resp is allocated by client_converse(), at which point we lose
the original pointer.
From Pedro Martelletto; ok dtucker & me
OpenBSD-Commit-ID: 1f1b5ea3282017d6584dfed4f8370dc1db1f44b1
the resulting fingerprint doesn't appear to be used for anything,
and we end up leaking it.
from Pedro Martelletto; ok dtucker & me
OpenBSD-Commit-ID: 5625cf6c68f082bc2cbbd348e69a3ed731d2f9b7
failures; provides better experience for scp in sftp mode, where ~user paths
are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg &
markus
(forgot to include this file in previous commit)
OpenBSD-Commit-ID: d37cc4c8c861ce48cd6ea9899e96aaac3476847b
Correct handling of select(2) exceptfds. These should only be consulted
for POLLPRI flagged pfds and not unconditionally converted to POLLERR.
with and ok dtucker@
Darwin's poll(2) implementation is broken. For character-special
devices like /dev/null, it returns POLLNVAL when polled with
POLLIN.
Apparently this is Apple bug 3710161, which is AFAIK not public,
but a websearch will find other OSS projects rediscovering it
periodically since it was first identified in 2005 (!!)
failures; provides better experience for scp in sftp mode, where ~user paths
are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg &
markus
OpenBSD-Commit-ID: fc610ce00ca0cdc2ecdabbd49ce7cb82033f905f
sshd_config. It defaults to "no", and not explicitly setting it allows us to
enable it for the (optional) hostbased test.
OpenBSD-Regress-ID: aa8e3548eb5793721641d26e56c29f363b767c0c
setup (see comments at the top) and thus is disabled unless
TEST_SSH_HOSTBASED_AUTH and SUDO are set.
OpenBSD-Regress-ID: 3ec8ba3750c5b595fc63e7845d13483065a4827a
signature algorithms. RSA keys can make signatures with multiple algorithms,
so some special handling is required. ok markus@
OpenBSD-Commit-ID: 03b41b2bda06fa4cd9c84cef6095033b9e49b6ff
and not the default for the keytype. Part of unbreaking hostbased auth for
RSA/SHA2 keys. ok markus@
OpenBSD-Commit-ID: b5639a14462948970da3a8020dc06f9a80ecccdc
the client- side. Require RSA/SHA2 signatures for RSA hostkeys except when
RSA/SHA1 was explicitly negotiated during initial KEX; bz3375
ok markus@
OpenBSD-Commit-ID: 46e75e8dfa2c813781805b842580dcfbd888cf29
UpdateHostkeys on the server side. The previous code tried to prefer RSA/SHA2
for hostkey proofs of RSA keys, but missed some cases. This will use RSA/SHA2
signatures for RSA keys if the client proposed these algorithms in initial
KEX. bz3375
Mostly by Dmitry Belyavskiy with some tweaks by me.
ok markus@
OpenBSD-Commit-ID: c17ba0c3236340d2c6a248158ebed042ac6a8029
select() to poll() by moving FD_SET construction out of channel handlers into
separate functions. ok markus
OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
already supported either sha512 (default) or sha256, but plumbing wasn't
there mostly by Linus Nordberg
OpenBSD-Commit-ID: 1b536404b9da74a84b3a1c8d0b05fd564cdc96cd
djm@openbsd.org
Damien Miller
Darren Tucker
dtucker@openbsd.org
Tess Gauthier
Tim Rice