History log of /openssh-portable/ (Results 101 - 125 of 10959)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
1b83185526-Jan-2021 Darren Tucker

Run one test with -Werror to catch warnings.

d1532d9026-Jan-2021 dtucker@openbsd.org

upstream: Logical not bitwise or. ok djm@

OpenBSD-Commit-ID: d4dc855cf04951b93c45caa383e1ac9af0a3b0e5

507b448a26-Jan-2021 naddy@openbsd.org

upstream: move HostbasedAcceptedAlgorithms to the right place in

alphabetical order

OpenBSD-Commit-ID: d766820d33dd874d944c14b0638239adb522c7ec

e26c980726-Jan-2021 dtucker@openbsd.org

upstream: Remove unused variables leftover from refactoring. ok

djm@

OpenBSD-Commit-ID: 8b3ad58bff828fcf874e54b2fc27a4cf1d9505e8

e9f78d6b26-Jan-2021 dtucker@openbsd.org

upstream: Rename HostbasedKeyTypes (ssh) and

HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
accurately reflects its effect. This matches a previous change to

upstream: Rename HostbasedKeyTypes (ssh) and

HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
accurately reflects its effect. This matches a previous change to
PubkeyAcceptedAlgorithms. The previous names are retained as aliases. ok
djm@

OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e

show more ...

48d0d7a425-Jan-2021 Darren Tucker

Disable sntrup761 if compiler doesn't support VLAs.

The sntrup761 code sourced from supercop uses variable length
arrays. Although widely supported, they are not part of the ANSI
C8

Disable sntrup761 if compiler doesn't support VLAs.

The sntrup761 code sourced from supercop uses variable length
arrays. Although widely supported, they are not part of the ANSI
C89 spec so if the compiler does not support VLAs, disable the
sntrup761x25519-sha512@openssh.com KEX method by replacing the kex
functions with no-op ones similar to what we do in kexecdh.c.

This should allow OpenSSH to build with a plain C89 compiler again.
Spotted by tim@, ok djm@.

show more ...

37c70ea825-Jan-2021 djm@openbsd.org

upstream: refactor key constraint parsing in ssh-agent

Key constraints parsing code previously existed in both the "add regular
key" and "add smartcard key" path. This unifies them but a

upstream: refactor key constraint parsing in ssh-agent

Key constraints parsing code previously existed in both the "add regular
key" and "add smartcard key" path. This unifies them but also introduces
more consistency checking: duplicated constraints and constraints that
are nonsensical for a particular situation (e.g. FIDO provider for a
smartcard key) are now banned.

ok markus@

OpenBSD-Commit-ID: 511cb1b1c021ee1d51a4c2d649b937445de7983c

show more ...

e0e8bee825-Jan-2021 djm@openbsd.org

upstream: more ssh-agent refactoring

Allow confirm_key() to accept an additional reason suffix

Factor publickey userauth parsing out into its own function and allow
it to option

upstream: more ssh-agent refactoring

Allow confirm_key() to accept an additional reason suffix

Factor publickey userauth parsing out into its own function and allow
it to optionally return things it parsed out of the message to its
caller.

feedback/ok markus@

OpenBSD-Commit-ID: 29006515617d1aa2d8b85cd2bf667e849146477e

show more ...

dfe18a2925-Jan-2021 djm@openbsd.org

upstream: make struct hostkeys public; I have no idea why I made it

opaque originally.

ok markus@

OpenBSD-Commit-ID: e50780b34d4bbe628d69b2405b024dd749d982f3

3b44f25125-Jan-2021 djm@openbsd.org

upstream: move check_host_cert() from sshconnect,c to sshkey.c and

refactor it to make it more generally usable and testable.

ok markus@

OpenBSD-Commit-ID: 536f489f5ff38808

upstream: move check_host_cert() from sshconnect,c to sshkey.c and

refactor it to make it more generally usable and testable.

ok markus@

OpenBSD-Commit-ID: 536f489f5ff38808c1fa711ba58d4579b636f9e4

show more ...

