]>
git.ipfire.org Git - thirdparty/openssh-portable.git/log
djm@openbsd.org [Tue, 22 Jan 2019 12:00:50 +0000 (12:00 +0000)]
upstream: Support keys that set the CKA_ALWAYS_AUTHENTICATE by
requring a fresh login after the C_SignInit operation.
based on patch from Jakub Jelen in bz#2638; ok markus
OpenBSD-Commit-ID:
a76e66996ba7c0923b46b74d46d499b811786661
djm@openbsd.org [Tue, 22 Jan 2019 11:51:25 +0000 (11:51 +0000)]
upstream: Mention that configuration for the destination host is
not applied to any ProxyJump/-J hosts. This has confused a few people...
OpenBSD-Commit-ID:
03f4f641df6ca236c1bfc69836a256b873db868b
djm@openbsd.org [Tue, 22 Jan 2019 11:40:42 +0000 (11:40 +0000)]
upstream: Include -m in the synopsis for a few more commands that
support it
Be more explicit in the description of -m about where it may be used
Prompted by Jakub Jelen in bz2904
OpenBSD-Commit-ID:
3b398ac5e05d8a6356710d0ff114536c9d71046c
djm@openbsd.org [Tue, 22 Jan 2019 11:26:16 +0000 (11:26 +0000)]
upstream: print the full pubkey being attempted at loglevel >=
debug2; bz2939
OpenBSD-Commit-ID:
ac0fe5ca1429ebf4d460bad602adc96de0d7e290
djm@openbsd.org [Tue, 22 Jan 2019 11:19:42 +0000 (11:19 +0000)]
upstream: clarify: ssh-keygen -e only writes public keys, never
private
OpenBSD-Commit-ID:
7de7ff6d274d82febf9feb641e2415ffd6a30bfb
djm@openbsd.org [Tue, 22 Jan 2019 11:00:15 +0000 (11:00 +0000)]
upstream: mention the new vs. old key formats in the introduction
and give some hints on how keys may be converted or written in the old
format.
OpenBSD-Commit-ID:
9c90a9f92eddc249e07fad1204d0e15c8aa13823
jmc@openbsd.org [Tue, 22 Jan 2019 06:58:31 +0000 (06:58 +0000)]
upstream: tweak previous;
OpenBSD-Commit-ID:
d2a80e389da8e7ed71978643d8cbaa8605b597a8
tb@openbsd.org [Mon, 21 Jan 2019 23:55:12 +0000 (23:55 +0000)]
upstream: Forgot to add -J to the synopsis.
OpenBSD-Commit-ID:
26d95e409a0b72526526fc56ca1caca5cc3d3c5e
tb@openbsd.org [Mon, 21 Jan 2019 22:50:42 +0000 (22:50 +0000)]
upstream: Add a -J option as a shortcut for -o Proxyjump= to scp(1)
and sftp(1) to match ssh(1)'s interface.
ok djm
OpenBSD-Commit-ID:
a75bc2d5f329caa7229a7e9fe346c4f41c2663fc
Darren Tucker [Tue, 22 Jan 2019 09:38:40 +0000 (20:38 +1100)]
Allow building against OpenSSL dev (3.x) version.
Damien Miller [Mon, 21 Jan 2019 23:50:40 +0000 (10:50 +1100)]
typo
Damien Miller [Mon, 21 Jan 2019 23:49:52 +0000 (10:49 +1100)]
add missing header
djm@openbsd.org [Mon, 21 Jan 2019 22:18:24 +0000 (22:18 +0000)]
upstream: switch sntrup implementation source from supercop to
libpqcrypto; the latter is almost identical but doesn't rely on signed
underflow to implement an optimised integer sort; from markus@
OpenBSD-Commit-ID:
cd09bbf0e0fcef1bedca69fdf7990dc360567cf8
Damien Miller [Mon, 21 Jan 2019 13:02:23 +0000 (00:02 +1100)]
new files need includes.h
djm@openbsd.org [Mon, 21 Jan 2019 12:53:35 +0000 (12:53 +0000)]
upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up
debug verbosity.
Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run
in debug mode ("ssh-agent -d"), so we get to see errors from the
PKCS#11 code.
ok markus@
OpenBSD-Commit-ID:
0a798643c6a92a508df6bd121253ba1c8bee659d
djm@openbsd.org [Mon, 21 Jan 2019 12:50:12 +0000 (12:50 +0000)]
upstream: adapt to changes in KEX APIs and file removals
OpenBSD-Regress-ID:
54d6857e7c58999c7a6d40942ab0fed3529f43ca
djm@openbsd.org [Mon, 21 Jan 2019 12:35:20 +0000 (12:35 +0000)]
upstream: adapt to changes in KEX API and file removals
OpenBSD-Regress-ID:
92cad022d3b0d11e08f3e0055d6a14b8f994c0d7
djm@openbsd.org [Mon, 21 Jan 2019 12:29:35 +0000 (12:29 +0000)]
upstream: adapt to bignum1 API removal and bignum2 API change
OpenBSD-Regress-ID:
cea6ff270f3d560de86b355a87a2c95b55a5ca63
djm@openbsd.org [Mon, 21 Jan 2019 09:13:41 +0000 (09:13 +0000)]
upstream: remove hack to use non-system libcrypto
OpenBSD-Regress-ID:
ce72487327eee4dfae1ab0212a1f33871fe0809f
Damien Miller [Mon, 21 Jan 2019 12:14:04 +0000 (23:14 +1100)]
depend
djm@openbsd.org [Mon, 21 Jan 2019 12:08:13 +0000 (12:08 +0000)]
upstream: fix reversed arguments to kex_load_hostkey(); manifested as
errors in cert-hostkey.sh regress failures.
OpenBSD-Commit-ID:
12dab63850b844f84d5a67e86d9e21a42fba93ba
djm@openbsd.org [Mon, 21 Jan 2019 11:22:00 +0000 (11:22 +0000)]
upstream: forgot to cvs add this file in previous series of commits;
grrr
OpenBSD-Commit-ID:
bcff316c3e7da8fd15333e05d244442c3aaa66b0
djm@openbsd.org [Mon, 21 Jan 2019 10:44:21 +0000 (10:44 +0000)]
upstream: nothing shall escape this purge
OpenBSD-Commit-ID:
4795b0ff142b45448f7e15f3c2f77a947191b217
djm@openbsd.org [Mon, 21 Jan 2019 10:40:11 +0000 (10:40 +0000)]
upstream: rename kex->kem_client_pub -> kex->client_pub now that
KEM has been renamed to kexgen
from markus@ ok djm@
OpenBSD-Commit-ID:
fac6da5dc63530ad0da537db022a9a4cfbe8bed8
djm@openbsd.org [Mon, 21 Jan 2019 10:38:54 +0000 (10:38 +0000)]
upstream: merge kexkem[cs] into kexgen
from markus@ ok djm@
OpenBSD-Commit-ID:
87d886b7f1812ff9355fda1435f6ea9b71a0ac89
djm@openbsd.org [Mon, 21 Jan 2019 10:35:09 +0000 (10:35 +0000)]
upstream: pass values used in KEX hash computation as sshbuf
rather than pointer+len
suggested by me; implemented by markus@ ok me
OpenBSD-Commit-ID:
994f33c464f4a9e0f1d21909fa3e379f5a0910f0
djm@openbsd.org [Mon, 21 Jan 2019 10:33:49 +0000 (10:33 +0000)]
upstream: remove kex_derive_keys_bn wrapper; no unused since the
DH-like KEX methods have moved to KEM
from markus@ ok djm@
OpenBSD-Commit-ID:
bde9809103832f349545e4f5bb733d316db9a060
djm@openbsd.org [Mon, 21 Jan 2019 10:29:56 +0000 (10:29 +0000)]
upstream: use KEM API for vanilla ECDH
from markus@ ok djm@
OpenBSD-Commit-ID:
6fbff96339a929835536b5730585d1d6057a352c
Damien Miller [Mon, 21 Jan 2019 12:11:21 +0000 (23:11 +1100)]
fixup missing ssherr.h
djm@openbsd.org [Mon, 21 Jan 2019 10:28:01 +0000 (10:28 +0000)]
upstream: use KEM API for vanilla DH KEX
from markus@ ok djm@
OpenBSD-Commit-ID:
af56466426b08a8be275412ae2743319e3d277c9
djm@openbsd.org [Mon, 21 Jan 2019 10:24:09 +0000 (10:24 +0000)]
upstream: use KEM API for vanilla c25519 KEX
OpenBSD-Commit-ID:
38d937b85ff770886379dd66a8f32ab0c1c35c1f
djm@openbsd.org [Mon, 21 Jan 2019 10:20:12 +0000 (10:20 +0000)]
upstream: Add support for a PQC KEX/KEM:
sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime
4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not
enabled by default.
