summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-12-19upstream commitmillert@openbsd.org
Add helper function for uri handing in scp where a missing path simply means ".". Also fix exit code and add warnings when an invalid uri is encountered. OK otto@ OpenBSD-Commit-ID: 47dcf872380586dabf7fcc6e7baf5f8ad508ae1a
2017-12-19upstream commitdjm@openbsd.org
pass negotiated signing algorithm though to sshkey_verify() and check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-12-19upstream commitdjm@openbsd.org
sshkey_sigtype() function to return the type of a signature; ok markus@ OpenBSD-Commit-ID: d3772b065ad6eed97285589bfb544befed9032e8
2017-12-19upstream commitnaddy@openbsd.org
Replace ED25519's private SHA-512 implementation with a call to the regular digest code. This speeds up compilation considerably. ok markus@ OpenBSD-Commit-ID: fcce8c3bcfe7389462a28228f63c823e80ade41c
2017-12-19upstream commitnaddy@openbsd.org
Create a persistent umac128.c source file: #define the output size and the name of the entry points for UMAC-128 before including umac.c. Idea from FreeBSD. ok dtucker@ OpenBSD-Commit-ID: 463cfacfa07cb8060a4d4961e63dca307bf3f4b1
2017-12-12Update .depend with empty config.hDarren Tucker
2017-12-12Ensure config.h is always in dependencies.Darren Tucker
Put an empty config.h into the dependency list to ensure that it's always listed and consistent.
2017-12-12upstream commitderaadt@openbsd.org
ssh/lib hasn't worked towards our code-sharing goals for a quit while, perhaps it is too verbose? Change each */Makefile to specifying exactly what sources that program requires, compiling it seperate. Maybe we'll iterate by sorting those into seperatable chunks, splitting up files which contain common code + server/client specific code, or whatnot. But this isn't one step, or we'd have done it a long time ago.. ok dtucker markus djm OpenBSD-Commit-ID: 5317f294d63a876bfc861e19773b1575f96f027d
2017-12-12upstream commitdtucker@openbsd.org
Put remote client info back into the ClientAlive connection termination message. Based in part on diff from lars.nooden at gmail, ok djm OpenBSD-Commit-ID: 80a0f619a29bbf2f32eb5297a69978a0e05d0ee0
2017-12-12upstream commitderaadt@openbsd.org
time_t printing needs %lld and (long long) casts ok djm OpenBSD-Commit-ID: 4a93bc2b0d42a39b8f8de8bb74d07ad2e5e83ef7
2017-12-12upstream commitdjm@openbsd.org
fix ordering in previous to ensure errno isn't clobbered before logging. OpenBSD-Commit-ID: e260bc1e145a9690dcb0d5aa9460c7b96a0c8ab2
2017-12-12upstream commitdjm@openbsd.org
for some reason unix_listener() logged most errors twice with each message containing only some of the useful information; merge these OpenBSD-Commit-ID: 1978a7594a9470c0dddcd719586066311b7c9a4a
2017-12-11Add autogenerated dependency info to Makefile.Darren Tucker
Adds a .depend file containing dependency information generated by makedepend, which is appended to the generated Makefile by configure. You can regen the file with "make -f Makefile.in depend" if necessary, but we'll be looking at some way to automatically keep this up to date. "no objection" djm@
2017-12-11Fix pasto in ldns handling.Darren Tucker
When ldns-config is not found, configure would check the wrong variable. ok djm@
2017-12-09Portable switched to git so s/CVS/git/.Darren Tucker
2017-12-09Remove now-used check for perl.Darren Tucker
2017-12-07upstream commitdjm@openbsd.org
don't accept junk after "yes" or "no" responses to hostkey prompts. bz#2803 reported by Maksim Derbasov; ok dtucker@ OpenBSD-Commit-ID: e1b159fb2253be973ce25eb7a7be26e6f967717c
