pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
Replace ED25519's private SHA-512 implementation with a
call to the regular digest code. This speeds up compilation considerably. ok
markus@
OpenBSD-Commit-ID: fcce8c3bcfe7389462a28228f63c823e80ade41c
Create a persistent umac128.c source file: #define the
output size and the name of the entry points for UMAC-128 before including
umac.c. Idea from FreeBSD. ok dtucker@
OpenBSD-Commit-ID: 463cfacfa07cb8060a4d4961e63dca307bf3f4b1
ssh/lib hasn't worked towards our code-sharing goals for
a quit while, perhaps it is too verbose? Change each */Makefile to
specifying exactly what sources that program requires, compiling it seperate.
Maybe we'll iterate by sorting those into seperatable chunks, splitting up
files which contain common code + server/client specific code, or whatnot.
But this isn't one step, or we'd have done it a long time ago.. ok dtucker
markus djm
OpenBSD-Commit-ID: 5317f294d63a876bfc861e19773b1575f96f027d
Put remote client info back into the ClientAlive
connection termination message. Based in part on diff from lars.nooden at
gmail, ok djm
OpenBSD-Commit-ID: 80a0f619a29bbf2f32eb5297a69978a0e05d0ee0
for some reason unix_listener() logged most errors twice
with each message containing only some of the useful information; merge these
OpenBSD-Commit-ID: 1978a7594a9470c0dddcd719586066311b7c9a4a
Adds a .depend file containing dependency information generated by
makedepend, which is appended to the generated Makefile by configure.
You can regen the file with "make -f Makefile.in depend" if necessary,
but we'll be looking at some way to automatically keep this up to date.
"no objection" djm@
don't accept junk after "yes" or "no" responses to
hostkey prompts. bz#2803 reported by Maksim Derbasov; ok dtucker@
OpenBSD-Commit-ID: e1b159fb2253be973ce25eb7a7be26e6f967717c
Replace atoi and strtol conversions for integer arguments
to config keywords with a checking wrapper around strtonum. This will
prevent and flag invalid and negative arguments to these keywords. ok djm@
OpenBSD-Commit-ID: 99ae3981f3d608a219ccb8d2fff635ae52c17998
Have sftp print a warning about shell cleanliness when
decoding the first packet fails, which is usually caused by shells polluting
stdout of non-interactive starups. bz#2800, ok markus@ deraadt@.
OpenBSD-Commit-ID: 88d6a9bf3470f9324b76ba1cbd53e50120f685b5
Check for MIKDIR_P and use it instead of mkinstalldirs. Should fix "mkdir:
cannot create directory:... File exists" during "make install".
Patch from eb at emlix.com.
Add monotime_ts and monotime_tv that return monotonic
timespec and timeval respectively. Replace calls to gettimeofday() in packet
timing with monotime_tv so that the callers will work over a clock step.
Should prevent integer overflow during clock steps reported by wangle6 at
huawei.com. "I like" markus@
OpenBSD-Commit-ID: 74d684264814ff806f197948b87aa732cb1b0b8a
Remove get_current_time() and replace with calls to
monotime_double() which uses CLOCK_MONOTONIC and works over clock steps. "I
like" markus@
OpenBSD-Commit-ID: 3ad2f7d2414e2cfcaef99877a7a5b0baf2242952
downgrade a couple more request parsing errors from
process-fatal to just returning failure, making them consistent with the
others that were already like that.
OpenBSD-Commit-ID: c111461f7a626690a2d53018ef26557b34652918
fix regression in 7.6: failure to parse a signature request
message shouldn't be fatal to the process, just the request. Reported by Ron
Frederick
OpenBSD-Commit-ID: e5d01b3819caa1a2ad51fc57d6ded43f48bbcc05
fix problem in configuration parsing when in config dump mode
(sshd -T) without providing a full connection specification (sshd -T -C ...)
spotted by bluhm@
OpenBSD-Commit-ID: 7125faf5740eaa9d3a2f25400a0bc85e94e28b8f
