b1d2024f3e630f3fea837c2a42
2018-01-23upstream commitmarkus@openbsd.org
split client/server kex; only ssh-keygen needs uuencode.o; only scp/sftp use progressmeter.o; ok djm@ OpenBSD-Commit-ID: f2c9feb26963615c4fece921906cf72e248b61ee
2018-01-23upstream commitmarkus@openbsd.org
only ssh-keygen needs uuencode.o; only scp/sftp use progressmeter.o OpenBSD-Commit-ID: a337e886a49f96701ccbc4832bed086a68abfa85
2018-01-23upstream commitmarkus@openbsd.org
uuencode.h is not used OpenBSD-Commit-ID: 238eb4659f3c119904326b9e94a5e507a912796c
2018-01-03unbreak fuzz harnessDamien Miller
2018-01-03upstream commitdjm@openbsd.org
another libssh casualty OpenBSD-Regress-ID: 839b970560246de23e7c50215095fb527a5a83ec
2018-01-03upstream commitdjm@openbsd.org
missed one (unbreak after ssh/lib removal) OpenBSD-Regress-ID: cfdd132143131769e2d2455e7892b5d55854c322
2018-01-03upstream commitdjm@openbsd.org
unbreak unit tests after removal of src/usr.bin/ssh/lib OpenBSD-Regress-ID: 3a79760494147b20761cbd2bd5c20e86c63dc8f9
2017-12-21upstream commitdjm@openbsd.org
revert stricter key type / signature type checking in userauth path; too much software generates inconsistent messages, so we need a better plan. OpenBSD-Commit-ID: 4a44ddc991c803c4ecc8f1ad40e0ab4d22e1c519
2017-12-19upstream commitdjm@openbsd.org
explicitly test all key types and their certificate counterparts refactor a little OpenBSD-Regress-ID: e9ecd5580821b9ef8b7106919c6980d8e45ca8c4
2017-12-19upstream commitdtucker@openbsd.org
use cmp in a loop instead of diff -N to compare directories. The former works on more platforms for Portable. OpenBSD-Regress-ID: c3aa72807f9c488e8829a26ae50fe5bcc5b57099
2017-12-19remove blocks.c from MakefileDamien Miller
2017-12-19upstream commitdjm@openbsd.org
include signature type and CA key (if applicable) in some debug messages OpenBSD-Commit-ID: b71615cc20e78cec7105bb6e940c03ce9ae414a5
2017-12-19upstream commitdjm@openbsd.org
unbreak hostkey rotation; attempting to sign with a desired signature algorithm of kex->hostkey_alg is incorrect when the key type isn't capable of making those signatures. ok markus@ OpenBSD-Commit-ID: 35ae46864e1f5859831ec0d115ee5ea50953a906
2017-12-19upstream commitdjm@openbsd.org
log mismatched RSA signature types; ok markus@ OpenBSD-Commit-ID: 381bddfcc1e297a42292222f3bcb5ac2b7ea2418
2017-12-19upstream commitdjm@openbsd.org
pass kex->hostkey_alg and kex->hostkey_nid from pre-auth to post-auth unpriviledged child processes; ok markus@ OpenBSD-Commit-ID: 4a35bc7af0a5f8a232d1361f79f4ebc376137302
2017-12-19upstream commitmillert@openbsd.org
Add helper function for uri handing in scp where a missing path simply means ".". Also fix exit code and add warnings when an invalid uri is encountered. OK otto@ OpenBSD-Commit-ID: 47dcf872380586dabf7fcc6e7baf5f8ad508ae1a
2017-12-19upstream commitdjm@openbsd.org
pass negotiated signing algorithm though to sshkey_verify() and check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-12-19upstream commitdjm@openbsd.org
sshkey_sigtype() function to return the type of a signature; ok markus@ OpenBSD-Commit-ID: d3772b065ad6eed97285589bfb544befed9032e8
2017-12-19upstream commitnaddy@openbsd.org
Replace ED25519's private SHA-512 implementation with a call to the regular digest code. This speeds up compilation considerably. ok markus@ OpenBSD-Commit-ID: fcce8c3bcfe7389462a28228f63c823e80ade41c
2017-12-19upstream commitnaddy@openbsd.org
Create a persistent umac128.c source file: #define the output size and the name of the entry points for UMAC-128 before including umac.c. Idea from FreeBSD. ok dtucker@ OpenBSD-Commit-ID: 463cfacfa07cb8060a4d4961e63dca307bf3f4b1
2017-12-12Update .depend with empty config.hDarren Tucker
2017-12-12Ensure config.h is always in dependencies.Darren Tucker
Put an empty config.h into the dependency list to ensure that it's always listed and consistent.
