]>
git.ipfire.org Git - thirdparty/openssh-portable.git/log
djm@openbsd.org [Fri, 17 Apr 2020 03:34:42 +0000 (03:34 +0000)]
upstream: mention that /etc/hosts.equiv and /etc/shosts.equiv are
not considered for HostbasedAuthentication when the target user is root;
bz3148
OpenBSD-Commit-ID:
fe4c1256929e53f23af17068fbef47852f4bd752
djm@openbsd.org [Fri, 17 Apr 2020 03:30:05 +0000 (03:30 +0000)]
upstream: make IgnoreRhosts a tri-state option: "yes" ignore
rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow
.shosts files but not .rhosts. ok dtucker@
OpenBSD-Commit-ID:
d08d6930ed06377a80cf53923c1955e9589342e9
djm@openbsd.org [Fri, 17 Apr 2020 03:23:13 +0000 (03:23 +0000)]
upstream: allow the IgnoreRhosts directive to appear anywhere in a
sshd_config, not just before any Match blocks; bz3148, ok dtucker@
OpenBSD-Commit-ID:
e042467d703bce640b1f42c5d1a62bf3825736e8
jmc@openbsd.org [Sat, 11 Apr 2020 20:20:09 +0000 (20:20 +0000)]
upstream: add space between macro arg and punctuation;
OpenBSD-Commit-ID:
e579e4d95eef13059c30931ea1f09ed8296b819c
Darren Tucker [Wed, 15 Apr 2020 00:58:02 +0000 (10:58 +1000)]
Add sys/syscall.h for syscall numbers.
djm@openbsd.org [Sat, 11 Apr 2020 10:16:11 +0000 (10:16 +0000)]
upstream: Refactor private key parsing. Eliminates a fair bit of
duplicated code and fixes oss-fuzz#20074 (NULL deref) caused by a missing key
type check in the ECDSA_CERT parsing path.
feedback and ok markus@
OpenBSD-Commit-ID:
4711981d88afb7196d228f7baad9be1d3b20f9c9
dtucker@openbsd.org [Fri, 10 Apr 2020 00:54:03 +0000 (00:54 +0000)]
upstream: Add tests for TOKEN expansion of LocalForward and
RemoteForward.
OpenBSD-Regress-ID:
90fcbc60d510eb114a2b6eaf4a06ff87ecd80a89
dtucker@openbsd.org [Mon, 6 Apr 2020 09:43:55 +0000 (09:43 +0000)]
upstream: Add utf8.c for asmprintf used by krl.c
OpenBSD-Regress-ID:
433708d11165afdb189fe635151d21659dd37a37
dtucker@openbsd.org [Fri, 10 Apr 2020 00:52:07 +0000 (00:52 +0000)]
upstream: Add TOKEN percent expansion to LocalFoward and RemoteForward
when used for Unix domain socket forwarding. Factor out the code for the
config keywords that use the most common subset of TOKENS into its own
function. bz#3014, ok jmc@ (man page bits) djm@
OpenBSD-Commit-ID:
bffc9f7e7b5cf420309a057408bef55171fd0b97
djm@openbsd.org [Wed, 8 Apr 2020 00:10:37 +0000 (00:10 +0000)]
upstream: let sshkey_try_load_public() load public keys from the
unencrypted envelope of private key files if not sidecar public key file is
present.
ok markus@
OpenBSD-Commit-ID:
252a0a580e10b9a6311632530d63b5ac76592040
djm@openbsd.org [Wed, 8 Apr 2020 00:09:24 +0000 (00:09 +0000)]
upstream: simplify sshkey_try_load_public()
ok markus@
OpenBSD-Commit-ID:
05a5d46562aafcd70736c792208b1856064f40ad
djm@openbsd.org [Wed, 8 Apr 2020 00:08:46 +0000 (00:08 +0000)]
upstream: add sshkey_parse_pubkey_from_private_fileblob_type()
Extracts a public key from the unencrypted envelope of a new-style
OpenSSH private key.