introduce KEM API; a simplified framework for DH-ish KEX methods.
from markus@ feedback & ok djm@
OpenBSD-Commit-ID:
d687f76cffd3561dd73eb302d17a1c3bf321d1a7
djm@openbsd.org [Mon, 21 Jan 2019 10:07:22 +0000 (10:07 +0000)]
upstream: factor out kex_verify_hostkey() - again, duplicated
almost exactly across client and server for several KEX methods.
from markus@ ok djm@
OpenBSD-Commit-ID:
4e4a16d949dadde002a0aacf6d280a684e20829c
djm@openbsd.org [Mon, 21 Jan 2019 10:05:09 +0000 (10:05 +0000)]
upstream: factor out kex_load_hostkey() - this is duplicated in
both the client and server implementations for most KEX methods.
from markus@ ok djm@
OpenBSD-Commit-ID:
8232fa7c21fbfbcaf838313b0c166dc6c8762f3c
djm@openbsd.org [Mon, 21 Jan 2019 10:03:37 +0000 (10:03 +0000)]
upstream: factor out kex_dh_compute_key() - it's shared between
plain DH KEX and DH GEX in both the client and server implementations
from markus@ ok djm@
OpenBSD-Commit-ID:
12186e18791fffcd4642c82e7e0cfdd7ea37e2ec
djm@openbsd.org [Mon, 21 Jan 2019 10:00:23 +0000 (10:00 +0000)]
upstream: factor out DH keygen; it's identical between the client
and the server
from markus@ ok djm@
OpenBSD-Commit-ID:
2be57f6a0d44f1ab2c8de2b1b5d6f530c387fae9
djm@openbsd.org [Mon, 21 Jan 2019 09:55:52 +0000 (09:55 +0000)]
upstream: save the derived session id in kex_derive_keys() rather
than making each kex method implementation do it.
from markus@ ok djm@
OpenBSD-Commit-ID:
d61ade9c8d1e13f665f8663c552abff8c8a30673
djm@openbsd.org [Mon, 21 Jan 2019 09:54:11 +0000 (09:54 +0000)]
upstream: Make sshpkt_get_bignum2() allocate the bignum it is
parsing rather than make the caller do it. Saves a lot of boilerplate code.
from markus@ ok djm@
OpenBSD-Commit-ID:
576bf784f9a240f5a1401f7005364e59aed3bce9
djm@openbsd.org [Mon, 21 Jan 2019 09:52:25 +0000 (09:52 +0000)]
upstream: remove obsolete (SSH v.1) sshbuf_get/put_bignum1
functions
from markus@ ok djm@
OpenBSD-Commit-ID:
0380b1b2d9de063de3c5a097481a622e6a04943e
djm@openbsd.org [Mon, 21 Jan 2019 09:49:37 +0000 (09:49 +0000)]
upstream: fix all-zero check in kexc25519_shared_key
from markus@ ok djm@
OpenBSD-Commit-ID:
60b1d364e0d9d34d1d1ef1620cb92e36cf06712d
jmc@openbsd.org [Mon, 21 Jan 2019 07:09:10 +0000 (07:09 +0000)]
upstream: - -T was added to the first synopsis by mistake - since
"..." denotes optional, no need to surround it in []
ok djm
OpenBSD-Commit-ID:
918f6d8eed4e0d8d9ef5eadae1b8983d796f0e25
Darren Tucker [Mon, 21 Jan 2019 10:28:27 +0000 (21:28 +1100)]
Make --with-rpath take a flag instead of yes/no.
