| Age | Commit message (Collapse) | Author |
|---|
|
spell out that custom options/extensions should follow the
usual SSH naming rules, e.g. "extension@example.com"
Upstream-ID: ab326666d2fad40769ec96b5a6de4015ffd97b8d
|
|
one more void *ctx => struct ssh *ssh conversion
Upstream-ID: d299d043471c10214cf52c03daa10f1c232759e2
|
|
fix possible OOB strlen() in SOCKS4A hostname parsing;
ok markus@
Upstream-ID: c67297cbeb0e5a19d81752aa18ec44d31270cd11
|
|
tweak previous;
Upstream-ID: 66987651046c42d142f7318c9695fb81a6d14031
|
|
Add RemoteCommand option to specify a command in the
ssh config file instead of giving it on the client's command line. This
command will be executed on the remote host. The feature allows to automate
tasks using ssh config. OK markus@
Upstream-ID: 5d982fc17adea373a9c68cae1021ce0a0904a5ee
|
|
switch auth2 to ssh_dispatch API; ok djm@
Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f
|
|
switch auth2-none.c to modern APIs; ok djm@
Upstream-ID: 07252b58e064d332214bcabbeae8e08c44b2001b
|
|
switch auth2-passwd.c to modern APIs; ok djm@
Upstream-ID: cba0a8b72b4f97adfb7e3b3fd2f8ba3159981fc7
|
|
switch auth2-hostbased.c to modern APIs; ok djm@
Upstream-ID: 146af25c36daeeb83d5dbbb8ca52b5d25de88f4e
|
|
protocol handlers all get struct ssh passed; ok djm@
Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
|
|
ssh: pass struct ssh to auth functions, too; ok djm@
Upstream-ID: d13c509cc782f8f19728fbea47ac7cf36f6e85dd
|
|
sshd: pass struct ssh to auth functions; ok djm@
Upstream-ID: b00a80c3460884ebcdd14ef550154c761aebe488
|
|
remove unused wrapper functions from key.[ch]; ok djm@
Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
|
|
sshkey_new() might return NULL (pkcs#11 code only); ok
djm@
Upstream-ID: de9f2ad4a42c0b430caaa7d08dea7bac943075dd
|
|
switch sshconnect.c to modern APIs; ok djm@
Upstream-ID: 27be17f84b950d5e139b7a9b281aa487187945ad
|
|
switch auth2-pubkey.c to modern APIs; with & ok djm@
Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
|
|
switch from Key typedef with struct sshkey; ok djm@
Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
|
|
remove ssh1 references; ok djm@
Upstream-ID: fc23b7578e7b0a8daaec72946d7f5e58ffff5a3d
|
|
revise sshkey_load_public(): remove ssh1 related
comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if
'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@
Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca
|
|
sshbuf_consume: reset empty buffer; ok djm@
Upstream-ID: 0d4583ba57f69e369d38bbd7843d85cac37fa821
|
|
remove SSH_CHANNEL_XXX_DRAINING (ssh1 only); ok djm@
Upstream-ID: e2e225b6ac67b84dd024f38819afff2554fafe42
|
|
remove channel_input_close_confirmation (ssh1 only); ok
djm@
Upstream-ID: 8e7c8c38f322d255bb0294a5c0ebef53fdf576f1
|
|
fix references to obsolete v00 cert format; spotted by
Jakub Jelen
Upstream-ID: 7600ce193ab8fd19451acfe24fc2eb39d46b2c4f
|
|
The cross-compiling fallback message says it's assuming the test
passed, but it didn't actually set the cache var which causes
later tests to fail.
