History log of /openssh-portable/openbsd-compat/ (Results 201 – 225 of 10160)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
66dd9ddb27-Jan-2021 Darren Tucker

Add test against openssl head and libressl head.

237dbb3427-Jan-2021 Darren Tucker

Remove whitespace.

d983e17327-Jan-2021 djm@openbsd.org

upstream: fix leak: was double allocating kex->session_id buffer

OpenBSD-Commit-ID: 3765f4cc3ae1df874dba9102a3588ba7b48b8183

1134a48c27-Jan-2021 Damien Miller

correct kex name in disabled code

67f47f1927-Jan-2021 djm@openbsd.org

upstream: this needs kex.h now

OpenBSD-Commit-ID: c5a42166c5aa002197217421a971e48be7cb5d41

39be3dc227-Jan-2021 djm@openbsd.org

upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t

and use that instead of global variables containing copies of it. feedback/ok
markus@

OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f6

upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t

and use that instead of global variables containing copies of it. feedback/ok
markus@

OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68

show more ...

4ca6a1fa27-Jan-2021 djm@openbsd.org

upstream: remove global variable used to stash compat flags and use the

purpose-built ssh->compat variable instead; feedback/ok markus@

OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06

bba229b626-Jan-2021 Darren Tucker

Install moduli file before tests.

Reduces warnings during test runs.

1b83185526-Jan-2021 Darren Tucker

Run one test with -Werror to catch warnings.

d1532d9026-Jan-2021 dtucker@openbsd.org

upstream: Logical not bitwise or. ok djm@

OpenBSD-Commit-ID: d4dc855cf04951b93c45caa383e1ac9af0a3b0e5

507b448a26-Jan-2021 naddy@openbsd.org

upstream: move HostbasedAcceptedAlgorithms to the right place in

alphabetical order

OpenBSD-Commit-ID: d766820d33dd874d944c14b0638239adb522c7ec

e26c980726-Jan-2021 dtucker@openbsd.org

upstream: Remove unused variables leftover from refactoring. ok

djm@

OpenBSD-Commit-ID: 8b3ad58bff828fcf874e54b2fc27a4cf1d9505e8

e9f78d6b26-Jan-2021 dtucker@openbsd.org

upstream: Rename HostbasedKeyTypes (ssh) and

HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
accurately reflects its effect. This matches a previous change to
PubkeyAccep

upstream: Rename HostbasedKeyTypes (ssh) and

HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
accurately reflects its effect. This matches a previous change to
PubkeyAcceptedAlgorithms. The previous names are retained as aliases. ok
djm@

OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e

show more ...

48d0d7a425-Jan-2021 Darren Tucker

Disable sntrup761 if compiler doesn't support VLAs.

The sntrup761 code sourced from supercop uses variable length
arrays. Although widely supported, they are not part of the ANSI
C89 spec so if the

Disable sntrup761 if compiler doesn't support VLAs.

The sntrup761 code sourced from supercop uses variable length
arrays. Although widely supported, they are not part of the ANSI
C89 spec so if the compiler does not support VLAs, disable the
sntrup761x25519-sha512@openssh.com KEX method by replacing the kex
functions with no-op ones similar to what we do in kexecdh.c.

This should allow OpenSSH to build with a plain C89 compiler again.
Spotted by tim@, ok djm@.

show more ...

37c70ea825-Jan-2021 djm@openbsd.org

upstream: refactor key constraint parsing in ssh-agent

Key constraints parsing code previously existed in both the "add regular
key" and "add smartcard key" path. This unifies them but also introduc

upstream: refactor key constraint parsing in ssh-agent

Key constraints parsing code previously existed in both the "add regular
key" and "add smartcard key" path. This unifies them but also introduces
more consistency checking: duplicated constraints and constraints that
are nonsensical for a particular situation (e.g. FIDO provider for a
smartcard key) are now banned.

ok markus@

OpenBSD-Commit-ID: 511cb1b1c021ee1d51a4c2d649b937445de7983c

show more ...

