History log of /openssh-portable/ (Results 251 - 275 of 10516)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
8075fccb24-Jan-2020 djm@openbsd.org

upstream: add xextendf() to extend a string with a format

(reallocating as necessary). ok aja@ as part of a larger diff

OpenBSD-Commit-ID: 30796b50d330b3e0e201747fe40cdf9aa70a77f9

d15c8adf24-Jan-2020 djm@openbsd.org

upstream: minor tweaks to ssh-keygen -Y find-principals:

emit matched principals one per line to stdout rather than as comma-
separated and with a free-text preamble (easy confusion oppo

upstream: minor tweaks to ssh-keygen -Y find-principals:

emit matched principals one per line to stdout rather than as comma-
separated and with a free-text preamble (easy confusion opportunity)

emit "not found" error to stderr

fix up argument testing for -Y operations and improve error message for
unsupported operations

OpenBSD-Commit-ID: 3d9c9a671ab07fc04a48f543edfa85eae77da69c

show more ...

c3368a5d23-Jan-2020 djm@openbsd.org

upstream: remove ssh-rsa (SHA1) from the list of allowed CA

signature algorithms ok markus

OpenBSD-Commit-ID: da3481fca8c81e6951f319a86b7be67502237f57

4a41d24523-Jan-2020 djm@openbsd.org

upstream: when signing a certificate with an RSA key, default to

a safe signature algorithm (rsa-sha-512) if not is explicitly specified by
the user; ok markus@

OpenBSD-Commit-I

upstream: when signing a certificate with an RSA key, default to

a safe signature algorithm (rsa-sha-512) if not is explicitly specified by
the user; ok markus@

OpenBSD-Commit-ID: e05f638f0be6c0266e1d3d799716b461011e83a9

show more ...

8dfb6a2023-Jan-2020 djm@openbsd.org

upstream: allow PEM export of DSA and ECDSA keys; bz3091, patch

from Jakub Jelen ok markus@

OpenBSD-Commit-ID: a58edec8b9f07acab4b962a71a5125830d321b51

72a8bea223-Jan-2020 djm@openbsd.org

upstream: ssh-keygen -Y find-principals fixes based on feedback

from Markus:

use "principals" instead of principal, as allowed_signers lines may list
multiple.

When the

upstream: ssh-keygen -Y find-principals fixes based on feedback

from Markus:

use "principals" instead of principal, as allowed_signers lines may list
multiple.

When the signing key is a certificate, emit only principals that match
the certificate principal list.

NB. the command -Y name changes: "find-principal" => "find-principals"

ok markus@

OpenBSD-Commit-ID: ab575946ff9a55624cd4e811bfd338bf3b1d0faf

show more ...

0585b56923-Jan-2020 dtucker@openbsd.org

upstream: Do not warn about permissions on symlinks.

OpenBSD-Regress-ID: 339d4cbae224bd8743ffad9c3afb0cf3cb66c357

4151923423-Jan-2020 dtucker@openbsd.org

upstream: Handle zlib compression being disabled now that it's

optional.

OpenBSD-Regress-ID: 0af4fbc5168e62f89d0350de524bff1cb00e707a

fbce7c1a23-Jan-2020 dtucker@openbsd.org

upstream: Fix typo in comment.

OpenBSD-Commit-ID: d1d7a6553208bf439378fd1cf686a828aceb353a

ba247af823-Jan-2020 dtucker@openbsd.org

upstream: When checking for unsafe directories, ignore non-directories

(ie symlinks, where permissions are not relevant).

OpenBSD-Regress-ID: fb6cfc8b022becb62b2dcb99ed3f072b3326e501

74deb70223-Jan-2020 Darren Tucker

zlib is now optional.

633a2af423-Jan-2020 Darren Tucker

Plumb WITH_ZLIB into configure.

This allows zlib support to be disabled by ./configure --without-zlib.

