#
1fe4d70d |
| 25-Feb-2021 |
djm@openbsd.org |
upstream: remove this KEX fuzzer; it's awkward to use and doesn't play nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it but me. OpenBSD-Regress-ID: cad
upstream: remove this KEX fuzzer; it's awkward to use and doesn't play nice with popular fuzzing drivers like libfuzzer. AFAIK nobody has used it but me. OpenBSD-Regress-ID: cad919522b3ce90c147c95abaf81b0492ac296c9
show more ...
|
#
3a923129 |
| 09-Jan-2021 |
dtucker@openbsd.org |
upstream: Add PerSourceMaxStartups and PerSourceNetBlockSize options which provide more fine grained MaxStartups limits. Man page help jmc@, feedback & ok djm@ OpenBSD-Commit-I
upstream: Add PerSourceMaxStartups and PerSourceNetBlockSize options which provide more fine grained MaxStartups limits. Man page help jmc@, feedback & ok djm@ OpenBSD-Commit-ID: e2f68664e3d02c0895b35aa751c48a2af622047b
show more ...
|
#
d9a2bc71 |
| 09-Jan-2021 |
dtucker@openbsd.org |
upstream: Move address handling functions out into their own file in order to reuse them for per-source maxstartups limiting. Supplement with some additional functions from djm's flowto
upstream: Move address handling functions out into their own file in order to reuse them for per-source maxstartups limiting. Supplement with some additional functions from djm's flowtools that we'll also need. ok djm@ (as part of a larger diff). OpenBSD-Commit-ID: e3e7d9ccc6c9b82e25cfef0ec83598e8e2327cbf
show more ...
|
#
2c71cec0 |
| 28-Dec-2020 |
djm@openbsd.org |
upstream: Update/replace the experimental post-quantim hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519). The previous sntrup4591761x25519-sha512@tiny
upstream: Update/replace the experimental post-quantim hybrid key exchange method based on Streamlined NTRU Prime (coupled with X25519). The previous sntrup4591761x25519-sha512@tinyssh.org method is replaced with sntrup761x25519-sha512@openssh.com. Per the authors, sntrup4591761 was replaced almost two years ago by sntrup761. The sntrup761 implementaion, like sntrup4591761 before it, is public domain code extracted from the SUPERCOP cryptography benchmark suite (https://bench.cr.yp.to/supercop.html). Thanks for Daniel J Bernstein for guidance on algorithm selection. Patch from Tobias Heider; feedback & ok markus@ and myself (note this both the updated method and the one that it replaced are disabled by default) OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
show more ...
|
Revision tags: V_8_4_P1 |
|
#
a2f3ae38 |
| 05-Sep-2020 |
Sebastian Andrzej Siewior |
Move the local m4 macros The `aclocal' step is skipped during `autoreconf' because aclocal.m4 is present. Move the current aclocal.m4 which contains local macros into the m4/ fol
Move the local m4 macros The `aclocal' step is skipped during `autoreconf' because aclocal.m4 is present. Move the current aclocal.m4 which contains local macros into the m4/ folder. With this change the aclocal.m4 will be re-created during changes to the m4/ macro. This is needed so the `aclocal' can fetch m4 macros from the system if they are references in the configure script. This is a prerequisite to use PKG_CHECK_MODULES. Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
show more ...
|
#
eaf8672b |
| 20-Aug-2020 |
Darren Tucker |
Remove check for 'ent' command. It was added in 8d1fd57a9 for measuring entropy of ssh_prng_cmds which has long since been removed and there are no other references to it.
|
#
976c4f86 |
| 26-Jun-2020 |
djm@openbsd.org |
upstream: avoid spurious error message when ssh-keygen creates files outside ~/.ssh; with dtucker@ OpenBSD-Commit-ID: ac0c662d44607e00ec78c266ee60752beb1c7e08
|
#
80610e97 |
| 19-Jun-2020 |
Darren Tucker |
Hook sshsig tests up to Portable Makefiles.
