tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,417 Commits 6 Branches 20 Tags 98 MiB
Commit Graph

10417 Commits

Author SHA1 Message Date
markus@openbsd.org 15be29e1e3 upstream: sshsig: return correct error, fix null-deref; ok djm 
OpenBSD-Commit-ID: 1d1af7cd538b8b23e621cf7ab84f11e7a923edcd
 2020-03-13 13:13:30 +11:00
markus@openbsd.org 6fb6f186cb upstream: vasnmprintf allocates str and returns -1; ok djm 
OpenBSD-Commit-ID: dae4c9e83d88471bf3b3f89e3da7a107b44df11c
 2020-03-13 13:13:30 +11:00
markus@openbsd.org 714e1cbca1 upstream: sshpkt_fatal() does not return; ok djm 
OpenBSD-Commit-ID: 7dfe847e28bd78208eb227b37f29f4a2a0929929
 2020-03-13 13:13:30 +11:00
djm@openbsd.org 9b47bd7b09 upstream: no-touch-required certificate option should be an 
extension, not a critical option.

OpenBSD-Commit-ID: 626b22c5feb7be8a645e4b9a9bef89893b88600d
 2020-02-28 12:27:41 +11:00
djm@openbsd.org dd992520be upstream: better error message when trying to use a FIDO key 
function and SecurityKeyProvider is empty

OpenBSD-Commit-ID: e56602c2ee8c82f835d30e4dc8ee2e4a7896be24
 2020-02-28 12:27:41 +11:00
dtucker@openbsd.org b81e66dbe0 upstream: Drop leading space from line count that was confusing 
ssh-keygen's screen mode.

OpenBSD-Commit-ID: 3bcae7a754db3fc5ad3cab63dd46774edb35b8ae
 2020-02-28 12:27:41 +11:00
jsg@openbsd.org d5ba1c0327 upstream: change explicit_bzero();free() to freezero() 
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
 2020-02-28 12:26:28 +11:00
dtucker@openbsd.org 9e3220b585 upstream: Have sftp reject "-1" in the same way as ssh(1) and 
scp(1) do instead of accepting and silently ignoring it since protocol 1
support has been removed.  Spotted by shivakumar2696 at gmail.com, ok
deraadt@

OpenBSD-Commit-ID: b79f95559a1c993214f4ec9ae3c34caa87e9d5de
 2020-02-26 23:07:02 +11:00
dtucker@openbsd.org ade8e67bb0 upstream: Remove obsolete XXX comment. ok deraadt@ 
OpenBSD-Commit-ID: bc462cc843947feea26a2e21c750b3a7469ff01b
 2020-02-26 23:07:02 +11:00
dtucker@openbsd.org 7eb903f51e upstream: Fix typo. Patch from itoama at live.jp via github PR#173. 
OpenBSD-Commit-ID: 5cdaafab38bbdea0d07e24777d00bfe6f972568a
 2020-02-24 17:14:00 +11:00
Nico Kadel-Garcia b2491c289d Switch %define to %global for redhat/openssh.spec 2020-02-22 11:48:05 +11:00
mkontani b18dcf6cca fix some typos and sentence 2020-02-21 12:29:05 +11:00
dtucker@openbsd.org 0001576a09 upstream: Fix some typos and an incorrect word in docs. Patch from 
itoama at live.jp via github PR#172.

OpenBSD-Commit-ID: 166ee8f93a7201fef431b9001725ab8b269d5874
 2020-02-21 12:27:23 +11:00
dtucker@openbsd.org 99ff8fefe4 upstream: Update moduli generation script to new ssh-keygen 
generation and screening command line flags.

