better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in
hostname canonicalisation - treat them as already canonical and remove the
trailing '.' before matching ssh_config; ok markus@
Upstream-ID: f7619652e074ac3febe8363f19622aa4853b679a
fix some signed/unsigned integer type mismatches in
format strings; reported by Nicholas Lemonias
Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c
revision 1.20
date: 2015/10/13 20:55:37; author: millert; state: Exp; lines: +2 -2; commitid: X39sl5ay1czgFIgp;
In rev 1.15 the sizeof argument was fixed in a strlcat() call but
the truncation check immediately following it was not updated to
match. Not an issue in practice since the buffers are the same
size. OK deraadt@
revision 1.19
date: 2015/01/16 16:48:51; author: deraadt; state: Exp; lines: +3 -3; commitid: 0DYulI8hhujBHMcR;
Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther
revision 1.18
date: 2014/10/19 03:56:28; author: doug; state: Exp; lines: +9 -9; commitid: U6QxmtbXrGoc02S5;
Revert last commit due to changed semantics found by make release.
revision 1.17
date: 2014/10/18 20:43:52; author: doug; state: Exp; lines: +10 -10; commitid: I74hI1tVZtsspKEt;
Better POSIX compliance in realpath(3).
millert@ made changes to realpath.c based on FreeBSD's version. I merged
Todd's changes into dl_realpath.c.
ok millert@, guenther@
revision 1.15
date: 2012/09/13 15:39:05; author: deraadt; state: Exp; lines: +2 -2;
specify the bounds of the dst to strlcat (both values were static and
equal, but it is more correct)
from Michal Mazurek
revision 1.14
date: 2011/07/24 21:03:00; author: miod; state: Exp; lines: +35 -13;
Recent Single Unix will malloc memory if the second argument of realpath()
is NULL, and third-party software is starting to rely upon this.
Adapted from FreeBSD via Jona Joachim (jaj ; hcl-club , .lu), with minor
tweaks from nicm@ and yours truly.
apply PubkeyAcceptedKeyTypes filtering earlier, so all
skipped keys are noted before pubkey authentication starts. ok dtucker@
Upstream-ID: ba4f52f54268a421a2a5f98bb375403f4cb044b8
don't try to change tun device flags if they are already
what we need; makes it possible to use tun/tap networking as non- root user
if device permissions and interface flags are pre-established; based on patch
by Ossi Herrala
Upstream-ID: 89099ac4634cd477b066865acf54cb230780fd21
re-order system calls in order of risk, ok i'll be
honest, ordered this way they look like tame... ok djm
Upstream-ID: 42a1e6d251fd8be13c8262bee026059ae6328813
add ssh_config CertificateFile option to explicitly list
a certificate; patch from Meghana Bhat on bz#2436; ok markus@
Upstream-ID: 58648ec53c510b41c1f46d8fe293aadc87229ab8
skip if running as root; many systems (inc OpenBSD) allow
root to ptrace arbitrary processes
Upstream-Regress-ID: be2b925df89360dff36f972951fa0fa793769038
- Fix error message: passphrase needs to be at least 5
characters, not 4. - Remove unused function argument. - Remove two
unnecessary variables.
OK djm@
Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30
When adding keys to the agent, don't ignore the comment
of keys for which the user is prompted for a passphrase.
Tweak and OK djm@
Upstream-ID: dc737c620a5a8d282cc4f66e3b9b624e9abefbec
Use explicit_bzero() when zeroing before free()
from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu)
ok millert@ djm@
Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50
sync -Q in usage() to SYNOPSIS; since it's drastically
shorter, i've reformatted the block to sync with the man (80 cols) and saved
a line;
Upstream-ID: 86e2c65c3989a0777a6258a77e589b9f6f354abd
Use ssh-keygen -A instead of per-keytype invocations when generating host
keys. Add tests when doing host-key-force since we can't use ssh-keygen -A
since it can't specify alternate locations. bz#2459, ok djm@
openssh_RSA_verify return type is int, so don't make it
size_t within the function itself with only negative numbers or zero assigned
to it. bz#2460
Upstream-ID: b6e794b0c7fc4f9f329509263c8668d35f83ea55
Plug minor memory leaks when options are used more than
once. bz#2182, patch from Tiago Cunha, ok deraadt djm
Upstream-ID: 5b84d0401e27fe1614c10997010cc55933adb48e
djm@openbsd.org
mmcc@openbsd.org
Damien Miller
deraadt@openbsd.org
sobrado@openbsd.org
jmc@openbsd.org
tim@openbsd.org
guenther@openbsd.org
dtucker@openbsd.org
Darren Tucker