History log of /openssh-portable/clientloop.c (Results 1 - 25 of 651)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 57ed647e 03-Apr-2021 Damien Miller

polish whitespace for portable files


# 8a952083 18-Mar-2021 djm@openbsd.org

upstream: return non-zero exit status when killed by signal; bz#3281 ok

dtucker@

OpenBSD-Commit-ID: 117b31cf3c807993077b596bd730c24da9e9b816


Revision tags: V_8_5_P1
# 39be3dc2 27-Jan-2021 djm@openbsd.org

upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t

and use that instead of global variables containing copies of it. feedback/ok
markus@

OpenBSD-Commit-ID: a

upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t

and use that instead of global variables containing copies of it. feedback/ok
markus@

OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68

show more ...


# 4ca6a1fa 27-Jan-2021 djm@openbsd.org

upstream: remove global variable used to stash compat flags and use the

purpose-built ssh->compat variable instead; feedback/ok markus@

OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1

upstream: remove global variable used to stash compat flags and use the

purpose-built ssh->compat variable instead; feedback/ok markus@

OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06

show more ...


# b4c7cd11 20-Dec-2020 djm@openbsd.org

upstream: load_hostkeys()/hostkeys_foreach() variants for FILE*

Add load_hostkeys_file() and hostkeys_foreach_file() that accept a
FILE* argument instead of opening the file directly.

upstream: load_hostkeys()/hostkeys_foreach() variants for FILE*

Add load_hostkeys_file() and hostkeys_foreach_file() that accept a
FILE* argument instead of opening the file directly.

Original load_hostkeys() and hostkeys_foreach() are implemented using
these new interfaces.

Add a u_int note field to the hostkey_entry and hostkey_foreach_line
structs that is passed directly from the load_hostkeys() and
hostkeys_foreach() call. This is a lightweight way to annotate results
between different invocations of load_hostkeys().

ok markus@

OpenBSD-Commit-ID: 6ff6db13ec9ee4edfa658b2c38baad0f505d8c20

show more ...


# 815209ab 28-Oct-2020 djm@openbsd.org

upstream: UpdateHostkeys: fixed/better detection of host keys that

exist under other names and addresses; spotted by and debugged with lots of
help from jca@

OpenBSD-Commit-ID:

upstream: UpdateHostkeys: fixed/better detection of host keys that

exist under other names and addresses; spotted by and debugged with lots of
help from jca@

OpenBSD-Commit-ID: 5113d7f550bbd48243db1705afbf16b63792d4b7

show more ...


# 816036f1 18-Oct-2020 djm@openbsd.org

upstream: use the new variant log macros instead of prepending

__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8


# 95b0bcfd 13-Oct-2020 djm@openbsd.org

upstream: make UpdateHostkeys still more conservative: refuse to

proceed if one of the keys offered by the server is already in known_hosts
under another name. This avoid collisions betw

upstream: make UpdateHostkeys still more conservative: refuse to

proceed if one of the keys offered by the server is already in known_hosts
under another name. This avoid collisions between address entries for
different host aliases when CheckHostIP=yes

Also, do not attempt to fix known_hosts with incomplete host/ip matches
when there are no new or deprecated hostkeys.

OpenBSD-Commit-ID: 95c19842f7c41f9bd9c92aa6441a278c0fd0c4a3

show more ...


# f9242497 11-Oct-2020 djm@openbsd.org

upstream: UpdateHostkeys: check for keys under other names

Stop UpdateHostkeys from automatically removing deprecated keys from
known_hosts files if the same keys exist under a different

upstream: UpdateHostkeys: check for keys under other names

Stop UpdateHostkeys from automatically removing deprecated keys from
known_hosts files if the same keys exist under a different name or
address to the host that is being connected to.

This avoids UpdateHostkeys from making known_hosts inconsistent in
some cases. For example, multiple host aliases sharing address-based
known_hosts on different lines, or hosts that resolves to multiple
addresses.

ok markus@

OpenBSD-Commit-ID: 6444a705ba504c3c8ccddccd8d1b94aa33bd11c1

show more ...


# d98f14b5 11-Oct-2020 djm@openbsd.org

upstream: UpdateHostkeys: better CheckHostIP handling

When preparing to update the known_hosts file, fully check both
entries for both the host and the address (if CheckHostIP enabled)

upstream: UpdateHostkeys: better CheckHostIP handling

When preparing to update the known_hosts file, fully check both
entries for both the host and the address (if CheckHostIP enabled)
and ensure that, at the end of the operation, entries for both are
recorded.

Make sure this works with HashKnownHosts too, which requires maintaining
a list of entry-types seen across the whole file for each key.

ok markus@

OpenBSD-Commit-ID: 374dc263103f6b343d9671f87dbf81ffd0d6abdd

show more ...


# af5941ae 11-Oct-2020 djm@openbsd.org

upstream: UpdateHostkeys: better detect manual host entries

Disable UpdateHostkeys if the known_hosts line has more than two
entries in the pattern-list. ssh(1) only writes "host" or "ho

upstream: UpdateHostkeys: better detect manual host entries

Disable UpdateHostkeys if the known_hosts line has more than two
entries in the pattern-list. ssh(1) only writes "host" or "host,ip"
lines so anything else was added by a different tool or by a human.

ok markus@

OpenBSD-Commit-ID: e434828191fb5f3877d4887c218682825aa59820

show more ...