e0e8bee825-Jan-2021 djm@openbsd.org

upstream: more ssh-agent refactoring

Allow confirm_key() to accept an additional reason suffix

Factor publickey userauth parsing out into its own function and allow
it to optionally return things i

upstream: more ssh-agent refactoring

Allow confirm_key() to accept an additional reason suffix

Factor publickey userauth parsing out into its own function and allow
it to optionally return things it parsed out of the message to its
caller.

feedback/ok markus@

OpenBSD-Commit-ID: 29006515617d1aa2d8b85cd2bf667e849146477e

show more ...

dfe18a2925-Jan-2021 djm@openbsd.org

upstream: make struct hostkeys public; I have no idea why I made it

opaque originally.

ok markus@

OpenBSD-Commit-ID: e50780b34d4bbe628d69b2405b024dd749d982f3

3b44f25125-Jan-2021 djm@openbsd.org

upstream: move check_host_cert() from sshconnect,c to sshkey.c and

refactor it to make it more generally usable and testable.

ok markus@

OpenBSD-Commit-ID: 536f489f5ff38808c1fa711ba58d4579b636f9e4

1fe16fd625-Jan-2021 djm@openbsd.org

upstream: use recallocarray to allocate the agent sockets table;

also clear socket entries that are being marked as unused.

spinkle in some debug2() spam to make it easier to watch an agent
do its

upstream: use recallocarray to allocate the agent sockets table;

also clear socket entries that are being marked as unused.

spinkle in some debug2() spam to make it easier to watch an agent
do its thing.

ok markus

OpenBSD-Commit-ID: 74582c8e82e96afea46f6c7b6813a429cbc75922

show more ...

cb7b22ea25-Jan-2021 djm@openbsd.org

upstream: factor out common code in the agent client

Add a ssh_request_reply_decode() function that sends a message to
the agent, reads and parses a success/failure reply.
Use it for all requests th

upstream: factor out common code in the agent client

Add a ssh_request_reply_decode() function that sends a message to
the agent, reads and parses a success/failure reply.
Use it for all requests that only expect success/failure

ok markus@

OpenBSD-Commit-ID: e0c1f4d5e6cfa525d62581e2b8de93be0cb85adb

show more ...

d1e578af25-Jan-2021 djm@openbsd.org

upstream: make ssh hostbased authentication send the signature

algorithm in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
This make HostbasedAcceptedAlgorithms do what it is suppose

upstream: make ssh hostbased authentication send the signature

algorithm in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
This make HostbasedAcceptedAlgorithms do what it is supposed to - filter on
signature algorithm and not key type.

spotted with dtucker@ ok markus@

OpenBSD-Commit-ID: 25bffe19f0326972f5728170f7da81d5f45c78c6

show more ...

95eca1e123-Jan-2021 Darren Tucker

ifdef new instance of sin6_scope_id

Put inside HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID similar to
existing instance. Should fix error on UnixWare 7.

6ffdcdda18-Jan-2021 dtucker@openbsd.org

upstream: Fix long->int for convtime tests here too. Spotted by

tobhe@.

OpenBSD-Regress-ID: a87094f5863312d00938afba771d25f788c849d0

b55b756521-Jan-2021 dtucker@openbsd.org

upstream: PubkeyAcceptedKeyTypes->PubkeyAcceptedAlgorithms

here too.

OpenBSD-Commit-ID: 3b64a640f8ce8c21d9314da9df7ce2420eefde3a

ee9c0da821-Jan-2021 dtucker@openbsd.org

upstream: Rename PubkeyAcceptedKeyTypes keyword to

PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
actually specifies the signature algorithms that are accepted. Some key
t

upstream: Rename PubkeyAcceptedKeyTypes keyword to

PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
actually specifies the signature algorithms that are accepted. Some key
types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512)
so the old name is becoming increasingly misleading. The old name is
retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@

OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5

show more ...

12345678910>>...407