Damien Miller [Mon, 21 Jan 2019 04:05:43 +0000 (15:05 +1100)]
fix previous test
Darren Tucker [Mon, 21 Jan 2019 02:50:17 +0000 (13:50 +1100)]
Wrap ECC static globals in EC_KEY_METHOD_NEW too.
Damien Miller [Mon, 21 Jan 2019 01:53:40 +0000 (12:53 +1100)]
pass TEST_SSH_SSHPKCS11HELPER to regress tests
Damien Miller [Mon, 21 Jan 2019 01:31:29 +0000 (12:31 +1100)]
make agent-pkcs11 search harder for softhsm2.so
djm@openbsd.org [Mon, 21 Jan 2019 02:05:38 +0000 (02:05 +0000)]
upstream: always print the caller's error message in ossl_error(),
even when there are no libcrypto errors to report.
OpenBSD-Commit-ID:
09ebaa8f706e0eccedd209775baa1eee2ada806a
djm@openbsd.org [Mon, 21 Jan 2019 02:01:03 +0000 (02:01 +0000)]
upstream: get the ex_data (pkcs11_key object) back from the keys at
the index at which it was inserted, rather than assuming index 0
OpenBSD-Commit-ID:
1f3a6ce0346c8014e895e50423bef16401510aa8
djm@openbsd.org [Mon, 21 Jan 2019 01:05:00 +0000 (01:05 +0000)]
upstream: GSSAPI code got missed when converting to new packet API
OpenBSD-Commit-ID:
37e4f06ab4a0f4214430ff462ba91acba28b7851
Damien Miller [Mon, 21 Jan 2019 00:57:21 +0000 (11:57 +1100)]
Fix -Wunused when compiling PKCS#11 without ECDSA
djm@openbsd.org [Sun, 20 Jan 2019 23:26:44 +0000 (23:26 +0000)]
upstream: allow override of ssh-pkcs11-helper binary via
$TEST_SSH_SSHPKCS11HELPER from markus@
OpenBSD-Regress-ID:
7382a3d76746f5a792d106912a5819fd5e49e469
djm@openbsd.org [Sun, 20 Jan 2019 23:25:25 +0000 (23:25 +0000)]
upstream: adapt agent-pkcs11.sh test to softhsm2 and add support
for ECDSA keys
work by markus@, ok djm@
OpenBSD-Regress-ID:
1ebc2be0e88eff1b6d8be2f9c00cdc60723509fe
djm@openbsd.org [Sun, 20 Jan 2019 23:24:19 +0000 (23:24 +0000)]
upstream: add "extra:" target to run some extra tests that are not
enabled by default (currently includes agent-pkcs11.sh); from markus@
OpenBSD-Regress-ID:
9a969e1adcd117fea174d368dcb9c61eb50a2a3c
djm@openbsd.org [Mon, 21 Jan 2019 00:47:34 +0000 (00:47 +0000)]
upstream: use ECDSA_SIG_set0() instead of poking signature values into
structure directly; the latter works on LibreSSL but not on OpenSSL. From
portable.
OpenBSD-Commit-ID:
5b22a1919d9cee907d3f8a029167f70a481891c6
Damien Miller [Mon, 21 Jan 2019 00:44:19 +0000 (11:44 +1100)]
remove HAVE_DLOPEN that snuck in
Damien Miller [Mon, 21 Jan 2019 00:32:28 +0000 (11:32 +1100)]
conditionalise ECDSA PKCS#11 support
djm@openbsd.org [Sun, 20 Jan 2019 23:12:35 +0000 (23:12 +0000)]
upstream: we use singleton pkcs#11 RSA_METHOD and EC_KEY_METHOD
now, so there is no need to keep a copy of each in the pkcs11_key object.
