History log of /openssh-portable/openbsd-compat/ (Results 176 - 200 of 843)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
d427b73b29-Mar-2017 Darren Tucker

Import fmt_scaled.c rev 1.14 from OpenBSD.

Catch integer underflow in scan_scaled reported by Nicolas Iooss.
ok deraadt@ djm@

Revision tags: V_7_5_P1
d38f05db19-Mar-2017 Darren Tucker

Add llabs() implementation.

d94c1dfe11-Mar-2017 Damien Miller

sync fmt_scaled.c with OpenBSD

revision 1.13
date: 2017/03/11 23:37:23; author: djm; state: Exp; lines: +14 -1; commitid: jnFKyHkB3CEiEZ2R;
fix signed integer overflow in scan_sc

sync fmt_scaled.c with OpenBSD

revision 1.13
date: 2017/03/11 23:37:23; author: djm; state: Exp; lines: +14 -1; commitid: jnFKyHkB3CEiEZ2R;
fix signed integer overflow in scan_scaled. Found by Nicolas Iooss
using AFL against ssh_config. ok deraadt@ millert@
----------------------------
revision 1.12
date: 2013/11/29 19:00:51; author: deraadt; state: Exp; lines: +6 -5;
fairly simple unsigned char casts for ctype
ok krw
----------------------------
revision 1.11
date: 2012/11/12 14:07:20; author: halex; state: Exp; lines: +4 -2;
make scan_scaled set errno to EINVAL rather than ERANGE if it encounters
an invalid multiplier, like the man page says it should

"looks sensible" deraadt@, ok ian@
----------------------------
revision 1.10
date: 2009/06/20 15:00:04; author: martynas; state: Exp; lines: +4 -4;
use llabs instead of the home-grown version; and some comment changes
ok ian@, millert@
----------------------------

show more ...

Revision tags: V_7_4_P1
b9b8ba3f12-Dec-2016 Darren Tucker

Remove commented-out includes.

These commented-out includes have "Still needed?" comments. Since
they've been commented out for ~13 years I assert that they're not.

25275f1c12-Dec-2016 Darren Tucker

Add prototype for strcasestr in compat library.

afec077312-Dec-2016 Darren Tucker

Add strcasestr to compat library.

Fixes build on (at least) Solaris 10.

a9ff395027-Oct-2016 Darren Tucker

Move OPENSSL_NO_RIPEMD160 to compat.

Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the
ripemd160 MACs.

b4e96b4c25-Oct-2016 Darren Tucker

Use !=NULL instead of >0 for getdefaultproj.

getdefaultproj() returns a pointer so test it for NULL inequality
instead of >0. Fixes compiler warning and is more correct. Patch from

Use !=NULL instead of >0 for getdefaultproj.

getdefaultproj() returns a pointer so test it for NULL inequality
instead of >0. Fixes compiler warning and is more correct. Patch from
David Binderman.

show more ...

8f866d8a18-Oct-2016 Darren Tucker

Import readpassphrase.c rev 1.26.

Author: miller@openbsd.org:
Avoid generate SIGTTOU when restoring the terminal mode. If we get
SIGTTOU it means the process is not in the foregroun

Import readpassphrase.c rev 1.26.

Author: miller@openbsd.org:
Avoid generate SIGTTOU when restoring the terminal mode. If we get
SIGTTOU it means the process is not in the foreground process group
which, in most cases, means that the shell has taken control of the tty.
Requiring the user the fg the process in this case doesn't make sense
and can result in both SIGTSTP and SIGTTOU being sent which can lead to
the process being suspended again immediately after being brought into
the foreground.

show more ...

f901440c18-Oct-2016 Darren Tucker

Import readpassphrase.c rev 1.25.

Wrap <readpassphrase.h> so internal calls go direct and
readpassphrase is weak.

(DEF_WEAK is a no-op in portable.)

032147b614-Oct-2016 Darren Tucker

Move DEF_WEAK into defines.h.

As well pull in more recent changes from OpenBSD these will start to
arrive so put it where the definition is shared.