ok markus@
OpenBSD-Commit-ID:
44d7ab446e5e8c686aee96d5897b26b3939939aa
djm@openbsd.org [Wed, 8 Apr 2020 00:07:19 +0000 (00:07 +0000)]
upstream: simplify sshkey_parse_private_fileblob_type()
Try new format parser for all key types first, fall back to PEM
parser only for invalid format errors.
ok markus@
OpenBSD-Commit-ID:
0173bbb3a5cface77b0679d4dca0e15eb5600b77
djm@openbsd.org [Wed, 8 Apr 2020 00:05:59 +0000 (00:05 +0000)]
upstream: check private key type against requested key type in
new-style private decoding; ok markus@
OpenBSD-Commit-ID:
04d44b3a34ce12ce5187fb6f6e441a88c8c51662
djm@openbsd.org [Wed, 8 Apr 2020 00:04:32 +0000 (00:04 +0000)]
upstream: check that pubkey in private key envelope matches actual
private key
(this public key is currently unusued)
ok markus@
OpenBSD-Commit-ID:
634a60b5e135d75f48249ccdf042f3555112049c
djm@openbsd.org [Wed, 8 Apr 2020 00:01:52 +0000 (00:01 +0000)]
upstream: refactor private key parsing a little
Split out the base64 decoding and private section decryption steps in
to separate functions. This will make the decryption step easier to fuzz
as well as making it easier to write a "load public key from new-format
private key" function.
ok markus@
OpenBSD-Commit-ID:
7de31d80fb9062aa01901ddf040c286b64ff904e
Darren Tucker [Mon, 6 Apr 2020 10:54:34 +0000 (20:54 +1000)]
Include openssl-compat.h before checking ifdefs.
Damien Miller [Mon, 6 Apr 2020 00:04:56 +0000 (10:04 +1000)]
fix inverted test for LibreSSL version
dtucker@openbsd.org [Sat, 4 Apr 2020 23:04:41 +0000 (23:04 +0000)]
upstream: Indicate if we're using a cached key in trace output.
OpenBSD-Regress-ID:
409a7b0e59d1272890fda507651c0c3d2d3c0d89
Darren Tucker [Sat, 4 Apr 2020 22:43:57 +0000 (08:43 +1000)]
Use /usr/bin/xp4g/id if necessary.
dtucker@openbsd.org [Sat, 4 Apr 2020 22:14:26 +0000 (22:14 +0000)]
upstream: Some platforms don't have "hostname -s", so use cut to trim
short hostname instead.
OpenBSD-Regress-ID:
ebcf36a6fdf287c9336b0d4f6fc9f793c05307a7
dtucker@openbsd.org [Fri, 3 Apr 2020 07:53:10 +0000 (07:53 +0000)]
upstream: Compute hash locally and re-enable %C tests.
OpenBSD-Regress-ID:
94d1366e8105274858b88a1f9ad2e62801e49770
Damien Miller [Fri, 3 Apr 2020 06:25:46 +0000 (17:25 +1100)]
prefer libcrypto chacha20-poly1305 where possible
dtucker@openbsd.org [Fri, 3 Apr 2020 05:43:11 +0000 (05:43 +0000)]
upstream: Temporarily remove tests for '%C' since the hash contains the
local hostname and it doesn't work on any machine except mine... spotted by
djm@
OpenBSD-Regress-ID:
2d4c3585b9fcbbff14f4a5a5fde51dbd0d690401
djm@openbsd.org [Fri, 3 Apr 2020 06:07:57 +0000 (06:07 +0000)]
upstream: r1.522 deleted one too many lines; repair
OpenBSD-Commit-ID:
1af8851fd7a99e4a887b19aa8f4c41a6b3d25477
jmc@openbsd.org [Fri, 3 Apr 2020 05:53:52 +0000 (05:53 +0000)]
upstream: sort -N and add it to usage();
OpenBSD-Commit-ID:
5b00e8db37c2b0a54c7831fed9e5f4db53ada332
djm@openbsd.org [Fri, 3 Apr 2020 05:48:57 +0000 (05:48 +0000)]
upstream: avoid another compiler warning spotted in -portable
OpenBSD-Commit-ID:
1d29c51ac844b287c4c8bcaf04c63c7d9ba3b8c7
djm@openbsd.org [Fri, 3 Apr 2020 04:07:48 +0000 (04:07 +0000)]
upstream: this needs utf8.c too
OpenBSD-Regress-ID:
445040036cec714d28069a20da25553a04a28451
dtucker@openbsd.org [Fri, 3 Apr 2020 03:14:03 +0000 (03:14 +0000)]
upstream: Add percent_expand test for 'Match Exec'.
