summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-03-13upstream: fix null-deref on calloc failure; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: a313519579b392076b7831ec022dfdefbec8724a
2020-03-13upstream: exit if ssh_krl_revoke_key_sha256 fails; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: 0864ad4fe8bf28ab21fd1df766e0365c11bbc0dc
2020-03-13upstream: pkcs11_register_provider: return < 0 on error; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: cfc8321315b787e4d40da4bdb2cbabd4154b0d97
2020-03-13upstream: sshsig: return correct error, fix null-deref; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: 1d1af7cd538b8b23e621cf7ab84f11e7a923edcd
2020-03-13upstream: vasnmprintf allocates str and returns -1; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: dae4c9e83d88471bf3b3f89e3da7a107b44df11c
2020-03-13upstream: sshpkt_fatal() does not return; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: 7dfe847e28bd78208eb227b37f29f4a2a0929929
2020-02-28upstream: no-touch-required certificate option should be andjm@openbsd.org
extension, not a critical option. OpenBSD-Commit-ID: 626b22c5feb7be8a645e4b9a9bef89893b88600d
2020-02-28upstream: better error message when trying to use a FIDO keydjm@openbsd.org
function and SecurityKeyProvider is empty OpenBSD-Commit-ID: e56602c2ee8c82f835d30e4dc8ee2e4a7896be24
2020-02-28upstream: Drop leading space from line count that was confusingdtucker@openbsd.org
ssh-keygen's screen mode. OpenBSD-Commit-ID: 3bcae7a754db3fc5ad3cab63dd46774edb35b8ae
2020-02-28upstream: change explicit_bzero();free() to freezero()jsg@openbsd.org
While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
2020-02-26upstream: Have sftp reject "-1" in the same way as ssh(1) anddtucker@openbsd.org
scp(1) do instead of accepting and silently ignoring it since protocol 1 support has been removed. Spotted by shivakumar2696 at gmail.com, ok deraadt@ OpenBSD-Commit-ID: b79f95559a1c993214f4ec9ae3c34caa87e9d5de
2020-02-26upstream: Remove obsolete XXX comment. ok deraadt@dtucker@openbsd.org
OpenBSD-Commit-ID: bc462cc843947feea26a2e21c750b3a7469ff01b
2020-02-24upstream: Fix typo. Patch from itoama at live.jp via github PR#173.dtucker@openbsd.org
OpenBSD-Commit-ID: 5cdaafab38bbdea0d07e24777d00bfe6f972568a
2020-02-22Switch %define to %global for redhat/openssh.specNico Kadel-Garcia
2020-02-21fix some typos and sentencemkontani
2020-02-21upstream: Fix some typos and an incorrect word in docs. Patch fromdtucker@openbsd.org
itoama at live.jp via github PR#172. OpenBSD-Commit-ID: 166ee8f93a7201fef431b9001725ab8b269d5874
2020-02-21upstream: Update moduli generation script to new ssh-keygendtucker@openbsd.org
generation and screening command line flags. OpenBSD-Commit-ID: 5010ff08f7ad92082e87dde098b20f5c24921a8f
2020-02-21upstream: Import regenerated moduli.dtucker@openbsd.org
OpenBSD-Commit-ID: 7b7b619c1452a459310b0cf4391c5757c6bdbc0f
2020-02-20Import regenerated moduli.Darren Tucker
2020-02-18Fix typos in INSTALL: s/avilable/available/ s/suppports/supports/HARUYAMA Seigo
2020-02-18upstream: Ensure that the key lifetime provided fits within thedtucker@openbsd.org
values allowed by the wire format (u32). Prevents integer wraparound of the timeout values. bz#3119, ok markus@ djm@ OpenBSD-Commit-ID: 8afe6038b5cdfcf63360788f012a7ad81acc46a2
2020-02-18upstream: Detect and prevent simple configuration loops when usingdtucker@openbsd.org
ProxyJump. bz#3057, ok djm@ OpenBSD-Commit-ID: 077d21c564c886c98309d871ed6f8ef267b9f037
2020-02-18upstream: document -F none; with jmc@naddy@openbsd.org
OpenBSD-Commit-ID: 0eb93b75473d2267aae9200e02588e57778c84f2
2020-02-17Remove unused variable warning.Darren Tucker
2020-02-17Constify aix_krb5_get_principal_name.Darren Tucker
Prevents warning about discarding type qualifiers on AIX.
2020-02-17Check if TILDE is already defined and undef.Darren Tucker
Prevents redefinition warning on AIX.
