summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-09-10 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exactDarren Tucker
return code since it can apparently return -1 under some conditions. From openssh bugs werbittewas de, ok djm@
2010-08-31 - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] includeDamien Miller
includes.h
2010-08-31 - (djm) [Makefile.in] Add new ECC filesDamien Miller
2010-08-31 - djm@cvs.openbsd.org 2010/08/31 11:54:45Damien Miller
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c] [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c] [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c] [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c] [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h] [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5] [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
2010-08-31 - djm@cvs.openbsd.org 2010/08/31 09:58:37Damien Miller
[auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c] [packet.h ssh-dss.c ssh-rsa.c] Add buffer_get_cstring() and related functions that verify that the string extracted from the buffer contains no embedded \0 characters* This prevents random (possibly malicious) crap from being appended to strings where it would not be noticed if the string is used with a string(3) function. Use the new API in a few sensitive places. * actually, we allow a single one at the end of the string for now because we don't know how many deployed implementations get this wrong, but don't count on this to remain indefinitely.
2010-08-31 - djm@cvs.openbsd.org 2010/08/16 04:06:06Damien Miller
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] backout previous temporarily; discussed with deraadt@
2010-08-31 - tedu@cvs.openbsd.org 2010/08/12 23:34:39Damien Miller
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] OpenSSL_add_all_algorithms is the name of the function we have a man page for, so use that. ok djm
2010-08-31 - jmc@cvs.openbsd.org 2010/08/08 19:36:30Damien Miller
[ssh-keysign.8 ssh.1 sshd.8] use the same template for all FILES sections; i.e. -compact/.Pp where we have multiple items, and .Pa for path names;
2010-08-27 - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,Darren Tucker
remove. Patch from martynas at venck us.
2010-08-23 - (djm) Release OpenSSH-5.6p1Damien Miller
2010-08-17- (djm) [regress/README.regress] typoDamien Miller
2010-08-17 - djm@cvs.openbsd.org 2010/08/12 21:49:44Damien Miller
[ssh.c] close any extra file descriptors inherited from parent at start and reopen stdin/stdout to /dev/null when forking for ControlPersist. prevents tools that fork and run a captive ssh for communication from failing to exit when the ssh completes while they wait for these fds to close. The inherited fds may persist arbitrarily long if a background mux master has been started by ControlPersist. cvs and scp were effected by this. "please commit" markus@
2010-08-16 - (dtucker) [configure.ac openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to the compat library which helps on platforms like old IRIX. Based on work by djm, tested by Tom Christensen.
2010-08-12 - (tim) [auth.c] add cast to quiet compiler. Change only affects SVR5 systems.Tim Rice
2010-08-12 - (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.shTim Rice
regress/test-exec.sh] Under certain conditions when testing with sudo tests would fail because the pidfile could not be read by a regular user. "cat: cannot open ...../regress/pidfile: Permission denied (error 13)" Make sure cat is run by $SUDO. no objection from me. djm@
2010-08-10 - (dtucker) bug #1530: strip trailing ":" from hostname in ssh-copy-id.Darren Tucker
based in part on a patch from Colin Watson, ok djm@
2010-08-10 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it isDamien Miller
already set. Makes FreeBSD user openable tunnels useful; patch from richard.burakowski+ossh AT mrburak.net, ok dtucker@
2010-08-09 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]Damien Miller
[contrib/suse/openssh.spec] Crank version numbers
2010-08-09 - OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2010/08/08 16:26:42 [version.h] crank to 5.6
2010-08-09unbreak datestampsDamien Miller
2010-08-05 - djm@cvs.openbsd.org 2010/08/05 13:08:42Damien Miller
[channels.c] Fix a trio of bugs in the local/remote window calculation for datagram data channels (i.e. TunnelForward): Calculate local_consumed correctly in channel_handle_wfd() by measuring the delta to buffer_len(c->output) from when we start to when we finish. The proximal problem here is that the output_filter we use in portable modified the length of the dequeued datagram (to futz with the headers for !OpenBSD). In channel_output_poll(), don't enqueue datagrams that won't fit in the peer's advertised packet size (highly unlikely to ever occur) or which won't fit in the peer's remaining window (more likely). In channel_input_data(), account for the 4-byte string header in datagram packets that we accept from the peer and enqueue in c->output. report, analysis and testing 2/3 cases from wierbows AT us.ibm.com; "looks good" markus@
2010-08-05 - djm@cvs.openbsd.org 2010/08/04 06:08:40Damien Miller
[ssh-keysign.c] clean for -Wuninitialized (Id sync only; portable had this change)
2010-08-05 - djm@cvs.openbsd.org 2010/08/04 06:07:11Damien Miller
[ssh-keygen.1 ssh-keygen.c] Support CA keys in PKCS#11 tokens; feedback and ok markus@
2010-08-05 - djm@cvs.openbsd.org 2010/08/04 05:49:22Damien Miller