OpenBSD-Regress-ID:
a41c14fd6a0b54d66aa1e9eebfb9ec962b41232f
djm@openbsd.org [Fri, 3 Apr 2020 04:43:24 +0000 (04:43 +0000)]
upstream: fix format string (use %llu for uint64, not %lld). spotted by
Darren and his tinderbox tests
OpenBSD-Commit-ID:
3b4587c3d9d46a7be9bdf028704201943fba96c2
djm@openbsd.org [Fri, 3 Apr 2020 04:34:15 +0000 (04:34 +0000)]
upstream: Add a flag to re-enable verbose output when in batch
mode; requested in bz3135; ok dtucker
OpenBSD-Commit-ID:
5ad2ed0e6440562ba9c84b666a5bbddc1afe2e2b
djm@openbsd.org [Fri, 3 Apr 2020 04:32:21 +0000 (04:32 +0000)]
upstream: chacha20-poly1305 AEAD using libcrypto EVP_chacha20
Based on patch from Yuriy M. Kaminskiy. ok + lots of assistance along the
way at a2k20 tb@
OpenBSD-Commit-ID:
5e08754c13d31258bae6c5e318cc96219d6b10f0
djm@openbsd.org [Fri, 3 Apr 2020 04:27:03 +0000 (04:27 +0000)]
upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as
part of a larger diff at a2k20
OpenBSD-Commit-ID:
a4609b7263284f95c9417ef60ed7cdbb7bf52cfd
djm@openbsd.org [Fri, 3 Apr 2020 04:06:26 +0000 (04:06 +0000)]
upstream: fix debug statement
OpenBSD-Commit-ID:
42c6edeeda5ce88b51a20d88c93be3729ce6b916
djm@openbsd.org [Fri, 3 Apr 2020 04:03:51 +0000 (04:03 +0000)]
upstream: the tunnel-forwarding vs ExitOnForwardFailure fix that I
committed earlier had an off-by-one. Fix this and add some debugging that
would have made it apparent sooner.
OpenBSD-Commit-ID:
082f8f72b1423bd81bbdad750925b906e5ac6910
dtucker@openbsd.org [Fri, 3 Apr 2020 03:12:11 +0000 (03:12 +0000)]
upstream: %C expansion just added to Match Exec should include
remote user not local user.
OpenBSD-Commit-ID:
80f1d976938f2a55ee350c11d8b796836c8397e2
dtucker@openbsd.org [Fri, 3 Apr 2020 02:33:31 +0000 (02:33 +0000)]
upstream: Add regression test for percent expansions where possible.
OpenBSD-Regress-ID:
7283be8b2733ac1cbefea3048a23d02594485288
djm@openbsd.org [Fri, 3 Apr 2020 02:40:32 +0000 (02:40 +0000)]
upstream: make failures when establishing "Tunnel" forwarding terminate
the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker
OpenBSD-Commit-ID:
ef4b4808de0a419c17579b1081da768625c1d735
dtucker@openbsd.org [Fri, 3 Apr 2020 02:27:12 +0000 (02:27 +0000)]
upstream: Make with config keywords support which
percent_expansions more consistent. - %C is moved into its own function and
added to Match Exec. - move the common (global) options into a macro. This
is ugly but it's the least-ugly way I could come up with. - move
IdentityAgent and ForwardAgent percent expansion to before the config dump
to make it regression-testable. - document all of the above
ok jmc@ for man page bits, "makes things less terrible" djm@ for the rest.
