| Age | Commit message (Collapse) | Author |
|---|
|
jmc@
OpenBSD-Commit-ID: 9039cb69a3f9886bfef096891a9e7fcbd620280b
|
|
OpenBSD-Commit-ID: 132812dd2296b1caa8cb07d2408afc28e4e60f93
|
|
with portable. ok djm@.
OpenBSD-Commit-ID: 5233a27aafd1dfadad4b957225f95ae51eb365c1
|
|
OpenBSD-Commit-ID: 52f247d4eafe840c7c14c8befa71a760a8eeb063
|
|
Add #ifdef WITH_XMSS to ssh-xmss.c, move it in the other files to after
includes.h so it's less likely to conflict and will pick up WITH_XMSS if
added to config.h.
|
|
The XMSS code is currently experimental and, unlike the rest of OpenSSH
cannot currently be compiled with a c89 compiler.
|
|
|
|
Some compilers (gcc 2.9.53, 3.0 and probably others, see gcc bug #3481)
do not accept __attribute__ on function pointer prototype args. Check for
this and hide them if they're not accepted.
|
|
|
|
|
|
The former doesn't work on Solaris or BSDs.
|
|
Nothing currently uses them but they cause conflicts on at least
FreeBSD, possibly others. ok djm@
|
|
|
|
Also a couple of minor changes: fail if we can't lock instead of
silently succeeding, and apply a couple of minor style fixes.
|
|
From NetBSD's src/trunk/tools/compat/flock.c, no OpenSSH changes yet.
|
|
BUILDDIR is not set where used for REGRESSTMP, use make's CURDIR
instead. Pointed out by djm@.
|
|
|
|
|
|
Use string_to_security_class() instead.
|
|
|
|
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@
OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
|
|
OpenBSD-Commit-ID: 1a719ebeae22a166adf05bea5009add7075acc8c
|
|
AC_FUNC_GETPGRP tests if getpgrp(0) works, which it does if it's not
declared. Instead, test if the zero-arg version we want to use works.
|
|
|
|
|
|
Configure assumes that if malloc(0) returns null then calloc(0,n)
also does. On some old platforms (SunOS4) malloc behaves as expected
(as determined by AC_FUNC_MALLOC) but calloc doesn't. Test for this
at configure time and activate the replacement function if found, plus
handle this case in rpl_calloc.
|
|
|
|
|
|
Since explicit_bzero uses it via an indirect it needs to be a function
not just a macro.
|
|
SSHFP format bz#2821, ok dtucker@
OpenBSD-Commit-ID: 831446b582e0f298ca15c9d99c415c899e392221
|
|
Caught by the tinderbox's -Werror=misleading-indentation, ok djm@
OpenBSD-Commit-ID: d44656af594c3b2366eb87d6abcef83e1c88a6ca
|
|
BindInterface required getifaddr and friends so disable if not available
(eg Solaris 10). We should be able to add support for some systems with
a bit more work but this gets the building again.
|
|
|
|
$SUDO set. Prevents test failures when neither sudo nor doas are configured.
OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b
|
|
|
|
Watson via bz#2823
OpenBSD-Regress-ID: 807d30a597756ed6612bdf46dfebca74f49cb31a
|
|
fatal().
OpenBSD-Regress-ID: cd4b5f1109b0dc09af4e5ea7d4968c43fbcbde88
|
|
$SUDO set. Prevents test failures when neither sudo nor doas are configured.
OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b
|
|
OpenBSD-Regress-ID: e736aac39e563f5360a0935080a71d5fdcb976de
|
|
command-line argument to ssh(1) that directs it to bind its outgoing
connection to the address of the specified network interface.
BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.
Based on patch by Mike Manning in bz#2820, ok dtucker@
OpenBSD-Commit-ID: c5064d285c2851f773dd736a2c342aa384fbf713
|
|
that the client may not support, and that the client should simply disregard
such keys (this is what ssh does already).
OpenBSD-Commit-ID: 65f8ffbc32ac8d12be8f913d7c0ea55bef8622bf
|
|
On some older platforms (at least sunos4, probably others) sys/audit.h
requires some other headers. Patch from klausz at haus-gisela.de.
|
|
Defaults to original location ($srcdir/regress) but allows overriding
if desired, eg a directory in /tmp.
|
|
getrusage was used in ssh-rand-helper but that's now long gone.
Patch from klauszh at haus-gisela.de.
|
|
Some SSH servers eg "ConfD" drop the connection if the client sends the
new IUTF8 (RFC8160) terminal mode even if it's not set. Add a bug bit
for such servers and avoid sending IUTF8 to them. ok djm@
OpenBSD-Commit-ID: 26425855402d870c3c0a90491e72e2a8a342ceda
|
|
|
|
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
From Jakub Jelen via bz#2826
OpenBSD-Commit-ID: 51bf769f06e55447f4bfa7306949e62d2401907a
|
|
stanza and manpage bits; from Colin Watson via bz#2662, ok dtucker@
OpenBSD-Commit-ID: d33a849f481684ff655c140f5eb1b4acda8c5c09
|
|
constant time.
This avoids a potential side channel timing leak.
ok djm@ markus@
OpenBSD-Commit-ID: 71ff3c16be03290e63d8edab8fac053d8a82968c
|
|
This also zeros an ed25519_pk when it was not being zeroed previously.
ok djm@ dtucker@
OpenBSD-Commit-ID: 5c196a3c85c23ac0bd9b11bcadaedd90b7a2ce82
|
