summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-06-10upstream commitdjm@openbsd.org
implement sorting for globbed ls; bz#2649 ok dtucker@ Upstream-ID: ed3110f351cc9703411bf847ba864041fb7216a8
2017-06-10upstream commitdjm@openbsd.org
return failure rather than fatal() for more cases during mux negotiations. Causes the session to fall back to a non-mux connection if they occur. bz#2707 ok dtucker@ Upstream-ID: d2a7892f464d434e1f615334a1c9d0cdb83b29ab
2017-06-10upstream commitdjm@openbsd.org
in description of public key authentication, mention that the server will send debug messages to the client for some error conditions after authentication has completed. bz#2709 ok dtucker Upstream-ID: 750127dbd58c5a2672c2d28bc35fe221fcc8d1dd
2017-06-10upstream commitdjm@openbsd.org
better translate libcrypto errors by looking deeper in the accursed error stack for codes that indicate the wrong passphrase was supplied for a PEM key. bz#2699 ok dtucker@ Upstream-ID: 4da4286326d570f4f0489459bb71f6297e54b681
2017-06-10upstream commitdtucker@openbsd.org
Add comments referring to the relevant RFC sections for rekeying behaviour. Upstream-ID: 6fc8e82485757a27633f9175ad00468f49a07d40
2017-06-09drop two more privileges in the Solaris sandboxDamien Miller
Drop PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO. Patch from huieying.lee AT oracle.com via bz#2723
2017-06-09Wrap stdint.h include in #ifdef.Darren Tucker
2017-06-08upstream commitdjm@openbsd.org
unbreak after sshv1 purge Upstream-Regress-ID: 8ea01a92d5f571b9fba88c1463a4254a7552d51b
2017-06-07upstream commitdtucker@openbsd.org
Fix compression output stats broken in rev 1.201. Patch originally by Russell Coker via Debian bug #797964 and Christoph Biedl. ok djm@ Upstream-ID: 83a1903b95ec2e4ed100703debb4b4a313b01016
2017-06-07upstream commitdjm@openbsd.org
rationalise the long list of manual CDIAGFLAGS that we add; most of these were redundant to -Wall -Wextra Upstream-ID: ea80f445e819719ccdcb237022cacfac990fdc5c
2017-06-07upstream commitdjm@openbsd.org
no need to bzero allocated space now that we use use recallocarray; ok deraadt@ Upstream-ID: 53333c62ccf97de60b8cb570608c1ba5ca5803c8
2017-06-07upstream commitdjm@openbsd.org
unconditionally zero init size of buffer; ok markus@ deraadt@ Upstream-ID: 218963e846d8f26763ba25afe79294547b99da29
2017-06-01avoid compiler warningDamien Miller
2017-06-01upstream commitdjm@openbsd.org
some warnings spotted by clang; ok markus@ Upstream-ID: 24381d68ca249c5cee4388ceb0f383fa5b43991b
2017-06-01add recallocarray replacement and dependencyDamien Miller
recallocarray() needs getpagesize() so add a tiny replacement for that.
2017-06-01add *.0 manpage droppingsDamien Miller
2017-06-01upstream commitdjm@openbsd.org
fix casts re constness Upstream-ID: e38f2bac162b37dbaf784d349c8327a6626fa266
2017-06-01upstream commitmarkus@openbsd.org
make sure we don't pass a NULL string to vfprintf (triggered by the principals-command regress test); ok bluhm Upstream-ID: eb49854f274ab37a0b57056a6af379a0b7111990
2017-06-01upstream commitmarkus@openbsd.org
use SO_ZEROIZE for privsep communication (if available) Upstream-ID: abcbb6d2f8039fc4367a6a78096e5d5c39de4a62
2017-06-01upstream commitderaadt@openbsd.org
Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065
2017-06-01upstream commitderaadt@openbsd.org
These shutdown() SHUT_RDWR are not needed before close() ok djm markus claudio Upstream-ID: 36f13ae4ba10f5618cb9347933101eb4a98dbcb5
2017-06-01upstream commitmarkus@openbsd.org
clear session keys from memory; ok djm@ Upstream-ID: ecd178819868975affd5fd6637458b7c712b6a0f
2017-06-01upstream commitmarkus@openbsd.org
remove now obsolete ctx from ssh_dispatch_run; ok djm@ Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
2017-05-31upstream commitmarkus@openbsd.org
use the ssh_dispatch_run_fatal variant Upstream-ID: 28c5b364e37c755d1b22652b8cd6735a05c625d8
2017-05-31upstream commitdjm@openbsd.org
another ctx => ssh conversion (in GSSAPI code) Upstream-ID: 4d6574c3948075c60608d8e045af42fe5b5d8ae0