OpenBSD-Commit-ID: 5010ff08f7ad92082e87dde098b20f5c24921a8f
 2020-02-21 11:11:08 +11:00
dtucker@openbsd.org 700d16f5e5 upstream: Import regenerated moduli. 
OpenBSD-Commit-ID: 7b7b619c1452a459310b0cf4391c5757c6bdbc0f
 2020-02-21 11:10:25 +11:00
Darren Tucker 4753b74ba0 Import regenerated moduli. 2020-02-20 16:42:50 +11:00
HARUYAMA Seigo 11d4271627 Fix typos in INSTALL: s/avilable/available/ s/suppports/supports/ 2020-02-18 20:24:44 +11:00
dtucker@openbsd.org 264a966216 upstream: Ensure that the key lifetime provided fits within the 
values allowed by the wire format (u32). Prevents integer wraparound of the
timeout values. bz#3119, ok markus@ djm@

OpenBSD-Commit-ID: 8afe6038b5cdfcf63360788f012a7ad81acc46a2
 2020-02-18 20:23:25 +11:00
dtucker@openbsd.org de1f3564cd upstream: Detect and prevent simple configuration loops when using 
ProxyJump. bz#3057, ok djm@

OpenBSD-Commit-ID: 077d21c564c886c98309d871ed6f8ef267b9f037
 2020-02-18 20:23:25 +11:00
naddy@openbsd.org 30144865bf upstream: document -F none; with jmc@ 
OpenBSD-Commit-ID: 0eb93b75473d2267aae9200e02588e57778c84f2
 2020-02-18 20:23:25 +11:00
Darren Tucker 011052de73 Remove unused variable warning. 2020-02-17 22:55:51 +11:00
Darren Tucker 31c9348c5e Constify aix_krb5_get_principal_name. 
Prevents warning about discarding type qualifiers on AIX.
 2020-02-17 22:53:24 +11:00
Darren Tucker 290c994336 Check if TILDE is already defined and undef. 
Prevents redefinition warning on AIX.
 2020-02-17 22:51:36 +11:00
Darren Tucker 41a2e64ae4 Prevent unused variable warning. 2020-02-17 22:51:00 +11:00
Darren Tucker d4860ec4ef Check if getpeereid is actually declared. 
Check in sys/socket.h (AIX) and unistd.h (FreeBSD, DragonFLy and OS X).
Prevents undeclared function warning on at least some versions of AIX.
 2020-02-17 22:48:50 +11:00
djm@openbsd.org 8aa3455b16 upstream: openssh-8.2 
OpenBSD-Commit-ID: 0a1340ff65fad0d84b997ac58dd1b393dec7c19b
 2020-02-14 11:40:54 +11:00
Damien Miller 72f0ce33f0 crank version numbers 2020-02-12 09:28:35 +11:00
Darren Tucker b763ed05bd Minor documentation update: 
- remove duplication of dependency information (it's all in INSTALL).
 - SSHFP is now an RFC.
 2020-02-11 12:51:24 +11:00
Darren Tucker 14ccfdb724 Check if UINT32_MAX is defined before redefining. 2020-02-09 11:23:35 +11:00
Damien Miller be075110c7 typo; reported by Phil Pennock 2020-02-07 15:13:26 +11:00
djm@openbsd.org 963d71851e upstream: sync the description of the $SSH_SK_PROVIDER environment 
variable with that of the SecurityKeyProvider ssh/sshd_config(5) directive,
as the latter was more descriptive.

OpenBSD-Commit-ID: 0488f09530524a7e53afca6b6e1780598022552f
 2020-02-07 15:03:20 +11:00
dtucker@openbsd.org d4d9e1d405 upstream: Add ssh -Q key-sig for all key and signature types. 
Teach ssh -Q to accept ssh_config(5) and sshd_config(5) algorithm keywords as
an alias for the corresponding query.  Man page help jmc@, ok djm@.

