openssh

mirror of git://anongit.mindrot.org/openssh.git synced 2025-01-19 08:00:59 +00:00

Author	SHA1	Message	Date
djm@openbsd.org	2b3c3c76c3	upstream commit some feedback from markus@: comment hostkeys_foreach() context and avoid a member in it.	2015-01-20 00:20:44 +11:00
djm@openbsd.org	cecb30bc2b	upstream commit make ssh-keygen use hostkeys_foreach(). Removes some horrendous code; ok markus@	2015-01-20 00:20:44 +11:00
djm@openbsd.org	ec3d065df3	upstream commit convert load_hostkeys() (hostkey ordering and known_host matching) to use the new hostkey_foreach() iterator; ok markus	2015-01-20 00:20:44 +11:00
djm@openbsd.org	c29811cc48	upstream commit introduce hostkeys_foreach() to allow iteration over a known_hosts file or controlled subset thereof. This will allow us to pull out some ugly and duplicated code, and will be used to implement hostkey rotation later. feedback and ok markus	2015-01-20 00:20:43 +11:00
deraadt@openbsd.org	f101d8291d	upstream commit string truncation due to sizeof(size) ok djm markus	2015-01-20 00:20:17 +11:00
djm@openbsd.org	35d6022b55	upstream commit avoid trailing ',' in host key algorithms	2015-01-20 00:20:00 +11:00
djm@openbsd.org	7efb455789	upstream commit infer key length correctly when user specified a fully- qualified key name instead of using the -b bits option; ok markus@	2015-01-20 00:19:59 +11:00
djm@openbsd.org	83f8ffa6a5	upstream commit fix hostkeys on ssh agent; found by unit test I'm about to commit	2015-01-20 00:18:45 +11:00
schwarze@openbsd.org	369d61f176	upstream commit garbage collect empty .No macros mandoc warns about	2015-01-20 00:18:44 +11:00
djm@openbsd.org	bb8b442d32	upstream commit regression: incorrect error message on otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@	2015-01-20 00:18:44 +11:00
djm@openbsd.org	9010902954	upstream commit when hostname canonicalisation is enabled, try to parse hostnames as addresses before looking them up for canonicalisation. fixes bz#2074 and avoids needless DNS lookups in some cases; ok markus	2015-01-16 18:24:49 +11:00
deraadt@openbsd.org	2ae4f337b2	upstream commit Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)	2015-01-16 18:24:48 +11:00
markus@openbsd.org	3c4726f4c2	upstream commit remove xmalloc, switch to sshbuf	2015-01-16 18:22:24 +11:00
markus@openbsd.org	e17ac01f8b	upstream commit switch to sshbuf	2015-01-16 18:21:33 +11:00
naddy@openbsd.org	ddef9995a1	upstream commit handle UMAC128 initialization like UMAC; ok djm@ markus@	2015-01-16 18:21:32 +11:00
djm@openbsd.org	f14564c1f7	upstream commit fix regression reported by brad@ for passworded keys without agent present	2015-01-15 22:08:56 +11:00
Damien Miller	45c0fd70bb	make bitmap test compile	2015-01-15 22:08:23 +11:00
djm@openbsd.org	d333f89abf	upstream commit unit tests for KRL bitmap	2015-01-15 21:39:18 +11:00
markus@openbsd.org	7613f828f4	upstream commit re-add comment about full path	2015-01-15 21:39:17 +11:00
markus@openbsd.org	6c43b48b30	upstream commit don't reset to the installed sshd; connect before reconfigure, too	2015-01-15 21:39:17 +11:00
djm@openbsd.org	771bb47a1d	upstream commit implement a SIGINFO handler so we can discern a stuck fuzz test from a merely glacial one; prompted by and ok markus	2015-01-15 21:39:16 +11:00
djm@openbsd.org	cfaa57962f	upstream commit use $SSH instead of installed ssh to allow override; spotted by markus@	2015-01-15 21:39:16 +11:00
djm@openbsd.org	0920553d0a	upstream commit regress test for PubkeyAcceptedKeyTypes; ok markus@	2015-01-15 21:39:15 +11:00
