Age | Commit message (Collapse) | Author |
|
sshd: pass struct ssh to auth functions; ok djm@
Upstream-ID: b00a80c3460884ebcdd14ef550154c761aebe488
|
|
remove unused wrapper functions from key.[ch]; ok djm@
Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
|
|
sshkey_new() might return NULL (pkcs#11 code only); ok
djm@
Upstream-ID: de9f2ad4a42c0b430caaa7d08dea7bac943075dd
|
|
switch sshconnect.c to modern APIs; ok djm@
Upstream-ID: 27be17f84b950d5e139b7a9b281aa487187945ad
|
|
switch auth2-pubkey.c to modern APIs; with & ok djm@
Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
|
|
switch from Key typedef with struct sshkey; ok djm@
Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
|
|
remove ssh1 references; ok djm@
Upstream-ID: fc23b7578e7b0a8daaec72946d7f5e58ffff5a3d
|
|
revise sshkey_load_public(): remove ssh1 related
comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if
'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@
Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca
|
|
sshbuf_consume: reset empty buffer; ok djm@
Upstream-ID: 0d4583ba57f69e369d38bbd7843d85cac37fa821
|
|
remove SSH_CHANNEL_XXX_DRAINING (ssh1 only); ok djm@
Upstream-ID: e2e225b6ac67b84dd024f38819afff2554fafe42
|
|
remove channel_input_close_confirmation (ssh1 only); ok
djm@
Upstream-ID: 8e7c8c38f322d255bb0294a5c0ebef53fdf576f1
|
|
fix references to obsolete v00 cert format; spotted by
Jakub Jelen
Upstream-ID: 7600ce193ab8fd19451acfe24fc2eb39d46b2c4f
|
|
The cross-compiling fallback message says it's assuming the test
passed, but it didn't actually set the cache var which causes
later tests to fail.
|
|
there's no reason to artificially limit the key path
here, just check that it fits PATH_MAX; spotted by Matthew Patton
Upstream-ID: 858addaf2009c9cf04d80164a41b2088edb30b58
|
|
Now that we no longer support SSHv1, replace the contents
of this file with a pointer to
https://tools.ietf.org/html/draft-miller-ssh-agent-00 It's better edited,
doesn't need to document stuff we no longer implement and does document stuff
that we do implement (RSA SHA256/512 signature flags)
Upstream-ID: da8cdc46bbcc266efabd565ddddd0d8e556f846e
|
|
allow LogLevel in sshd_config Match blocks; ok dtucker
bz#2717
Upstream-ID: 662e303be63148f47db1aa78ab81c5c2e732baa8
|
|
remove duplicate check; spotted by Jakub Jelen
Upstream-ID: 30c2996c1767616a8fdc49d4cee088efac69c3b0
|
|
mention that Ed25519 keys are valid as CA keys; spotted
by Jakub Jelen
Upstream-ID: d3f6db58b30418cb1c3058211b893a1ffed3dfd4
|
|
|
|
remove hmac-ripemd160; ok dtucker
Upstream-ID: 896e737ea0bad6e23327d1c127e02d5e9e9c654d
|
|
make requesting bad ECDSA bits yield the same error
(SSH_ERR_KEY_LENGTH) as the same mistake for RSA/DSA
Upstream-ID: bf40d3fee567c271e33f05ef8e4e0fa0b6f0ece6
|
|
(LP: #1689299).
|
|
fix for new SSH_ERR_KEY_LENGTH error value
Upstream-Regress-ID: c38a6e6174d4c3feca3518df150d4fbae0dca8dc
|
|
helps if I commit the correct version of the file. fix
missing return statement.
Upstream-ID: c86394a3beeb1ec6611e659bfa830254f325546c
|
|
remove arcfour, blowfish and CAST here too
Upstream-Regress-ID: c613b3bcbef75df1fe84ca4dc2d3ef253dc5e920
|
|
I was too aggressive with the scalpel in the last commit;
unbreak sshd, spotted quickly by naddy@
Upstream-ID: fb7e75d2b2c7e6ca57dee00ca645e322dd49adbf
|
|
Refuse RSA keys <1024 bits in length. Improve reporting
for keys that do not meet this requirement. ok markus@
Upstream-ID: b385e2a7b13b1484792ee681daaf79e1e203df6c
|
|
Don't offer CBC ciphers by default in the client. ok
markus@
Upstream-ID: 94c9ce8d0d1a085052e11c7f3307950fdc0901ef
|
|
As promised in last release announcement: remove
support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@
Upstream-ID: 21f8facdba3fd8da248df6417000867cec6ba222
|
|
more simplification and removal of SSHv1-related code;
ok djm@
Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
|
|
remove superfluous protocol 2 mentions; ok jmc@
Upstream-ID: 0aaf7567c9f2e50fac5906b6a500a39c33c4664d
|
|
since a couple of people have asked, leave a comment
explaining why we retain SSH v.1 support in the "delete all keys from agent"
path.
Upstream-ID: 4b42dcfa339813c15fe9248a2c1b7ed41c21bbb4
|
|
another tentacle: cipher_set_key_string() was only ever
used for SSHv1
Upstream-ID: 7fd31eb6c48946f7e7cc12af0699fe8eb637e94a
|
|
restore mistakenly deleted description of the
ConnectionAttempts option ok markus@
Upstream-ID: 943002b1b7c470caea3253ba7b7348c359de0348
|
|
remove miscellaneous SSH1 leftovers; ok markus@
Upstream-ID: af23696022ae4d45a1abc2fb8b490d8d9dd63b7c
|
|
more protocol 1 bits removed; ok djm
Upstream-ID: b5b977eaf756915acb56aef3604a650e27f7c2b9
|
|
more protocol 1 stuff to go; ok djm
Upstream-ID: 307a30441d2edda480fd1661d998d36665671e47
|
|
rsa1 is no longer valid;
Upstream-ID: 9953d09ed9841c44b7dcf7019fa874783a709d89
|
|
add PubKeyAcceptedKeyTypes to the -o list: scp(1) has
it, so i guess this should too;
Upstream-ID: 7fab32e869ca5831d09ab0c40d210b461d527a2c
|
|
remove now obsolete protocol1 options from the -o
lists;
Upstream-ID: 828e478a440bc5f9947672c392420510a362b3dd
|
|
more -O shuffle; ok djm
Upstream-ID: c239991a3a025cdbb030b73e990188dd9bfbeceb
|
|
remove -1 / -2 options; pointed out by jmc@
Upstream-ID: 65d2a816000741a95df1c7cfdb5fa8469fcc7daa
|
|
remove options -12 from usage();
Upstream-ID: db7ceef25132e63b50ed05289bf447fece1d1270
|
|
tidy up -O somewhat; ok djm
Upstream-ID: 804405f716bf7ef15c1f36ab48581ca16aeb4d52
|
|
|
|
|
|
when freeing a bitmap, zero all it bytes; spotted by Ilya
Kaliman
Upstream-ID: 834ac024f2c82389d6ea6b1c7d6701b3836e28e4
|
|
this one I did forget to "cvs rm"
Upstream-ID: 5781670c0578fe89663c9085ed3ba477cf7e7913
|
|
don't know why cvs didn't exterminate these the first
time around, I use rm -f and everuthing...
pointed out by sobrado@
Upstream-ID: a6c44a0c2885330d322ee01fcfd7f6f209b1e15d
|
|
|