History log of /openssh-portable/clientloop.c (Results 1 - 25 of 634)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 663e84bb 02-Apr-2020 djm@openbsd.org

upstream: make failures when establishing "Tunnel" forwarding terminate

the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker

OpenBSD-Commit-ID: ef4b4808de0a419c17

upstream: make failures when establishing "Tunnel" forwarding terminate

the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker

OpenBSD-Commit-ID: ef4b4808de0a419c17579b1081da768625c1d735

show more ...


# d5ba1c03 26-Feb-2020 jsg@openbsd.org

upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an

upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a

show more ...


# ade8e67b 25-Feb-2020 dtucker@openbsd.org

upstream: Remove obsolete XXX comment. ok deraadt@

OpenBSD-Commit-ID: bc462cc843947feea26a2e21c750b3a7469ff01b


Revision tags: V_8_2_P1
# adffbe1c 02-Feb-2020 dtucker@openbsd.org

upstream: Output (none) in debug in the case in the CheckHostIP=no case

as suggested by markus@

OpenBSD-Commit-ID: 4ab9117ee5261cbbd1868717fcc3142eea6385cf


# 58c81909 02-Feb-2020 dtucker@openbsd.org

upstream: Prevent possible null pointer deref of ip_str in debug.

OpenBSD-Commit-ID: 37b252e2e6f690efed6682437ef75734dbc8addf


# 65d6fd0a 30-Jan-2020 djm@openbsd.org

upstream: check the return value of ssh_packet_write_poll() and

call sshpkt_fatal() if it fails; avoid potential busy-loop under some
circumstances. Based on patch by Mike Frysinger; ok

upstream: check the return value of ssh_packet_write_poll() and

call sshpkt_fatal() if it fails; avoid potential busy-loop under some
circumstances. Based on patch by Mike Frysinger; ok dtucker@

OpenBSD-Commit-ID: c79fe5cf4f0cd8074cb6db257c1394d5139408ec

show more ...


# 14ef4efe 29-Jan-2020 djm@openbsd.org

upstream: markus suggests a simplification to previous

OpenBSD-Commit-ID: 10bbfb6607ebbb9a018dcd163f0964941adf58de


# 101ebc3a 29-Jan-2020 djm@openbsd.org

upstream: give more context to UpdateHostKeys messages, mentioning

that the changes are validated by the existing trusted host key. Prompted by
espie@ feedback and ok markus@

Op

upstream: give more context to UpdateHostKeys messages, mentioning

that the changes are validated by the existing trusted host key. Prompted by
espie@ feedback and ok markus@

OpenBSD-Commit-ID: b3d95f4a45f2692f4143b9e77bb241184dbb8dc5

show more ...


# 74dfc2c8 25-Jan-2020 djm@openbsd.org

upstream: for UpdateHostKeys, don't report errors for unsupported

key types - just ignore them. spotted by and ok dtucker@

OpenBSD-Commit-ID: 91769e443f6197c983932fc8ae9d39948727d473


# b5961824 25-Jan-2020 djm@openbsd.org

upstream: downgrade error() for missing subsequent known_hosts

files to debug() as it was intended to be; spotted by dtucker@

OpenBSD-Commit-ID: 18cfea382cb52f2da761be524e309cc3d535

upstream: downgrade error() for missing subsequent known_hosts

files to debug() as it was intended to be; spotted by dtucker@

OpenBSD-Commit-ID: 18cfea382cb52f2da761be524e309cc3d5354ef9

show more ...


# 7955633a 24-Jan-2020 djm@openbsd.org

upstream: allow UpdateKnownHosts=yes to function when multiple

known_hosts files are in use. When updating host keys, ssh will now search
subsequent known_hosts files, but will add new/c

upstream: allow UpdateKnownHosts=yes to function when multiple

known_hosts files are in use. When updating host keys, ssh will now search
subsequent known_hosts files, but will add new/changed host keys to the first
specified file only. bz#2738

ok markus@

OpenBSD-Commit-ID: 6ded6d878a03e57d5aa20bab9c31f92e929dbc6c

show more ...


# 3bf2a6ac 23-Jan-2020 dtucker@openbsd.org

upstream: Replace all calls to signal(2) with a wrapper around

sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTA

upstream: Replace all calls to signal(2) with a wrapper around

sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519

show more ...


# c4b3a128 22-Jan-2020 dtucker@openbsd.org

upstream: Remove unsupported algorithms from list of defaults at run

time and remove ifdef and distinct settings for OPENSSL=no case.

This will make things much simpler for -portabl

upstream: Remove unsupported algorithms from list of defaults at run

time and remove ifdef and distinct settings for OPENSSL=no case.