[authfile.c] commited the wrong version of the hostbased certificate diff; this version replaces some strlc{py,at} verbosity with xasprintf() at the request of markus@
2010-08-05 - djm@cvs.openbsd.org 2010/08/04 05:42:47Damien Miller
[auth.c auth2-hostbased.c authfile.c authfile.h ssh-keysign.8] [ssh-keysign.c ssh.c] enable certificates for hostbased authentication, from Iain Morgan; "looks ok" markus@
2010-08-05 - djm@cvs.openbsd.org 2010/08/04 05:40:39Damien Miller
[PROTOCOL.certkeys ssh-keygen.c] tighten the rules for certificate encoding by requiring that options appear in lexical order and make our ssh-keygen comply. ok markus@
2010-08-05 - djm@cvs.openbsd.org 2010/08/04 05:37:01Damien Miller
[ssh.1 ssh_config.5 sshd.8] Remove mentions of weird "addr/port" alternate address format for IPv6 addresses combinations. It hasn't worked for ages and we have supported the more commen "[addr]:port" format for a long time. ok jmc@ markus@
2010-08-03 - dtucker@cvs.openbsd.org 2010/07/23 08:49:25Damien Miller
[ssh.1] Ciphers is documented in ssh_config(5) these days
2010-08-03 - djm@cvs.openbsd.org 2010/07/21 02:10:58Damien Miller
[misc.c] sync timingsafe_bcmp() with the one dempsky@ committed to sys/lib/libkern
2010-08-03 - djm@cvs.openbsd.org 2010/07/19 09:15:12Damien Miller
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5] add a "ControlPersist" option that automatically starts a background ssh(1) multiplex master when connecting. This connection can stay alive indefinitely, or can be set to automatically close after a user-specified duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but further hacked on by wmertens AT cisco.com, apb AT cequrux.com, martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@
2010-08-03 - djm@cvs.openbsd.org 2010/07/19 03:16:33Damien Miller
[sftp-client.c] bz#1797: fix swapped args in upload_dir_internal(), breaking recursive upload depth checks and causing verbose printing of transfers to always be turned on; patch from imorgan AT nas.nasa.gov
2010-08-03 - djm@cvs.openbsd.org 2010/07/16 14:07:35Damien Miller
[ssh-rsa.c] more timing paranoia - compare all parts of the expected decrypted data before returning. AFAIK not exploitable in the SSH protocol. "groovy" deraadt@
2010-08-03 - OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2010/07/16 04:45:30 [ssh-keygen.c] avoid bogus compiler warning
2010-08-03 - (dtucker) [monitor.c] Bug #1795: Initialize the values to be returned fromDarren Tucker
PAM to sane values in case the PAM method doesn't write to them. Spotted by Bitman Zhou, ok djm@.
2010-07-19 - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with moreDarren Tucker
details about its behaviour WRT existing directories. Patch from asguthrie at gmail com, ok djm.
2010-07-16 - schwarze@cvs.openbsd.org 2010/07/15 21:20:38Damien Miller
[ssh-keygen.1] repair incorrect block nesting, which screwed up indentation; problem reported and fix OK by jmc@
2010-07-16 - jmc@cvs.openbsd.org 2010/07/14 17:06:58Damien Miller
[ssh.1] finally ssh synopsis looks nice again! this commit just removes a ton of hacks we had in place to make it work with old groff;
2010-07-16 - djm@cvs.openbsd.org 2010/07/13 23:13:16Damien Miller
[auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c] [ssh-rsa.c] s/timing_safe_cmp/timingsafe_bcmp/g
2010-07-16 - djm@cvs.openbsd.org 2010/07/13 11:52:06Damien Miller
[auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c] [packet.c ssh-rsa.c] implement a timing_safe_cmp() function to compare memory without leaking timing information by short-circuiting like memcmp() and use it for some of the more sensitive comparisons (though nothing high-value was readily attackable anyway); "looks ok" markus@
2010-07-16 - djm@cvs.openbsd.org 2010/07/12 22:41:13Damien Miller
[ssh.c ssh_config.5] expand %h to the hostname in ssh_config Hostname options. While this sounds useless, it is actually handy for working with unqualified hostnames: Host *.* Hostname %h Host * Hostname %h.example.org "I like it" markus@
2010-07-16 - djm@cvs.openbsd.org 2010/07/12 22:38:52Damien Miller
[ssh.c] Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f") for protocol 2. ok markus@
2010-07-16 - djm@cvs.openbsd.org 2010/07/02 04:32:44Damien Miller
[misc.c] unbreak strdelim() skipping past quoted strings, e.g. AllowUsers "blah blah" blah was broken; report and fix in bz#1757 from bitman.zhou AT centrify.com ok dtucker;
2010-07-14 - (tim) [contrib/redhat/openssh.spec] Bug 1796: Test for skip_x11_askpassTim Rice
(line 77) should have been for no_x11_askpass.
2010-07-02 - djm@cvs.openbsd.org 2010/06/29 23:59:54Damien Miller
[cert-userkey.sh] regress tests for key options in AuthorizedPrincipals
2010-07-02 - phessler@cvs.openbsd.org 2010/06/27 19:19:56Damien Miller
[Makefile] fix how we run the tests so we can successfully use SUDO='sudo -E' in our env
2010-07-02 - millert@cvs.openbsd.org 2010/07/01 13:06:59Damien Miller
[scp.c] Fix a longstanding problem where if you suspend scp at the password/passphrase prompt the terminal mode is not restored. OK djm@
2010-07-02 - jmc@cvs.openbsd.org 2010/06/30 07:28:34Damien Miller
[sshd_config.5] tweak previous;
2010-07-02 - jmc@cvs.openbsd.org 2010/06/30 07:26:03Damien Miller
[ssh-keygen.c] sort usage();
2010-07-02 - jmc@cvs.openbsd.org 2010/06/30 07:24:25Damien Miller
[ssh-keygen.1] tweak previous;
2010-07-02 - djm@cvs.openbsd.org 2010/06/29 23:16:46Damien Miller
[auth2-pubkey.c sshd_config.5] allow key options (command="..." and friends) in AuthorizedPrincipals; ok markus@