History log of /openssh-portable/ (Results 201 - 225 of 10959)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
e3f2700612-Nov-2020 Damien Miller

Revert "detect Linux/X32 systems"

This reverts commit 5b56bd0affea7b02b540bdbc4d1d271b0e4fc885.

The approach used was incorrect; discussion in bz#3085

e51dc7fa12-Nov-2020 Damien Miller

SELinux has deprecated security_context_t

(it was only ever a char* anyway)

b79add3712-Nov-2020 Darren Tucker

Remove obsolete AC_HEADER_TIME macro.

AC_HEADER_TIME is marked as obsolete in autoconf-2.70 and as far as I
can tell everything we have that might be old enough to need it doesn't.

d5d05cdb12-Nov-2020 djm@openbsd.org

upstream: when prompting the user to accept a new hostkey, display

any other host names/addresses already associated with the key. E.g.

> The authenticity of host 'test (10.0.0.1)'

upstream: when prompting the user to accept a new hostkey, display

any other host names/addresses already associated with the key. E.g.

> The authenticity of host 'test (10.0.0.1)' can't be established.
> ECDSA key fingerprint is SHA256:milU4MODXm8iJQI18wlsbPG7Yup+34fuNNmV08qDnax.
> This host key is known by the following other names/addresses:
> ~/.ssh/known_hosts:1: host.example.org,10.0.0.1
> ~/.ssh/known_hosts:2: [hashed name]
> ~/.ssh/known_hosts:3: [hashed name]
> ~/.ssh/known_hosts:4: host
> ~/.ssh/known_hosts:5: [host]:2222
> Are you sure you want to continue connecting (yes/no/[fingerprint])?

feedback and ok markus@

OpenBSD-Commit-ID: f6f58a77b49f1368b5883b3a1f776447cfcc7ef4

show more ...

819b44e812-Nov-2020 dtucker@openbsd.org

upstream: Prevent integer overflow when ridiculously large

ConnectTimeout is specified, capping the effective value (for most platforms)
at 24 days. bz#3229, ok djm@

OpenBSD-Com

upstream: Prevent integer overflow when ridiculously large

ConnectTimeout is specified, capping the effective value (for most platforms)
at 24 days. bz#3229, ok djm@

OpenBSD-Commit-ID: 62d4c4b7b87d111045f8e9f28b5b532d17ac5bc0

show more ...

add926dd11-Nov-2020 djm@openbsd.org

upstream: fix logic error that broke URI parsing in ProxyJump

directives; ok dtucker@

OpenBSD-Commit-ID: 96d48839b1704882a0e9a77898f5e14b2d222705

4340dd4310-Nov-2020 claudio@openbsd.org

upstream: Free the previously allocated msg buffer after writing it

out. OK djm@

OpenBSD-Commit-ID: 18c055870fc75e4cb9f926c86c7543e2e21d7fa4

fcf429a410-Nov-2020 Darren Tucker

Prevent excessively long username going to PAM.

This is a mitigation for a buffer overflow in Solaris' PAM username
handling (CVE-2020-14871), and is only enabled for Sun-derived PAM

Prevent excessively long username going to PAM.

This is a mitigation for a buffer overflow in Solaris' PAM username
handling (CVE-2020-14871), and is only enabled for Sun-derived PAM
implementations. This is not a problem in sshd itself, it only
prevents sshd from being used as a vector to attack Solaris' PAM.
It does not prevent the bug in PAM from being exploited via some other
PAM application.

Based on github PR#212 from Mike Scott but implemented slightly
differently. ok tim@ djm@

show more ...

10dce8ff08-Nov-2020 djm@openbsd.org

upstream: unbreak; missing NULL check

OpenBSD-Commit-ID: 6613dfab488123f454d348ef496824476b8c11c0

d5a0cd4f08-Nov-2020 djm@openbsd.org

upstream: when requesting a security key touch on stderr, inform the

user once the touch has been recorded; requested by claudio@ ok markus@

OpenBSD-Commit-ID: 3b76ee444490e546b9ea7

upstream: when requesting a security key touch on stderr, inform the

user once the touch has been recorded; requested by claudio@ ok markus@

OpenBSD-Commit-ID: 3b76ee444490e546b9ea7f879e4092ee0d256233

show more ...

