| Age | Commit message (Collapse) | Author |
|---|
|
refetch them. Based on patch from Jakub Jelen; bz#2430 ok markus@
OpenBSD-Commit-ID: ab53bd6ddd54dd09e54a8bfbed1a984496f08b43
|
|
percolate all the way up to dispatch_run_fatal() and lose all meaninful
context
to help with bz#3063; ok dtucker@
OpenBSD-Commit-ID: 5b2da83bb1c4a3471444b7910b2120ae36438a0a
|
|
OpenBSD-Commit-ID: 00f5c6062f6863769f5447c6346f78c05d2e4a63
|
|
OpenBSD-Commit-ID: e891dd6c7996114cb32f0924cb7898ab55efde6e
|
|
|
|
|
|
OpenBSD-Commit-ID: 34d44cb0fb5bdb5fcbc6b02b804e71b20a7a5fc7
|
|
fuzzing
rename to make more consistent with philosophically-similar auth
options parsing API.
OpenBSD-Commit-ID: 0c67600ef04187f98e2912ca57b60c22a8025b7c
|
|
Options such as Ciphers take values that may be a list of ciphers; the
complete list, not indiviual elements, may be prefixed with a dash or plus
character to remove from or append to the default list, respectively.
Users might read the current text as if each elment took an optional prefix,
so tweak the wording from "values" to "list" to prevent such ambiguity for
all options supporting these semantics.
Fix instances missed in first commit. ok jmc@ kn@
OpenBSD-Commit-ID: 7112522430a54fb9f15a7a26d26190ed84d5e417
|
|
OpenBSD-Commit-ID: 0abd728aef6b5b35f6db43176aa83b7e3bf3ce27
|
|
OpenBSD-Commit-ID: d125ab720ca71ccf9baf83e08ddc8c12a328597e
|
|
|
|
|
|
|
|
OpenBSD-Regress-ID: 74c0974f2cdae8d9599b9d76a09680bae55d8a8b
|
|
from confusing the test.
OpenBSD-Regress-ID: b8f1508f822bc560b98dea910e61ecd76f34100f
|
|
Markus
ok markus/me
OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
|
|
for OpenSSH
This adds a simple manual signature scheme to OpenSSH.
Signatures can be made and verified using ssh-keygen -Y sign|verify
Signatures embed the key used to make them. At verification time, this
is matched via principal name against an authorized_keys-like list
of allowed signers.
Mostly by Sebastian Kinne w/ some tweaks by me
ok markus@
OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb
|
|
and make them public; ok markus@
OpenBSD-Commit-ID: c18bcb2a687227b3478377c981c2d56af2638ea2
|
|
markus@
OpenBSD-Commit-ID: 01f8cdbec63350490d2249f41112c5780d1cfbb8
|
|
public; ok markus@
OpenBSD-Commit-ID: edda2fbba2c5b1f48e60f857a2010479e80c5f3c
|
|
markus@
OpenBSD-Commit-ID: caa77e8a3b210948e29ad3e28c5db00852961eae
|
|
This commit adds a helper function which allows the caller to
check if a given public key is present in ssh-agent.
work by Sebastian Kinne; ok markus@
OpenBSD-Commit-ID: d43c5826353e1fdc1af71eb42961b30782c7bd13
|
|
OpenBSD-Commit-ID: aa51f77ae2c5330a1f61b2d22933f24a443f9abf
|
|
OpenBSD-Commit-ID: 304e95381b39c774c8fced7e5328b106a3ff0400
|
|
OpenBSD-Commit-ID: 724bafc9f993746ad4303e95bede2c030de6233b
|
|
from log level error to debug. This is common when attempting to enumerate
keys on smartcard readers with no cards plugged in. bz#3058 ok dtucker@
OpenBSD-Commit-ID: bb8839ddeb77c271390488af1b771041d43e49c6
|
|
bz#3052; ok dtucker
OpenBSD-Commit-ID: a91b2a8d5f1053d34d7fce44523c53fb534ba914
|
|
from likan_999.student AT sina.com
|
|
Dropping this privilege removes the ability to create hard links to
files owned by other users. This is required for the legacy sftp rename
operation.
bz#3036; approach ok Alex Wilson (the original author of the Solaris
sandbox/pledge replacement code)
|
|
supported even when built without OpenSSL. Use RSA for the secondary type
test if supported, otherwise skip it. Fixes this test for !OpenSSL builds.
OpenBSD-Regress-ID: 101cb34a84fd974c623bdb2e496f25a6e91be109
|
|
sshbuf-misc.c to regress as it was done in ssh make file. from Moritz Buhl
OpenBSD-Regress-ID: 9e1c23476bb845f3cf3d15d9032da3ed0cb2fcf5
|
|
Enable -Wextra if compiler supports it
Set -Wno-error=format-truncation if available to prevent expected
string truncations in openbsd-compat from breaking -Werror builds
|
|
Refactor closefrom() to use a single brute-force close() loop fallback.
Based on patch from likan_999.student@sina.com in bz#3049. ok dtucker@
|
|
Options such as Ciphers take values that may be a list of ciphers; the
complete list, not indiviual elements, may be prefixed with a dash or plus
character to remove from or append to the default list respectively.
Users might read the current text as if each elment took an optional prefix,
so tweak the wording from "values" to "list" to prevent such ambiguity for
all options supporting this semantics (those that provide a list of
available elements via "ssh -Q ...").
Input and OK jmc
OpenBSD-Commit-ID: 4fdd175b0e5f5cb10ab3f26ccc38a93bb6515d57
|
|
OpenBSD-Commit-ID: 99dd10e72c04e93849981d43d64c946619efa474
|
|
The name of the file that we check when sshd is supposed to be down is
correct in the script, but not in the comments :)
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
Closes: #935936
|
|
|
|
There is no parameter called "pathname", it should simply be "path".
bz#3059, patch from samuel at cendio.se.
|
|
Restrict to PROT_(READ|WRITE|NONE), i.e. exclude PROT_EXEC
|
|
Used by some hardened heap allocators. Requested by Yegor
Timoshenko in https://github.com/openssh/openssh-portable/pull/142
|
|
fixed buffer; ok markus@
OpenBSD-Commit-ID: 3f9ef20bca5ef5058b48c1cac67c53b9a1d15711
|
|
Changelog entry for Lorenzo Puliti's recently-merged commit.
Closes: #933999
|
|
|
|
Please add a runscript for runit
See merge request ssh-team/openssh!7
|
|
Add a 'run' and a 'finish' script for runit init system;
rely on dh-runit for maintscript code.
|
|
incorrectly during "match exec" processing. bz#2791 reported by Dario
Bertini; ok dtucker
OpenBSD-Commit-ID: cf9eddd6a6be726cb73bd9c3936f3888cd85c03d
|
|
"unresponsive" to clarify what it checks for. Patch from jblaine at
kickflop.net via github pr#129, ok djm@.
OpenBSD-Commit-ID: 3682f8ec7227f5697945daa25d11ce2d933899e9
|
