| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-11-15 | upstream: fix check for sig_s; noted by qsa at qualys.com | markus@openbsd.org | |
| OpenBSD-Commit-ID: 34198084e4afb424a859f52c04bb2c9668a52867 | |||
| 2019-11-15 | upstream: When clients get denied by MaxStartups, send a | dtucker@openbsd.org | |
| noification prior to the SSH2 protocol banner according to RFC4253 section 4.2. ok djm@ deraadt@ markus@ OpenBSD-Commit-ID: e5dabcb722d54dea18eafb336d50b733af4f9c63 | |||
| 2019-11-15 | upstream: fix shield/unshield for xmss keys: - in ssh-agent we need | markus@openbsd.org | |
| to delay the call to shield until we have received key specific options. - when serializing xmss keys for shield we need to deal with all optional components (e.g. state might not be loaded). ok djm@ OpenBSD-Commit-ID: cc2db82524b209468eb176d6b4d6b9486422f41f | |||
| 2019-11-15 | upstream: remove size_t gl_pathc < 0 test, it is invalid. the | deraadt@openbsd.org | |
| return value from glob() is sufficient. discussed with djm OpenBSD-Commit-ID: c91203322db9caaf7efaf5ae90c794a91070be3c | |||
| 2019-11-15 | upstream: stdarg.h required more broadly; ok djm | deraadt@openbsd.org | |
| OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513 | |||
| 2019-11-14 | Put sshsk_sign call inside ifdef ENABLE_SK. | Darren Tucker | |
| Fixes build against OpenSSL configured without ECC. | |||
| 2019-11-13 | Remove duplicate __NR_clock_nanosleep | Darren Tucker | |
| 2019-11-13 | seccomp: Allow clock_nanosleep() in sandbox. | Darren Tucker | |
| seccomp: Allow clock_nanosleep() to make OpenSSH working with latest glibc. Patch from Jakub Jelen <jjelen@redhat.com> via bz #3093. | |||
| 2019-11-13 | Include stdarg.h for va_list in xmalloc.h. | Darren Tucker | |
| 2019-11-13 | Put headers inside ifdef _AIX. | Darren Tucker | |
| Prevents compile errors due to missing definitions (eg va_list) on non-AIX platforms. | |||
| 2019-11-13 | Fix comment in match_usergroup_pattern_list. | Darren Tucker | |
| Spotted by balu.gajjala@gmail.com via bz#3092. | |||
| 2019-11-13 | upstream: allow an empty attestation certificate returned by a | djm@openbsd.org | |
| security key enrollment - these are possible for tokens that only offer self- attestation. This also needs support from the middleware. ok markus@ OpenBSD-Commit-ID: 135eeeb937088ef6830a25ca0bbe678dfd2c57cc | |||
| 2019-11-13 | upstream: security keys typically need to be tapped/touched in | djm@openbsd.org | |
| order to perform a signature operation. Notify the user when this is expected via the TTY (if available) or $SSH_ASKPASS if we can. ok markus@ OpenBSD-Commit-ID: 0ef90a99a85d4a2a07217a58efb4df8444818609 | |||
| 2019-11-13 | upstream: pass SSH_ASKPASS_PROMPT hint to y/n key confirm too | djm@openbsd.org | |
| OpenBSD-Commit-ID: 08d46712e5e5f1bad0aea68e7717b7bec1ab8959 | |||
| 2019-11-13 | upstream: dd API for performing one-shot notifications via tty or | djm@openbsd.org | |
| SSH_ASKPASS OpenBSD-Commit-ID: 9484aea33aff5b62ce3642bf259546c7639f23f3 | |||
| 2019-11-13 | upstream: add xvasprintf() | djm@openbsd.org | |
| OpenBSD-Commit-ID: e5e3671c05c121993b034db935bce1a7aa372247 | |||
| 2019-11-13 | Remove leftover if statement from sync. | Darren Tucker | |
| 2019-11-13 | upstream: remove extra layer for ed25519 signature; ok djm@ | markus@openbsd.org | |
| OpenBSD-Commit-ID: 7672d9d0278b4bf656a12d3aab0c0bfe92a8ae47 | |||
| 2019-11-13 | upstream: check sig_r and sig_s for ssh-sk keys; ok djm | markus@openbsd.org | |
| OpenBSD-Commit-ID: 1a1e6a85b5f465d447a3800f739e35c5b74e0abc | |||
| 2019-11-13 | upstream: enable ed25519 support; ok djm | markus@openbsd.org | |
| OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e | |||
| 2019-11-13 | upstream: update sk-api to version 2 for ed25519 support; ok djm | markus@openbsd.org | |
| OpenBSD-Commit-ID: 77aa4d5b6ab17987d8a600907b49573940a0044a | |||
| 2019-11-13 | upstream: implement sshsk_ed25519_assemble(); ok djm | markus@openbsd.org | |
| OpenBSD-Commit-ID: af9ec838b9bc643786310b5caefc4ca4754e68c6 | |||
