| Age | Commit message (Collapse) | Author |
|---|
|
Fix convtime() overflow test on boundary condition,
spotted by & ok djm.
Upstream-ID: 51f14c507ea87a3022e63f574100613ab2ba5708
|
|
Check for integer overflow when parsing times in
convtime(). Reported by nicolas.iooss at m4x.org, ok djm@
Upstream-ID: 35e6a4e98f6fa24df50bfb8ba1307cf70e966f13
|
|
|
|
Syscall arguments are passed via an array of 64-bit values in struct
seccomp_data, but we were only inspecting the bottom 32 bits and not
even those correctly for BE systems.
Fortunately, the only case argument inspection was used was in the
socketcall filtering so using this for sandbox escape seems
impossible.
ok dtucker
|
|
regress tests for loading certificates without public keys;
bz#2617 based on patch from Adam Eijdenberg; ok markus@ dtucker@
Upstream-Regress-ID: 0145d19328ed995b73fe2d9da33596b17429d0d0
|
|
allow ssh to use certificates accompanied by a private
key file but no corresponding plain *.pub public key. bz#2617 based on patch
from Adam Eijdenberg; ok dtucker@ markus@
Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9
|
|
Don't count the initial block twice when computing how
many bytes to discard for the work around for the attacks against CBC-mode.
ok djm@; report from Jean Paul, Kenny, Martin and Torben @ RHUL
Upstream-ID: f445f509a4e0a7ba3b9c0dae7311cb42458dc1e2
|
|
krl.c
Upstream-ID: fc5e695d5d107d730182e2da7b23f00b489e0ee1
|
|
revision 1.13
date: 2017/03/11 23:37:23; author: djm; state: Exp; lines: +14 -1; commitid: jnFKyHkB3CEiEZ2R;
fix signed integer overflow in scan_scaled. Found by Nicolas Iooss
using AFL against ssh_config. ok deraadt@ millert@
----------------------------
revision 1.12
date: 2013/11/29 19:00:51; author: deraadt; state: Exp; lines: +6 -5;
fairly simple unsigned char casts for ctype
ok krw
----------------------------
revision 1.11
date: 2012/11/12 14:07:20; author: halex; state: Exp; lines: +4 -2;
make scan_scaled set errno to EINVAL rather than ERANGE if it encounters
an invalid multiplier, like the man page says it should
"looks sensible" deraadt@, ok ian@
----------------------------
revision 1.10
date: 2009/06/20 15:00:04; author: martynas; state: Exp; lines: +4 -4;
use llabs instead of the home-grown version; and some comment changes
ok ian@, millert@
----------------------------
|
|
When updating hostkeys, accept RSA keys if
HostkeyAlgorithms contains any RSA keytype. Previously, ssh could ignore RSA
keys when any of the ssh-rsa-sha2-* methods was enabled in HostkeyAlgorithms
nit ssh-rsa (SHA1 signatures) was not. bz#2650 reported by Luis Ressel; ok
dtucker@
Upstream-ID: c5e8cfee15c42f4a05d126158a0766ea06da79d2
|
|
make hostname matching really insensitive to case;
bz#2685, reported by Petr Cerny; ok dtucker@
Upstream-ID: e467622ff154269e36ba8b6c9e3d105e1c4a9253
|
|
reword a comment to make it fit 80 columns
Upstream-ID: 4ef509a66b96c7314bbcc87027c2af71fa9d0ba4
|
|
better match sshd config parser behaviour: fatal() if
line is overlong, increase line buffer to match sshd's; bz#2651 reported by
Don Fong; ok dtucker@
Upstream-ID: b175ae7e0ba403833f1ee566edf10f67443ccd18
|
|
ensure hostname is lower-case before hashing it;
bz#2591 reported by Griff Miller II; ok dtucker@
Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17
|
|
make hostname matching really insensitive to case;
bz#2685, reported by Petr Cerny; ok dtucker@
Upstream-ID: e632b7a9bf0d0558d5ff56dab98b7cca6c3db549
|
|
Remove old null check from config dumper. Patch from
jjelen at redhat.com vi bz#2687, ok djm@
Upstream-ID: 824ab71467b78c4bab0dd1b3a38e8bc5f63dd528
|
|
fix regression in 7.4 server-sig-algs, where we were
accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
Goncalves; ok dtucker@
Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
|
|
Check for NULL return value from key_new. Patch from
jjelen at redhat.com via bz#2687, ok djm@
Upstream-ID: 059e33cd43cba88dc8caf0b1936fd4dd88fd5b8e
|
|
reword a comment to make it fit 80 columns
Upstream-ID: b4b48b4487c0821d16e812c40c9b09f03b28e349
|
|
Check for NULL argument to sshkey_read. Patch from
jjelen at redhat.com via bz#2687, ok djm@
Upstream-ID: c2d00c2ea50c4861d271d0a586f925cc64a87e0e
|
|
Plug some mem leaks mostly on error paths. From jjelen
at redhat.com via bz#2687, ok djm@
Upstream-ID: 3fb030149598957a51b7c8beb32bf92cf30c96f2
|
|
Plug mem leak on GLOB_NOMATCH case. From jjelen at
redhat.com via bz#2687, ok djm@
Upstream-ID: 8016a7ae97719d3aa55fb723fc2ad3200058340d
|
|
Plug descriptor leaks of auth_sock. From jjelen at
redhat.com via bz#2687, ok djm@
Upstream-ID: 248acb99a5ed2fdca37d1aa33c0fcee7be286d88
|
|
correctly hash hosts with a port number. Reported by Josh
Powers in bz#2692; ok dtucker@
Upstream-ID: 468e357ff143e00acc05bdd2803a696b3d4b6442
|
|
don't truncate off \r\n from long stderr lines; bz#2688,
reported by Brian Dyson; ok dtucker@
Upstream-ID: cdfdc4ba90639af807397ce996153c88af046ca4
|
|
Validate digest arg in ssh_digest_final; from jjelen at
redhat.com via bz#2687, ok djm@
Upstream-ID: dbe5494dfddfe523fab341a3dab5a79e7338f878
|
|
Part of bz#2687, from jjelen at redhat.com.
