Commit Graph

8709 Commits

Author SHA1 Message Date
jmc@openbsd.org
2b6f799e9b upstream commit
more protocol 1 stuff to go; ok djm

Upstream-ID: 307a30441d2edda480fd1661d998d36665671e47
2017-05-08 09:18:05 +10:00
jmc@openbsd.org
f10c0d32cd upstream commit
rsa1 is no longer valid;

Upstream-ID: 9953d09ed9841c44b7dcf7019fa874783a709d89
2017-05-08 09:18:05 +10:00
jmc@openbsd.org
42b690b4fd upstream commit
add PubKeyAcceptedKeyTypes to the -o list: scp(1) has
it, so i guess this should too;

Upstream-ID: 7fab32e869ca5831d09ab0c40d210b461d527a2c
2017-05-08 09:18:04 +10:00
jmc@openbsd.org
d852603214 upstream commit
remove now obsolete protocol1 options from the -o
lists;

Upstream-ID: 828e478a440bc5f9947672c392420510a362b3dd
2017-05-08 09:18:04 +10:00
jmc@openbsd.org
8b60ce8d81 upstream commit
more -O shuffle; ok djm

Upstream-ID: c239991a3a025cdbb030b73e990188dd9bfbeceb
2017-05-08 09:18:04 +10:00
djm@openbsd.org
3575f0b12a upstream commit
remove -1 / -2 options; pointed out by jmc@

Upstream-ID: 65d2a816000741a95df1c7cfdb5fa8469fcc7daa
2017-05-08 09:18:04 +10:00
jmc@openbsd.org
4f1ca823ba upstream commit
remove options -12 from usage();

Upstream-ID: db7ceef25132e63b50ed05289bf447fece1d1270
2017-05-08 09:18:04 +10:00
jmc@openbsd.org
6b84897f7f upstream commit
tidy up -O somewhat; ok djm

Upstream-ID: 804405f716bf7ef15c1f36ab48581ca16aeb4d52
2017-05-08 09:18:04 +10:00
djm@openbsd.org
d1c6b7fdbd upstream commit
when freeing a bitmap, zero all it bytes; spotted by Ilya
Kaliman

Upstream-ID: 834ac024f2c82389d6ea6b1c7d6701b3836e28e4
2017-05-02 13:39:36 +10:00
djm@openbsd.org
0f16398301 upstream commit
this one I did forget to "cvs rm"

Upstream-ID: 5781670c0578fe89663c9085ed3ba477cf7e7913
2017-05-02 13:39:36 +10:00
djm@openbsd.org
21ed00a8e2 upstream commit
don't know why cvs didn't exterminate these the first
time around, I use rm -f and everuthing...

pointed out by sobrado@

Upstream-ID: a6c44a0c2885330d322ee01fcfd7f6f209b1e15d
2017-05-02 13:39:36 +10:00
Darren Tucker
d29ba6f450 Define INT32_MAX and INT64_MAX if needed. 2017-05-01 13:53:55 +10:00
Darren Tucker
329037e389 Wrap stdint.h in HAVE_STDINT_H 2017-05-01 13:53:55 +10:00
djm@openbsd.org
f382362e8d upstream commit
remove unused variable

Upstream-ID: 66011f00819d0e71b14700449a98414033284516
2017-05-01 12:28:06 +10:00
djm@openbsd.org
dd369320d2 upstream commit
eliminate explicit specification of protocol in tests and
loops over protocol. We only support SSHv2 now.

Upstream-Regress-ID: 0082838a9b8a382b7ee9cbf0c1b9db727784fadd
2017-05-01 11:59:42 +10:00
djm@openbsd.org
557f921aad upstream commit
remove SSHv1 support from unit tests

Upstream-Regress-ID: 395ca2aa48f1f7d23eefff6cb849ea733ca8bbfe
2017-05-01 10:07:19 +10:00
djm@openbsd.org
e77e156271 upstream commit
fixup setting ciphercontext->plaintext (lost in SSHv1 purge),
though it isn't really used for much anymore.

