summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-06-24upstream commitdtucker@openbsd.org
Run the screen twice so we end up with more candidate groups. ok djm@ Upstream-ID: b92c93266d8234d493857bb822260dacf4366157
2017-06-16upstream commitdtucker@openbsd.org
Add user@host prefix to client's "Permisison denied" messages, useful in particular when using "stacked" connections where it's not clear which host is denying. bz#2720, ok djm@ markus@ Upstream-ID: de88e1e9dcb050c98e85377482d1287a9fe0d2be
2017-06-13upstream commitdjm@openbsd.org
Do not require that unknown EXT_INFO extension values not contain \0 characters. This would cause fatal connection errors if an implementation sent e.g. string-encoded sub-values inside a value. Reported by Denis Bider; ok markus@ Upstream-ID: 030e10fdc605563c040244c4b4f1d8ae75811a5c
2017-06-13upstream commitdjm@openbsd.org
missing prototype. Upstream-ID: f443d2be9910fd2165a0667956d03343c46f66c9
2017-06-10portability for sftp globbed ls sort by mtimeDamien Miller
Include replacement timespeccmp() for systems that lack it. Support time_t struct stat->st_mtime in addition to timespec stat->st_mtim, as well as unsorted fallback.
2017-06-10upstream commitdjm@openbsd.org
print '?' instead of incorrect link count (that the protocol doesn't provide) for remote listings. bz#2710 ok dtucker@ Upstream-ID: c611f98a66302cea452ef10f13fff8cf0385242e
2017-06-10upstream commitdjm@openbsd.org
implement sorting for globbed ls; bz#2649 ok dtucker@ Upstream-ID: ed3110f351cc9703411bf847ba864041fb7216a8
2017-06-10upstream commitdjm@openbsd.org
return failure rather than fatal() for more cases during mux negotiations. Causes the session to fall back to a non-mux connection if they occur. bz#2707 ok dtucker@ Upstream-ID: d2a7892f464d434e1f615334a1c9d0cdb83b29ab
2017-06-10upstream commitdjm@openbsd.org
in description of public key authentication, mention that the server will send debug messages to the client for some error conditions after authentication has completed. bz#2709 ok dtucker Upstream-ID: 750127dbd58c5a2672c2d28bc35fe221fcc8d1dd
2017-06-10upstream commitdjm@openbsd.org
better translate libcrypto errors by looking deeper in the accursed error stack for codes that indicate the wrong passphrase was supplied for a PEM key. bz#2699 ok dtucker@ Upstream-ID: 4da4286326d570f4f0489459bb71f6297e54b681
2017-06-10upstream commitdtucker@openbsd.org
Add comments referring to the relevant RFC sections for rekeying behaviour. Upstream-ID: 6fc8e82485757a27633f9175ad00468f49a07d40
2017-06-09drop two more privileges in the Solaris sandboxDamien Miller
Drop PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO. Patch from huieying.lee AT oracle.com via bz#2723
2017-06-09Wrap stdint.h include in #ifdef.Darren Tucker
2017-06-08upstream commitdjm@openbsd.org
unbreak after sshv1 purge Upstream-Regress-ID: 8ea01a92d5f571b9fba88c1463a4254a7552d51b
2017-06-07upstream commitdtucker@openbsd.org
Fix compression output stats broken in rev 1.201. Patch originally by Russell Coker via Debian bug #797964 and Christoph Biedl. ok djm@ Upstream-ID: 83a1903b95ec2e4ed100703debb4b4a313b01016
2017-06-07upstream commitdjm@openbsd.org
rationalise the long list of manual CDIAGFLAGS that we add; most of these were redundant to -Wall -Wextra Upstream-ID: ea80f445e819719ccdcb237022cacfac990fdc5c
2017-06-07upstream commitdjm@openbsd.org
no need to bzero allocated space now that we use use recallocarray; ok deraadt@ Upstream-ID: 53333c62ccf97de60b8cb570608c1ba5ca5803c8
2017-06-07upstream commitdjm@openbsd.org
unconditionally zero init size of buffer; ok markus@ deraadt@ Upstream-ID: 218963e846d8f26763ba25afe79294547b99da29
2017-06-01avoid compiler warningDamien Miller
2017-06-01upstream commitdjm@openbsd.org
some warnings spotted by clang; ok markus@ Upstream-ID: 24381d68ca249c5cee4388ceb0f383fa5b43991b
2017-06-01add recallocarray replacement and dependencyDamien Miller
recallocarray() needs getpagesize() so add a tiny replacement for that.