2017-05-31fix conversion of kexc25519s.c to struct ssh tooDamien Miller
git cvsimport missed this commit for some reason
2017-05-31upstream commitdjm@openbsd.org
spell out that custom options/extensions should follow the usual SSH naming rules, e.g. "extension@example.com" Upstream-ID: ab326666d2fad40769ec96b5a6de4015ffd97b8d
2017-05-31upstream commitdjm@openbsd.org
one more void *ctx => struct ssh *ssh conversion Upstream-ID: d299d043471c10214cf52c03daa10f1c232759e2
2017-05-31upstream commitdjm@openbsd.org
fix possible OOB strlen() in SOCKS4A hostname parsing; ok markus@ Upstream-ID: c67297cbeb0e5a19d81752aa18ec44d31270cd11
2017-05-31upstream commitjmc@openbsd.org
tweak previous; Upstream-ID: 66987651046c42d142f7318c9695fb81a6d14031
2017-05-31upstream commitbluhm@openbsd.org
Add RemoteCommand option to specify a command in the ssh config file instead of giving it on the client's command line. This command will be executed on the remote host. The feature allows to automate tasks using ssh config. OK markus@ Upstream-ID: 5d982fc17adea373a9c68cae1021ce0a0904a5ee
2017-05-31upstream commitmarkus@openbsd.org
switch auth2 to ssh_dispatch API; ok djm@ Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-none.c to modern APIs; ok djm@ Upstream-ID: 07252b58e064d332214bcabbeae8e08c44b2001b
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-passwd.c to modern APIs; ok djm@ Upstream-ID: cba0a8b72b4f97adfb7e3b3fd2f8ba3159981fc7
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-hostbased.c to modern APIs; ok djm@ Upstream-ID: 146af25c36daeeb83d5dbbb8ca52b5d25de88f4e
2017-05-31upstream commitmarkus@openbsd.org
protocol handlers all get struct ssh passed; ok djm@ Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
2017-05-31upstream commitmarkus@openbsd.org
ssh: pass struct ssh to auth functions, too; ok djm@ Upstream-ID: d13c509cc782f8f19728fbea47ac7cf36f6e85dd
2017-05-31upstream commitmarkus@openbsd.org
sshd: pass struct ssh to auth functions; ok djm@ Upstream-ID: b00a80c3460884ebcdd14ef550154c761aebe488
2017-05-31upstream commitmarkus@openbsd.org
remove unused wrapper functions from key.[ch]; ok djm@ Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
2017-05-31upstream commitmarkus@openbsd.org
sshkey_new() might return NULL (pkcs#11 code only); ok djm@ Upstream-ID: de9f2ad4a42c0b430caaa7d08dea7bac943075dd
2017-05-31upstream commitmarkus@openbsd.org
switch sshconnect.c to modern APIs; ok djm@ Upstream-ID: 27be17f84b950d5e139b7a9b281aa487187945ad
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-pubkey.c to modern APIs; with & ok djm@ Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
2017-05-31upstream commitmarkus@openbsd.org
switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
2017-05-31upstream commitmarkus@openbsd.org
remove ssh1 references; ok djm@ Upstream-ID: fc23b7578e7b0a8daaec72946d7f5e58ffff5a3d
2017-05-31upstream commitmarkus@openbsd.org
revise sshkey_load_public(): remove ssh1 related comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if 'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@ Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca
2017-05-27upstream commitmarkus@openbsd.org
sshbuf_consume: reset empty buffer; ok djm@ Upstream-ID: 0d4583ba57f69e369d38bbd7843d85cac37fa821
2017-05-27upstream commitmarkus@openbsd.org
remove SSH_CHANNEL_XXX_DRAINING (ssh1 only); ok djm@ Upstream-ID: e2e225b6ac67b84dd024f38819afff2554fafe42
2017-05-27upstream commitmarkus@openbsd.org
remove channel_input_close_confirmation (ssh1 only); ok djm@ Upstream-ID: 8e7c8c38f322d255bb0294a5c0ebef53fdf576f1
2017-05-27upstream commitdjm@openbsd.org
fix references to obsolete v00 cert format; spotted by Jakub Jelen Upstream-ID: 7600ce193ab8fd19451acfe24fc2eb39d46b2c4f
2017-05-25configure: actually set cache vars when cross-compilingMike Frysinger
The cross-compiling fallback message says it's assuming the test passed, but it didn't actually set the cache var which causes later tests to fail.