This will make things much simpler for -portable where the exact set
of algos depends on the configuration of both OpenSSH and the libcrypto
it's linked against (if any). ok djm@

OpenBSD-Commit-ID: e0116d0183dcafc7a9c40ba5fe9127805c5dfdd2

show more ...


# 40be78f5 20-Dec-2019 djm@openbsd.org

upstream: Allow forwarding a different agent socket to the path

specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
accepting an explicit path or the name of an

upstream: Allow forwarding a different agent socket to the path

specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
accepting an explicit path or the name of an environment variable in addition
to yes/no.

Patch by Eric Chiang, manpage by me; ok markus@

OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265

show more ...


# b7e74ea0 24-Nov-2019 djm@openbsd.org

upstream: Add new structure for signature options

This is populated during signature verification with additional fields
that are present in and covered by the signature. At the moment,

upstream: Add new structure for signature options

This is populated during signature verification with additional fields
that are present in and covered by the signature. At the moment, it is
only used to record security key-specific options, especially the flags
field.

with and ok markus@

OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49

show more ...


# 72687c8e 12-Nov-2019 deraadt@openbsd.org

upstream: stdarg.h required more broadly; ok djm

OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513


Revision tags: V_8_1_P1
# 7adf6c43 24-Jul-2019 mestre@openbsd.org

upstream: When using a combination of a Yubikey+GnuPG+remote

forwarding the gpg-agent (and options ControlMaster+RemoteForward in
ssh_config(5)) then the codepath taken will call mux_cli

upstream: When using a combination of a Yubikey+GnuPG+remote

forwarding the gpg-agent (and options ControlMaster+RemoteForward in
ssh_config(5)) then the codepath taken will call mux_client_request_session
-> mm_send_fd -> sendmsg(2). Since sendmsg(2) is not allowed in that codepath
then pledge(2) kills the process.

The solution is to add "sendfd" to pledge(2), which is not too bad considering
a little bit later we reduce pledge(2) to only "stdio proc tty" in that
codepath.

Problem reported and diff provided by Timothy Brown <tbrown at freeshell.org>

OK deraadt@

OpenBSD-Commit-ID: 7ce38b6542bbec00e441595d0a178e970a9472ac

show more ...


# 4d28fa78 28-Jun-2019 deraadt@openbsd.org

upstream: When system calls indicate an error they return -1, not

some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this be

upstream: When system calls indicate an error they return -1, not

some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075

show more ...


# 7959330a 26-Jun-2019 dtucker@openbsd.org

upstream: Remove unneeded unlink of xauthfile o

=?UTF-8?q?n=20error=20path.=20=20From=20Erik=20Sj=C3=B6lund=20via=20githu?=
=?UTF-8?q?b,=20ok=20djm@=20deraadt@?=
MIME-Version: 1.0

upstream: Remove unneeded unlink of xauthfile o

=?UTF-8?q?n=20error=20path.=20=20From=20Erik=20Sj=C3=B6lund=20via=20githu?=
=?UTF-8?q?b,=20ok=20djm@=20deraadt@?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

OpenBSD-Commit-ID: 62a4893cf83b29a4bbfedc40e7067c25c203e632

show more ...


# 7349149d 12-Jun-2019 jmc@openbsd.org

upstream: Hostname->HostName cleanup; from lauri tirkkonen ok

dtucker

OpenBSD-Commit-ID: 4ade73629ede63b691f36f9a929f943d4e7a44e4


# 3a7db919 23-Apr-2019 dtucker@openbsd.org

upstream: Use the LogLevel typdef instead of int where appropriate. Patch from Markus Schmidt via openssh-unix-dev, ok markus@

OpenBSD-Commit-ID: 4c0f0f458e3da7807806b35e3eb5c1e8403c968a


Revision tags: V_8_0_P1
# 9d7b2882 29-Mar-2019 djm@openbsd.org

upstream: when logging/fataling on error, include a bit more detail

than just the function name and the error message

OpenBSD-Commit-ID: dd72d7eba2215fcb89be516c378f633ea5bcca9f


# bc5e1169 19-Jan-2019 djm@openbsd.org

upstream: convert the remainder of clientloop.c to new packet API

with & ok markus@

OpenBSD-Commit-ID: ce2fbbacb86a290f31da1e7bf04cddf2bdae3d1e


# 23f22a4a 19-Jan-2019 djm@openbsd.org

upstream: convert clientloop.c to new packet API

with & ok markus@

OpenBSD-Commit-ID: 497b36500191f452a22abf283aa8d4a9abaee7fa


# 0fa174eb 19-Jan-2019 djm@openbsd.org

upstream: begin landing remaining refactoring of packet parsing

API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes

upstream: begin landing remaining refactoring of packet parsing

API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.

with & ok markus@

OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4

show more ...


12345678910>>...26