2017-06-01add *.0 manpage droppingsDamien Miller
2017-06-01upstream commitdjm@openbsd.org
fix casts re constness Upstream-ID: e38f2bac162b37dbaf784d349c8327a6626fa266
2017-06-01upstream commitmarkus@openbsd.org
make sure we don't pass a NULL string to vfprintf (triggered by the principals-command regress test); ok bluhm Upstream-ID: eb49854f274ab37a0b57056a6af379a0b7111990
2017-06-01upstream commitmarkus@openbsd.org
use SO_ZEROIZE for privsep communication (if available) Upstream-ID: abcbb6d2f8039fc4367a6a78096e5d5c39de4a62
2017-06-01upstream commitderaadt@openbsd.org
Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065
2017-06-01upstream commitderaadt@openbsd.org
These shutdown() SHUT_RDWR are not needed before close() ok djm markus claudio Upstream-ID: 36f13ae4ba10f5618cb9347933101eb4a98dbcb5
2017-06-01upstream commitmarkus@openbsd.org
clear session keys from memory; ok djm@ Upstream-ID: ecd178819868975affd5fd6637458b7c712b6a0f
2017-06-01upstream commitmarkus@openbsd.org
remove now obsolete ctx from ssh_dispatch_run; ok djm@ Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
2017-05-31upstream commitmarkus@openbsd.org
use the ssh_dispatch_run_fatal variant Upstream-ID: 28c5b364e37c755d1b22652b8cd6735a05c625d8
2017-05-31upstream commitdjm@openbsd.org
another ctx => ssh conversion (in GSSAPI code) Upstream-ID: 4d6574c3948075c60608d8e045af42fe5b5d8ae0
2017-05-31fix conversion of kexc25519s.c to struct ssh tooDamien Miller
git cvsimport missed this commit for some reason
2017-05-31upstream commitdjm@openbsd.org
spell out that custom options/extensions should follow the usual SSH naming rules, e.g. "extension@example.com" Upstream-ID: ab326666d2fad40769ec96b5a6de4015ffd97b8d
2017-05-31upstream commitdjm@openbsd.org
one more void *ctx => struct ssh *ssh conversion Upstream-ID: d299d043471c10214cf52c03daa10f1c232759e2
2017-05-31upstream commitdjm@openbsd.org
fix possible OOB strlen() in SOCKS4A hostname parsing; ok markus@ Upstream-ID: c67297cbeb0e5a19d81752aa18ec44d31270cd11
2017-05-31upstream commitjmc@openbsd.org
tweak previous; Upstream-ID: 66987651046c42d142f7318c9695fb81a6d14031
2017-05-31upstream commitbluhm@openbsd.org
Add RemoteCommand option to specify a command in the ssh config file instead of giving it on the client's command line. This command will be executed on the remote host. The feature allows to automate tasks using ssh config. OK markus@ Upstream-ID: 5d982fc17adea373a9c68cae1021ce0a0904a5ee
2017-05-31upstream commitmarkus@openbsd.org
switch auth2 to ssh_dispatch API; ok djm@ Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-none.c to modern APIs; ok djm@ Upstream-ID: 07252b58e064d332214bcabbeae8e08c44b2001b
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-passwd.c to modern APIs; ok djm@ Upstream-ID: cba0a8b72b4f97adfb7e3b3fd2f8ba3159981fc7
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-hostbased.c to modern APIs; ok djm@ Upstream-ID: 146af25c36daeeb83d5dbbb8ca52b5d25de88f4e
2017-05-31upstream commitmarkus@openbsd.org
protocol handlers all get struct ssh passed; ok djm@ Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
2017-05-31upstream commitmarkus@openbsd.org
ssh: pass struct ssh to auth functions, too; ok djm@ Upstream-ID: d13c509cc782f8f19728fbea47ac7cf36f6e85dd
2017-05-31upstream commitmarkus@openbsd.org
sshd: pass struct ssh to auth functions; ok djm@ Upstream-ID: b00a80c3460884ebcdd14ef550154c761aebe488
2017-05-31upstream commitmarkus@openbsd.org
remove unused wrapper functions from key.[ch]; ok djm@ Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
2017-05-31upstream commitmarkus@openbsd.org
sshkey_new() might return NULL (pkcs#11 code only); ok djm@ Upstream-ID: de9f2ad4a42c0b430caaa7d08dea7bac943075dd
2017-05-31upstream commitmarkus@openbsd.org
switch sshconnect.c to modern APIs; ok djm@ Upstream-ID: 27be17f84b950d5e139b7a9b281aa487187945ad
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-pubkey.c to modern APIs; with & ok djm@ Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
2017-05-31upstream commitmarkus@openbsd.org
switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
2017-05-31upstream commitmarkus@openbsd.org
remove ssh1 references; ok djm@ Upstream-ID: fc23b7578e7b0a8daaec72946d7f5e58ffff5a3d