# 6247812c 07-Oct-2020 djm@openbsd.org

upstream: don't misdetect comma-separated hostkey names as wildcards;

spotted by naddy@

OpenBSD-Commit-ID: 4b874edfec7fc324a21b130bdb42f912177739ce


# aa623142 06-Oct-2020 djm@openbsd.org

upstream: revert kex->flags cert hostkey downgrade back to a plain

key (commitid VtF8vozGOF8DMKVg). We now do this a simpler way that needs less
plumbing.

ok markus@

Op

upstream: revert kex->flags cert hostkey downgrade back to a plain

key (commitid VtF8vozGOF8DMKVg). We now do this a simpler way that needs less
plumbing.

ok markus@

OpenBSD-Commit-ID: fb92d25b216bff8c136da818ac2221efaadf18ed

show more ...


# 332f2153 03-Oct-2020 djm@openbsd.org

upstream: disable UpdateHostkeys when a wildcard hostname pattern

is encountered or when a certificate host key is in use. feedback/ok markus@

OpenBSD-Commit-ID: b6e5575af7e6732322b

upstream: disable UpdateHostkeys when a wildcard hostname pattern

is encountered or when a certificate host key is in use. feedback/ok markus@

OpenBSD-Commit-ID: b6e5575af7e6732322be82ec299e09051a5413bd

show more ...


Revision tags: V_8_4_P1
# d6f507f3 15-Sep-2020 dtucker@openbsd.org

upstream: Remove unused buf, last user was removed when switching

to the sshbuf API. Patch from Sebastian Andrzej Siewior.

OpenBSD-Commit-ID: 250fa17f0cec01039cc4abd95917d9746e24c889


# f11b2334 03-Jul-2020 dtucker@openbsd.org

upstream: Only reset the serveralive check when we receive traffic from

the server and ignore traffic from a port forwarding client, preventing a
client from keeping a connection alive w

upstream: Only reset the serveralive check when we receive traffic from

the server and ignore traffic from a port forwarding client, preventing a
client from keeping a connection alive when it should be terminated. Based
on a patch from jxraynor at gmail.com via openssh-unix-dev and bz#2265, ok
djm@

OpenBSD-Commit-ID: a941a575a5cbc244c0ef5d7abd0422bbf02c2dcd

show more ...


Revision tags: V_8_3_P1
# 3beb7276 23-Apr-2020 dtucker@openbsd.org

upstream: Remove leave_non_blocking() which is now dead code

because nothing sets in_non_blocking_mode any more. Patch from
michaael.meeks at collabora.com, ok djm@

OpenBSD-Comm

upstream: Remove leave_non_blocking() which is now dead code

because nothing sets in_non_blocking_mode any more. Patch from
michaael.meeks at collabora.com, ok djm@

OpenBSD-Commit-ID: c403cefe97a5a99eca816e19cc849cdf926bd09c

show more ...


# 663e84bb 02-Apr-2020 djm@openbsd.org

upstream: make failures when establishing "Tunnel" forwarding terminate

the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker

OpenBSD-Commit-ID: ef4b4808de0a419c17

upstream: make failures when establishing "Tunnel" forwarding terminate

the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker

OpenBSD-Commit-ID: ef4b4808de0a419c17579b1081da768625c1d735

show more ...


# d5ba1c03 26-Feb-2020 jsg@openbsd.org

upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an

upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a

show more ...


# ade8e67b 25-Feb-2020 dtucker@openbsd.org

upstream: Remove obsolete XXX comment. ok deraadt@

OpenBSD-Commit-ID: bc462cc843947feea26a2e21c750b3a7469ff01b


Revision tags: V_8_2_P1
# adffbe1c 02-Feb-2020 dtucker@openbsd.org

upstream: Output (none) in debug in the case in the CheckHostIP=no case

as suggested by markus@

OpenBSD-Commit-ID: 4ab9117ee5261cbbd1868717fcc3142eea6385cf


# 58c81909 02-Feb-2020 dtucker@openbsd.org

upstream: Prevent possible null pointer deref of ip_str in debug.

OpenBSD-Commit-ID: 37b252e2e6f690efed6682437ef75734dbc8addf


# 65d6fd0a 30-Jan-2020 djm@openbsd.org

upstream: check the return value of ssh_packet_write_poll() and

call sshpkt_fatal() if it fails; avoid potential busy-loop under some
circumstances. Based on patch by Mike Frysinger; ok

upstream: check the return value of ssh_packet_write_poll() and

call sshpkt_fatal() if it fails; avoid potential busy-loop under some
circumstances. Based on patch by Mike Frysinger; ok dtucker@

OpenBSD-Commit-ID: c79fe5cf4f0cd8074cb6db257c1394d5139408ec

show more ...


# 14ef4efe 29-Jan-2020 djm@openbsd.org

upstream: markus suggests a simplification to previous

OpenBSD-Commit-ID: 10bbfb6607ebbb9a018dcd163f0964941adf58de


# 101ebc3a 29-Jan-2020 djm@openbsd.org

upstream: give more context to UpdateHostKeys messages, mentioning

that the changes are validated by the existing trusted host key. Prompted by
espie@ feedback and ok markus@

Op

upstream: give more context to UpdateHostKeys messages, mentioning

that the changes are validated by the existing trusted host key. Prompted by
espie@ feedback and ok markus@

OpenBSD-Commit-ID: b3d95f4a45f2692f4143b9e77bb241184dbb8dc5

show more ...


12345678910>>...27