| Age | Commit message (Collapse) | Author |
|---|
|
only ssh-keygen needs uuencode.o; only scp/sftp use
progressmeter.o
OpenBSD-Commit-ID: a337e886a49f96701ccbc4832bed086a68abfa85
|
|
uuencode.h is not used
OpenBSD-Commit-ID: 238eb4659f3c119904326b9e94a5e507a912796c
|
|
|
|
another libssh casualty
OpenBSD-Regress-ID: 839b970560246de23e7c50215095fb527a5a83ec
|
|
missed one (unbreak after ssh/lib removal)
OpenBSD-Regress-ID: cfdd132143131769e2d2455e7892b5d55854c322
|
|
unbreak unit tests after removal of src/usr.bin/ssh/lib
OpenBSD-Regress-ID: 3a79760494147b20761cbd2bd5c20e86c63dc8f9
|
|
revert stricter key type / signature type checking in
userauth path; too much software generates inconsistent messages, so we need
a better plan.
OpenBSD-Commit-ID: 4a44ddc991c803c4ecc8f1ad40e0ab4d22e1c519
|
|
explicitly test all key types and their certificate
counterparts
refactor a little
OpenBSD-Regress-ID: e9ecd5580821b9ef8b7106919c6980d8e45ca8c4
|
|
use cmp in a loop instead of diff -N to compare
directories. The former works on more platforms for Portable.
OpenBSD-Regress-ID: c3aa72807f9c488e8829a26ae50fe5bcc5b57099
|
|
|
|
include signature type and CA key (if applicable) in some
debug messages
OpenBSD-Commit-ID: b71615cc20e78cec7105bb6e940c03ce9ae414a5
|
|
unbreak hostkey rotation; attempting to sign with a
desired signature algorithm of kex->hostkey_alg is incorrect when the key
type isn't capable of making those signatures. ok markus@
OpenBSD-Commit-ID: 35ae46864e1f5859831ec0d115ee5ea50953a906
|
|
log mismatched RSA signature types; ok markus@
OpenBSD-Commit-ID: 381bddfcc1e297a42292222f3bcb5ac2b7ea2418
|
|
pass kex->hostkey_alg and kex->hostkey_nid from pre-auth
to post-auth unpriviledged child processes; ok markus@
OpenBSD-Commit-ID: 4a35bc7af0a5f8a232d1361f79f4ebc376137302
|
|
Add helper function for uri handing in scp where a
missing path simply means ".". Also fix exit code and add warnings when an
invalid uri is encountered. OK otto@
OpenBSD-Commit-ID: 47dcf872380586dabf7fcc6e7baf5f8ad508ae1a
|
|
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
|
|
sshkey_sigtype() function to return the type of a
signature; ok markus@
OpenBSD-Commit-ID: d3772b065ad6eed97285589bfb544befed9032e8
|
|
Replace ED25519's private SHA-512 implementation with a
call to the regular digest code. This speeds up compilation considerably. ok
markus@
OpenBSD-Commit-ID: fcce8c3bcfe7389462a28228f63c823e80ade41c
|
|
Create a persistent umac128.c source file: #define the
output size and the name of the entry points for UMAC-128 before including
umac.c. Idea from FreeBSD. ok dtucker@
OpenBSD-Commit-ID: 463cfacfa07cb8060a4d4961e63dca307bf3f4b1
|
|
|
|
Put an empty config.h into the dependency list to ensure that it's
always listed and consistent.
|
|
ssh/lib hasn't worked towards our code-sharing goals for
a quit while, perhaps it is too verbose? Change each */Makefile to
specifying exactly what sources that program requires, compiling it seperate.
Maybe we'll iterate by sorting those into seperatable chunks, splitting up
files which contain common code + server/client specific code, or whatnot.
But this isn't one step, or we'd have done it a long time ago.. ok dtucker
markus djm
OpenBSD-Commit-ID: 5317f294d63a876bfc861e19773b1575f96f027d
|
|
Put remote client info back into the ClientAlive
connection termination message. Based in part on diff from lars.nooden at
gmail, ok djm
OpenBSD-Commit-ID: 80a0f619a29bbf2f32eb5297a69978a0e05d0ee0
|
|
time_t printing needs %lld and (long long) casts ok djm
OpenBSD-Commit-ID: 4a93bc2b0d42a39b8f8de8bb74d07ad2e5e83ef7
|
|
fix ordering in previous to ensure errno isn't clobbered
before logging.
