History log of /openssh-portable/ (Results 26 - 50 of 10777)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
fcf429a410-Nov-2020 Darren Tucker

Prevent excessively long username going to PAM.

This is a mitigation for a buffer overflow in Solaris' PAM username
handling (CVE-2020-14871), and is only enabled for Sun-derived PAM

Prevent excessively long username going to PAM.

This is a mitigation for a buffer overflow in Solaris' PAM username
handling (CVE-2020-14871), and is only enabled for Sun-derived PAM
implementations. This is not a problem in sshd itself, it only
prevents sshd from being used as a vector to attack Solaris' PAM.
It does not prevent the bug in PAM from being exploited via some other
PAM application.

Based on github PR#212 from Mike Scott but implemented slightly
differently. ok tim@ djm@

show more ...

10dce8ff08-Nov-2020 djm@openbsd.org

upstream: unbreak; missing NULL check

OpenBSD-Commit-ID: 6613dfab488123f454d348ef496824476b8c11c0

d5a0cd4f08-Nov-2020 djm@openbsd.org

upstream: when requesting a security key touch on stderr, inform the

user once the touch has been recorded; requested by claudio@ ok markus@

OpenBSD-Commit-ID: 3b76ee444490e546b9ea7

upstream: when requesting a security key touch on stderr, inform the

user once the touch has been recorded; requested by claudio@ ok markus@

OpenBSD-Commit-ID: 3b76ee444490e546b9ea7f879e4092ee0d256233

show more ...

292bcb2408-Nov-2020 Darren Tucker

Remove preprocessor directive from log macro calls.

Preprocessor directives inside macro calls, such as the new log macros,
are undefined behaviour and do not work with, eg old GCCs. Pu

Remove preprocessor directive from log macro calls.

Preprocessor directives inside macro calls, such as the new log macros,
are undefined behaviour and do not work with, eg old GCCs. Put the
entire log call inside the ifdef for OPENSSL_HAS_NISTP521.

show more ...

7169325108-Nov-2020 dtucker@openbsd.org

upstream: Add a comment documenting the source of the moduli group

sizes.

OpenBSD-Commit-ID: aec0725ce607630caaa62682624c6763b350391c

4d94b03108-Nov-2020 dtucker@openbsd.org

upstream: Replace WITH_OPENSSL ifdefs in log calls with a macro.

The log calls are themselves now macros, and preprocessor directives inside
macro arguments are undefined behaviour which

upstream: Replace WITH_OPENSSL ifdefs in log calls with a macro.

The log calls are themselves now macros, and preprocessor directives inside
macro arguments are undefined behaviour which some compilers (eg old GCCs)
choke on. It also makes the code tidier. ok deraadt@

OpenBSD-Commit-ID: cc12a9029833d222043aecd252d654965c351a69

show more ...

6d2564b906-Nov-2020 Darren Tucker

Fix function body for variadic macro test.

AC_LANG_PROGRAM puts its second argument inside main() so we don't need
to do it ourselves.

586f9bd206-Nov-2020 Darren Tucker

Remove AC_PROC_CC_C99 obsoleted in autoconf 2.70.

Since we only use it to make sure we can handle variadic macros,
explicitly check only for that. with & ok djm@

a019e35305-Nov-2020 Darren Tucker

Replace AC_TRY_COMPILE obsoleted in autoconf 2.70.

Replace with the equivalent AC_COMPILE_IFELSE.

771b779505-Nov-2020 Darren Tucker

Move AC_PROG_CC_C99 to immediately afer AC_PROG_CC.

This puts the related C version selection output in the same place.

e559116105-Nov-2020 Darren Tucker

AC_CHECK_HEADER() is obsoleted in autoconf 2.70.

Replace with the non-obsoleted AC_CHECK_HEADERS().