7f8e66fe23-Jan-2020 dtucker@openbsd.org

upstream: Make zlib optional. This adds a "ZLIB" build time option

that allows building without zlib compression and associated options. With
feedback from markus@, ok djm@

Ope

upstream: Make zlib optional. This adds a "ZLIB" build time option

that allows building without zlib compression and associated options. With
feedback from markus@, ok djm@

OpenBSD-Commit-ID: 44c6e1133a90fd15a3aa865bdedc53bab28b7910

show more ...

69ac4e3323-Jan-2020 djm@openbsd.org

upstream: remove trailing period characters from pub/priv key

pathnames - they make them needlessly more difficult to cut and paste without
error; ok markus@ & dtucker@

OpenBSD-

upstream: remove trailing period characters from pub/priv key

pathnames - they make them needlessly more difficult to cut and paste without
error; ok markus@ & dtucker@

OpenBSD-Commit-ID: abdcfd1a5723fcac0711feee7665edc66ae2335a

show more ...

945bf52c23-Jan-2020 Darren Tucker

Fix a couple of mysig_t leftovers.

84226b4423-Jan-2020 Darren Tucker

Remove mysignal wrapper.

We switched the main code to use sigaction(), so the wrapper is no
longer used.

5533c2fb23-Jan-2020 jmc@openbsd.org

upstream: new sentence, new line;

OpenBSD-Commit-ID: b6c3f2f36ec77e99198619b38a9f146655281925

3bf2a6ac23-Jan-2020 dtucker@openbsd.org

upstream: Replace all calls to signal(2) with a wrapper around

sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTA

upstream: Replace all calls to signal(2) with a wrapper around

sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519

show more ...

e027c04422-Jan-2020 djm@openbsd.org

upstream: missing header change from previous; spotted by dtucker@

OpenBSD-Commit-ID: 321ce74c0a5bbd0f02fa3f20cb5cf2a952c6b96f

7e13231022-Jan-2020 dtucker@openbsd.org

upstream: Check for and warn about StrictModes permission problems. ok tb@

OpenBSD-Regress-ID: 4841704ccdee50ee7efc6035bc686695c6ac2991

84de1c2722-Jan-2020 dtucker@openbsd.org

upstream: Also test PuTTY chacha20.

OpenBSD-Regress-ID: 7af6a0e8763b05f1f8eee6bca5f31fcb16151040

c7ed15a322-Jan-2020 dtucker@openbsd.org

upstream: Also test PuTTY ecdh kex methods.

OpenBSD-Regress-ID: ec4017dce612131842398a03e93007a869c2c133

c4b3a12822-Jan-2020 dtucker@openbsd.org

upstream: Remove unsupported algorithms from list of defaults at run

time and remove ifdef and distinct settings for OPENSSL=no case.

This will make things much simpler for -portabl

upstream: Remove unsupported algorithms from list of defaults at run

time and remove ifdef and distinct settings for OPENSSL=no case.

This will make things much simpler for -portable where the exact set
of algos depends on the configuration of both OpenSSH and the libcrypto
it's linked against (if any). ok djm@

OpenBSD-Commit-ID: e0116d0183dcafc7a9c40ba5fe9127805c5dfdd2

show more ...

56cffcc022-Jan-2020 djm@openbsd.org

upstream: add a new signature operations "find-principal" to look

up the principal associated with a signature from an allowed-signers file.
Work by Sebastian Kinne; ok dtucker@

upstream: add a new signature operations "find-principal" to look

up the principal associated with a signature from an allowed-signers file.
Work by Sebastian Kinne; ok dtucker@

OpenBSD-Commit-ID: 6f782cc7e18e38fcfafa62af53246a1dcfe74e5d

show more ...

65cf873022-Jan-2020 dtucker@openbsd.org

upstream: Ignore whitespace when checking explict fingerprint.

When confirming a host key using the fingerprint itself, ignore leading and
trailing whitespace. ok deraadt@ djm@

upstream: Ignore whitespace when checking explict fingerprint.

When confirming a host key using the fingerprint itself, ignore leading and
trailing whitespace. ok deraadt@ djm@

OpenBSD-Commit-ID: cafd7f803bbdcd40c3a8f8f1a77747e6b6d8c011

show more ...

1...<<11121314151617181920>>...421