work by markus@, ok djm@
OpenBSD-Commit-ID:
43b4856516e45c0595f17a8e95b2daee05f12faa
djm@openbsd.org [Sun, 20 Jan 2019 23:11:11 +0000 (23:11 +0000)]
upstream: KNF previous; from markus@
OpenBSD-Commit-ID:
3dfe35e25b310c3968b1e4e53a0cb1d03bda5395
djm@openbsd.org [Sun, 20 Jan 2019 23:10:33 +0000 (23:10 +0000)]
upstream: use OpenSSL's RSA reference counting hooks to
implicitly clean up pkcs11_key objects when their owning RSA object's
reference count drops to zero. Simplifies the cleanup path and makes it more
like ECDSA's
work by markus@, ok djm@
OpenBSD-Commit-ID:
74b9c98f405cd78f7148e9e4a4982336cd3df25c
djm@openbsd.org [Sun, 20 Jan 2019 23:08:24 +0000 (23:08 +0000)]
upstream: make the PKCS#11 RSA code more like the new PKCS#11
ECDSA code: use a single custom RSA_METHOD instead of a method per key
suggested by me, but markus@ did all the work.
ok djm@
OpenBSD-Commit-ID:
8aafcebe923dc742fc5537a995cee549d07e4b2e
djm@openbsd.org [Sun, 20 Jan 2019 23:05:52 +0000 (23:05 +0000)]
upstream: fix leak of ECDSA pkcs11_key objects
work by markus, ok djm@
OpenBSD-Commit-ID:
9fc0c4f1d640aaa5f19b8d70f37ea19b8ad284a1
djm@openbsd.org [Sun, 20 Jan 2019 23:03:26 +0000 (23:03 +0000)]
upstream: use EVP_PKEY_get0_EC_KEY() instead of direct access of
EC_KEY internals as that won't work on OpenSSL
work by markus@, feedback and ok djm@
OpenBSD-Commit-ID:
4a99cdb89fbd6f5155ef8c521c99dc66e2612700
djm@openbsd.org [Sun, 20 Jan 2019 23:01:59 +0000 (23:01 +0000)]
upstream: cleanup PKCS#11 ECDSA pubkey loading: the returned
object should never have a DER header
work by markus; feedback and ok djm@
OpenBSD-Commit-ID:
b617fa585eddbbf0b1245b58b7a3c4b8d613db17
djm@openbsd.org [Sun, 20 Jan 2019 23:00:12 +0000 (23:00 +0000)]
upstream: cleanup unnecessary code in ECDSA pkcs#11 signature
work by markus@, feedback and ok djm@
OpenBSD-Commit-ID:
affa5ca7d58d59fbd16169f77771dcdbd2b0306d
djm@openbsd.org [Sun, 20 Jan 2019 22:57:45 +0000 (22:57 +0000)]
upstream: cleanup pkcs#11 client code: use sshkey_new in instead
of stack- allocating a sshkey
work by markus@, ok djm@
OpenBSD-Commit-ID:
a048eb6ec8aa7fa97330af927022c0da77521f91
djm@openbsd.org [Sun, 20 Jan 2019 22:54:30 +0000 (22:54 +0000)]
upstream: allow override of the pkcs#11 helper binary via
$SSH_PKCS11_HELPER; needed for regress tests.
work by markus@, ok me
OpenBSD-Commit-ID:
f78d8185500bd7c37aeaf7bd27336db62f0f7a83
djm@openbsd.org [Sun, 20 Jan 2019 22:51:37 +0000 (22:51 +0000)]
upstream: add support for ECDSA keys in PKCS#11 tokens
Work by markus@ and Pedro Martelletto, feedback and ok me@
OpenBSD-Commit-ID:
a37d651e221341376636056512bddfc16efb4424
djm@openbsd.org [Sun, 20 Jan 2019 22:03:29 +0000 (22:03 +0000)]
upstream: add option to test whether keys in an agent are usable,
by performing a signature and a verification using each key "ssh-add -T
pubkey [...]"
work by markus@, ok djm@
OpenBSD-Commit-ID:
931b888a600b6a883f65375bd5f73a4776c6d19b
tb@openbsd.org [Sun, 20 Jan 2019 02:01:59 +0000 (02:01 +0000)]
upstream: Fix BN_is_prime_* calls in SSH, the API returns -1 on
error.