Upstream-ID: 859b8bce84ff4865b32097db5430349d04b9b747
2017-05-01 10:06:24 +10:00
Damien Miller
f7849e6c83 remove configure --with-ssh1 2017-05-01 10:05:07 +10:00
djm@openbsd.org
f4a6a88ddb upstream commit
flense SSHv1 support from ssh-agent, considerably
simplifying it

ok markus

Upstream-ID: 71d772cdcefcb29f76e01252e8361e6fc2dfc365
2017-05-01 10:05:07 +10:00
djm@openbsd.org
930e8d2827 upstream commit
obliterate ssh1.h and some dead code that used it

ok markus@

Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
2017-05-01 10:05:06 +10:00
djm@openbsd.org
a3710d5d52 upstream commit
exterminate the -1 flag from scp

ok markus@

Upstream-ID: 26d247f7065da15056b209cef5f594ff591b89db
2017-05-01 10:05:05 +10:00
djm@openbsd.org
aebd0abfaa upstream commit
purge the last traces of SSHv1 from the TTY modes
handling code

ok markus

Upstream-ID: 963a19f1e06577377c38a3b7ce468f121b966195
2017-05-01 10:05:04 +10:00
djm@openbsd.org
dfa641f758 upstream commit
remove the (in)famous SSHv1 CRC compensation attack
detector.

Despite your cameo in The Matrix movies, you will not be missed.

ok markus

Upstream-ID: 44261fce51a56d93cdb2af7b6e184be629f667e0
2017-05-01 10:05:04 +10:00
djm@openbsd.org
e5d3bd36ef upstream commit
undo some local debugging stuff that I committed by
accident

Upstream-ID: fe5b31f69a60d47171836911f144acff77810217
2017-05-01 10:05:03 +10:00
djm@openbsd.org
3d6d09f2e9 upstream commit
remove SSHv1 support from packet and buffer APIs

ok markus@

Upstream-ID: bfc290053d40b806ecac46317d300677d80e1dc9
2017-05-01 10:05:02 +10:00
djm@openbsd.org
0516435857 upstream commit
remove SSHv1-related buffers from client code

Upstream-ID: dca5d01108f891861ceaf7ba1c0f2eb274e0c7dd
2017-05-01 10:05:02 +10:00
djm@openbsd.org
873d3e7d9a upstream commit
remove KEY_RSA1

ok markus@

Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
2017-05-01 10:05:01 +10:00
djm@openbsd.org
788ac799a6 upstream commit
remove SSHv1 configuration options and man pages bits

ok markus@

Upstream-ID: 84638c23546c056727b7a7d653c72574e0f19424
2017-05-01 10:05:00 +10:00
djm@openbsd.org
e6882463a8 upstream commit
remove SSH1 make flag and associated files ok markus@

Upstream-ID: ba9feacc5787337c413db7cf26ea3d53f854cfef
2017-05-01 10:04:59 +10:00
djm@openbsd.org
cdccebdf85 upstream commit
remove SSHv1 ciphers; ok markus@

Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
2017-05-01 10:04:58 +10:00
djm@openbsd.org
97f4d3083b upstream commit
remove compat20/compat13/compat15 variables

ok markus@

Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
2017-05-01 09:42:37 +10:00
djm@openbsd.org
99f95ba826 upstream commit
remove options.protocol and client Protocol
configuration knob

ok markus@

Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366
2017-05-01 09:38:46 +10:00
djm@openbsd.org
56912dea6e upstream commit
unifdef WITH_SSH1 ok markus@

Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
2017-05-01 09:37:40 +10:00
jmc@openbsd.org
d4084cd230 upstream commit
tweak previous;

Upstream-ID: a3abc6857455299aa42a046d232b7984568bceb9
2017-05-01 09:35:38 +10:00
djm@openbsd.org
249516e428 upstream commit
allow ssh-keygen to include arbitrary string or flag
certificate extensions and critical options. ok markus@ dtucker@

Upstream-ID: 2cf28dd6c5489eb9fc136e0b667ac3ea10241646
2017-05-01 09:35:38 +10:00
jmc@openbsd.org
47a287bb6a upstream commit
sort;