2017-12-12upstream commitderaadt@openbsd.org
ssh/lib hasn't worked towards our code-sharing goals for a quit while, perhaps it is too verbose? Change each */Makefile to specifying exactly what sources that program requires, compiling it seperate. Maybe we'll iterate by sorting those into seperatable chunks, splitting up files which contain common code + server/client specific code, or whatnot. But this isn't one step, or we'd have done it a long time ago.. ok dtucker markus djm OpenBSD-Commit-ID: 5317f294d63a876bfc861e19773b1575f96f027d
2017-12-12upstream commitdtucker@openbsd.org
Put remote client info back into the ClientAlive connection termination message. Based in part on diff from lars.nooden at gmail, ok djm OpenBSD-Commit-ID: 80a0f619a29bbf2f32eb5297a69978a0e05d0ee0
2017-12-12upstream commitderaadt@openbsd.org
time_t printing needs %lld and (long long) casts ok djm OpenBSD-Commit-ID: 4a93bc2b0d42a39b8f8de8bb74d07ad2e5e83ef7
2017-12-12upstream commitdjm@openbsd.org
fix ordering in previous to ensure errno isn't clobbered before logging. OpenBSD-Commit-ID: e260bc1e145a9690dcb0d5aa9460c7b96a0c8ab2
2017-12-12upstream commitdjm@openbsd.org
for some reason unix_listener() logged most errors twice with each message containing only some of the useful information; merge these OpenBSD-Commit-ID: 1978a7594a9470c0dddcd719586066311b7c9a4a
2017-12-11Add autogenerated dependency info to Makefile.Darren Tucker
Adds a .depend file containing dependency information generated by makedepend, which is appended to the generated Makefile by configure. You can regen the file with "make -f Makefile.in depend" if necessary, but we'll be looking at some way to automatically keep this up to date. "no objection" djm@
2017-12-11Fix pasto in ldns handling.Darren Tucker
When ldns-config is not found, configure would check the wrong variable. ok djm@
2017-12-09Portable switched to git so s/CVS/git/.Darren Tucker
2017-12-09Remove now-used check for perl.Darren Tucker
2017-12-07upstream commitdjm@openbsd.org
don't accept junk after "yes" or "no" responses to hostkey prompts. bz#2803 reported by Maksim Derbasov; ok dtucker@ OpenBSD-Commit-ID: e1b159fb2253be973ce25eb7a7be26e6f967717c
2017-12-07upstream commitdtucker@openbsd.org
Replace atoi and strtol conversions for integer arguments to config keywords with a checking wrapper around strtonum. This will prevent and flag invalid and negative arguments to these keywords. ok djm@ OpenBSD-Commit-ID: 99ae3981f3d608a219ccb8d2fff635ae52c17998
2017-12-07upstream commitdtucker@openbsd.org
Add missing break for rdomain. Prevents spurious "Deprecated option" warnings. ok djm@ OpenBSD-Commit-ID: ba28a675d39bb04a974586241c3cba71a9c6099a
2017-12-07upstream commitdjm@openbsd.org
include the addr:port in bind/listen failure messages OpenBSD-Commit-ID: fdadb69fe1b38692608809cf0376b71c2c28e58e
2017-12-07upstream commitdtucker@openbsd.org
Import updated moduli. OpenBSD-Commit-ID: 524d210f982af6007aa936ca7f4c977f4d32f38a
2017-12-07upstream commitdtucker@openbsd.org
Have sftp print a warning about shell cleanliness when decoding the first packet fails, which is usually caused by shells polluting stdout of non-interactive starups. bz#2800, ok markus@ deraadt@. OpenBSD-Commit-ID: 88d6a9bf3470f9324b76ba1cbd53e50120f685b5
2017-12-01Replace mkinstalldirs with mkdir -p.Darren Tucker
Check for MIKDIR_P and use it instead of mkinstalldirs. Should fix "mkdir: cannot create directory:... File exists" during "make install". Patch from eb at emlix.com.
2017-12-01Pull in newer install-sh from autoconf-2.69.Darren Tucker
Suggested by eb at emlix.com
2017-12-01Remove RSA1 host key generation.Darren Tucker
SSH1 support is now gone, remove SSH1 key generation. Patch from eb at emlix.com.
2017-11-28upstream commitdjm@openbsd.org
more whitespace errors OpenBSD-Commit-ID: 5e11c125378327b648940b90145e0d98beb05abb
2017-11-28upstream commitdjm@openbsd.org@openbsd.org
whitespace at EOL OpenBSD-Commit-ID: 76d3965202b22d59c2784a8df3a8bfa5ee67b96a