Age | Commit message (Collapse) | Author |
|
in OpenBSD (they are the same value) but makes things easier in -portable
where they may be distinct values. "sigh ok" deraadt@
(ID sync only, portable already had this change).
OpenBSD-Commit-ID: 91f2bc7c0ecec905915ed59fa37feb9cc90e17d7
|
|
*ONLY IF* there's a delimiter. If there's not (the common case) it checked
uninitialized memory, which usually passed, but if not would cause spurious
failures when the uninitialized memory happens to contain "/". ok deraadt.
OpenBSD-Commit-ID: 4291611eaf2a53d4c92f4a57c7f267c9f944e0d3
|
|
host/port was added in 2001 as an alternative to host:port syntax for
the benefit of IPv6 users. These days there are establised standards
for this like [::1]:22 and the slash syntax is easily mistaken for CIDR
notation, which OpenSSH now supports for some things. Remove the slash
notation from ListenAddress and PermitOpen. bz#2335, patch from jjelen
at redhat.com, ok markus@
OpenBSD-Commit-ID: fae5f4e23c51a368d6b2d98376069ac2b10ad4b7
|
|
redhat.com
OpenBSD-Commit-ID: cca3965a8333f2b6aae48b79ec1d72f7a830dd2c
|
|
generation. It's not mentioned in RFC4419 and it's not possible for
Sophie-Germain primes greater than 5. bz#2330, from Christian Wittenhorst ,
ok djm@ tb@
OpenBSD-Commit-ID: 1467652e6802ad3333b0959282d8d49dfe22c8cd
|
|
the progressmeter formatting outside of signal handler context and have the
atomicio callback called for EINTR too. bz#2434 with contributions from djm
and jjelen at redhat.com, ok djm@
OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8
|
|
In the cases where we can't compare to read or readv function pointers
for some reason we currently ifdef out the poll() used to block while
waiting for reads or writes, falling back to busy waiting. This restores
the poll() in this case, but has it always check for read or write,
removing an inline ifdef in the process.
|
|
|
|
Prevents macro redefinition warning on at least NetBSD 6.1.
|
|
signed in a single commandline.
OpenBSD-Commit-ID: 39881087641efb8cd83c7ec13b9c98280633f45b
|
|
rest static
OpenBSD-Commit-ID: fa431d92584e81fe99f95882f4c56b43fe3242dc
|
|
|
|
OpenBSD-Commit-ID: 37645419a330037d297f6f0adc3b3663e7ae7b2e
|
|
rather than pointer+length; ok markus@
OpenBSD-Commit-ID: ef0c89c52ccc89817a13a5205725148a28492bf7
|
|
input buffer is too full to read one, or if the output buffer is too full to
enqueue a response; feedback & ok dtucker@
OpenBSD-Commit-ID: df3c5b6d57c968975875de40d8955cbfed05a6c8
|
|
OpenBSD-Commit-ID: bca476a5236e8f94210290b3e6a507af0434613e
|
|
initial login, the attempt at reading the PIN could be skipped in some cases
especially on devices with integrated PIN readers.
based on patch from Daniel Kucera in bz#2652; ok markus@
OpenBSD-Commit-ID: fad70a61c60610afe8bb0db538c90e343e75e58e
|
|
requring a fresh login after the C_SignInit operation.
based on patch from Jakub Jelen in bz#2638; ok markus
OpenBSD-Commit-ID: a76e66996ba7c0923b46b74d46d499b811786661
|
|
not applied to any ProxyJump/-J hosts. This has confused a few people...
OpenBSD-Commit-ID: 03f4f641df6ca236c1bfc69836a256b873db868b
|
|
support it
Be more explicit in the description of -m about where it may be used
Prompted by Jakub Jelen in bz2904
OpenBSD-Commit-ID: 3b398ac5e05d8a6356710d0ff114536c9d71046c
|
|
debug2; bz2939
OpenBSD-Commit-ID: ac0fe5ca1429ebf4d460bad602adc96de0d7e290
|
|
private
OpenBSD-Commit-ID: 7de7ff6d274d82febf9feb641e2415ffd6a30bfb
|
|
and give some hints on how keys may be converted or written in the old
format.
OpenBSD-Commit-ID: 9c90a9f92eddc249e07fad1204d0e15c8aa13823
|
|
OpenBSD-Commit-ID: d2a80e389da8e7ed71978643d8cbaa8605b597a8
|
|
OpenBSD-Commit-ID: 26d95e409a0b72526526fc56ca1caca5cc3d3c5e
|
|
and sftp(1) to match ssh(1)'s interface.
ok djm
OpenBSD-Commit-ID: a75bc2d5f329caa7229a7e9fe346c4f41c2663fc
|
|
|
|
|
|
|
|
libpqcrypto; the latter is almost identical but doesn't rely on signed
underflow to implement an optimised integer sort; from markus@
OpenBSD-Commit-ID: cd09bbf0e0fcef1bedca69fdf7990dc360567cf8
|
|
|
|
debug verbosity.
Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run
in debug mode ("ssh-agent -d"), so we get to see errors from the
PKCS#11 code.
ok markus@
OpenBSD-Commit-ID: 0a798643c6a92a508df6bd121253ba1c8bee659d
|
|
OpenBSD-Regress-ID: 54d6857e7c58999c7a6d40942ab0fed3529f43ca
|
|
OpenBSD-Regress-ID: 92cad022d3b0d11e08f3e0055d6a14b8f994c0d7
|
|
OpenBSD-Regress-ID: cea6ff270f3d560de86b355a87a2c95b55a5ca63
|
|
OpenBSD-Regress-ID: ce72487327eee4dfae1ab0212a1f33871fe0809f
|
|
|
|
errors in cert-hostkey.sh regress failures.
OpenBSD-Commit-ID: 12dab63850b844f84d5a67e86d9e21a42fba93ba
|
|
grrr
OpenBSD-Commit-ID: bcff316c3e7da8fd15333e05d244442c3aaa66b0
|
|
OpenBSD-Commit-ID: 4795b0ff142b45448f7e15f3c2f77a947191b217
|
|
KEM has been renamed to kexgen
from markus@ ok djm@
OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8
|
|
from markus@ ok djm@
OpenBSD-Commit-ID: 87d886b7f1812ff9355fda1435f6ea9b71a0ac89
|
|
rather than pointer+len
suggested by me; implemented by markus@ ok me
OpenBSD-Commit-ID: 994f33c464f4a9e0f1d21909fa3e379f5a0910f0
|
|
DH-like KEX methods have moved to KEM
from markus@ ok djm@
OpenBSD-Commit-ID: bde9809103832f349545e4f5bb733d316db9a060
|
|
from markus@ ok djm@
OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c
|
|
|
|
from markus@ ok djm@
OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
|
|
OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f
|
|
sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime
4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not
enabled by default.
introduce KEM API; a simplified framework for DH-ish KEX methods.
from markus@ feedback & ok djm@
OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7
|
|
almost exactly across client and server for several KEX methods.
from markus@ ok djm@
OpenBSD-Commit-ID: 4e4a16d949dadde002a0aacf6d280a684e20829c
|