Found thanks to BoringSSL's commit
53409ee3d7595ed37da472bc73b010cd2c8a5ffd
by David Benjamin.
ok djm, dtucker
OpenBSD-Commit-ID:
1ee832be3c44b1337f76b8562ec6d203f3b072f8
dtucker@openbsd.org [Sun, 20 Jan 2019 01:12:40 +0000 (01:12 +0000)]
upstream: DH-GEX min value is now specified in RFC8270. ok djm@
OpenBSD-Commit-ID:
1229d0feb1d0ecefe05bf67a17578b263e991acc
Darren Tucker [Sun, 20 Jan 2019 22:22:36 +0000 (09:22 +1100)]
Check for cc before gcc.
Damien Miller [Sun, 20 Jan 2019 03:55:27 +0000 (14:55 +1100)]
last bits of old packet API / active_state global
Damien Miller [Sat, 19 Jan 2019 23:22:18 +0000 (10:22 +1100)]
remove PAM dependencies on old packet API
Damien Miller [Sat, 19 Jan 2019 22:58:45 +0000 (09:58 +1100)]
remove vestiges of old packet API from loginrec.c
Damien Miller [Sat, 19 Jan 2019 22:45:38 +0000 (09:45 +1100)]
depend
djm@openbsd.org [Sat, 19 Jan 2019 22:30:52 +0000 (22:30 +0000)]
upstream: fix error in refactor: use ssh_packet_disconnect() instead of
sshpkt_error(). The first one logs the error and exits (what we want) instead
of just logging and blundering on.
OpenBSD-Commit-ID:
39f51b43641dce9ce0f408ea6c0e6e077e2e91ae
djm@openbsd.org [Sat, 19 Jan 2019 21:45:31 +0000 (21:45 +0000)]
upstream: remove last traces of old packet API!
with & ok markus@
OpenBSD-Commit-ID:
9bd10437026423eb8245636ad34797a20fbafd7d
djm@openbsd.org [Sat, 19 Jan 2019 21:43:56 +0000 (21:43 +0000)]
upstream: remove last references to active_state
with & ok markus@
OpenBSD-Commit-ID:
78619a50ea7e4ca2f3b54d4658b3227277490ba2
djm@openbsd.org [Sat, 19 Jan 2019 21:43:07 +0000 (21:43 +0000)]
upstream: convert monitor.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
61ecd154bd9804461a0cf5f495a29d919e0014d5
djm@openbsd.org [Sat, 19 Jan 2019 21:42:30 +0000 (21:42 +0000)]
upstream: convert sshd.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
ea569d3eaf9b5cf1bad52779fbfa5fa0b28af891
djm@openbsd.org [Sat, 19 Jan 2019 21:41:53 +0000 (21:41 +0000)]
upstream: convert session.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
fae817207e23099ddd248960c984f7b7f26ea68e
djm@openbsd.org [Sat, 19 Jan 2019 21:41:18 +0000 (21:41 +0000)]
upstream: convert auth.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
7e10359f614ff522b52a3f05eec576257794e8e4
djm@openbsd.org [Sat, 19 Jan 2019 21:40:48 +0000 (21:40 +0000)]
upstream: convert serverloop.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
c92dd19b55457541478f95c0d6b318426d86d885
djm@openbsd.org [Sat, 19 Jan 2019 21:40:21 +0000 (21:40 +0000)]
upstream: convert the remainder of sshconnect2.c to new packet
API
with & ok markus@
OpenBSD-Commit-ID:
0986d324f2ceb5e8a12ac21c1bb10b3b4b1e0f71
djm@openbsd.org [Sat, 19 Jan 2019 21:39:12 +0000 (21:39 +0000)]
upstream: convert the remainder of clientloop.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
ce2fbbacb86a290f31da1e7bf04cddf2bdae3d1e
Damien Miller [Sat, 19 Jan 2019 22:44:53 +0000 (09:44 +1100)]
upstream: convert auth2.c to new packet API
OpenBSD-Commit-ID:
ed831bb95ad228c6791bc18b60ce7a2edef2c999
