summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-01-20upstream commitdjm@openbsd.org
infer key length correctly when user specified a fully- qualified key name instead of using the -b bits option; ok markus@
2015-01-20upstream commitdjm@openbsd.org
fix hostkeys on ssh agent; found by unit test I'm about to commit
2015-01-20upstream commitschwarze@openbsd.org
garbage collect empty .No macros mandoc warns about
2015-01-20upstream commitdjm@openbsd.org
regression: incorrect error message on otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@
2015-01-16upstream commitdjm@openbsd.org
when hostname canonicalisation is enabled, try to parse hostnames as addresses before looking them up for canonicalisation. fixes bz#2074 and avoids needless DNS lookups in some cases; ok markus
2015-01-16upstream commitderaadt@openbsd.org
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
2015-01-16upstream commitmarkus@openbsd.org
remove xmalloc, switch to sshbuf
2015-01-16upstream commitmarkus@openbsd.org
switch to sshbuf
2015-01-16upstream commitnaddy@openbsd.org
handle UMAC128 initialization like UMAC; ok djm@ markus@
2015-01-15upstream commitdjm@openbsd.org
fix regression reported by brad@ for passworded keys without agent present
2015-01-15make bitmap test compileDamien Miller
2015-01-15upstream commitdjm@openbsd.org
unit tests for KRL bitmap
2015-01-15upstream commitmarkus@openbsd.org
re-add comment about full path
2015-01-15upstream commitmarkus@openbsd.org
don't reset to the installed sshd; connect before reconfigure, too
2015-01-15upstream commitdjm@openbsd.org
implement a SIGINFO handler so we can discern a stuck fuzz test from a merely glacial one; prompted by and ok markus
2015-01-15upstream commitdjm@openbsd.org
use $SSH instead of installed ssh to allow override; spotted by markus@
2015-01-15upstream commitdjm@openbsd.org
regress test for PubkeyAcceptedKeyTypes; ok markus@
2015-01-15upstream commitmarkus@openbsd.org
unbreak parsing of pubkey comments; with gerhard; ok djm/deraadt
2015-01-15upstream commitdjm@openbsd.org
fatal if soft-PKCS11 library is missing rather (rather than continue and fail with a more cryptic error)
2015-01-15upstream commitdjm@openbsd.org
let this test all supporte key types; pointed out/ok markus@
2015-01-15upstream commitdjm@openbsd.org
sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mostly mechanical, ok markus@
2015-01-15upstream commitdjm@openbsd.org
remove commented-out test code now that it has moved to a proper unit test
2015-01-15upstream commitdjm@openbsd.org
whitespace
2015-01-15upstream commitdjm@openbsd.org
move authfd.c and its tentacles to the new buffer/key API; ok markus@
2015-01-15upstream commitdjm@openbsd.org
fix small regression: ssh-agent would return a success message but an empty signature if asked to sign using an unknown key; ok markus@
2015-01-15more --without-opensslDamien Miller
fix some regressions caused by upstream merges enable KRLs now that they no longer require BIGNUMs
2015-01-15kludge around tun API mismatch bettererDamien Miller
2015-01-15some systems lack SO_REUSEPORTDamien Miller
2015-01-15fix merge botchDamien Miller
2015-01-15unbreak across API changeDamien Miller
2015-01-15need includes.h for portable OpenSSHDamien Miller
2015-01-15support --without-openssl at configure timeDamien Miller
Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
2015-01-15add files missed in last commitDamien Miller
2015-01-15upstream commitdjm@openbsd.org
avoid BIGNUM in KRL code by using a simple bitmap; feedback and ok markus
2015-01-15upstream commitdjm@openbsd.org
update sftp client and server to new buffer API. pretty much just mechanical changes; with & ok markus
2015-01-15upstream commitmarkus@openbsd.org
switch to sshbuf/sshkey; with & ok djm@
2015-01-14support --without-openssl at configure timeDamien Miller
Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
2015-01-14upstream commitdjm@openbsd.org
avoid an warning for the !OPENSSL case
2015-01-14upstream commitmarkus@openbsd.org
swith auth-options to new sshbuf/sshkey; ok djm@
2015-01-14upstream commitdjm@openbsd.org
make non-OpenSSL aes-ctr work on sshd w/ privsep; ok markus@
2015-01-14upstream commitmarkus@openbsd.org
remove unneeded includes, sync my copyright across files & whitespace; ok djm@
2015-01-14upstream commitmarkus@openbsd.org
adapt mac.c to ssherr.h return codes (de-fatal) and simplify dependencies ok djm@
2015-01-14upstream commitdjm@openbsd.org
sync changes from libopenssh; prepared by markus@ mostly debug output tweaks, a couple of error return value changes and some other minor stuff
2015-01-13add --without-ssh1 option to configureDamien Miller
Allows disabling support for SSH protocol 1.
2015-01-13upstream commitdjm@openbsd.org
add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes options to allow sshd to control what public key types will be accepted. Currently defaults to all. Feedback & ok markus@
2015-01-13upstream commitmarkus@openbsd.org
unbreak parsing of pubkey comments; with gerhard; ok djm/deraadt
2015-01-13upstream commitmarkus@openbsd.org
missing error assigment on sshbuf_put_string()
2015-01-13upstream commitdjm@openbsd.org
apparently memcpy(x, NULL, 0) is undefined behaviour according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls when length==0; ok markus@
2015-01-13upstream commitmarkus@openbsd.org
free->sshkey_free; ok djm@
2015-01-13upstream commitmarkus@openbsd.org
allow WITH_OPENSSL w/o WITH_SSH1; ok djm@