| 2019-11-13 | upstream: implement sshsk_ed25519_inner_sig(); ok djm | markus@openbsd.org | |
| OpenBSD-Commit-ID: f422d0052c6d948fe0e4b04bc961f37fdffa0910 | |||
| 2019-11-13 | upstream: rename sshsk_ecdsa_sign() to sshsk_sign(); ok djm | markus@openbsd.org | |
| OpenBSD-Commit-ID: 1524042e09d81e54c4470d7bfcc0194c5b46fe19 | |||
| 2019-11-13 | upstream: factor out sshsk_ecdsa_inner_sig(); ok djm@ | markus@openbsd.org | |
| OpenBSD-Commit-ID: 07e41997b542f670a15d7e2807143fe01efef584 | |||
| 2019-11-13 | upstream: factor out sshsk_ecdsa_assemble(); ok djm@ | markus@openbsd.org | |
| OpenBSD-Commit-ID: 2313761a3a84ccfe032874d638d3c363e0f14026 | |||
| 2019-11-13 | upstream: implement ssh-ed25519-sk verification; ok djm@ | markus@openbsd.org | |
| OpenBSD-Commit-ID: 37906d93948a1e3d237c20e713d6ca8fbf7d13f6 | |||
| 2019-11-13 | ignore ssh-sk-helper | Damien Miller | |
| 2019-11-13 | upstream: skip demanding -fstack-protector-all on hppa. we never | deraadt@openbsd.org | |
| wrote a stack protector for reverse-stack architectures, and i don't think anyone else did either. a warning per compiled file is just annoying. OpenBSD-Commit-ID: 14806a59353152f843eb349e618abbf6f4dd3ada | |||
| 2019-11-11 | upstream: duplicate 'x' character in getopt(3) optstring | djm@openbsd.org | |
| OpenBSD-Commit-ID: 64c81caa0cb5798de3621eca16b7dd22e5d0d8a7 | |||
| 2019-11-08 | upstream: Fill in missing man page bits for U2F security key support: | naddy@openbsd.org | |
| Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable, and ssh-keygen's new -w and -x options. Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal substitutions. ok djm@ OpenBSD-Commit-ID: ef2e8f83d0c0ce11ad9b8c28945747e5ca337ac4 | |||
| 2019-11-03 | Put sftp-realpath in libssh.a | Darren Tucker | |
| and remove it from the specific binary targets. | |||
| 2019-11-03 | statfs might be defined in sys/mount.h. | Darren Tucker | |
| eg on old NetBSDs. | |||
| 2019-11-02 | Put stdint.h inside ifdef HAVE_STDINT_H. | Darren Tucker | |
| 2019-11-02 | Rebuild .depend. | Darren Tucker | |
| 2019-11-02 | Define __BSD_VISIBLE in fnmatch.h. | Darren Tucker | |
| .. since we use symbols defined only when it is when using the compat fnmatch. | |||
| 2019-11-02 | Only enable U2F if OpenSSL supports ECC. | Darren Tucker | |
| This requires moving the U2F bits to below the OpenSSL parts so we have the required information. ok djm@ | |||
| 2019-11-02 | upstream: fix miscellaneous text problems; ok djm@ | naddy@openbsd.org | |
| OpenBSD-Commit-ID: 0cbf411a14d8fa0b269b69cbb1b4fc0ca699fe9f | |||
| 2019-11-01 | Add flags needed to build and work on Ultrix. | Darren Tucker | |
| 2019-11-01 | Hook up fnmatch for platforms that don't have it. | Darren Tucker | |
| 2019-11-01 | Add missing bracket in realpath macro. | Darren Tucker | |
| 2019-11-01 | Import fnmatch.c from OpenBSD. | Darren Tucker | |
| 2019-11-01 | Use sftp_realpath if no native realpath. | Darren Tucker | |
| 2019-11-01 | Configure flags for haiku from haikuports. | Darren Tucker | |
| Should build with the default flags with ./configure | |||
| 2019-11-01 | upstream: fix a race condition in the SIGCHILD handler that could turn | djm@openbsd.org | |
| in to a kill(-1); bz3084, reported by Gao Rui, ok dtucker@ OpenBSD-Commit-ID: ac2742e04a69d4c34223505b6a32f6d686e18896 | |||
| 2019-11-01 | conditionalise SK sign/verify on ENABLE_SK | Damien Miller | |
| Spotted by Darren and his faux-Vax | |||
| 2019-11-01 | Add prototype for localtime_r if needed. | Darren Tucker | |
| 2019-11-01 | Check if IP_TOS is defined before using. | Darren Tucker | |
| 2019-11-01 | autoconf pieces for U2F support | Damien Miller | |
| Mostly following existing logic for PKCS#11 - turning off support when either libcrypto or dlopen(3) are unavailable. | |||
| 2019-11-01 | upstream: remove duplicate PUBKEY_DEFAULT_PK_ALG on !WITH_OPENSSL path | djm@openbsd.org | |
| OpenBSD-Commit-ID: 95a7cafad2a4665d57cabacc28031fabc0bea9fc | |||
 |
index : openssh.git | |
| summaryrefslogtreecommitdiff |