OpenBSD-Commit-ID:
4b65664bd6d8ae2a9afaf1a2438ddd1b614b1d75
djm@openbsd.org [Fri, 3 Apr 2020 02:26:56 +0000 (02:26 +0000)]
upstream: give ssh-keygen the ability to dump the contents of a
binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker
OpenBSD-Commit-ID:
b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
djm@openbsd.org [Fri, 3 Apr 2020 02:25:21 +0000 (02:25 +0000)]
upstream: add allocating variant of the safe utf8 printer; ok
dtucker as part of a larger diff
OpenBSD-Commit-ID:
037e2965bd50eacc2ffb49889ecae41552744fa0
dtucker@openbsd.org [Mon, 16 Mar 2020 02:17:02 +0000 (02:17 +0000)]
upstream: Cast lifetime to u_long for comparison to prevent unsigned
comparison warning on 32bit arches. Spotted by deraadt, ok djm.
OpenBSD-Commit-ID:
7a75b2540bff5ab4fa00b4d595db1df13bb0515a
Darren Tucker [Sat, 14 Mar 2020 09:58:46 +0000 (20:58 +1100)]
Include fido.h when checking for fido/credman.h.
djm@openbsd.org [Fri, 13 Mar 2020 03:18:45 +0000 (03:18 +0000)]
upstream: some more speeling mistakes from
OpenBSD-Regress-ID:
02471c079805471c546b7a69d9ab1d34e9a57443
djm@openbsd.org [Fri, 13 Mar 2020 04:16:27 +0000 (04:16 +0000)]
upstream: improve error messages for some common PKCS#11 C_Login
failure cases; based on patch from Jacob Hoffman-Andrews in bz3130; ok
dtucker
OpenBSD-Commit-ID:
b8b849621b4a98e468942efd0a1c519c12ce089e
djm@openbsd.org [Fri, 13 Mar 2020 04:01:56 +0000 (04:01 +0000)]
upstream: use sshpkt_fatal() for kex_exchange_identification()
errors. This ensures that the logged errors are consistent with other
transport- layer errors and that the relevant IP addresses are logged. bz3129
ok dtucker@
OpenBSD-Commit-ID:
2c22891f0b9e1a6cd46771cedbb26ac96ec2e6ab
dtucker@openbsd.org [Fri, 13 Mar 2020 03:24:49 +0000 (03:24 +0000)]
upstream: Don't clear alarm timers in listening sshd. Previously
these timers were used for regenerating the SSH1 ephemeral host keys but
those are now gone so there's no need to clear the timers either. ok
deraadt@
OpenBSD-Commit-ID:
280d2b885e4a1ce404632e8cc38fcb17be7dafc0
djm@openbsd.org [Fri, 13 Mar 2020 03:17:07 +0000 (03:17 +0000)]
upstream: spelling errors in comments; no code change from
OpenBSD-Commit-ID:
166ea64f6d84f7bac5636dbd38968592cb5eb924
djm@openbsd.org [Fri, 13 Mar 2020 03:12:17 +0000 (03:12 +0000)]
upstream: when downloading FIDO2 resident keys from a token, don't
prompt for a PIN until the token has told us that it needs one. Avoids
double-prompting on devices that implement on-device authentication (e.g. a
touchscreen PIN pad on the Trezor Model T). ok dtucker@
OpenBSD-Commit-ID:
38b78903dd4422d7d3204095a31692fb69130817
Damien Miller [Fri, 13 Mar 2020 03:30:16 +0000 (14:30 +1100)]
sync fnmatch.c with upstream to fix another typo
Damien Miller [Fri, 13 Mar 2020 03:24:23 +0000 (14:24 +1100)]
another spelling error in comment
Damien Miller [Fri, 13 Mar 2020 03:23:07 +0000 (14:23 +1100)]