djm@openbsd.org [Sat, 19 Jan 2019 21:37:48 +0000 (21:37 +0000)]
upstream: convert servconf.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
126553aecca302c9e02fd77e333b9cb217e623b4
djm@openbsd.org [Sat, 19 Jan 2019 21:37:13 +0000 (21:37 +0000)]
upstream: convert channels.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
0b8279b56113cbd4011fc91315c0796b63dc862c
djm@openbsd.org [Sat, 19 Jan 2019 21:36:38 +0000 (21:36 +0000)]
upstream: convert sshconnect.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
222337cf6c96c347f1022d976fac74b4257c061f
djm@openbsd.org [Sat, 19 Jan 2019 21:36:06 +0000 (21:36 +0000)]
upstream: convert ssh.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
eb146878b24e85c2a09ee171afa6797c166a2e21
djm@openbsd.org [Sat, 19 Jan 2019 21:35:25 +0000 (21:35 +0000)]
upstream: convert mux.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
4e3893937bae66416e984b282d8f0f800aafd802
djm@openbsd.org [Sat, 19 Jan 2019 21:34:45 +0000 (21:34 +0000)]
upstream: convert sshconnect2.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
1cb869e0d6e03539f943235641ea070cae2ebc58
djm@openbsd.org [Sat, 19 Jan 2019 21:33:57 +0000 (21:33 +0000)]
upstream: convert clientloop.c to new packet API
with & ok markus@
OpenBSD-Commit-ID:
497b36500191f452a22abf283aa8d4a9abaee7fa
djm@openbsd.org [Sat, 19 Jan 2019 21:33:13 +0000 (21:33 +0000)]
upstream: allow sshpkt_fatal() to take a varargs format; we'll
use this to give packet-related fatal error messages more context (esp. the
remote endpoint) ok markus@
OpenBSD-Commit-ID:
de57211f9543426b515a8a10a4f481666b2b2a50
djm@openbsd.org [Sat, 19 Jan 2019 21:31:32 +0000 (21:31 +0000)]
upstream: begin landing remaining refactoring of packet parsing
API, started almost exactly six years ago.
This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.
with & ok markus@
OpenBSD-Commit-ID:
93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
tb@openbsd.org [Sat, 19 Jan 2019 04:15:56 +0000 (04:15 +0000)]
upstream: Print an \r in front of the password prompt so parts of
a password that was entered too early are likely clobbered by the prompt.
Idea from doas.
from and ok djm
"i like it" deraadt
OpenBSD-Commit-ID:
5fb97c68df6d8b09ab37f77bca1d84d799c4084e
Darren Tucker [Fri, 18 Jan 2019 00:09:01 +0000 (11:09 +1100)]
Add minimal fchownat and fchmodat implementations.
Darren Tucker [Thu, 17 Jan 2019 23:11:42 +0000 (12:11 +1300)]
Add a minimal implementation of utimensat().
djm@openbsd.org [Tue, 1 Jan 2019 22:20:16 +0000 (22:20 +0000)]
upstream: regress bits for banner processing refactor (this test was
depending on ssh returning a particular error message for banner parsing
failure)
reminded by bluhm@
OpenBSD-Regress-ID:
f24fc303d40931157431df589b386abf5e1be575
djm@openbsd.org [Thu, 17 Jan 2019 04:45:09 +0000 (04:45 +0000)]
upstream: tun_fwd_ifnames variable should b
=?UTF-8?q?e=20extern;=20from=20Hanno=20B=C3=B6ck?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenBSD-Commit-ID:
d53dede6e521161bf04d39d09947db6253a38271
projects / thirdparty / openssh-portable.git / log
