summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-01-26upstream commitderaadt@openbsd.org
Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
2015-01-26upstream commitmarkus@openbsd.org
kex_setup errors are fatal()
2015-01-20upstream commitdjm@openbsd.org
this test would accidentally delete agent.sh if run without obj/
2015-01-20upstream commitdjm@openbsd.org
make this compile with KERBEROS5 enabled
2015-01-20upstream commitdjm@openbsd.org
fix hostkeys in agent; ok markus@
2015-01-20fix kex testDamien Miller
2015-01-20upstream commitmarkus@openbsd.org
finally enable the KEX tests I wrote some years ago...
2015-01-20upstream commitmarkus@openbsd.org
adapt to new error message (SSH_ERR_MAC_INVALID)
2015-01-20upstream commitdjm@openbsd.org
this test was broken in at least two ways, such that it wasn't checking that a KRL was not excluding valid keys
2015-01-20upstream commitmarkus@openbsd.org
switch ssh-keyscan from setjmp to multiple ssh transport layer instances ok djm@
2015-01-20upstream commitmarkus@openbsd.org
add experimental api for packet layer; ok djm@
2015-01-20upstream commitmarkus@openbsd.org
store compat flags in struct ssh; ok djm@
2015-01-20upstream commitmarkus@openbsd.org
adapt kex to sshbuf and struct ssh; ok djm@
2015-01-20upstream commitmarkus@openbsd.org
move dispatch to struct ssh; ok djm@
2015-01-20upstream commitmarkus@openbsd.org
update packet.c & isolate, introduce struct ssh a) switch packet.c to buffer api and isolate per-connection info into struct ssh b) (de)serialization of the state is moved from monitor to packet.c c) the old packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and integrated into packet.c with and ok djm@
2015-01-20upstream commitdjm@openbsd.org
fix format strings in (disabled) debugging
2015-01-20upstream commitdjm@openbsd.org
be a bit more careful in these tests to ensure that known_hosts is clean
2015-01-20upstream commitdjm@openbsd.org
regression test for known_host file editing using ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok markus@
2015-01-20upstream commitdjm@openbsd.org
more and better key tests test signatures and verification test certificate generation flesh out nested cert test removes most of the XXX todo markers
2015-01-20upstream commitdjm@openbsd.org
make the signature fuzzing test much more rigorous: ensure that the fuzzed input cases do not match the original (using new fuzz_matches_original() function) and check that the verification fails in each case
2015-01-20upstream commitdjm@openbsd.org
add a fuzz_matches_original() function to the fuzzer to detect fuzz cases that are identical to the original data. Hacky implementation, but very useful when you need the fuzz to be different, e.g. when verifying signature
2015-01-20upstream commitdjm@openbsd.org
better dumps from the fuzzer (shown on errors) - include the original data as well as the fuzzed copy.
2015-01-20upstream commitdjm@openbsd.org
enable hostkey-agent.sh test
2015-01-20upstream commitdjm@openbsd.org
unit test for hostkeys in ssh-agent
2015-01-20upstream commitmarkus@openbsd.org
add kex unit tests
2015-01-20upstream commitderaadt@openbsd.org
djm, your /usr/include tree is old
2015-01-20upstream commitdjm@openbsd.org
some feedback from markus@: comment hostkeys_foreach() context and avoid a member in it.
2015-01-20upstream commitdjm@openbsd.org
make ssh-keygen use hostkeys_foreach(). Removes some horrendous code; ok markus@
2015-01-20upstream commitdjm@openbsd.org
convert load_hostkeys() (hostkey ordering and known_host matching) to use the new hostkey_foreach() iterator; ok markus
2015-01-20upstream commitdjm@openbsd.org
introduce hostkeys_foreach() to allow iteration over a known_hosts file or controlled subset thereof. This will allow us to pull out some ugly and duplicated code, and will be used to implement hostkey rotation later. feedback and ok markus
2015-01-20upstream commitderaadt@openbsd.org
string truncation due to sizeof(size) ok djm markus
2015-01-20upstream commitdjm@openbsd.org
avoid trailing ',' in host key algorithms
2015-01-20upstream commitdjm@openbsd.org
infer key length correctly when user specified a fully- qualified key name instead of using the -b bits option; ok markus@
2015-01-20upstream commitdjm@openbsd.org
fix hostkeys on ssh agent; found by unit test I'm about to commit
2015-01-20upstream commitschwarze@openbsd.org
garbage collect empty .No macros mandoc warns about
2015-01-20upstream commitdjm@openbsd.org
regression: incorrect error message on otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@
2015-01-16upstream commitdjm@openbsd.org
when hostname canonicalisation is enabled, try to parse hostnames as addresses before looking them up for canonicalisation. fixes bz#2074 and avoids needless DNS lookups in some cases; ok markus
2015-01-16upstream commitderaadt@openbsd.org
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
2015-01-16upstream commitmarkus@openbsd.org
remove xmalloc, switch to sshbuf
2015-01-16upstream commitmarkus@openbsd.org
switch to sshbuf
2015-01-16upstream commitnaddy@openbsd.org
handle UMAC128 initialization like UMAC; ok djm@ markus@
2015-01-15upstream commitdjm@openbsd.org
fix regression reported by brad@ for passworded keys without agent present
2015-01-15make bitmap test compileDamien Miller
2015-01-15upstream commitdjm@openbsd.org
unit tests for KRL bitmap
2015-01-15upstream commitmarkus@openbsd.org
re-add comment about full path
2015-01-15upstream commitmarkus@openbsd.org
don't reset to the installed sshd; connect before reconfigure, too
2015-01-15upstream commitdjm@openbsd.org
implement a SIGINFO handler so we can discern a stuck fuzz test from a merely glacial one; prompted by and ok markus
2015-01-15upstream commitdjm@openbsd.org
use $SSH instead of installed ssh to allow override; spotted by markus@
2015-01-15upstream commitdjm@openbsd.org
regress test for PubkeyAcceptedKeyTypes; ok markus@
2015-01-15upstream commitmarkus@openbsd.org
unbreak parsing of pubkey comments; with gerhard; ok djm/deraadt