spelling mistakes
markus@openbsd.org [Fri, 6 Mar 2020 18:29:54 +0000 (18:29 +0000)]
upstream: fix relative includes in sshd_config; ok djm
OpenBSD-Commit-ID:
fa29b0da3c93cbc3a1d4c6bcd58af43c00ffeb5b
markus@openbsd.org [Fri, 6 Mar 2020 18:29:14 +0000 (18:29 +0000)]
upstream: fix use-after-free in do_download_sk; ok djm
OpenBSD-Commit-ID:
96b49623d297797d4fc069f1f09e13c8811f8863
markus@openbsd.org [Fri, 6 Mar 2020 18:28:50 +0000 (18:28 +0000)]
upstream: do not leak oprincipals; ok djm
OpenBSD-Commit-ID:
4691d9387eab36f8fda48f5d8009756ed13a7c4c
markus@openbsd.org [Fri, 6 Mar 2020 18:28:27 +0000 (18:28 +0000)]
upstream: initialize seconds for debug message; ok djm
OpenBSD-Commit-ID:
293fbefe6d00b4812a180ba02e26170e4c855b81
markus@openbsd.org [Fri, 6 Mar 2020 18:27:50 +0000 (18:27 +0000)]
upstream: correct return code; ok djm
OpenBSD-Commit-ID:
319d09e3b7f4b2bc920c67244d9ff6426b744810
markus@openbsd.org [Fri, 6 Mar 2020 18:27:15 +0000 (18:27 +0000)]
upstream: principalsp is optional, pubkey required; ok djm
OpenBSD-Commit-ID:
2cc3ea5018c28ed97edaccd7f17d2cc796f01024
markus@openbsd.org [Fri, 6 Mar 2020 18:26:21 +0000 (18:26 +0000)]
upstream: remove unused variables in ssh-pkcs11-helper; ok djm
OpenBSD-Commit-ID:
13e572846d0d1b28f1251ddd2165e9cf18135ae1
markus@openbsd.org [Fri, 6 Mar 2020 18:25:48 +0000 (18:25 +0000)]
upstream: return correct error in sshsk_ed25519_sig; ok djm
OpenBSD-Commit-ID:
52bf733df220303c260fee4f165ec64b4a977625
markus@openbsd.org [Fri, 6 Mar 2020 18:25:12 +0000 (18:25 +0000)]
upstream: fix possible null-deref in check_key_not_revoked; ok
djm
OpenBSD-Commit-ID:
80855e9d7af42bb6fcc16c074ba69876bfe5e3bf
markus@openbsd.org [Fri, 6 Mar 2020 18:24:39 +0000 (18:24 +0000)]
upstream: ssh_fetch_identitylist() returns the return value from
ssh_request_reply() so we should also check against != 0 ok djm
OpenBSD-Commit-ID:
28d0028769d03e665688c61bb5fd943e18614952
markus@openbsd.org [Fri, 6 Mar 2020 18:23:17 +0000 (18:23 +0000)]
upstream: sshkey_cert_check_authority requires reason to be set;
ok djm
OpenBSD-Commit-ID:
6f7a6f19540ed5749763c2f9530c0897c94aa552
markus@openbsd.org [Fri, 6 Mar 2020 18:21:28 +0000 (18:21 +0000)]
upstream: passphrase depends on kdfname, not ciphername (possible
null-deref); ok djm
OpenBSD-Commit-ID:
0d39668edf5e790b5837df4926ee1141cec5471c
markus@openbsd.org [Fri, 6 Mar 2020 18:20:44 +0000 (18:20 +0000)]
upstream: consistently check packet_timeout_ms against 0; ok djm
OpenBSD-Commit-ID:
e8fb8cb2c96c980f075069302534eaf830929928
markus@openbsd.org [Fri, 6 Mar 2020 18:20:02 +0000 (18:20 +0000)]
upstream: initialize cname in case ai_canonname is NULL or too
long; ok djm
OpenBSD-Commit-ID:
c27984636fdb1035d1642283664193e91aab6e37
markus@openbsd.org [Fri, 6 Mar 2020 18:19:21 +0000 (18:19 +0000)]
upstream: fix uninitialized pointers for forward_cancel; ok djm
