Age | Commit message (Collapse) | Author |
|
Some platforms (older FreeBSD and DragonFly versions) do have
getaddrinfo() but do not have AI_NUMERICINFO. so define it to zero
in those cases.
|
|
more options that are available under Match; bz#2353 reported
by calestyo AT scientia.net
|
|
UpdateHostKeys fixes:
I accidentally changed the format of the hostkeys@openssh.com messages
last week without changing the extension name, and this has been causing
connection failures for people who are running -current. First reported
by sthen@
s/hostkeys@openssh.com/hostkeys-00@openssh.com/
Change the name of the proof message too, and reorder it a little.
Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY
available to read the response) so disable UpdateHostKeys if it is in
ask mode and ControlPersist is active (and document this)
|
|
Regression: I broke logging of public key fingerprints in
1.46. Pointed out by Pontus Lundkvist
|
|
|
|
|
|
enable hostkeys unit tests
|
|
check string/memory compare arguments aren't NULL
|
|
unit tests for hostfile.c code, just hostkeys_foreach so
far
|
|
test server rekey limit
|
|
partial backout of:
revision 1.441
date: 2015/01/31 20:30:05; author: djm; state: Exp; lines: +17 -10; commitid
: x8klYPZMJSrVlt3O;
Let sshd load public host keys even when private keys are missing.
Allows sshd to advertise additional keys for future key rotation.
Also log fingerprint of hostkeys loaded; ok markus@
hostkey updates now require access to the private key, so we can't
load public keys only. The improved log messages (fingerprints of keys
loaded) are kept.
|
|
Revise hostkeys@openssh.com hostkey learning extension.
The client will not ask the server to prove ownership of the private
halves of any hitherto-unseen hostkeys it offers to the client.
Allow UpdateHostKeys option to take an 'ask' argument to let the
user manually review keys offered.
ok markus@
|
|
Refactor hostkeys_foreach() and dependent code Deal with
IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing
changed ok markus@ as part of larger commit
|
|
Declare ge25519_base as extern, to prevent it from
becoming a common. Gets us rid of ``lignment 4 of symbol
`crypto_sign_ed25519_ref_ge25519_base' in mod_ge25519.o is smaller than 16 in
mod_ed25519.o'' warnings at link time.
|
|
make rekey_limit for sshd w/privsep work; ok djm@
dtucker@
|
|
Prevent sshd spamming syslog with
"ssh_dispatch_run_fatal: disconnected". ok markus@
|
|
Some packet error messages show the address of the peer,
but might be generated after the socket to the peer has suffered a TCP reset.
In these cases, getpeername() won't work so cache the address earlier.
spotted in the wild via deraadt@ and tedu@
|
|
fix some leaks in error paths ok markus@
|
|
SIZE_MAX is standard, we should be using it in preference to
the obsolete SIZE_T_MAX. OK miod@ beck@
|
|
Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@
|
|
missing ; djm and mlarkin really having great
interactions recently
|
|
slightly extend the passphrase prompt if running with -c
in order to give the user a chance to notice if unintentionally running
without it
wording tweak and ok djm@
|
|
handle PKCS#11 C_Login returning
CKR_USER_ALREADY_LOGGED_IN; based on patch from Yuri Samoilenko; ok markus@
|
|
turn UpdateHostkeys off by default until I figure out
mlarkin@'s warning message; requested by deraadt@
|
|
increasing encounters with difficult DNS setups in
darknets has convinced me UseDNS off by default is better ok djm
|
|
Let sshd load public host keys even when private keys are
missing. Allows sshd to advertise additional keys for future key rotation.
Also log fingerprint of hostkeys loaded; ok markus@
|
|
Add a ssh_config HostbasedKeyType option to control which
host public key types are tried during hostbased authentication.
This may be used to prevent too many keys being sent to the server,
and blowing past its MaxAuthTries limit.
bz#2211 based on patch by Iain Morgan; ok markus@
|
|
set a timeout to prevent hangs when talking to busted
servers; ok markus@
|
|
regression test for 'wildcard CA' serial/key ID revocations
|
|
avoid more fatal/exit in the packet.c paths that
ssh-keyscan uses; feedback and "looks good" markus@
|
|
permit KRLs that revoke certificates by serial number or
key ID without scoping to a particular CA; ok markus@
|
|
missing parentheses after if in do_convert_from() broke
private key conversion from other formats some time in 2010; bz#2345 reported
by jjelen AT redhat.com
|
|
fix ssh protocol 1, spotted by miod@
|
|
update to new API (key_fingerprint => sshkey_fingerprint)
check sshkey_fingerprint return values; ok markus
|
|
avoid fatal() calls in packet code makes ssh-keyscan more
reliable against server failures ok dtucker@ markus@
|
|
avoid fatal() calls in packet code makes ssh-keyscan more
reliable against server failures ok dtucker@ markus@
|
|
remove obsolete comment
|
|
Since r1.2 removed the use of PRI* macros, inttypes.h is
no longer required.
ok djm@
|
|
|
|
|
|
|
|
temporary measure until active_state goes away entirely
|
|
use printf instead of echo -n to reduce diff against
-portable
|
|
sort previous;
|
|
properly restore umask
|
|
regression test for host key rotation
|
|
adapt to sshkey API tweaks
|
|
Move -lz late in the linker commandline for things to
build on static arches.
|
|
-Wpointer-sign is supported by gcc 4 only.
|
|
use SUBDIR to recuse into unit tests; makes "make obj"
actually work
|