History log of /openssh-portable/ (Results 426 - 450 of 10513)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
0fddf29624-Nov-2019 djm@openbsd.org

upstream: Add a sshd_config PubkeyAuthOptions directive

This directive has a single valid option "no-touch-required" that
causes sshd to skip checking whether user presence was tested be

upstream: Add a sshd_config PubkeyAuthOptions directive

This directive has a single valid option "no-touch-required" that
causes sshd to skip checking whether user presence was tested before
a security key signature was made (usually by the user touching the
key).

ok markus@

OpenBSD-Commit-ID: 46e434a49802d4ed82bc0aa38cb985c198c407de

show more ...

b7e74ea024-Nov-2019 djm@openbsd.org

upstream: Add new structure for signature options

This is populated during signature verification with additional fields
that are present in and covered by the signature. At the moment,

upstream: Add new structure for signature options

This is populated during signature verification with additional fields
that are present in and covered by the signature. At the moment, it is
only used to record security key-specific options, especially the flags
field.

with and ok markus@

OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49

show more ...

d2b0f88124-Nov-2019 djm@openbsd.org

upstream: memleak in error path

OpenBSD-Commit-ID: 93488431bf02dde85a854429362695d2d43d9112

e2c0a21a22-Nov-2019 dtucker@openbsd.org

upstream: Wait for FD to be readable or writeable during a nonblocking

connect, not just readable. Prevents a timeout when the server doesn't
immediately send a banner (eg multiplexers

upstream: Wait for FD to be readable or writeable during a nonblocking

connect, not just readable. Prevents a timeout when the server doesn't
immediately send a banner (eg multiplexers like sslh) but is also slightly
quicker for other connections since, unlike ssh1, ssh2 doesn't specify
that the client should parse the server banner before sending its own.
Patch from mnissler@chromium.org, ok djm@

OpenBSD-Commit-ID: aba9cd8480d1d9dd31d0ca0422ea155c26c5df1d

show more ...

2f95d43d20-Nov-2019 Darren Tucker

Include openssl compat header.

Fixes warning for ECDSA_SIG_set0 on OpenSSL versions prior to 1.1.

a70d92f219-Nov-2019 djm@openbsd.org

upstream: adjust on-wire signature encoding for ecdsa-sk keys to

better match ec25519-sk keys. Discussed with markus@ and Sebastian Kinne

NB. if you are depending on security keys (

upstream: adjust on-wire signature encoding for ecdsa-sk keys to

better match ec25519-sk keys. Discussed with markus@ and Sebastian Kinne

NB. if you are depending on security keys (already?) then make sure you
update both your clients and servers.

OpenBSD-Commit-ID: 53d88d8211f0dd02a7954d3af72017b1a79c0679

show more ...

26369a5f19-Nov-2019 djm@openbsd.org

upstream: a little more information from the monitor when signature

verification fails.

OpenBSD-Commit-ID: e6a30071e0518cac512f9e10be3dc3500e2003f3

4402d6c919-Nov-2019 jmc@openbsd.org

upstream: revert previous: naddy pointed out what's meant to

happen. rethink needed...

OpenBSD-Commit-ID: fb0fede8123ea7f725fd65e00d49241c40bd3421

88056f8819-Nov-2019 jmc@openbsd.org

upstream: -c and -s do not make sense with -k; reshuffle -k into

the main synopsis/usage; ok djm

OpenBSD-Commit-ID: f881ba253da015398ae8758d973e3390754869bc

2cf262c218-Nov-2019 naddy@openbsd.org

upstream: document '$' environment variable expansion for

SecurityKeyProvider; ok djm@

OpenBSD-Commit-ID: 76db507ebd336a573e1cd4146cc40019332c5799

f0edda8118-Nov-2019 naddy@openbsd.org

upstream: more missing mentions of ed25519-sk; ok djm@

OpenBSD-Commit-ID: f242e53366f61697dffd53af881bc5daf78230ff

189550f518-Nov-2019 naddy@openbsd.org

upstream: additional missing stdarg.h includes when built without

WITH_OPENSSL; ok djm@

OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b

723a536918-Nov-2019 naddy@openbsd.org

upstream: add the missing WITH_OPENSSL ifdefs after the ED25519-SK

addition; ok djm@

OpenBSD-Commit-ID: a9545e1c273e506cf70e328cbb9d0129b6d62474

478f4f9818-Nov-2019 Damien Miller

remove all EC algs from proposals, no just sk ones

ok dtucker@

6a7ef31018-Nov-2019 Damien Miller

filter PUBKEY_DEFAULT_PK_ALG for ECC algorithms

Remove ECC algorithms from the PUBKEY_DEFAULT_PK_ALG list when
compiling without ECC support in libcrypto.

64f56f1d18-Nov-2019 dtucker@openbsd.org

upstream: LibreSSL change the format for openssl rsa -text output from

"publicExponent" to "Exponent" so accept either. with djm.

OpenBSD-Regress-ID: b7e6c4bf700029a31c98be14600d44

upstream: LibreSSL change the format for openssl rsa -text output from

"publicExponent" to "Exponent" so accept either. with djm.

OpenBSD-Regress-ID: b7e6c4bf700029a31c98be14600d4472fe0467e6

show more ...

4bfc050318-Nov-2019 djm@openbsd.org

upstream: fix a bug that prevented serialisation of ed25519-sk keys

OpenBSD-Commit-ID: 066682b79333159cac04fcbe03ebd9c8dcc152a9

d882054118-Nov-2019 djm@openbsd.org

upstream: Fix incorrect error message when key certification fails

OpenBSD-Commit-ID: 7771bd77ee73f7116df37c734c41192943a73cee

740c4bc918-Nov-2019 djm@openbsd.org

upstream: fix bug that prevented certification of ed25519-sk keys

OpenBSD-Commit-ID: 64c8cc6f5de2cdd0ee3a81c3a9dee8d862645996

85409cbb18-Nov-2019 djm@openbsd.org

upstream: allow *-sk key types to be turned into certificates

OpenBSD-Commit-ID: cd365ee343934862286d0b011aa77fa739d2a945

e2e1283417-Nov-2019 djm@openbsd.org

upstream: mention ed25519-sk key/cert types here too; prompted by

jmc@

OpenBSD-Commit-ID: e281977e4a4f121f3470517cbd5e483eee37b818

97dc5d1d17-Nov-2019 djm@openbsd.org

upstream: mention ed25519-sk in places where it is accepted;

prompted by jmc@

OpenBSD-Commit-ID: 076d386739ebe7336c2137e583bc7a5c9538a442

1306643417-Nov-2019 djm@openbsd.org

upstream: document ed25519-sk pubkey, private key and certificate

formats

OpenBSD-Commit-ID: 795a7c1c80315412e701bef90e31e376ea2f3c88

71856e1117-Nov-2019 djm@openbsd.org

upstream: correct order or ecdsa-sk private key fields

OpenBSD-Commit-ID: 4d4a0c13226a79f0080ce6cbe74f73b03ed8092e

93fa2a6617-Nov-2019 djm@openbsd.org

upstream: correct description of fields in pub/private keys (was

missing curve name); spotted by Sebastian Kinne

OpenBSD-Commit-ID: 2a11340dc7ed16200342d384fb45ecd4fcce26e7

1...<<11121314151617181920>>...421