292bcb2408-Nov-2020 Darren Tucker

Remove preprocessor directive from log macro calls.

Preprocessor directives inside macro calls, such as the new log macros,
are undefined behaviour and do not work with, eg old GCCs. Pu

Remove preprocessor directive from log macro calls.

Preprocessor directives inside macro calls, such as the new log macros,
are undefined behaviour and do not work with, eg old GCCs. Put the
entire log call inside the ifdef for OPENSSL_HAS_NISTP521.

show more ...

7169325108-Nov-2020 dtucker@openbsd.org

upstream: Add a comment documenting the source of the moduli group

sizes.

OpenBSD-Commit-ID: aec0725ce607630caaa62682624c6763b350391c

4d94b03108-Nov-2020 dtucker@openbsd.org

upstream: Replace WITH_OPENSSL ifdefs in log calls with a macro.

The log calls are themselves now macros, and preprocessor directives inside
macro arguments are undefined behaviour which

upstream: Replace WITH_OPENSSL ifdefs in log calls with a macro.

The log calls are themselves now macros, and preprocessor directives inside
macro arguments are undefined behaviour which some compilers (eg old GCCs)
choke on. It also makes the code tidier. ok deraadt@

OpenBSD-Commit-ID: cc12a9029833d222043aecd252d654965c351a69

show more ...

6d2564b906-Nov-2020 Darren Tucker

Fix function body for variadic macro test.

AC_LANG_PROGRAM puts its second argument inside main() so we don't need
to do it ourselves.

586f9bd206-Nov-2020 Darren Tucker

Remove AC_PROC_CC_C99 obsoleted in autoconf 2.70.

Since we only use it to make sure we can handle variadic macros,
explicitly check only for that. with & ok djm@

a019e35305-Nov-2020 Darren Tucker

Replace AC_TRY_COMPILE obsoleted in autoconf 2.70.

Replace with the equivalent AC_COMPILE_IFELSE.

771b779505-Nov-2020 Darren Tucker

Move AC_PROG_CC_C99 to immediately afer AC_PROG_CC.

This puts the related C version selection output in the same place.

e559116105-Nov-2020 Darren Tucker

AC_CHECK_HEADER() is obsoleted in autoconf 2.70.

Replace with the non-obsoleted AC_CHECK_HEADERS().

05bcd0ca03-Nov-2020 djm@openbsd.org

upstream: fold consecutive '*' wildcards to mitigate combinatorial

explosion of recursive searches; ok dtucker

OpenBSD-Commit-ID: d18bcb39c40fb8a1ab61153db987e7d11dd3792b

7d68044829-Oct-2020 djm@openbsd.org

upstream: print reason in fatal error message when

kex_assemble_namelist() fails

OpenBSD-Commit-ID: a9975ee8db6c98d6f32233d88051b2077ca63dab

95d1109f28-Oct-2020 djm@openbsd.org

upstream: fix sshd_config SetEnv directive inside Match blocks; part of

github PR#201 from github user manuelm

OpenBSD-Commit-ID: 9772e3748abff3ad65ae8fc43d026ed569b1d2bc

b12b835d28-Oct-2020 djm@openbsd.org

upstream: fix type of nid in type_bits_valid(); github PR#202 from

github user thingsconnected

OpenBSD-Commit-ID: 769d2b040dec7ab32d323daf54b854dd5dcb5485

1a14c13128-Oct-2020 djm@openbsd.org

upstream: whitespace; no code change

OpenBSD-Commit-ID: efefc1c47e880887bdee8cd2127ca93177eaad79

815209ab28-Oct-2020 djm@openbsd.org

upstream: UpdateHostkeys: fixed/better detection of host keys that

exist under other names and addresses; spotted by and debugged with lots of
help from jca@

OpenBSD-Commit-ID:

upstream: UpdateHostkeys: fixed/better detection of host keys that

exist under other names and addresses; spotted by and debugged with lots of
help from jca@

OpenBSD-Commit-ID: 5113d7f550bbd48243db1705afbf16b63792d4b7

show more ...

a575cf4421-Oct-2020 Duncan Eastoe

session.c: use "denylist" terminology

Follow upstream (6d755706a0059eb9e2d63517f288b75cbc3b4701) language
improvements in this portable-specific code.

12345678910>>...439