Age | Commit message (Collapse) | Author |
|
Ensure that the client's proposed DH-GEX max value is at
least as big as the minimum the server will accept. ok djm@
Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775
|
|
|
|
|
|
Backout rev. 1.43 for now.
The function update_progress_meter() calls refresh_progress_meter()
which calls snmprintf() which calls malloc(); but update_progress_meter()
acts as the SIGALRM signal handler.
"malloc(): error: recursive call" reported by sobrado@.
Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e
|
|
Even when only writing an unescaped character, the dst
buffer may need to grow, or it would be overrun; issue found by tb@ with
malloc.conf(5) 'C'.
While here, reserve an additional byte for the terminating NUL
up front such that we don't have to realloc() later just for that.
OK tb@
Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff
|
|
Fix two rare edge cases: 1. If vasprintf() returns < 0,
do not access a NULL pointer in snmprintf(), and do not free() the pointer
returned from vasprintf() because on some systems other than OpenBSD, it
might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
rather than -1 and NULL.
Besides, free(dst) is pointless after failure (not a bug).
One half OK martijn@, the other half OK deraadt@;
committing quickly before people get hurt.
Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0
|
|
To prevent screwing up terminal settings when printing to
the terminal, for ASCII and UTF-8, escape bytes not forming characters and
bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
character sets, abort printing of the current string in these cases. In
particular, * let scp(1) respect the local user's LC_CTYPE locale(1); *
sanitize data received from the remote host; * sanitize filenames, usernames,
and similar data even locally; * take character display widths into account
for the progressmeter.
This is believed to be sufficient to keep the local terminal safe
on OpenBSD, but bad things can still happen on other systems with
state-dependent locales because many places in the code print
unencoded ASCII characters into the output stream.
Using feedback from djm@ and martijn@,
various aspects discussed with many others.
deraadt@ says it should go in now, i probably already hesitated too long
Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
|
|
KNF compression proposal and simplify the client side a
little. ok djm@
Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
|
|
Back out 'plug memleak'.
Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
|
|
prefer agent-hosted keys to keys from PKCS#11; ok markus
Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
|
|
Plug mem leak in filter_proposal. ok djm@
Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
|
|
This will be needed for the upcoming utf8 changes.
|
|
whitspace clean up. No code changes.
|
|
|
|
Patch from vinschen@redhat.com.
|
|
From mschwager via github.
|
|
Avoids sandbox violations for some krb/gssapi libraries.
|
|
fix type of ed25519 values
Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0
|
|
add IdentityAgent; noticed & ok jmc@
Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a
|
|
allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@
Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac
|
|
move SSH_MSG_NONE, so we don't have to include ssh1.h;
ok deraadt@
Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
|
|
avoids failures with UsePrivilegedPort=yes
patch from Juan Gallego
|
|
missing const in prototypes (ssh1)
Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05
|
|
Fix inverted logic for updating StreamLocalBindMask which
would cause the server to set an invalid mask. ok djm@
Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587
|
|
IdentityAgent for specifying specific agent sockets; ok
djm@
Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1
|
|
fix junk characters after quotes
Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578
|
|
correct article;
Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168
|
|
fix overriding of StreamLocalBindMask and
StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes
Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2
|
|
don't forget to include StreamLocalBindUnlink in the
config dump output
Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb
|
|
make nethack^wrandomart fingerprint flag more readily
searchable pointed out by Matt Johnston
Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb
|
|
clarify ordering of subkeys; pointed out by ietf-ssh AT
stbuehler.de
Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463
|
|
Use a subshell for constructing key types to work around
different sed behaviours for -portable.
Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d
|
|
correct some typos and remove a long-stale XXX note.
add specification for ed25519 certificates
mention no host certificate options/extensions are currently defined
pointed out by Simon Tatham
Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a
|
|
add ed25519 keys that are supported but missing from this
documents; from Peter Moody
Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b
|
|
Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. Patch
from Simon Tatham, ok markus@
Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8
|
|
unbreak config parsing on reexec from previous commit
Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab
|
|
unit and regress tests for SHA256/512; ok markus
Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6
|
|
add support for additional fixed DH groups from
draft-ietf-curdle-ssh-kex-sha2-03
diffie-hellman-group14-sha256 (2K group)
diffie-hellman-group16-sha512 (4K group)
diffie-hellman-group18-sha512 (8K group)
based on patch from Mark D. Baushke and Darren Tucker
ok markus@
Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
|
|
support SHA256 and SHA512 RSA signatures in certificates;
ok markus@
Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
|
|
fix signed/unsigned errors reported by clang-3.7; add
sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
better safety checking; feedback and ok markus@
Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
|
|
close ControlPersist background process stderr when not
in debug mode or when logging to a file or syslog. bz#1988 ok dtucker
Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24
|
|
fix comment
Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
|
|
cidr permitted for {allow,deny}users; from lars nooden ok djm
Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11
|
|
make argument == NULL tests more consistent
Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d
|
|
tweak previous;
Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f
|
|
missing bit of Include regress
Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f
|
|
remove redundant CLEANFILES section
Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587
|
|
sync CLEANFILES with portable, sort
Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed
|
|
regression test for ssh_config Include directive
Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e
|
|
unbreak test for recent ssh de-duplicated forwarding
change
Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3
|