markus@openbsd.org	27ca1a5c00	upstream commit unbreak parsing of pubkey comments; with gerhard; ok djm/deraadt	2015-01-15 21:39:15 +11:00
djm@openbsd.org	55358f0b4e	upstream commit fatal if soft-PKCS11 library is missing rather (rather than continue and fail with a more cryptic error)	2015-01-15 21:39:15 +11:00
djm@openbsd.org	c3554cdd2a	upstream commit let this test all supporte key types; pointed out/ok markus@	2015-01-15 21:39:14 +11:00
djm@openbsd.org	1129dcfc5a	upstream commit sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mostly mechanical, ok markus@	2015-01-15 21:39:14 +11:00
djm@openbsd.org	e4ebf55864	upstream commit remove commented-out test code now that it has moved to a proper unit test	2015-01-15 21:37:34 +11:00
djm@openbsd.org	e81cba066c	upstream commit whitespace	2015-01-15 21:37:34 +11:00
djm@openbsd.org	141efe4954	upstream commit move authfd.c and its tentacles to the new buffer/key API; ok markus@	2015-01-15 21:37:34 +11:00
djm@openbsd.org	0088c57af3	upstream commit fix small regression: ssh-agent would return a success message but an empty signature if asked to sign using an unknown key; ok markus@	2015-01-15 21:37:33 +11:00
Damien Miller	b03ebe2c22	more --without-openssl fix some regressions caused by upstream merges enable KRLs now that they no longer require BIGNUMs	2015-01-15 03:08:58 +11:00
Damien Miller	bc42cc6fe7	kludge around tun API mismatch betterer	2015-01-15 03:08:29 +11:00
Damien Miller	c332110291	some systems lack SO_REUSEPORT	2015-01-15 02:59:51 +11:00
Damien Miller	83b9678a62	fix merge botch	2015-01-15 02:35:50 +11:00
Damien Miller	0cdc5a3eb6	unbreak across API change	2015-01-15 02:35:33 +11:00
Damien Miller	6e2549ac2b	need includes.h for portable OpenSSH	2015-01-15 02:30:18 +11:00
Damien Miller	72ef7c148c	support --without-openssl at configure time Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.	2015-01-15 02:28:36 +11:00
Damien Miller	4f38c61c68	add files missed in last commit	2015-01-15 02:28:00 +11:00
djm@openbsd.org	a165bab605	upstream commit avoid BIGNUM in KRL code by using a simple bitmap; feedback and ok markus	2015-01-15 02:22:18 +11:00
djm@openbsd.org	7d845f4a0b	upstream commit update sftp client and server to new buffer API. pretty much just mechanical changes; with & ok markus	2015-01-15 02:22:18 +11:00
markus@openbsd.org	139ca81866	upstream commit switch to sshbuf/sshkey; with & ok djm@	2015-01-15 02:22:17 +11:00
Damien Miller	81bfbd0bd3	support --without-openssl at configure time Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.	2015-01-14 21:48:18 +11:00
djm@openbsd.org	54924b53af	upstream commit avoid an warning for the !OPENSSL case	2015-01-14 21:46:49 +11:00
markus@openbsd.org	ae8b463217	upstream commit swith auth-options to new sshbuf/sshkey; ok djm@	2015-01-14 21:34:20 +11:00
djm@openbsd.org	540e891191	upstream commit make non-OpenSSL aes-ctr work on sshd w/ privsep; ok markus@	2015-01-14 21:32:55 +11:00
markus@openbsd.org	60c2c4ea5e	upstream commit remove unneeded includes, sync my copyright across files & whitespace; ok djm@	2015-01-14 21:32:54 +11:00
markus@openbsd.org	128343bcdb	upstream commit adapt mac.c to ssherr.h return codes (de-fatal) and simplify dependencies ok djm@	2015-01-14 20:43:11 +11:00
djm@openbsd.org	e7fd952f4e	upstream commit sync changes from libopenssh; prepared by markus@ mostly debug output tweaks, a couple of error return value changes and some other minor stuff	2015-01-14 20:32:42 +11:00
Damien Miller	76c0480a85	add --without-ssh1 option to configure Allows disabling support for SSH protocol 1.	2015-01-13 19:38:18 +11:00

... 4 5 6 7 8 ...

7855 Commits