tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,138 Commits 7 Branches 18 Tags 96 MiB
Commit Graph

7138 Commits

Author SHA1 Message Date
Damien Miller 339a48fe7f - djm@cvs.openbsd.org 2013/12/19 22:57:13 
[poly1305.c poly1305.h]
     use full name for author, with his permission
 2013-12-29 17:46:49 +11:00
Damien Miller 0b36c83148 - djm@cvs.openbsd.org 2013/12/19 01:19:41 
[ssh-agent.c]
     bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent
     that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com;
     ok dtucker
 2013-12-29 17:45:51 +11:00
Damien Miller 4def184e9b - djm@cvs.openbsd.org 2013/12/19 01:04:36 
[channels.c]
     bz#2147: fix multiple remote forwardings with dynamically assigned
     listen ports. In the s->c message to open the channel we were sending
     zero (the magic number to request a dynamic port) instead of the actual
     listen port. The client therefore had no way of discriminating between
     them.

     Diagnosis and fix by ronf AT timeheart.net
 2013-12-29 17:45:26 +11:00
Damien Miller bf25d114e2 - djm@cvs.openbsd.org 2013/12/19 00:27:57 
[auth-options.c]
     simplify freeing of source-address certificate restriction
 2013-12-29 17:44:56 +11:00
Damien Miller bb3dafe702 - dtucker@cvs.openbsd.org 2013/12/19 00:19:12 
[serverloop.c]
     Cast client_alive_interval to u_int64_t before assinging to
     max_time_milliseconds to avoid potential integer overflow in the timeout.
     bz#2170, patch from Loganaden Velvindron, ok djm@
 2013-12-29 17:44:29 +11:00
Damien Miller ef275ead3d - djm@cvs.openbsd.org 2013/12/19 00:10:30 
[ssh-add.c]
     skip requesting smartcard PIN when removing keys from agent; bz#2187
     patch from jay AT slushpupie.com; ok dtucker
 2013-12-29 17:44:07 +11:00
Damien Miller 7d97fd9a1c - (djm) [loginrec.c] Check for username truncation when looking up lastlog 
entries
 2013-12-29 17:40:18 +11:00
Darren Tucker 77244afe3b 20131221 
- (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
 2013-12-21 17:02:39 +11:00
Darren Tucker 53f8e784dc - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item(). 
Patch from Loganaden Velvindron.
 2013-12-19 11:31:44 +11:00
Darren Tucker 1fcec9d4f2 - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions 
greater than 11 either rather than just 11.  Patch from Tomas Kuthan.
 2013-12-19 11:00:12 +11:00
Damien Miller 6674eb9683 - markus@cvs.openbsd.org 2013/12/17 10:36:38 
[crypto_api.h]
     I've assempled the header file by cut&pasting from generated headers
     and the source files.
 2013-12-18 17:50:39 +11:00
Damien Miller d58a596442 - djm@cvs.openbsd.org 2013/12/15 21:42:35 
[cipher-chachapoly.c]
     add some comments and constify a constant
 2013-12-18 17:50:13 +11:00
Damien Miller 059321d19a - pascal@cvs.openbsd.org 2013/12/15 18:17:26 
[ssh-add.c]
     Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page.
     ok markus@
 2013-12-18 17:49:48 +11:00
Damien Miller 155b5a5bf1 - markus@cvs.openbsd.org 2013/12/09 11:08:17 
[crypto_api.h]
     remove unused defines
 2013-12-18 17:48:32 +11:00
Damien Miller 8a56dc2b6b - markus@cvs.openbsd.org 2013/12/09 11:03:45 
[blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
     [ge25519_base.data hash.c sc25519.c sc25519.h verify.c]
     Add Authors for the public domain ed25519/nacl code.
     see also http://nacl.cr.yp.to/features.html
        All of the NaCl software is in the public domain.
     and http://ed25519.cr.yp.to/software.html
        The Ed25519 software is in the public domain.
 2013-12-18 17:48:11 +11:00
Damien Miller 6575c3acf3 - dtucker@cvs.openbsd.org 2013/12/08 09:53:27 
[sshd_config.5]
     Use a literal for the default value of KEXAlgorithms.  ok deraadt jmc
 2013-12-18 17:47:02 +11:00
Damien Miller 8ba0ead698 - naddy@cvs.openbsd.org 2013/12/07 11:58:46 
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
     [ssh_config.5 sshd.8 sshd_config.5]
     add missing mentions of ed25519; ok djm@
 2013-12-18 17:46:27 +11:00
Damien Miller 4f752cf71c - djm@cvs.openbsd.org 2013/12/07 08:08:26 
[ssh-keygen.1]
     document -a and -o wrt new key format
 2013-12-18 17:45:35 +11:00
Damien Miller 6d6fcd14e2 - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh] 
[regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid
   filesystem before running agent-ptrace.sh; ok dtucker
 2013-12-08 15:53:28 +11:00
Damien Miller 7e6e42fb53 - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna 
Vinschen
 2013-12-08 08:23:08 +11:00
Damien Miller da3ca351b4 - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from 
Loganaden Velvindron @ AfriNIC in bz#2179
 2013-12-07 21:43:46 +11:00
Damien Miller eb401585bb - (djm) [regress/cert-hostkey.sh] Fix merge botch 2013-12-07 17:07:15 +11:00
Damien Miller f54542af3a - markus@cvs.openbsd.org 2013/12/06 13:52:46 
[regress/Makefile regress/agent.sh regress/cert-hostkey.sh]
     [regress/cert-userkey.sh regress/keytype.sh]
     test ed25519 support; from djm@
 2013-12-07 16:32:44 +11:00
Damien Miller f104da263d - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in] 
[openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on
       Linux
 2013-12-07 12:37:53 +11:00
Damien Miller 1ff130dac9 - [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c] 
[openbsd-compat/blf.h openbsd-compat/blowfish.c]
   [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in
   portable.
 2013-12-07 11:51:51 +11:00
Damien Miller 4260828a29 - [authfile.c] Conditionalise inclusion of util.h 2013-12-07 11:38:03 +11:00
Damien Miller a913442bac - [Makefile.in] Add ed25519 sources 2013-12-07 11:35:36 +11:00
Damien Miller ca570a519c - djm@cvs.openbsd.org 2013/12/07 00:19:15 
[key.c]
     set k->cert = NULL after freeing it
 2013-12-07 11:29:09 +11:00
Damien Miller 3cccc0e155 - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] 
[ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents
 2013-12-07 11:27:47 +11:00
Damien Miller a7827c11b3 - jmc@cvs.openbsd.org 2013/12/06 15:29:07 
[sshd.8]
     missing comma;
 2013-12-07 11:24:30 +11:00
Damien Miller 5be9d9e3cb - markus@cvs.openbsd.org 2013/12/06 13:39:49 
[authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
     [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
     [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
     [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
     [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
     support ed25519 keys (hostkeys and user identities) using the public
     domain ed25519 reference code from SUPERCOP, see
     http://ed25519.cr.yp.to/software.html
     feedback, help & ok djm@
 2013-12-07 11:24:01 +11:00
Damien Miller bcd00abd84 - markus@cvs.openbsd.org 2013/12/06 13:34:54 
[authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c]
     [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by
     default; details in PROTOCOL.key; feedback and lots help from djm;
     ok djm@
 2013-12-07 10:41:55 +11:00
Damien Miller f0e9060d23 - markus@cvs.openbsd.org 2013/12/06 13:30:08 
[authfd.c key.c key.h ssh-agent.c]
     move private key (de)serialization to key.c; ok djm
 2013-12-07 10:40:26 +11:00
Damien Miller 0f8536da23 - djm@cvs.openbsd.org 2013/12/06 03:40:51 
[ssh-keygen.c]
     remove duplicated character ('g') in getopt() string;
     document the (few) remaining option characters so we don't have to
     rummage next time.
 2013-12-07 10:31:37 +11:00
Damien Miller 393920745f - djm@cvs.openbsd.org 2013/12/05 22:59:45 
[sftp-client.c]
     fix memory leak in error path in do_readdir(); pointed out by
     Loganaden Velvindron @ AfriNIC in bz#2163
 2013-12-07 10:31:08 +11:00
Damien Miller 534b2ccade - djm@cvs.openbsd.org 2013/12/05 01:16:41 
[servconf.c servconf.h]
     bz#2161 - fix AuthorizedKeysCommand inside a Match block and
     rearrange things so the same error is harder to make next time;
     with and ok dtucker@
 2013-12-05 14:07:27 +11:00
Darren Tucker 8369c8e61a - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct 
-L location for libedit.  Patch from Serge van den Boom.
 2013-12-05 11:00:16 +11:00
Damien Miller 9275df3e0a - djm@cvs.openbsd.org 2013/12/04 04:20:01 
[sftp-client.c]
     bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
     AfriNIC
 2013-12-05 10:26:32 +11:00
Damien Miller 960f6a2b52 - djm@cvs.openbsd.org 2013/12/02 03:13:14 
[cipher.c]
     correct bzero of chacha20+poly1305 key context. bz#2177 from
     Loganaden Velvindron @ AfriNIC