|
|
there's no reason to artificially limit the key path
here, just check that it fits PATH_MAX; spotted by Matthew Patton
Upstream-ID: 858addaf2009c9cf04d80164a41b2088edb30b58
|
|
Now that we no longer support SSHv1, replace the contents
of this file with a pointer to
https://tools.ietf.org/html/draft-miller-ssh-agent-00 It's better edited,
doesn't need to document stuff we no longer implement and does document stuff
that we do implement (RSA SHA256/512 signature flags)
Upstream-ID: da8cdc46bbcc266efabd565ddddd0d8e556f846e
|
|
allow LogLevel in sshd_config Match blocks; ok dtucker
bz#2717
Upstream-ID: 662e303be63148f47db1aa78ab81c5c2e732baa8
|
|
remove duplicate check; spotted by Jakub Jelen
Upstream-ID: 30c2996c1767616a8fdc49d4cee088efac69c3b0
|
|
mention that Ed25519 keys are valid as CA keys; spotted
by Jakub Jelen
Upstream-ID: d3f6db58b30418cb1c3058211b893a1ffed3dfd4
|
|
|
|
remove hmac-ripemd160; ok dtucker
Upstream-ID: 896e737ea0bad6e23327d1c127e02d5e9e9c654d
|
|
make requesting bad ECDSA bits yield the same error
(SSH_ERR_KEY_LENGTH) as the same mistake for RSA/DSA
Upstream-ID: bf40d3fee567c271e33f05ef8e4e0fa0b6f0ece6
|
|
fix for new SSH_ERR_KEY_LENGTH error value
Upstream-Regress-ID: c38a6e6174d4c3feca3518df150d4fbae0dca8dc
|
|
helps if I commit the correct version of the file. fix
missing return statement.
Upstream-ID: c86394a3beeb1ec6611e659bfa830254f325546c
|
|
remove arcfour, blowfish and CAST here too
Upstream-Regress-ID: c613b3bcbef75df1fe84ca4dc2d3ef253dc5e920
|
|
I was too aggressive with the scalpel in the last commit;
unbreak sshd, spotted quickly by naddy@
Upstream-ID: fb7e75d2b2c7e6ca57dee00ca645e322dd49adbf
|
|
Refuse RSA keys <1024 bits in length. Improve reporting
for keys that do not meet this requirement. ok markus@
Upstream-ID: b385e2a7b13b1484792ee681daaf79e1e203df6c
|
|
Don't offer CBC ciphers by default in the client. ok
markus@
Upstream-ID: 94c9ce8d0d1a085052e11c7f3307950fdc0901ef
|
|
As promised in last release announcement: remove
support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@
Upstream-ID: 21f8facdba3fd8da248df6417000867cec6ba222
|
|
more simplification and removal of SSHv1-related code;
ok djm@
Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
|
|
remove superfluous protocol 2 mentions; ok jmc@
Upstream-ID: 0aaf7567c9f2e50fac5906b6a500a39c33c4664d
|
|
since a couple of people have asked, leave a comment
explaining why we retain SSH v.1 support in the "delete all keys from agent"
path.
Upstream-ID: 4b42dcfa339813c15fe9248a2c1b7ed41c21bbb4
|
|
another tentacle: cipher_set_key_string() was only ever
used for SSHv1
Upstream-ID: 7fd31eb6c48946f7e7cc12af0699fe8eb637e94a
|
|
restore mistakenly deleted description of the
ConnectionAttempts option ok markus@
Upstream-ID: 943002b1b7c470caea3253ba7b7348c359de0348
|
|
remove miscellaneous SSH1 leftovers; ok markus@
Upstream-ID: af23696022ae4d45a1abc2fb8b490d8d9dd63b7c
|
|
more protocol 1 bits removed; ok djm
Upstream-ID: b5b977eaf756915acb56aef3604a650e27f7c2b9
|
|
more protocol 1 stuff to go; ok djm
Upstream-ID: 307a30441d2edda480fd1661d998d36665671e47
|
|
rsa1 is no longer valid;
Upstream-ID: 9953d09ed9841c44b7dcf7019fa874783a709d89
|
|
add PubKeyAcceptedKeyTypes to the -o list: scp(1) has
it, so i guess this should too;
Upstream-ID: 7fab32e869ca5831d09ab0c40d210b461d527a2c
|
|
remove now obsolete protocol1 options from the -o
lists;
Upstream-ID: 828e478a440bc5f9947672c392420510a362b3dd
|
