Use consistent format in debug log for keys readied, offered and
received during public key authentication.
This makes it a little easier to see what is going on, as each message
now contains (where available) the key filename, its type and fingerprint,
and whether the key is hosted in an agent or a token.
OpenBSD-Commit-ID: f1c6a8e9cfc4e108c359db77f24f9a40e1e25ea7
revision 1.285
date: 2018/09/14 04:17:12; author: djm; state: Exp; lines: +47 -26; commitid: lflGFcNb2X2HebaK;
Use consistent format in debug log for keys readied, offered and
received during public key authentication.
This makes it a little easier to see what is going on, as each message
now contains the key filename, its type and fingerprint, and whether
the key is hosted in an agent or a token.
OpenBSD-Commit-ID: e496bd004e452d4b051f33ed9ae6a54ab918f56d
offered and received during public key authentication.
This makes it a little easier to see what is going on, as each message
now contains the key filename, its type and fingerprint, and whether
the key is hosted in an agent or a token.
OpenBSD-Commit-ID: 2a01d59285a8a7e01185bb0a43316084b4f06a1f
signature algorithms that are allowed for CA signatures. Notably excludes
ssh-dsa.
ok markus@
OpenBSD-Commit-ID: 1628e4181dc8ab71909378eafe5d06159a22deb4
success/failure message (previously we logged only key ID and CA key
fingerprint).
ok markus@
OpenBSD-Commit-ID: a8ef2d172b7f1ddbcce26d6434b2de6d94f6c05d
change the multiplexing state, not just new sessions.
mention that confirmation is checked via ssh-askpass
OpenBSD-Commit-ID: 0f1b45551ebb9cc5c9a4fe54ad3b23ce90f1f5c2
and the only issue is showing an unknown error (since it's not defined)
during fatal(), if it ever an error occurs inside that condition.
OK deraadt@ markus@ djm@
OpenBSD-Commit-ID: acb0a8e6936bfbe590504752d01d1d251a7101d8
Based on github pull request #99 from Darren Maffat at Oracle: Solaris'
getgrouplist considers _SC_NGROUPS_MAX more of a guideline and can return
a larger number of groups. In this case, retry getgrouplist with a
larger array and defer allocating groups_byname. ok djm@
Treating that as a safe encoding is OK because even when other systems return
that string for real ISO8859-1, it is still safe in the sense that it is
ASCII-compatible and stateless.
Issue reported by Val dot Baranov at duke dot edu. Additional
information provided by Michael dot Felt at felt dot demon dot nl.
Tested by Michael Felt on AIX 6.1 and by Val Baranov on AIX 7.1.
Tweak and OK djm@.
OpenBSD-Commit-ID: 36f1210e0b229817d10eb490d6038f507b8256a7
Cygwin's latest 7.x GCC allows to specify -mfunction-return=thunk
as well as -mindirect-branch=thunk on the command line, albeit
producing invalid code, leading to an error at link stage.
The check in configure.ac only checks if the option is present,
but not if it produces valid code.
This patch fixes it by special-casing Cygwin. Another solution
may be to change these to linker checks.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
Further header file standarization in Cygwin uncovered a lazy
indirect include in bsd-cygwin_util.c
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
causes double-free under some circumstances.
--
date: 2018/07/31 03:07:24; author: djm; state: Exp; lines: +33 -18; commitid: f7g4UI8eeOXReTPh;
fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366
feedback and ok dtucker@
OpenBSD-Commit-ID: 1e77547f60fdb5e2ffe23e2e4733c54d8d2d1137
understand the new key format so convert back to old format to create the
PuTTY key and remove it once done.
OpenBSD-Regress-ID: 2a449a18846c3a144bc645135b551ba6177e38d3
While I'm here, describe and link to the remaining local PROTOCOL.*
docs that weren't already mentioned (PROTOCOL.key, PROTOCOL.krl and
PROTOCOL.mux)
OpenBSD-Commit-ID: 2a900f9b994ba4d53e7aeb467d44d75829fd1231
suported by OpenSSH >= 6.5 (released January 2014), so it should be supported
by most OpenSSH versions in active use.
It is possible to convert new-format private keys to the older
format using "ssh-keygen -f /path/key -pm PEM".
ok deraadt dtucker
OpenBSD-Commit-ID: e3bd4f2509a2103bfa2f710733426af3ad6d8ab8
djm@openbsd.org
Damien Miller
millert@openbsd.org
dtucker@openbsd.org
mestre@openbsd.org
Darren Tucker
schwarze@openbsd.org
Tim Rice
Corinna Vinschen