| Age | Commit message (Collapse) | Author |
|---|
|
fix references to obsolete v00 cert format; spotted by
Jakub Jelen
Upstream-ID: 7600ce193ab8fd19451acfe24fc2eb39d46b2c4f
|
|
The cross-compiling fallback message says it's assuming the test
passed, but it didn't actually set the cache var which causes
later tests to fail.
|
|
there's no reason to artificially limit the key path
here, just check that it fits PATH_MAX; spotted by Matthew Patton
Upstream-ID: 858addaf2009c9cf04d80164a41b2088edb30b58
|
|
Now that we no longer support SSHv1, replace the contents
of this file with a pointer to
https://tools.ietf.org/html/draft-miller-ssh-agent-00 It's better edited,
doesn't need to document stuff we no longer implement and does document stuff
that we do implement (RSA SHA256/512 signature flags)
Upstream-ID: da8cdc46bbcc266efabd565ddddd0d8e556f846e
|
|
allow LogLevel in sshd_config Match blocks; ok dtucker
bz#2717
Upstream-ID: 662e303be63148f47db1aa78ab81c5c2e732baa8
|
|
remove duplicate check; spotted by Jakub Jelen
Upstream-ID: 30c2996c1767616a8fdc49d4cee088efac69c3b0
|
|
mention that Ed25519 keys are valid as CA keys; spotted
by Jakub Jelen
Upstream-ID: d3f6db58b30418cb1c3058211b893a1ffed3dfd4
|
|
|
|
remove hmac-ripemd160; ok dtucker
Upstream-ID: 896e737ea0bad6e23327d1c127e02d5e9e9c654d
|
|
make requesting bad ECDSA bits yield the same error
(SSH_ERR_KEY_LENGTH) as the same mistake for RSA/DSA
Upstream-ID: bf40d3fee567c271e33f05ef8e4e0fa0b6f0ece6
|
|
fix for new SSH_ERR_KEY_LENGTH error value
Upstream-Regress-ID: c38a6e6174d4c3feca3518df150d4fbae0dca8dc
|
|
helps if I commit the correct version of the file. fix
missing return statement.
Upstream-ID: c86394a3beeb1ec6611e659bfa830254f325546c
|
|
remove arcfour, blowfish and CAST here too
Upstream-Regress-ID: c613b3bcbef75df1fe84ca4dc2d3ef253dc5e920
|
|
I was too aggressive with the scalpel in the last commit;
unbreak sshd, spotted quickly by naddy@
Upstream-ID: fb7e75d2b2c7e6ca57dee00ca645e322dd49adbf
|
|
Refuse RSA keys <1024 bits in length. Improve reporting
for keys that do not meet this requirement. ok markus@
Upstream-ID: b385e2a7b13b1484792ee681daaf79e1e203df6c
|
|
Don't offer CBC ciphers by default in the client. ok
markus@
Upstream-ID: 94c9ce8d0d1a085052e11c7f3307950fdc0901ef
|
|
As promised in last release announcement: remove
support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@
Upstream-ID: 21f8facdba3fd8da248df6417000867cec6ba222
|
|
more simplification and removal of SSHv1-related code;
ok djm@
Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
|
|
remove superfluous protocol 2 mentions; ok jmc@
Upstream-ID: 0aaf7567c9f2e50fac5906b6a500a39c33c4664d
|
|
since a couple of people have asked, leave a comment
explaining why we retain SSH v.1 support in the "delete all keys from agent"
path.
