Age | Commit message (Collapse) | Author |
|
OpenBSD-Regress-ID: 820f9ec9c6301f6ca330ad4052d85f0e67d0bdc1
|
|
testing of restrict keyword
OpenBSD-Regress-ID: 4268f27c2706a0a95e725d9518c5bcbec9814c6d
|
|
authorized_keys
OpenBSD-Regress-ID: ee771df8955f2735df54746872c6228aff381daa
|
|
remove the legacy one.
Includes a fairly big refactor of auth2-pubkey.c to retain less state
between key file lines.
feedback and ok markus@
OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
|
|
This API parses options to a dedicated structure rather than the old API's
approach of setting global state. It also includes support for merging
options, e.g. from authorized_keys, authorized_principals and/or
certificates.
feedback and ok markus@
OpenBSD-Commit-ID: 98badda102cd575210d7802943e93a34232c80a2
|
|
different to what was requested. This might happen when an old/non-OpenSSH
agent is asked to make a rsa-sha2-256/512 signature but only supports
ssh-rsa. bz#2799 feedback and ok markus@
OpenBSD-Commit-ID: 760c0f9438c5c58abc16b5f98008ff2d95cb13ce
|
|
OpenBSD-Commit-ID: 518a6736338045e0037f503c21027d958d05e703
|
|
sshd_config quotes option strings. bz#1596 ok markus@
OpenBSD-Commit-ID: dd3a29fc2dc905e8780198e5a6a30b096de1a1cb
|
|
readable. ok markus
OpenBSD-Commit-ID: 2e9247b5762fdac3b6335dc606d3822121714c28
|
|
jmc@
OpenBSD-Commit-ID: 9039cb69a3f9886bfef096891a9e7fcbd620280b
|
|
OpenBSD-Commit-ID: 132812dd2296b1caa8cb07d2408afc28e4e60f93
|
|
with portable. ok djm@.
OpenBSD-Commit-ID: 5233a27aafd1dfadad4b957225f95ae51eb365c1
|
|
OpenBSD-Commit-ID: 52f247d4eafe840c7c14c8befa71a760a8eeb063
|
|
Add #ifdef WITH_XMSS to ssh-xmss.c, move it in the other files to after
includes.h so it's less likely to conflict and will pick up WITH_XMSS if
added to config.h.
|
|
The XMSS code is currently experimental and, unlike the rest of OpenSSH
cannot currently be compiled with a c89 compiler.
|
|
|
|
Some compilers (gcc 2.9.53, 3.0 and probably others, see gcc bug #3481)
do not accept __attribute__ on function pointer prototype args. Check for
this and hide them if they're not accepted.
|
|
|
|
|
|
The former doesn't work on Solaris or BSDs.
|
|
Nothing currently uses them but they cause conflicts on at least
FreeBSD, possibly others. ok djm@
|
|
|
|
Also a couple of minor changes: fail if we can't lock instead of
silently succeeding, and apply a couple of minor style fixes.
|
|
From NetBSD's src/trunk/tools/compat/flock.c, no OpenSSH changes yet.
|
|
BUILDDIR is not set where used for REGRESSTMP, use make's CURDIR
instead. Pointed out by djm@.
|
|
|
|
|
|
Use string_to_security_class() instead.
|
|
|
|
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@
OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
|
|
OpenBSD-Commit-ID: 1a719ebeae22a166adf05bea5009add7075acc8c
|
|
AC_FUNC_GETPGRP tests if getpgrp(0) works, which it does if it's not
declared. Instead, test if the zero-arg version we want to use works.
|
|
|
|
|
|
Configure assumes that if malloc(0) returns null then calloc(0,n)
also does. On some old platforms (SunOS4) malloc behaves as expected
(as determined by AC_FUNC_MALLOC) but calloc doesn't. Test for this
at configure time and activate the replacement function if found, plus
handle this case in rpl_calloc.
|
|
|
|
|
|
Since explicit_bzero uses it via an indirect it needs to be a function
not just a macro.
|
|
SSHFP format bz#2821, ok dtucker@
OpenBSD-Commit-ID: 831446b582e0f298ca15c9d99c415c899e392221
|
|
Caught by the tinderbox's -Werror=misleading-indentation, ok djm@
OpenBSD-Commit-ID: d44656af594c3b2366eb87d6abcef83e1c88a6ca
|
|
BindInterface required getifaddr and friends so disable if not available
(eg Solaris 10). We should be able to add support for some systems with
a bit more work but this gets the building again.
|
|
|
|
$SUDO set. Prevents test failures when neither sudo nor doas are configured.
OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b
|
|
|
|
Watson via bz#2823
OpenBSD-Regress-ID: 807d30a597756ed6612bdf46dfebca74f49cb31a
|
|
fatal().
OpenBSD-Regress-ID: cd4b5f1109b0dc09af4e5ea7d4968c43fbcbde88
|
|
$SUDO set. Prevents test failures when neither sudo nor doas are configured.
OpenBSD-Regress-ID: 6a0464decc4f8ac7d6eded556a032b0fc521bc7b
|
|
OpenBSD-Regress-ID: e736aac39e563f5360a0935080a71d5fdcb976de
|
|
command-line argument to ssh(1) that directs it to bind its outgoing
connection to the address of the specified network interface.
BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.
Based on patch by Mike Manning in bz#2820, ok dtucker@
OpenBSD-Commit-ID: c5064d285c2851f773dd736a2c342aa384fbf713
|
|
that the client may not support, and that the client should simply disregard
such keys (this is what ssh does already).
OpenBSD-Commit-ID: 65f8ffbc32ac8d12be8f913d7c0ea55bef8622bf
|