OpenBSD-Commit-ID:
612778e6d87ee865d0ba97d0a335f141cee1aa37
markus@openbsd.org [Fri, 6 Mar 2020 18:16:21 +0000 (18:16 +0000)]
upstream: exit on parse failures in input_service_request; ok djm
OpenBSD-Commit-ID:
6a7e1bfded26051d5aa893c030229b1ee6a0d5d2
markus@openbsd.org [Fri, 6 Mar 2020 18:15:38 +0000 (18:15 +0000)]
upstream: fix null-deref on calloc failure; ok djm
OpenBSD-Commit-ID:
a313519579b392076b7831ec022dfdefbec8724a
markus@openbsd.org [Fri, 6 Mar 2020 18:15:04 +0000 (18:15 +0000)]
upstream: exit if ssh_krl_revoke_key_sha256 fails; ok djm
OpenBSD-Commit-ID:
0864ad4fe8bf28ab21fd1df766e0365c11bbc0dc
markus@openbsd.org [Fri, 6 Mar 2020 18:14:13 +0000 (18:14 +0000)]
upstream: pkcs11_register_provider: return < 0 on error; ok djm
OpenBSD-Commit-ID:
cfc8321315b787e4d40da4bdb2cbabd4154b0d97
markus@openbsd.org [Fri, 6 Mar 2020 18:13:29 +0000 (18:13 +0000)]
upstream: sshsig: return correct error, fix null-deref; ok djm
OpenBSD-Commit-ID:
1d1af7cd538b8b23e621cf7ab84f11e7a923edcd
markus@openbsd.org [Fri, 6 Mar 2020 18:12:55 +0000 (18:12 +0000)]
upstream: vasnmprintf allocates str and returns -1; ok djm
OpenBSD-Commit-ID:
dae4c9e83d88471bf3b3f89e3da7a107b44df11c
markus@openbsd.org [Fri, 6 Mar 2020 18:11:10 +0000 (18:11 +0000)]
upstream: sshpkt_fatal() does not return; ok djm
OpenBSD-Commit-ID:
7dfe847e28bd78208eb227b37f29f4a2a0929929
djm@openbsd.org [Fri, 28 Feb 2020 01:07:28 +0000 (01:07 +0000)]
upstream: no-touch-required certificate option should be an
extension, not a critical option.
OpenBSD-Commit-ID:
626b22c5feb7be8a645e4b9a9bef89893b88600d
djm@openbsd.org [Fri, 28 Feb 2020 01:06:05 +0000 (01:06 +0000)]
upstream: better error message when trying to use a FIDO key
function and SecurityKeyProvider is empty
OpenBSD-Commit-ID:
e56602c2ee8c82f835d30e4dc8ee2e4a7896be24
dtucker@openbsd.org [Thu, 27 Feb 2020 02:32:37 +0000 (02:32 +0000)]
upstream: Drop leading space from line count that was confusing
ssh-keygen's screen mode.
OpenBSD-Commit-ID:
3bcae7a754db3fc5ad3cab63dd46774edb35b8ae
jsg@openbsd.org [Wed, 26 Feb 2020 13:40:09 +0000 (13:40 +0000)]
upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.
ok deraadt@ djm@
OpenBSD-Commit-ID:
2660fa334fcc7cd05ec74dd99cb036f9ade6384a
dtucker@openbsd.org [Wed, 26 Feb 2020 11:46:51 +0000 (11:46 +0000)]
upstream: Have sftp reject "-1" in the same way as ssh(1) and
scp(1) do instead of accepting and silently ignoring it since protocol 1
support has been removed. Spotted by shivakumar2696 at gmail.com, ok
deraadt@
OpenBSD-Commit-ID:
b79f95559a1c993214f4ec9ae3c34caa87e9d5de
dtucker@openbsd.org [Wed, 26 Feb 2020 01:31:47 +0000 (01:31 +0000)]
upstream: Remove obsolete XXX comment. ok deraadt@
OpenBSD-Commit-ID:
bc462cc843947feea26a2e21c750b3a7469ff01b
dtucker@openbsd.org [Mon, 24 Feb 2020 04:27:58 +0000 (04:27 +0000)]
upstream: Fix typo. Patch from itoama at live.jp via github PR#173.