Upstream-ID: 4b42dcfa339813c15fe9248a2c1b7ed41c21bbb4
|
|
another tentacle: cipher_set_key_string() was only ever
used for SSHv1
Upstream-ID: 7fd31eb6c48946f7e7cc12af0699fe8eb637e94a
|
|
restore mistakenly deleted description of the
ConnectionAttempts option ok markus@
Upstream-ID: 943002b1b7c470caea3253ba7b7348c359de0348
|
|
remove miscellaneous SSH1 leftovers; ok markus@
Upstream-ID: af23696022ae4d45a1abc2fb8b490d8d9dd63b7c
|
|
more protocol 1 bits removed; ok djm
Upstream-ID: b5b977eaf756915acb56aef3604a650e27f7c2b9
|
|
more protocol 1 stuff to go; ok djm
Upstream-ID: 307a30441d2edda480fd1661d998d36665671e47
|
|
rsa1 is no longer valid;
Upstream-ID: 9953d09ed9841c44b7dcf7019fa874783a709d89
|
|
add PubKeyAcceptedKeyTypes to the -o list: scp(1) has
it, so i guess this should too;
Upstream-ID: 7fab32e869ca5831d09ab0c40d210b461d527a2c
|
|
remove now obsolete protocol1 options from the -o
lists;
Upstream-ID: 828e478a440bc5f9947672c392420510a362b3dd
|
|
more -O shuffle; ok djm
Upstream-ID: c239991a3a025cdbb030b73e990188dd9bfbeceb
|
|
remove -1 / -2 options; pointed out by jmc@
Upstream-ID: 65d2a816000741a95df1c7cfdb5fa8469fcc7daa
|
|
remove options -12 from usage();
Upstream-ID: db7ceef25132e63b50ed05289bf447fece1d1270
|
|
tidy up -O somewhat; ok djm
Upstream-ID: 804405f716bf7ef15c1f36ab48581ca16aeb4d52
|
|
when freeing a bitmap, zero all it bytes; spotted by Ilya
Kaliman
Upstream-ID: 834ac024f2c82389d6ea6b1c7d6701b3836e28e4
|
|
this one I did forget to "cvs rm"
Upstream-ID: 5781670c0578fe89663c9085ed3ba477cf7e7913
|
|
don't know why cvs didn't exterminate these the first
time around, I use rm -f and everuthing...
pointed out by sobrado@
Upstream-ID: a6c44a0c2885330d322ee01fcfd7f6f209b1e15d
|
|
|
|
|
|
remove unused variable
Upstream-ID: 66011f00819d0e71b14700449a98414033284516
|
|
eliminate explicit specification of protocol in tests and
loops over protocol. We only support SSHv2 now.
Upstream-Regress-ID: 0082838a9b8a382b7ee9cbf0c1b9db727784fadd
|
|
remove SSHv1 support from unit tests
Upstream-Regress-ID: 395ca2aa48f1f7d23eefff6cb849ea733ca8bbfe
|
|
fixup setting ciphercontext->plaintext (lost in SSHv1 purge),
though it isn't really used for much anymore.
Upstream-ID: 859b8bce84ff4865b32097db5430349d04b9b747
|
|
|
|
flense SSHv1 support from ssh-agent, considerably
simplifying it
ok markus
Upstream-ID: 71d772cdcefcb29f76e01252e8361e6fc2dfc365
|
|
obliterate ssh1.h and some dead code that used it
ok markus@
Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
|
|
exterminate the -1 flag from scp
ok markus@
Upstream-ID: 26d247f7065da15056b209cef5f594ff591b89db
|
|
purge the last traces of SSHv1 from the TTY modes
handling code
ok markus
Upstream-ID: 963a19f1e06577377c38a3b7ce468f121b966195
|
|
remove the (in)famous SSHv1 CRC compensation attack
detector.
Despite your cameo in The Matrix movies, you will not be missed.
ok markus
Upstream-ID: 44261fce51a56d93cdb2af7b6e184be629f667e0
|
|
undo some local debugging stuff that I committed by
accident
Upstream-ID: fe5b31f69a60d47171836911f144acff77810217
|
|
remove SSHv1 support from packet and buffer APIs
ok markus@
Upstream-ID: bfc290053d40b806ecac46317d300677d80e1dc9
|
|
remove SSHv1-related buffers from client code
Upstream-ID: dca5d01108f891861ceaf7ba1c0f2eb274e0c7dd
|
