| Age | Commit message (Collapse) | Author |
|---|
|
regression test for 'wildcard CA' serial/key ID revocations
|
|
avoid more fatal/exit in the packet.c paths that
ssh-keyscan uses; feedback and "looks good" markus@
|
|
permit KRLs that revoke certificates by serial number or
key ID without scoping to a particular CA; ok markus@
|
|
missing parentheses after if in do_convert_from() broke
private key conversion from other formats some time in 2010; bz#2345 reported
by jjelen AT redhat.com
|
|
fix ssh protocol 1, spotted by miod@
|
|
update to new API (key_fingerprint => sshkey_fingerprint)
check sshkey_fingerprint return values; ok markus
|
|
avoid fatal() calls in packet code makes ssh-keyscan more
reliable against server failures ok dtucker@ markus@
|
|
avoid fatal() calls in packet code makes ssh-keyscan more
reliable against server failures ok dtucker@ markus@
|
|
remove obsolete comment
|
|
Since r1.2 removed the use of PRI* macros, inttypes.h is
no longer required.
ok djm@
|
|
|
|
|
|
|
|
temporary measure until active_state goes away entirely
|
|
use printf instead of echo -n to reduce diff against
-portable
|
|
sort previous;
|
|
properly restore umask
|
|
regression test for host key rotation
|
|
adapt to sshkey API tweaks
|
|
Move -lz late in the linker commandline for things to
build on static arches.
|
|
-Wpointer-sign is supported by gcc 4 only.
|
|
use SUBDIR to recuse into unit tests; makes "make obj"
actually work
|
|
correct description of UpdateHostKeys in ssh_config.5 and
add it to -o lists for ssh, scp and sftp; pointed out by jmc@
|
|
correctly match ECDSA subtype (== curve) for
offered/recevied host keys. Fixes connection-killing host key mismatches when
a server offers multiple ECDSA keys with different curve type (an extremely
unlikely configuration).
ok markus, "looks mechanical" deraadt@
|
|
Host key rotation support.
Add a hostkeys@openssh.com protocol extension (global request) for
a server to inform a client of all its available host key after
authentication has completed. The client may record the keys in
known_hosts, allowing it to upgrade to better host key algorithms
and a server to gracefully rotate its keys.
The client side of this is controlled by a UpdateHostkeys config
option (default on).
ok markus@
|
|
small refactor and add some convenience functions; ok
markus
|
|
heirarchy -> hierarchy;
|
|
Provide a warning about chroot misuses (which sadly, seem
to have become quite popular because shiny). sshd cannot detect/manage/do
anything about these cases, best we can do is warn in the right spot in the
man page. ok markus
|
|
Reduce use of <sys/param.h> and transition to <limits.h>
throughout. ok djm markus
|
|
kex_setup errors are fatal()
|
|
this test would accidentally delete agent.sh if run without
obj/
|
|
make this compile with KERBEROS5 enabled
|
|
fix hostkeys in agent; ok markus@
|
|
|
|
finally enable the KEX tests I wrote some years ago...
|
|
adapt to new error message (SSH_ERR_MAC_INVALID)
|
|
this test was broken in at least two ways, such that it
wasn't checking that a KRL was not excluding valid keys
|
|
switch ssh-keyscan from setjmp to multiple ssh transport
layer instances ok djm@
|
|
add experimental api for packet layer; ok djm@
|
|
store compat flags in struct ssh; ok djm@
|
|
adapt kex to sshbuf and struct ssh; ok djm@
|
|
move dispatch to struct ssh; ok djm@
|
|
update packet.c & isolate, introduce struct ssh a) switch
packet.c to buffer api and isolate per-connection info into struct ssh b)
(de)serialization of the state is moved from monitor to packet.c c) the old
packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and
integrated into packet.c with and ok djm@
|
|
fix format strings in (disabled) debugging
|
|
be a bit more careful in these tests to ensure that
known_hosts is clean
|
|
regression test for known_host file editing using
ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok
markus@
|
|
more and better key tests
test signatures and verification
test certificate generation
flesh out nested cert test
removes most of the XXX todo markers
|
|
make the signature fuzzing test much more rigorous:
ensure that the fuzzed input cases do not match the original (using new
fuzz_matches_original() function) and check that the verification fails in
each case
|
|
add a fuzz_matches_original() function to the fuzzer to
detect fuzz cases that are identical to the original data. Hacky
implementation, but very useful when you need the fuzz to be different, e.g.
when verifying signature
|
|
better dumps from the fuzzer (shown on errors) -
include the original data as well as the fuzzed copy.
|
