| Age | Commit message (Collapse) | Author |
|---|
|
include bad $SSH_CONNECTION in failure output
Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529
|
|
va_start was added in 0f754e29dd3760fc0b172c1220f18b753fb0957e, however
it has the wrong number of args and it's not usable in non-variadic
functions anyway so it breaks things (for example Solaris 2.6 as
reported by Tom G. Christensen).i ok djm@
|
|
Should fix build problem on Solaris 2.6 reported by Tom G. Christensen.
|
|
|
|
memleak of algorithm name in mm_answer_sign; reported by
Jakub Jelen
Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08
|
|
Add a function to enable security-related malloc_options.
With and ok deraadt@, something similar has been in the snaps for a while.
Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
|
|
|
|
avoid fatal() for PKCS11 tokens that present empty key IDs
bz#1773, ok markus@
Upstream-ID: 044a764fee526f2c4a9d530bd10695422d01fc54
|
|
sync crypto algorithm lists in ssh_config(5) and
sshd_config(5) with current reality. bz#2527
Upstream-ID: d7fd1b6c1ed848d866236bcb1d7049d2bb9b2ff6
|
|
fix regression in openssh-6.8 sftp client: existing
destination directories would incorrectly terminate recursive uploads;
bz#2528
Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18
|
|
turn off more old crypto in the client: hmac-md5, ripemd,
truncated HMACs, RC4, blowfish. ok markus@ dtucker@
Upstream-ID: 96aa11c2c082be45267a690c12f1d2aae6acd46e
|
|
don't attempt to percent_expand() already-canonicalised
addresses, avoiding unnecessary failures when attempting to connect to scoped
IPv6 addresses (that naturally contain '%' characters)
Upstream-ID: f24569cffa1a7cbde5f08dc739a72f4d78aa5c6a
|
|
refactor activation of rekeying
This makes automatic rekeying internal to the packet code (previously
the server and client loops needed to assist). In doing to it makes
application of rekey limits more accurate by accounting for packets
about to be sent as well as packets queued during rekeying events
themselves.
Based on a patch from dtucker@ which was in turn based on a patch
Aleksander Adamowski in bz#2521; ok markus@
Upstream-ID: a441227fd64f9739850ca97b4cf794202860fcd8
|
|
Only check errno if read() has returned an error. EOF is
not an error. This fixes a problem where the mux master would sporadically
fail to notice that the client had exited. ok mikeb@ djm@
Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53
|
|
avoid an uninitialised value when NumberOfPasswordPrompts
is 0 ok markus@ djm@
Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b
|
|
mention internal DH-GEX fallback groups; bz#2302
Upstream-ID: e7b395fcca3122cd825515f45a2e41c9a157e09e
|
|
better description for MaxSessions; bz#2531
Upstream-ID: e2c0d74ee185cd1a3e9d4ca1f1b939b745b354da
|
|
Change old $FreeBSD version string in comment so it doesn't
become an RCS ident downstream; requested by des AT des.no
|
|
printf argument casts to avoid warnings on strict
compilers
Upstream-ID: 7b9f6712cef01865ad29070262d366cf13587c9c
|
|
Avoid ugly "DISPLAY "(null)" invalid; disabling X11
forwarding" message when DISPLAY is not set. This could also result in a
crash on systems with a printf that doesn't handle NULL. OK djm@
Upstream-ID: 20ee0cfbda678a247264c20ed75362042b90b412
|
|
Add regression test for RekeyLimit parsing of >32bit values
(4G and 8G).
Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328
|
|
Remove leftover roaming dead code. ok djm markus.
Upstream-ID: 13d1f9c8b65a5109756bcfd3b74df949d53615be
|
|
include packet type of non-data packets in debug3 output;
ok markus dtucker
Upstream-ID: 034eaf639acc96459b9c5ce782db9fcd8bd02d41
|
|
Revert "account for packets buffered but not yet
processed" change as it breaks for very small RekeyLimit values due to
continuous rekeying. ok djm@
Upstream-ID: 7e03f636cb45ab60db18850236ccf19079182a19
|
|
Allow RekeyLimits in excess of 4G up to 2**63 bits
(limited by the return type of scan_scaled). Part of bz#2521, ok djm.
Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979
|
|
Account for packets buffered but not yet processed when
computing whether or not it is time to perform rekeying. bz#2521, based
loosely on a patch from olo at fb.com, ok djm@
Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c
|
|
change old $FreeBSD version string in comment so it doesn't
become an RCS ident downstream; requested by des AT des.no
Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722
|
|
make the debug messages a bit more useful here
Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
|
|
Zero a stack buffer with explicit_bzero() instead of
memset() when returning from client_loop() for consistency with
buffer_free()/sshbuf_free().
ok dtucker@ deraadt@ djm@
Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66
|
|
Include sys/time.h for gettimeofday. From sortie at
maxsi.org.
Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b
|
|
fd leaks; report Qualys Security Advisory team; ok
deraadt@
Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
|
|
remove roaming support; ok djm@
Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
|
|
Disable experimental client-side roaming support. Server
side was disabled/gutted for years already, but this aspect was surprisingly
forgotten. Thanks for report from Qualys
Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df
|
|
|
|
|
|
|
|
eliminate fallback from untrusted X11 forwarding to trusted
forwarding when the X server disables the SECURITY extension; Reported by
Thomas Hoger; ok deraadt@
Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
|
|
use explicit_bzero() more liberally in the buffer code; ok
deraadt
Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
|
|
Includes a pre-auth privsep sandbox and several pledge()
emulations. bz#2511, patch by Alex Wilson.
ok dtucker@
|
|
fix three bugs in KRL code related to (unused) signature
support: verification length was being incorrectly calculated, multiple
signatures were being incorrectly processed and a NULL dereference that
occurred when signatures were verified. Reported by Carl Jackson
Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
|
|
unused prototype
Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97
|
|
Use pread/pwrite instead separate lseek+read/write for
lastlog. Cast to off_t before multiplication to avoid truncation on ILP32
ok kettenis@ mmcc@
Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf
|
|
adjust pledge promises for ControlMaster: when using
"ask" or "autoask", the process will use ssh-askpass for asking confirmation.
problem found by halex@
ok halex@
Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80
|
|
unbreak connections with peers that set
first_kex_follows; fix from Matt Johnston va bz#2515
Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
|
|
Add "id" to ssh-agent pledge for subprocess support.
Found the hard way by Jan Johansson when using ssh-agent with X. Also,
rearranged proc/exec and retval to match other pledge calls in the tree.
ok djm@
Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db
|
|
Remove NULL-checks before sshbuf_free().
ok djm@
Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
|
|
include remote port number in a few more messages; makes
tying log messages together into a session a bit easier; bz#2503 ok dtucker@
Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e
|
|
don't try to load SSHv1 private key when compiled without
SSHv1 support. From Iain Morgan bz#2505
Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7
|
|
use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
reading key files. Increase it to match the size of the buffers already being
used.
Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
|
|
Remove NULL-checks before sshkey_free().
ok djm@
Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
|