1fe16fd625-Jan-2021 djm@openbsd.org

upstream: use recallocarray to allocate the agent sockets table;

also clear socket entries that are being marked as unused.

spinkle in some debug2() spam to make it easier to watch

upstream: use recallocarray to allocate the agent sockets table;

also clear socket entries that are being marked as unused.

spinkle in some debug2() spam to make it easier to watch an agent
do its thing.

ok markus

OpenBSD-Commit-ID: 74582c8e82e96afea46f6c7b6813a429cbc75922

show more ...

cb7b22ea25-Jan-2021 djm@openbsd.org

upstream: factor out common code in the agent client

Add a ssh_request_reply_decode() function that sends a message to
the agent, reads and parses a success/failure reply.
Use it for

upstream: factor out common code in the agent client

Add a ssh_request_reply_decode() function that sends a message to
the agent, reads and parses a success/failure reply.
Use it for all requests that only expect success/failure

ok markus@

OpenBSD-Commit-ID: e0c1f4d5e6cfa525d62581e2b8de93be0cb85adb

show more ...

d1e578af25-Jan-2021 djm@openbsd.org

upstream: make ssh hostbased authentication send the signature

algorithm in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
This make HostbasedAcceptedAlgorithms do what i

upstream: make ssh hostbased authentication send the signature

algorithm in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
This make HostbasedAcceptedAlgorithms do what it is supposed to - filter on
signature algorithm and not key type.

spotted with dtucker@ ok markus@

OpenBSD-Commit-ID: 25bffe19f0326972f5728170f7da81d5f45c78c6

show more ...

95eca1e123-Jan-2021 Darren Tucker

ifdef new instance of sin6_scope_id

Put inside HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID similar to
existing instance. Should fix error on UnixWare 7.

6ffdcdda18-Jan-2021 dtucker@openbsd.org

upstream: Fix long->int for convtime tests here too. Spotted by

tobhe@.

OpenBSD-Regress-ID: a87094f5863312d00938afba771d25f788c849d0

b55b756521-Jan-2021 dtucker@openbsd.org

upstream: PubkeyAcceptedKeyTypes->PubkeyAcceptedAlgorithms

here too.

OpenBSD-Commit-ID: 3b64a640f8ce8c21d9314da9df7ce2420eefde3a

ee9c0da821-Jan-2021 dtucker@openbsd.org

upstream: Rename PubkeyAcceptedKeyTypes keyword to

PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
actually specifies the signature algorithms that are accepted.

upstream: Rename PubkeyAcceptedKeyTypes keyword to

PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
actually specifies the signature algorithms that are accepted. Some key
types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512)
so the old name is becoming increasingly misleading. The old name is
retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@

OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5

show more ...

a8e798fe14-Jan-2021 dtucker@openbsd.org

upstream: Change types in convtime() unit test to int to match change

its new type. Add tests for boundary conditions and fix convtime to work up
to INT_MAX. ok djm@

OpenBSD-Reg

upstream: Change types in convtime() unit test to int to match change

its new type. Add tests for boundary conditions and fix convtime to work up
to INT_MAX. ok djm@

OpenBSD-Regress-ID: ba2b81e9a3257fff204b020affe85b604a44f97e

show more ...

9bde1a4214-Jan-2021 dtucker@openbsd.org

upstream: Make output buffer larger to prevent potential truncation

warnings from compilers not smart enough to know the strftime calls won't
ever fully fill "to" and "from". ok djm@

upstream: Make output buffer larger to prevent potential truncation

warnings from compilers not smart enough to know the strftime calls won't
ever fully fill "to" and "from". ok djm@

OpenBSD-Commit-ID: 83733f1b01b82da88b9dd1769475952aff10bdd7

show more ...

02da325f14-Jan-2021 dtucker@openbsd.org

upstream: Change types in convtime() unit test to int to match

change its new type. Add tests for boundary conditions and fix convtime to
work up to INT_MAX. ok djm@

OpenBSD-Com

upstream: Change types in convtime() unit test to int to match

change its new type. Add tests for boundary conditions and fix convtime to
work up to INT_MAX. ok djm@

OpenBSD-Commit-ID: 01dc0475f1484ac2f47facdfcf9221f9472145de

show more ...

5339ab3614-Jan-2021 dtucker@openbsd.org

upstream: In waitfd(), when poll returns early we are subtracting

the elapsed time from the timeout each loop, so we only want to measure the
elapsed time the poll() in that loop, not si

upstream: In waitfd(), when poll returns early we are subtracting

the elapsed time from the timeout each loop, so we only want to measure the
elapsed time the poll() in that loop, not since the start of the function.
Spotted by chris.xj.zhu at gmail.com, ok djm@

OpenBSD-Commit-ID: 199df060978ee9aa89b8041a3dfaf1bf7ae8dd7a

show more ...

a164862d14-Jan-2021 rob@openbsd.org

upstream: Minor grammatical correction.

OK jmc@

OpenBSD-Commit-ID: de0fad0581e212b2750751e479b79c18ff8cac02

8635e7df13-Jan-2021 Darren Tucker

Merge Mac OS X targets into a single config.

ac112ade12-Jan-2021 Darren Tucker

Add Mac OS X test targets.

1050109b11-Jan-2021 anatasluo

Remove duplicated declaration in fatal.c .

12345678910>>...439