     Also make it a memset for consistency with the rest of cipher.c
 2013-12-05 10:26:14 +11:00
Damien Miller f7e8a8796d - djm@cvs.openbsd.org 2013/12/02 03:09:22 
[key.c]
     make key_to_blob() return a NULL blob on failure; part of
     bz#2175 from Loganaden Velvindron @ AfriNIC
 2013-12-05 10:25:51 +11:00
Damien Miller f1e44ea9d9 - djm@cvs.openbsd.org 2013/12/02 02:56:17 
[ssh-pkcs11-helper.c]
     use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC
 2013-12-05 10:23:21 +11:00
Damien Miller 114e540b15 - djm@cvs.openbsd.org 2013/12/02 02:50:27 
[PROTOCOL.chacha20poly1305]
     typo; from Jon Cave
 2013-12-05 10:22:57 +11:00
Damien Miller e4870c0906 - djm@cvs.openbsd.org 2013/12/01 23:19:05 
[PROTOCOL]
     mention curve25519-sha256@libssh.org key exchange algorithm
 2013-12-05 10:22:39 +11:00
Damien Miller 1d2f8804a6 - deraadt@cvs.openbsd.org 2013/11/26 19:15:09 
[pkcs11.h]
     cleanup 1 << 31 idioms.  Resurrection of this issue pointed out by
     Eitan Adler ok markus for ssh, implies same change in kerberosV
 2013-12-05 10:22:03 +11:00
Damien Miller bdb352a54f - jmc@cvs.openbsd.org 2013/11/26 12:14:54 
[ssh.1 ssh.c]
     - put -Q in the right place
     - Ar was a poor choice for the arguments to -Q. i've chosen an
       admittedly equally poor Cm, at least consistent with the rest
       of the docs. also no need for multiple instances
     - zap a now redundant Nm
     - usage() sync
 2013-12-05 10:20:52 +11:00
Damien Miller d937dc084a - deraadt@cvs.openbsd.org 2013/11/25 18:04:21 
[ssh.1 ssh.c]
     improve -Q usage and such.  One usage change is that the option is now
     case-sensitive
     ok dtucker markus djm
 2013-12-05 10:19:54 +11:00
Damien Miller dec0393f7e - jmc@cvs.openbsd.org 2013/11/21 08:05:09 
[ssh_config.5 sshd_config.5]
     no need for .Pp before displays;
 2013-12-05 10:18:43 +11:00
Damien Miller 8a073cf579 - djm@cvs.openbsd.org 2013/11/21 03:18:51 
[regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh]
     [regress/try-ciphers.sh]
     use new "ssh -Q cipher-auth" query to obtain lists of authenticated
     encryption ciphers instead of specifying them manually; ensures that
     the new chacha20poly1305@openssh.com mode is tested;

     ok markus@ and naddy@ as part of the diff to add
     chacha20poly1305@openssh.com
 2013-11-21 14:26:18 +11:00
Damien Miller ea61b2179f - djm@cvs.openbsd.org 2013/11/21 03:16:47 
[regress/modpipe.c]
     use unsigned long long instead of u_int64_t here to avoid warnings
     on some systems portable OpenSSH is built on.
 2013-11-21 14:25:15 +11:00
Damien Miller 36aba25b04 - djm@cvs.openbsd.org 2013/11/21 03:15:46 
[regress/krl.sh]
     add some reminders for additional tests that I'd like to implement
 2013-11-21 14:24:42 +11:00