OpenBSD-Commit-ID:
5cdaafab38bbdea0d07e24777d00bfe6f972568a
Nico Kadel-Garcia [Sat, 12 Oct 2019 21:51:01 +0000 (17:51 -0400)]
Switch %define to %global for redhat/openssh.spec
mkontani [Thu, 20 Feb 2020 15:54:49 +0000 (00:54 +0900)]
fix some typos and sentence
dtucker@openbsd.org [Fri, 21 Feb 2020 00:04:43 +0000 (00:04 +0000)]
upstream: Fix some typos and an incorrect word in docs. Patch from
itoama at live.jp via github PR#172.
OpenBSD-Commit-ID:
166ee8f93a7201fef431b9001725ab8b269d5874
dtucker@openbsd.org [Thu, 20 Feb 2020 05:58:08 +0000 (05:58 +0000)]
upstream: Update moduli generation script to new ssh-keygen
generation and screening command line flags.
OpenBSD-Commit-ID:
5010ff08f7ad92082e87dde098b20f5c24921a8f
dtucker@openbsd.org [Thu, 20 Feb 2020 05:41:51 +0000 (05:41 +0000)]
upstream: Import regenerated moduli.
OpenBSD-Commit-ID:
7b7b619c1452a459310b0cf4391c5757c6bdbc0f
Darren Tucker [Thu, 20 Feb 2020 05:42:50 +0000 (16:42 +1100)]
Import regenerated moduli.
HARUYAMA Seigo [Fri, 14 Feb 2020 07:14:23 +0000 (16:14 +0900)]
Fix typos in INSTALL: s/avilable/available/ s/suppports/supports/
dtucker@openbsd.org [Tue, 18 Feb 2020 08:58:33 +0000 (08:58 +0000)]
upstream: Ensure that the key lifetime provided fits within the
values allowed by the wire format (u32). Prevents integer wraparound of the
timeout values. bz#3119, ok markus@ djm@
OpenBSD-Commit-ID:
8afe6038b5cdfcf63360788f012a7ad81acc46a2
dtucker@openbsd.org [Tue, 18 Feb 2020 08:49:49 +0000 (08:49 +0000)]
upstream: Detect and prevent simple configuration loops when using
ProxyJump. bz#3057, ok djm@
OpenBSD-Commit-ID:
077d21c564c886c98309d871ed6f8ef267b9f037
naddy@openbsd.org [Sun, 16 Feb 2020 21:15:43 +0000 (21:15 +0000)]
upstream: document -F none; with jmc@
OpenBSD-Commit-ID:
0eb93b75473d2267aae9200e02588e57778c84f2
Darren Tucker [Mon, 17 Feb 2020 11:55:51 +0000 (22:55 +1100)]
Remove unused variable warning.
Darren Tucker [Mon, 17 Feb 2020 11:53:24 +0000 (22:53 +1100)]
Constify aix_krb5_get_principal_name.
Darren Tucker [Mon, 17 Feb 2020 11:51:36 +0000 (22:51 +1100)]
Check if TILDE is already defined and undef.
Darren Tucker [Mon, 17 Feb 2020 11:51:00 +0000 (22:51 +1100)]
Prevent unused variable warning.
Darren Tucker [Mon, 17 Feb 2020 11:48:50 +0000 (22:48 +1100)]
Check if getpeereid is actually declared.
djm@openbsd.org [Fri, 14 Feb 2020 00:39:20 +0000 (00:39 +0000)]
upstream: openssh-8.2
OpenBSD-Commit-ID:
0a1340ff65fad0d84b997ac58dd1b393dec7c19b
Damien Miller [Tue, 11 Feb 2020 22:28:35 +0000 (09:28 +1100)]
crank version numbers
Darren Tucker [Tue, 11 Feb 2020 01:51:24 +0000 (12:51 +1100)]
Minor documentation update:
Darren Tucker [Sun, 9 Feb 2020 00:23:35 +0000 (11:23 +1100)]
Check if UINT32_MAX is defined before redefining.
projects / thirdparty / openssh-portable.git / log