Upstream-ID: 7e6b56e52b039cf44d0418e9de9aca20a2d2d15a
2017-05-01 09:35:38 +10:00
Darren Tucker
36465a76a7 Typo.
Upstream-Regress-ID: 1e6b51ddf767cbad0a4e63eb08026c127e654308
2017-04-28 14:44:28 +10:00
Darren Tucker
9d18cb7bde Add 2 regress commits I applied by hand.
Upstream-Regress-ID: 30c20180c87cbc99fa1020489fe7fd8245b6420c
Upstream-Regress-ID: 1e6b51ddf767cbad0a4e63eb08026c127e654308
2017-04-28 14:41:17 +10:00
Darren Tucker
9504ea6b27 Merge integrity.sh rev 1.22.
Merge missing bits from Colin Watson's patch in bz#2658 which make integrity
tests more robust against timeouts.  ok djm@
2017-04-28 14:33:43 +10:00
Darren Tucker
06ec837a34 Id sync for integrity.sh rev 1.21 which pulls in some shell portability fixes 2017-04-28 14:30:03 +10:00
jsg@openbsd.org
e0194b471e upstream commit
Change COMPILER_VERSION tests which limited additional
warnings to gcc4 to instead skip them on gcc3 as clang can handle
-Wpointer-sign and -Wold-style-definition.

Upstream-Regress-ID: e48d7dc13e48d9334b8195ef884dfbc51316012f
2017-04-28 13:28:49 +10:00
djm@openbsd.org
6830be90e7 upstream commit
include key fingerprint in "Offering public key" debug
message

Upstream-ID: 964749f820c2ed4cf6a866268b1a05e907315c52
2017-04-28 13:26:37 +10:00
millert@openbsd.org
066437187e upstream commit
Avoid relying on implementation-specific behavior when
detecting whether the timestamp or file size overflowed.  If time_t and off_t
are not either 32-bit or 64-bit scp will exit with an error. OK djm@

Upstream-ID: f31caae73ddab6df496b7bbbf7da431e267ad135
2017-04-28 13:26:37 +10:00
dtucker@openbsd.org
68d3a2a059 upstream commit
Add SyslogFacility option to ssh(1) matching the
equivalent option in sshd(8).  bz#2705, patch from erahn at arista.com, ok
djm@

Upstream-ID: d5115c2c0193ceb056ed857813b2a7222abda9ed
2017-04-28 13:26:36 +10:00
jsg@openbsd.org
e13aad66e7 upstream commit
remove a static array unused since rev 1.306 spotted by
clang ok djm@

Upstream-ID: 249b3eed2446f6074ba2219ccc46919dd235a7b8
2017-04-28 13:26:36 +10:00
millert@openbsd.org
91bd218186 upstream commit
Avoid potential signed int overflow when parsing the file
size. Use strtoul() instead of parsing manually.  OK djm@

Upstream-ID: 1f82640861c7d905bbb05e7d935d46b0419ced02
2017-04-28 13:26:36 +10:00
Darren Tucker
17a54a03f5 Fix typo in "socketcall".
Pointed out by jjelen at redhat.com.
2017-04-25 08:32:27 +10:00
Darren Tucker
8b0eee148f Deny socketcall in seccomp filter on ppc64le.
OpenSSL is using socket() calls (in FIPS mode) when handling ECDSA keys
in privsep child. The socket() syscall is already denied in the seccomp
filter, but in ppc64le kernel, it is implemented using socketcall()
syscall, which is not denied yet (only SYS_SHUTDOWN is allowed) and
therefore fails hard.

Patch from jjelen at redhat.com.
2017-04-24 19:40:31 +10:00
schwarze@openbsd.org
f8500b2be5 upstream commit
Recognize nl_langinfo(CODESET) return values "646" and ""
as aliases for "US-ASCII", useful for different versions of NetBSD and
Solaris. Found by dtucker@ and by Tom G. Christensen <tgc at jupiterrise dot
com>. OK dtucker@ deraadt@

Upstream-ID: 38c2133817cbcae75c88c63599ac54228f0fa384
2017-04-18 10:17:46 +10:00
jsg@openbsd.org
7480dfedf8 upstream commit
Change COMPILER_VERSION tests which limited additional
warnings to gcc4 to instead skip them on gcc3 as clang can handle
-Wpointer-sign and -Wold-style-definition.

Upstream-ID: 5cbe348aa76dc1adf55be6c0e388fafaa945439a
2017-04-18 10:16:50 +10:00