29d4031912-Oct-2016 Darren Tucker

Import rev 1.24 from OpenBSD.

revision 1.24
date: 2013/11/24 23:51:29; author: deraadt; state: Exp; lines: +4 -4;
most obvious unsigned char casts for ctype
ok jca krw ingo

12069e5612-Oct-2016 Darren Tucker

Import rev 1.23 from OpenBSD. Fixes bz#2619.

revision 1.23
date: 2010/05/14 13:30:34; author: millert; state: Exp; lines: +41 -39;
Defer installing signal handlers until echo is

Import rev 1.23 from OpenBSD. Fixes bz#2619.

revision 1.23
date: 2010/05/14 13:30:34; author: millert; state: Exp; lines: +41 -39;
Defer installing signal handlers until echo is disabled so that we
get suspended normally when not the foreground process. Fix potential
infinite loop when restoring terminal settings if process is in the
background when restore occurs. OK miod@

show more ...

7508d83e12-Oct-2016 Darren Tucker

If we don't have TCSASOFT, define it to zero.

This makes it a no-op when we use it below, which allows us to re-sync
those lines with the upstream and make future updates easier.

1cfd5c0628-Sep-2016 Damien Miller

Remove portability support for mmap

We no longer need to wrap/replace mmap for portability now that
pre-auth compression has been removed from OpenSSH.

1e8013a117-Aug-2016 Darren Tucker

Remove obsolete CVS $Id from source files.

Since -portable switched to git the CVS $Id tags are no longer being
updated and are becoming increasingly misleading. Remove them.

74433a1915-Aug-2016 Damien Miller

fix false positives when compiled with msan

Our explicit_bzero successfully confused clang -fsanitize-memory
in to thinking that memset is never called to initialise memory.
Ensure t

fix false positives when compiled with msan

Our explicit_bzero successfully confused clang -fsanitize-memory
in to thinking that memset is never called to initialise memory.
Ensure that it is called in a way that the compiler recognises.

show more ...

dd1031b701-Aug-2016 Darren Tucker

Replace spaces with tabs.

Mechanically replace spaces with tabs in compat files not synced with
OpenBSD.

c20dccb501-Aug-2016 Darren Tucker

Strip trailing whitespace.

Mechanically strip trailing whitespace on files not synced with OpenBSD
(or in the case of bsd-snprint.c, rsync).

30f9bd1c01-Aug-2016 Darren Tucker

Repair $OpenBSD markers.

9715d4ad01-Aug-2016 Darren Tucker

Repair $OpenBSD marker.

Revision tags: V_7_3_P1
dbf788b421-Jul-2016 Darren Tucker

Search users for one with a valid salt.

If the root account is locked (eg password "!!" or "*LK*") keep looking
until we find a user with a valid salt to use for crypting passwords of

Search users for one with a valid salt.

If the root account is locked (eg password "!!" or "*LK*") keep looking
until we find a user with a valid salt to use for crypting passwords of
invalid users. ok djm@

show more ...

4a984fd315-Jul-2016 Damien Miller

cast to avoid type warning in error message

5abfb15c15-Jul-2016 Darren Tucker

Move VA_COPY macro into compat header.

Some AIX compilers unconditionally undefine va_copy but don't set it back
to an internal function, causing link errors. In some compat code we

Move VA_COPY macro into compat header.

Some AIX compilers unconditionally undefine va_copy but don't set it back
to an internal function, causing link errors. In some compat code we
already use VA_COPY instead so move the two existing instances into the
shared header and use for sshbuf-getput-basic.c too. Should fix building
with at lease some versions of AIX's compiler. bz#2589, ok djm@

show more ...

9286875a14-Jul-2016 Darren Tucker

Determine appropriate salt for invalid users.

When sshd is processing a non-PAM login for a non-existent user it uses
the string from the fakepw structure as the salt for crypt(3)ing the

Determine appropriate salt for invalid users.

When sshd is processing a non-PAM login for a non-existent user it uses
the string from the fakepw structure as the salt for crypt(3)ing the
password supplied by the client. That string has a Blowfish prefix, so on
systems that don't understand that crypt will fail fast due to an invalid
salt, and even on those that do it may have significantly different timing
from the hash methods used for real accounts (eg sha512). This allows
user enumeration by, eg, sending large password strings. This was noted
by EddieEzra.Harari at verint.com (CVE-2016-6210).

To mitigate, use the same hash algorithm that root uses for hashing
passwords for users that do not exist on the system. ok djm@

show more ...

12345678910>>...34