2020-02-17Prevent unused variable warning.Darren Tucker
2020-02-17Check if getpeereid is actually declared.Darren Tucker
Check in sys/socket.h (AIX) and unistd.h (FreeBSD, DragonFLy and OS X). Prevents undeclared function warning on at least some versions of AIX.
2020-02-14upstream: openssh-8.2djm@openbsd.org
OpenBSD-Commit-ID: 0a1340ff65fad0d84b997ac58dd1b393dec7c19b
2020-02-12crank version numbersDamien Miller
2020-02-11Minor documentation update:Darren Tucker
- remove duplication of dependency information (it's all in INSTALL). - SSHFP is now an RFC.
2020-02-09Check if UINT32_MAX is defined before redefining.Darren Tucker
2020-02-07typo; reported by Phil PennockDamien Miller
2020-02-07upstream: sync the description of the $SSH_SK_PROVIDER environmentdjm@openbsd.org
variable with that of the SecurityKeyProvider ssh/sshd_config(5) directive, as the latter was more descriptive. OpenBSD-Commit-ID: 0488f09530524a7e53afca6b6e1780598022552f
2020-02-07upstream: Add ssh -Q key-sig for all key and signature types.dtucker@openbsd.org
Teach ssh -Q to accept ssh_config(5) and sshd_config(5) algorithm keywords as an alias for the corresponding query. Man page help jmc@, ok djm@. OpenBSD-Commit-ID: 1e110aee3db2fc4bc5bee2d893b7128fd622e0f8
2020-02-07upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow moredjm@openbsd.org
than the intended number of prompts (3) and 2) it would SEGV too many incorrect PINs were entered; based on patch by Gabriel Kihlman OpenBSD-Commit-ID: 9c0011f28ba8bd8adf2014424b64960333da1718
2020-02-07upstream: When using HostkeyAlgorithms to merely append or removedjm@openbsd.org
algorithms from the default set (i.e. HostkeyAlgorithms=+/-...), retain the default behaviour of preferring those algorithms that have existing keys in known_hosts; ok markus OpenBSD-Commit-ID: 040e7fcc38ea00146b5d224ce31ce7a1795ee6ed
2020-02-07upstream: expand HostkeyAlgorithms prior to config dump, matchingdjm@openbsd.org
other algorithm lists; ok markus@ OpenBSD-Commit-ID: a66f0fca8cc5ce30405a2867bc115fff600671d0
2020-02-07upstream: Add Include to the list of permitted keywords after anaddy@openbsd.org
Match keyword. ok markus@ OpenBSD-Commit-ID: 342e940538b13dd41e0fa167dc9ab192b9f6e2eb
2020-02-07upstream: Replace "security key" with "authenticator" in programnaddy@openbsd.org
messages. This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key". ok djm@ OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
2020-02-06Don't look for UINT32_MAX in inttypes.hDarren Tucker
... unless we are actually going to use it. Fixes build on HP-UX without the potential impact to other platforms of a header change shortly before release.
2020-02-06dependDamien Miller
2020-02-06Fix sha2 MAKE_CLONE no-op definitionMichael Forney
The point of the dummy declaration is so that MAKE_CLONE(...) can have a trailing semicolon without introducing an empty declaration. So, the macro replacement text should *not* have a trailing semicolon, just like DEF_WEAK.
2020-02-04upstream: require FIDO application strings to start with "ssh:"; okdjm@openbsd.org
markus@ OpenBSD-Commit-ID: 94e9c1c066d42b76f035a3d58250a32b14000afb
2020-02-04upstream: revert enabling UpdateHostKeys by default - there are stilldjm@openbsd.org
corner cases we need to address; ok markus OpenBSD-Commit-ID: ff7ad941bfdc49fb1d8baa95fd0717a61adcad57
2020-02-04upstream: use better markup for challenge and write-attestation, andjmc@openbsd.org
rejig the challenge text a little; ok djm OpenBSD-Commit-ID: 9f351e6da9edfdc907d5c3fdaf2e9ff3ab0a7a6f
2020-02-03mention libfido2 in dependencies sectionDamien Miller
2020-02-03add clock_gettime64(2) to sandbox allowed syscallsDamien Miller
bz3093
2020-02-02upstream: Output (none) in debug in the case in the CheckHostIP=no casedtucker@openbsd.org
as suggested by markus@ OpenBSD-Commit-ID: 4ab9117ee5261cbbd1868717fcc3142eea6385cf
2020-02-02upstream: Prevent possible null pointer deref of ip_str in debug.dtucker@openbsd.org
OpenBSD-Commit-ID: 37b252e2e6f690efed6682437ef75734dbc8addf
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-07 22:42:23 +0000