|
Revision tags: V_8_3_P1 |
|
#
08ce6b22 |
| 12-May-2020 |
Darren Tucker |
Skip building sk-dummy library if no SK support.
|
#
102d106b |
| 12-May-2020 |
Damien Miller |
explicitly manage .depend and .depend.bak Bring back removal of .depend to give the file a known state before running makedepend, but manually move aside the current .depend file and
explicitly manage .depend and .depend.bak Bring back removal of .depend to give the file a known state before running makedepend, but manually move aside the current .depend file and restore it as .depend.bak afterwards so the stale .depend check works as expected.
show more ...
|
#
7c0bbed9 |
| 12-May-2020 |
Damien Miller |
revert removal of .depend before makedepend Commit 83657eac4 started removing .depend before running makedepend to reset the contents of .depend to a known state. Unfortunately this
revert removal of .depend before makedepend Commit 83657eac4 started removing .depend before running makedepend to reset the contents of .depend to a known state. Unfortunately this broke the depend-check step as now .depend.bak would only ever be created as an empty file. ok dtucker
show more ...
|
#
83657eac |
| 02-May-2020 |
Darren Tucker |
Remove use of tail for 'make depend'. Not every tail supports +N and we can do with out it so just remove it. Prompted by mforney at mforney.org.
|
#
cecde6a4 |
| 21-Apr-2020 |
Darren Tucker |
Put the values from env vars back. This merges the values from the recently removed environment into make's command line arguments since we actually need those.
|
#
300c4322 |
| 21-Apr-2020 |
Darren Tucker |
Pass configure's egrep through to test-exec.sh. Use it to create a wrapper function to call it from tests. Fixes the keygen-comment test on platforms with impoverished default egrep (eg
Pass configure's egrep through to test-exec.sh. Use it to create a wrapper function to call it from tests. Fixes the keygen-comment test on platforms with impoverished default egrep (eg Solaris).
show more ...
|
#
c8d9796c |
| 21-Apr-2020 |
Darren Tucker |
Remove unneeded env vars from t-exec invocation.
|
#
abe2b245 |
| 03-Apr-2020 |
Damien Miller |
prefer libcrypto chacha20-poly1305 where possible
|
Revision tags: V_8_2_P1 |
|
#
99aa8035 |
| 25-Jan-2020 |
djm@openbsd.org |
upstream: factor out reading/writing sshbufs to dedicated functions; feedback and ok markus@ OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d
|
#
633778d5 |
| 13-Dec-2019 |
Damien Miller |
only link ssh-sk-helper against libfido2
|
#
7b47b40b |
| 13-Dec-2019 |
Damien Miller |
adapt Makefile to ssh-sk-client everywhere
|
#
5e3abff3 |
| 10-Dec-2019 |
Darren Tucker |
Sort .depend when rebuilding. This makes diffs more stable between makedepend implementations.
|
#
44384815 |
| 28-Nov-2019 |
Damien Miller |
compile sk-dummy.so with no-PIE version of LDFLAGS This lets it pick up the -L path to libcrypto for example.
|
#
b218055e |
| 28-Nov-2019 |
Damien Miller |
(yet) another x-platform fix for sk-dummy.so Check for -fPIC support from compiler Compile libopenbsd-compat -fPIC Don't mix -fPIE and -fPIC when compiling
|
#
ef3853bb |
| 28-Nov-2019 |
Damien Miller |
another attempt at sk-dummy.so working x-platform include a fatal() implementation to satisfy libopenbsd-compat clean up .lo and .so files .gitignore .lo and .so files
|
#
d46ac56f |
| 28-Nov-2019 |
djm@openbsd.org |
upstream: lots of dependencies go away here with ed25519 no longer needing the ssh_digest API. OpenBSD-Regress-ID: 785847ec78cb580d141e29abce351a436d6b5d49
|
#
5ca52c0f |
| 28-Nov-2019 |
Damien Miller |
$< doesn't work as` I thought; explicily list objs
|