2017-12-07upstream commitdtucker@openbsd.org
Replace atoi and strtol conversions for integer arguments to config keywords with a checking wrapper around strtonum. This will prevent and flag invalid and negative arguments to these keywords. ok djm@ OpenBSD-Commit-ID: 99ae3981f3d608a219ccb8d2fff635ae52c17998
2017-12-07upstream commitdtucker@openbsd.org
Add missing break for rdomain. Prevents spurious "Deprecated option" warnings. ok djm@ OpenBSD-Commit-ID: ba28a675d39bb04a974586241c3cba71a9c6099a
2017-12-07upstream commitdjm@openbsd.org
include the addr:port in bind/listen failure messages OpenBSD-Commit-ID: fdadb69fe1b38692608809cf0376b71c2c28e58e
2017-12-07upstream commitdtucker@openbsd.org
Import updated moduli. OpenBSD-Commit-ID: 524d210f982af6007aa936ca7f4c977f4d32f38a
2017-12-07upstream commitdtucker@openbsd.org
Have sftp print a warning about shell cleanliness when decoding the first packet fails, which is usually caused by shells polluting stdout of non-interactive starups. bz#2800, ok markus@ deraadt@. OpenBSD-Commit-ID: 88d6a9bf3470f9324b76ba1cbd53e50120f685b5
2017-12-01Replace mkinstalldirs with mkdir -p.Darren Tucker
Check for MIKDIR_P and use it instead of mkinstalldirs. Should fix "mkdir: cannot create directory:... File exists" during "make install". Patch from eb at emlix.com.
2017-12-01Pull in newer install-sh from autoconf-2.69.Darren Tucker
Suggested by eb at emlix.com
2017-12-01Remove RSA1 host key generation.Darren Tucker
SSH1 support is now gone, remove SSH1 key generation. Patch from eb at emlix.com.
2017-11-28upstream commitdjm@openbsd.org
more whitespace errors OpenBSD-Commit-ID: 5e11c125378327b648940b90145e0d98beb05abb
2017-11-28upstream commitdjm@openbsd.org@openbsd.org
whitespace at EOL OpenBSD-Commit-ID: 76d3965202b22d59c2784a8df3a8bfa5ee67b96a
2017-11-28upstream commitdtucker@openbsd.org@openbsd.org
Add monotime_ts and monotime_tv that return monotonic timespec and timeval respectively. Replace calls to gettimeofday() in packet timing with monotime_tv so that the callers will work over a clock step. Should prevent integer overflow during clock steps reported by wangle6 at huawei.com. "I like" markus@ OpenBSD-Commit-ID: 74d684264814ff806f197948b87aa732cb1b0b8a
2017-11-28upstream commitdtucker@openbsd.org@openbsd.org
Remove get_current_time() and replace with calls to monotime_double() which uses CLOCK_MONOTONIC and works over clock steps. "I like" markus@ OpenBSD-Commit-ID: 3ad2f7d2414e2cfcaef99877a7a5b0baf2242952
2017-11-24Include string.h for explicit_bzero.Darren Tucker
2017-11-24fix incorrect range of OpenSSL versions supportedDamien Miller
Pointed out by Solar Designer
2017-11-15upstream commitdjm@openbsd.org@openbsd.org
downgrade a couple more request parsing errors from process-fatal to just returning failure, making them consistent with the others that were already like that. OpenBSD-Commit-ID: c111461f7a626690a2d53018ef26557b34652918
2017-11-15upstream commitdjm@openbsd.org@openbsd.org
fix regression in 7.6: failure to parse a signature request message shouldn't be fatal to the process, just the request. Reported by Ron Frederick OpenBSD-Commit-ID: e5d01b3819caa1a2ad51fc57d6ded43f48bbcc05
2017-11-14upstream commitdjm@openbsd.org@openbsd.org
fix problem in configuration parsing when in config dump mode (sshd -T) without providing a full connection specification (sshd -T -C ...) spotted by bluhm@ OpenBSD-Commit-ID: 7125faf5740eaa9d3a2f25400a0bc85e94e28b8f
2017-11-03upstream commitdjm@openbsd.org@openbsd.org
