Users of MD5-hashed password should arrange for ./configure to link
against libxcrypt or similar. Though it would be better to avoid use
of MD5 password hashing entirely, it's arguably worse than DEScrypt.
feedback and ok dtucker@
back the user ID that was used when the key was created and append it to the
filename the key is written to (if it is not the default).
Avoids keys being clobbered if the user created multiple
resident keys with the same application string but different
user IDs.
feedback Pedro Martelletto; ok markus
NB. increments SSH_SK_VERSION_MAJOR
OpenBSD-Commit-ID: dbd658b5950f583106d945641a634bc6562dd3a3
O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers
in the past have passed mode_t (0, 044, 0644, or such), which might lead
future people to copy this broken idiom, and perhaps even believe this
parameter has some meaning or implication or application. Delete them all.
This comes out of a conversation where tb@ noticed that a strange (but
intentional) pledge behaviour is to always knock-out high-bits from mode_t on
a number of system calls as a safety factor, and his bewilderment that this
appeared to be happening against valid modes (at least visually), but no
sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok
millert
OpenBSD-Commit-ID: 503d11633497115688c0c6952686524f01f53121
Prevent mem leaks in the (unlikely) event that getaddrinfo returns
no addresses. ALso, remove an unneeded NULL check in addr_ntop. From
khaleesicodes via github PR#281, ok deraadt@
OpenBSD-Commit-ID: e8a5afc686376637c355c5f7e122dc4b080b9c1a
openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
protocol for copying. Let's get back to testing the SFTP protocol.
OpenBSD-Commit-ID: 9eaa35d95fd547b78b0a043b3f518e135f151f30
We don't use SHA256 from OpenSSL in the sk-dummy module and the
definitions can conflict with system sha2.h (eg on NetBSD) so define
OPENSSL_NO_SHA so we don't attempt to redefine them.
sk-dummy used for the security key test includes both sha2.h and OpenSSL
causing the definitions conflict so disable security key support on this
platform.
appropriate. Saves 1k of static storage and prevents snprintf "possible
truncation" warnings from newer compilers (although in this case it's false
positive since the actual sizes are limited by the output size of the SHA1).
ok djm@
OpenBSD-Commit-ID: e254ae723f7e3dce352c7d5abc4b6d87faf61bf4
This removes several do..while loops but does not change the
indentation of the now-shallower loops, which will be done in a separate
whitespace-only commit to keep changes of style and substance separate.
OpenBSD-Regress-ID: 4bed1a0249df7b4a87c965066ce689e79472a8f7
if SUDO isn't set for the *-command tests. This means running "make tests"
without SUDO set will perform all of the tests that it can instead of
failing on the ones it cannot run.
OpenBSD-Regress-ID: bd4dbbb02f34b2e8c890558ad4a696248def763a
Damien Miller
djm@openbsd.org
deraadt@openbsd.org
Darren Tucker
dtucker@openbsd.org