Age | Commit message (Collapse) | Author |
|
add getpid to sandbox, reachable by grace_alarm_handler
reported by Jakub Jelen; bz#2419
Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8
|
|
Fix \-escaping bug that caused forward path parsing to skip
two characters and skip past the end of the string.
Based on patch by Salvador Fandino; ok dtucker@
Upstream-ID: 7b879dc446335677cbe4cb549495636a0535f3bd
|
|
patch from Jakub Jelen
|
|
correct test to sshkey_sign(); spotted by Albert S.
Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933
|
|
Revert previous commit. We still want to call setgroups
in the case where there are zero groups to remove any that we might otherwise
inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
to setgroups is always a static global it's always valid to dereference in
this case. ok deraadt@ djm@
Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
|
|
Revert previous commit. We still want to call setgroups in
the case where there are zero groups to remove any that we might otherwise
inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
to setgroups is always a static global it's always valid to dereference in
this case. ok deraadt@ djm@
Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
|
|
Don't count successful partial authentication as failures
in monitor; this may have caused the monitor to refuse multiple
authentications that would otherwise have successfully completed; ok markus@
Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3
|
|
Don't call setgroups if we have zero groups; there's no
guarantee that it won't try to deref the pointer. Based on a patch from mail
at quitesimple.org, ok djm deraadt
Upstream-ID: 2fff85e11d7a9a387ef7fddf41fbfaf566708ab1
|
|
|
|
If AuthorizedPrincipalsCommand is specified, however
AuthorizedPrincipalsFile is not (or is set to "none"), authentication will
potentially fail due to key_cert_check_authority() failing to locate a
principal that matches the username, even though an authorized principal has
already been matched in the output of the subprocess. Fix this by using the
same logic to determine if pw->pw_name should be passed, as is used to
determine if a authorized principal must be matched earlier on.
ok djm@
Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d
|
|
Make the arguments to match_principals_command() similar
to match_principals_file(), by changing the last argument a struct
sshkey_cert * and dereferencing key->cert in the caller.
No functional change.
ok djm@
Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c
|
|
When doing arg inspection and the syscall doesn't match, skip
past the instruction that reloads the syscall into the accumulator,
since the accumulator hasn't been modified at this point.
|
|
Also resort and tidy syscall list. Based on patches by Jakub Jelen
bz#2361; ok dtucker@
|
|
return failure on RSA signature error; reported by Albert S
Upstream-ID: e61bb93dbe0349625807b0810bc213a6822121fa
|
|
|
|
For "ssh -L 12345:/tmp/sock" don't fail with "No forward host
name." (we have a path, not a host name). Based on a diff from Jared
Yanovich. OK djm@
Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f
|
|
typo: accidental repetition; bz#2386
Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b
|
|
Stopgap to resolve bz#2409 because we are so close to release and will
update config.guess and friends shortly after the release. ok djm@
|
|
|
|
|
|
|
|
mention CheckHostIP adding addresses to known_hosts;
bz#1993; ok dtucker@
Upstream-ID: fd44b68440fd0dc29abf9f2d3f703d74a2396cb7
|
|
ok djm, sanity check by Corinna Vinschen.
|
|
|
|
|
|
|
|
make this work without SUDO set; ok dtucker@
Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715
|
|
wrap all moduli-related code in #ifdef WITH_OPENSSL.
based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@
Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf
|
|
Increase the allowed length of the known host file name
in the log message to be consistent with other cases. Part of bz#1993, ok
deraadt.
Upstream-ID: a9e97567be49f25daf286721450968251ff78397
|
|
Fix typo (keywork->keyword)
Upstream-ID: 8aacd0f4089c0a244cf43417f4f9045dfaeab534
|
|
add error message on ftruncate failure; bz#2176
Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf
|
|
make ssh-keygen default to ed25519 keys when compiled
without OpenSSL; bz#2388, ok dtucker@
Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71
|
|
Reorder client proposal to prefer
diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1. ok djm@
Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058
|
|
Add a stronger (4k bit) fallback group that sshd can use
when the moduli file is missing or broken, sourced from RFC3526. bz#2302, ok
markus@ (earlier version), djm@
Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4
|
|
Remove 1k bit groups. ok deraadt@, markus@
|
|
support PKCS#11 devices with external PIN entry devices
bz#2240, based on patch from Dirk-Willem van Gulik; feedback and ok dtucker@
Upstream-ID: 504568992b55a8fc984375242b1bd505ced61b0d
|
|
Cap DH-GEX group size at 4kbits for Cisco implementations.
Some of them will choke when asked for preferred sizes >4k instead of
returning the 4k group that they do have. bz#2209, ok djm@
Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d
|
|
add missing 'c' option to getopt(), case statement was
already there; from Felix Bolte
Upstream-ID: 9b19b4e2e0b54d6fefa0dfac707c51cf4bae3081
|
|
fix a memory leak in an error path ok markus@ dtucker@
Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598
|
|
mention ssh-keygen -E for comparing legacy MD5
fingerprints; bz#2332
Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859
|
|
Reorder EscapeChar option parsing to avoid a single-byte
out- of-bounds read. bz#2396 from Jaak Ristioja; ok dtucker@
Upstream-ID: 1dc6b5b63d1c8d9a88619da0b27ade461d79b060
|
|
add knob to relax GSSAPI host credential check for
multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker
(kerberos/GSSAPI is not compiled by default on OpenBSD)
Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d
|
|
bz#2402, from tomas.kuthan at oracle com.
|
|
|
|
Support "ssh-keygen -lF hostname" to find search known_hosts
and print key hashes. Already advertised by ssh-keygen(1), but not delivered
by code; ok dtucker@
Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387
|
|
|
|
regress test for AuthorizedPrincipalsCommand
Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219
|
|
regress test for AuthorizedKeysCommand arguments
Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12
|
|
add AuthorizedPrincipalsCommand that allows getting
authorized_principals from a subprocess rather than a file, which is quite
useful in deployments with large userbases
feedback and ok markus@
Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
|
|
support arguments to AuthorizedKeysCommand
bz#2081 loosely based on patch by Sami Hartikainen
feedback and ok markus@
Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7
|