reuse parse_multistate for parse_flag (yes/no arguments). Saves a few lines of code and makes the parser more consistent wrt case- sensitivity. bz#2664 ok dtucker@ OpenBSD-Commit-ID: b2ad1b6086858d5db71c7b11e5a74dba6d60efef
2017-11-03upstream commitdjm@openbsd.org@openbsd.org
allow certificate validity intervals that specify only a start or stop time (we already support specifying both or neither) OpenBSD-Commit-ID: 9be486545603c003030bdb5c467d1318b46b4e42
2017-11-03upstream commitdjm@openbsd.org@openbsd.org
allow "cd" and "lcd" commands with no explicit path argument. lcd will change to the local user's home directory as usual. cd will change to the starting directory for session (because the protocol offers no way to obtain the remote user's home directory). bz#2760 ok dtucker@ OpenBSD-Commit-ID: 15333f5087cee8c1ed1330cac1bd0a3e6a767393
2017-11-03upstream commitdtucker@openbsd.org@openbsd.org
When doing a config test with sshd -T, only require the attributes that are actually used in Match criteria rather than (an incomplete list of) all criteria. ok djm@, man page help jmc@ OpenBSD-Commit-ID: b4e773c4212d3dea486d0259ae977551aab2c1fc
2017-11-03upstream commitdjm@openbsd.org@openbsd.org
typos in ECDSA certificate names; bz#2787 reported by Mike Gerow OpenBSD-Commit-ID: 824938b6aba1b31321324ba1f56c05f84834b163
2017-11-03upstream commitdjm@openbsd.org@openbsd.org
Private keys in PEM format have been encrypted by AES-128 for a while (not 3DES). bz#2788 reported by Calum Mackay OpenBSD-Commit-ID: bd33da7acbbb3c882f0a0ee56007a35ce0d8a11a
2017-11-03Check for linux/if.h when enabling rdomain.Darren Tucker
musl libc doesn't seem to have linux/if.h, so check for its presence before enabling rdomain support on Linux.
2017-11-03Add headers for sys/sysctl.h and net/route.hDarren Tucker
On at least older OpenBSDs, sys/sysctl.h and net/route.h require sys/types and, in the case of sys/sysctl.h, sys/param.h for MAXLOGNAME.
2017-11-03upstream commitdjm@openbsd.org@openbsd.org
avoid unused variable warnings for !WITH_OPENSSL; patch from Marcus Folkesson OpenBSD-Commit-ID: c01d27a3f907acdc3dd4ea48170fac3ba236d229
2017-11-03only enable functions in dh.c when openssl is usedMarcus Folkesson
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
2017-11-01upstream commitdjm@openbsd.org@openbsd.org
fix broken stdout in ControlPersist mode, introduced by me in r1.467 and reported by Alf Schlichting OpenBSD-Commit-ID: 3750a16e02108fc25f747e4ebcedb7123c1ef509
2017-10-31Include includes.h for HAVE_GETPAGESIZE.Darren Tucker
The configure script checks for getpagesize() and sets HAVE_GETPAGESIZE in config.h, but bsd-getpagesize.c forgot to include includes.h (which indirectly includes config.h) so the checks always fails, causing linker issues when linking statically on systems with getpagesize(). Patch from Peter Korsgaard <peter at korsgaard.com>
2017-10-31upstream commitdjm@openbsd.org@openbsd.org
whitespace at EOL OpenBSD-Regress-ID: f4b5df99b28c6f63478deb916c6ed0e794685f07
2017-10-31upstream commitdjm@openbsd.org@openbsd.org
whitespace at EOL OpenBSD-Regress-ID: 19b1394393deee4c8a2114a3b7d18189f27a15cd
2017-10-31upstream commitmillert@openbsd.org@openbsd.org
Use printenv to test whether an SSH_USER_AUTH is set instead of using $SSH_USER_AUTH. The latter won't work with csh which treats unknown variables as an error when expanding them. OK markus@ OpenBSD-Regress-ID: f601e878dd8b71aa40381573dde3a8f567e6f2d1
2017-10-31upstream commitmillert@openbsd.org@openbsd.org
Add tests for URI parsing. OK markus@ OpenBSD-Regress-ID: 5d1df19874f3b916d1a2256a905526e17a98bd3b