05bcd0ca03-Nov-2020 djm@openbsd.org

upstream: fold consecutive '*' wildcards to mitigate combinatorial

explosion of recursive searches; ok dtucker

OpenBSD-Commit-ID: d18bcb39c40fb8a1ab61153db987e7d11dd3792b

7d68044829-Oct-2020 djm@openbsd.org

upstream: print reason in fatal error message when

kex_assemble_namelist() fails

OpenBSD-Commit-ID: a9975ee8db6c98d6f32233d88051b2077ca63dab

95d1109f28-Oct-2020 djm@openbsd.org

upstream: fix sshd_config SetEnv directive inside Match blocks; part of

github PR#201 from github user manuelm

OpenBSD-Commit-ID: 9772e3748abff3ad65ae8fc43d026ed569b1d2bc

b12b835d28-Oct-2020 djm@openbsd.org

upstream: fix type of nid in type_bits_valid(); github PR#202 from

github user thingsconnected

OpenBSD-Commit-ID: 769d2b040dec7ab32d323daf54b854dd5dcb5485

1a14c13128-Oct-2020 djm@openbsd.org

upstream: whitespace; no code change

OpenBSD-Commit-ID: efefc1c47e880887bdee8cd2127ca93177eaad79

815209ab28-Oct-2020 djm@openbsd.org

upstream: UpdateHostkeys: fixed/better detection of host keys that

exist under other names and addresses; spotted by and debugged with lots of
help from jca@

OpenBSD-Commit-ID:

upstream: UpdateHostkeys: fixed/better detection of host keys that

exist under other names and addresses; spotted by and debugged with lots of
help from jca@

OpenBSD-Commit-ID: 5113d7f550bbd48243db1705afbf16b63792d4b7

show more ...

a575cf4421-Oct-2020 Duncan Eastoe

session.c: use "denylist" terminology

Follow upstream (6d755706a0059eb9e2d63517f288b75cbc3b4701) language
improvements in this portable-specific code.

33267fea27-Oct-2020 Damien Miller

Remove checks for strict POSIX mkdtemp()

We needed a mkdtemp() that accepted template paths that did not
end in XXXXXX a long time ago for KRB4, but that code is long
deprecated. We

Remove checks for strict POSIX mkdtemp()

We needed a mkdtemp() that accepted template paths that did not
end in XXXXXX a long time ago for KRB4, but that code is long
deprecated. We no longer need to replace mkdtemp() for strictly
following POSIX. ok dtucker@

show more ...

492d70e125-Oct-2020 dtucker@openbsd.org

upstream: Minor man page fixes (capitalization, commas) identified by

the manpage-l10n project via bz#3223. feedback deraadt@, ok jmc@

OpenBSD-Commit-ID: ab83af0daf18369244a72daaec

upstream: Minor man page fixes (capitalization, commas) identified by

the manpage-l10n project via bz#3223. feedback deraadt@, ok jmc@

OpenBSD-Commit-ID: ab83af0daf18369244a72daaec6c4a58a9eb7e2c

show more ...

eab2888c19-Oct-2020 dtucker@openbsd.org

upstream: Adapt XMSS to new logging infrastructure. With markus@, ok

djm@.

OpenBSD-Commit-ID: 9c35ec3aa0f710e4e3325187ceff4fa3791686de

f7bd11e419-Oct-2020 djm@openbsd.org

upstream: fix SEGV on fatal() errors spotted by dtucker@

OpenBSD-Commit-ID: 75f155a1ac61e364ed00dc379e2c42df81067ce2

7715a3b118-Oct-2020 Darren Tucker

Use fatal_fr not fatal_r when passing r.

Caught by the PAM -Werror tinderbox build.

816036f118-Oct-2020 djm@openbsd.org

upstream: use the new variant log macros instead of prepending

__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8

9e2c4f6418-Oct-2020 djm@openbsd.org

upstream: variants of the log methods that append a ssherr.h string

from a supplied error code; ok markus@

OpenBSD-Commit-ID: aed98c4435d48d036ae6740300f6a8357b7cc0bf

12345678910>>...432