|
|
Check for socket with and without screen number. From Apple and Jakob
Schlyter via bz#2341, with contributions from Ron Frederick, ok djm@
|
|
quote [host]:port in generated ProxyJump commandline; the
[ / ] characters can confuse some shells (e.g. zsh). Reported by Lauri
Tirkkonen via bugs@
Upstream-ID: 65cdd161460e1351c3d778e974c1c2a4fa4bc182
|
|
Check l->hosts before dereferencing; fixes potential null
pointer deref. ok djm@
Upstream-ID: 81c0327c6ec361da794b5c680601195cc23d1301
|
|
linenum is unsigned long so use %lu in log formats. ok
deraadt@
Upstream-ID: 9dc582d9bb887ebe0164e030d619fc20b1a4ea08
|
|
fix ssh-keygen -H accidentally corrupting known_hosts that
contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
hostkeys_foreach() when hostname matching is in use, so we need to look for
the hash marker explicitly.
Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
|
|
small memleak: free fd_set on connection timeout (though
we are heading to exit anyway). From Tom Rix in bz#2683
Upstream-ID: 10e3dadbb8199845b66581473711642d9e6741c4
|
|
errant dot; from klemens nanni
Upstream-ID: 83d93366a5acf47047298c5d3ebc5e7426f37921
|
|
might as well set the listener socket CLOEXEC
Upstream-ID: 9c538433d6a0ca79f5f21decc5620e46fb68ab57
|
|
add test cases for C locale; ok schwarze@
Upstream-Regress-ID: 783d75de35fbc923d46e2a5e6cee30f8f381ba87
|
|
Add a common nl_langinfo(CODESET) alias for US-ASCII
"ANSI_X3.4-1968" that is used by Linux. Fixes mprintf output truncation for
non-UTF-8 locales on Linux spotted by dtucker@; ok deraadt@ schwarze@
Upstream-ID: c6808956ebffd64066f9075d839f74ff0dd60719
|
|
Remove deprecated SSH1 options RSAAuthentication and
RhostsRSAAuthentication from regression test sshd_config.
Upstream-Regress-ID: 8066b753d9dce7cf02ff87af5c727ff680d99491
|
|
Do not show rsa1 key type in usage when compiled without
SSH1 support.
Upstream-ID: 068b5c41357a02f319957746fa4e84ea73960f57
|
|
ifdef out "rsa1" from the list of supported keytypes when
compiled without SSH1 support. Found by kdunlop at guralp.com, ok djm@
Upstream-ID: cea93a26433d235bb1d64b1d990f19a9c160a70f
|
|
For ProxyJump/-J, surround host name with brackets to
allow literal IPv6 addresses. From Dick Visser; ok dtucker@
Upstream-ID: 3a5d3b0171250daf6a5235e91bce09c1d5746bf1
|
|
Fix memory leaks in match_filter_list() error paths.
ok dtucker@ markus@
Upstream-ID: c7f96ac0877f6dc9188bbc908100a8d246cc7f0e
|
|
fix division by zero crash in "df" output when server
returns zero total filesystem blocks/inodes. Spotted by Guido Vranken; ok
dtucker@
Upstream-ID: 6fb6c2ae6b289aa07b6232dbc0be54682ef5419f
|
|
EVP_R_PRIVATE_KEY_DECODE_ERROR was added in OpenSSL 1.0.0 so ifdef out
for the benefit of OpenSSL versions prior to that.
|
|
bring back r1.34 that was backed out for problems loading
public keys:
translate OpenSSL error codes to something more
meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
with additional fix from Jakub Jelen to solve the backout.
bz#2525 bz#2523 re-ok dtucker@
Upstream-ID: a9d5bc0306f4473d9b4f4484f880e95f3c1cc031
|
|
Sanitise escape sequences in key comments sent to printf
but preserve valid UTF-8 when the locale supports it; bz#2520 ok dtucker@
Upstream-ID: e8eed28712ba7b22d49be534237eed019875bd1e
|
|
Avoid printf %s NULL. From semarie@, OK djm@
Upstream-ID: 06beef7344da0208efa9275d504d60d2a5b9266c
|
|
Restore \r\n newline sequence for server ident string. The CR
got lost in the flensing of SSHv1. Pointed out by Stef Bon
Upstream-ID: 5333fd43ce5396bf5999496096fac5536e678fac
|
|
unit test for match_filter_list() function; still want a
better name for this...
Upstream-Regress-ID: 840ad6118552c35111f0a897af9c8d93ab8de92a
|
|
use ssh_packet_set_log_preamble() to include connection
username in packet log messages, e.g.
Connection closed by invalid user foo 10.1.1.1 port 44056 [preauth]
ok markus@ bz#113
Upstream-ID: 3591b88bdb5416d6066fb3d49d8fff2375bf1a15
|