OpenBSD-Commit-ID: e260bc1e145a9690dcb0d5aa9460c7b96a0c8ab2
|
|
for some reason unix_listener() logged most errors twice
with each message containing only some of the useful information; merge these
OpenBSD-Commit-ID: 1978a7594a9470c0dddcd719586066311b7c9a4a
|
|
Adds a .depend file containing dependency information generated by
makedepend, which is appended to the generated Makefile by configure.
You can regen the file with "make -f Makefile.in depend" if necessary,
but we'll be looking at some way to automatically keep this up to date.
"no objection" djm@
|
|
When ldns-config is not found, configure would check the wrong variable.
ok djm@
|
|
|
|
|
|
don't accept junk after "yes" or "no" responses to
hostkey prompts. bz#2803 reported by Maksim Derbasov; ok dtucker@
OpenBSD-Commit-ID: e1b159fb2253be973ce25eb7a7be26e6f967717c
|
|
Replace atoi and strtol conversions for integer arguments
to config keywords with a checking wrapper around strtonum. This will
prevent and flag invalid and negative arguments to these keywords. ok djm@
OpenBSD-Commit-ID: 99ae3981f3d608a219ccb8d2fff635ae52c17998
|
|
Add missing break for rdomain. Prevents spurious
"Deprecated option" warnings. ok djm@
OpenBSD-Commit-ID: ba28a675d39bb04a974586241c3cba71a9c6099a
|
|
include the addr:port in bind/listen failure messages
OpenBSD-Commit-ID: fdadb69fe1b38692608809cf0376b71c2c28e58e
|
|
Import updated moduli.
OpenBSD-Commit-ID: 524d210f982af6007aa936ca7f4c977f4d32f38a
|
|
Have sftp print a warning about shell cleanliness when
decoding the first packet fails, which is usually caused by shells polluting
stdout of non-interactive starups. bz#2800, ok markus@ deraadt@.
OpenBSD-Commit-ID: 88d6a9bf3470f9324b76ba1cbd53e50120f685b5
|
|
Check for MIKDIR_P and use it instead of mkinstalldirs. Should fix "mkdir:
cannot create directory:... File exists" during "make install".
Patch from eb at emlix.com.
|
|
Suggested by eb at emlix.com
|
|
SSH1 support is now gone, remove SSH1 key generation.
Patch from eb at emlix.com.
|
|
more whitespace errors
OpenBSD-Commit-ID: 5e11c125378327b648940b90145e0d98beb05abb
|
|
whitespace at EOL
OpenBSD-Commit-ID: 76d3965202b22d59c2784a8df3a8bfa5ee67b96a
|
|
Add monotime_ts and monotime_tv that return monotonic
timespec and timeval respectively. Replace calls to gettimeofday() in packet
timing with monotime_tv so that the callers will work over a clock step.
Should prevent integer overflow during clock steps reported by wangle6 at
huawei.com. "I like" markus@
OpenBSD-Commit-ID: 74d684264814ff806f197948b87aa732cb1b0b8a
|
|
Remove get_current_time() and replace with calls to
monotime_double() which uses CLOCK_MONOTONIC and works over clock steps. "I
like" markus@
OpenBSD-Commit-ID: 3ad2f7d2414e2cfcaef99877a7a5b0baf2242952
|
|
|
|
Pointed out by Solar Designer
|
|
downgrade a couple more request parsing errors from
process-fatal to just returning failure, making them consistent with the
others that were already like that.
OpenBSD-Commit-ID: c111461f7a626690a2d53018ef26557b34652918
|
|
fix regression in 7.6: failure to parse a signature request
message shouldn't be fatal to the process, just the request. Reported by Ron
Frederick
OpenBSD-Commit-ID: e5d01b3819caa1a2ad51fc57d6ded43f48bbcc05
|
|
fix problem in configuration parsing when in config dump mode
(sshd -T) without providing a full connection specification (sshd -T -C ...)
spotted by bluhm@
OpenBSD-Commit-ID: 7125faf5740eaa9d3a2f25400a0bc85e94e28b8f
|
|
reuse parse_multistate for parse_flag (yes/no arguments).
Saves a few lines of code and makes the parser more consistent wrt case-
sensitivity. bz#2664 ok dtucker@
OpenBSD-Commit-ID: b2ad1b6086858d5db71c7b11e5a74dba6d60efef
|
|
allow certificate validity intervals that specify only a
start or stop time (we already support specifying both or neither)
OpenBSD-Commit-ID: 9be486545603c003030bdb5c467d1318b46b4e42
|