OpenBSD-Commit-ID: 1e110aee3db2fc4bc5bee2d893b7128fd622e0f8
 2020-02-07 15:03:20 +11:00
djm@openbsd.org fd68dc2786 upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow more 
than the intended number of prompts (3) and 2) it would SEGV too many
incorrect PINs were entered; based on patch by Gabriel Kihlman

OpenBSD-Commit-ID: 9c0011f28ba8bd8adf2014424b64960333da1718
 2020-02-07 14:31:02 +11:00
djm@openbsd.org 96bd895a0a upstream: When using HostkeyAlgorithms to merely append or remove 
algorithms from the default set (i.e. HostkeyAlgorithms=+/-...), retain the
default behaviour of preferring those algorithms that have existing keys in
known_hosts; ok markus

OpenBSD-Commit-ID: 040e7fcc38ea00146b5d224ce31ce7a1795ee6ed
 2020-02-07 09:53:00 +11:00
djm@openbsd.org c728848673 upstream: expand HostkeyAlgorithms prior to config dump, matching 
other algorithm lists; ok markus@

OpenBSD-Commit-ID: a66f0fca8cc5ce30405a2867bc115fff600671d0
 2020-02-07 09:53:00 +11:00
naddy@openbsd.org a6ac5d36ef upstream: Add Include to the list of permitted keywords after a 
Match keyword. ok markus@

OpenBSD-Commit-ID: 342e940538b13dd41e0fa167dc9ab192b9f6e2eb
 2020-02-07 09:53:00 +11:00
naddy@openbsd.org a47f6a6c0e upstream: Replace "security key" with "authenticator" in program 
messages.

This replaces "security key" in error/usage/verbose messages and
distinguishes between "authenticator" and "authenticator-hosted key".

ok djm@

OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
 2020-02-07 09:52:59 +11:00
Darren Tucker 849a9b8714 Don't look for UINT32_MAX in inttypes.h 
... unless we are actually going to use it.  Fixes build on HP-UX
without the potential impact to other platforms of a header change
shortly before release.
 2020-02-06 12:21:49 +11:00
Damien Miller a2437f8ed0 depend 2020-02-06 12:02:22 +11:00
Michael Forney 9716e8c495 Fix sha2 MAKE_CLONE no-op definition 
The point of the dummy declaration is so that MAKE_CLONE(...) can have
a trailing semicolon without introducing an empty declaration. So,
the macro replacement text should *not* have a trailing semicolon,
just like DEF_WEAK.
 2020-02-06 11:53:38 +11:00
djm@openbsd.org d596b1d30d upstream: require FIDO application strings to start with "ssh:"; ok 
markus@

OpenBSD-Commit-ID: 94e9c1c066d42b76f035a3d58250a32b14000afb
 2020-02-04 21:08:10 +11:00
djm@openbsd.org 501f358243 upstream: revert enabling UpdateHostKeys by default - there are still 
corner cases we need to address; ok markus

OpenBSD-Commit-ID: ff7ad941bfdc49fb1d8baa95fd0717a61adcad57
 2020-02-04 10:52:17 +11:00
jmc@openbsd.org 072f3b832d upstream: use better markup for challenge and write-attestation, and 
rejig the challenge text a little;

ok djm

OpenBSD-Commit-ID: 9f351e6da9edfdc907d5c3fdaf2e9ff3ab0a7a6f
 2020-02-04 10:00:18 +11:00
Damien Miller 262eb05a22 mention libfido2 in dependencies section 2020-02-03 21:22:15 +11:00
Damien Miller ccd3b247d5 add clock_gettime64(2) to sandbox allowed syscalls 
bz3093
 2020-02-03 19:40:12 +11:00
dtucker@openbsd.org adffbe1c64 upstream: Output (none) in debug in the case in the CheckHostIP=no case 
as suggested by markus@

OpenBSD-Commit-ID: 4ab9117ee5261cbbd1868717fcc3142eea6385cf
 2020-02-02 21:18:07 +11:00
dtucker@openbsd.org 58c819096a upstream: Prevent possible null pointer deref of ip_str in debug. 
OpenBSD-Commit-ID: 37b252e2e6f690efed6682437ef75734dbc8addf
 2020-02-02 20:31:48 +11:00
jmc@openbsd.org 0facae7bc8 upstream: shuffle the challenge keyword to keep the -O list sorted; 
OpenBSD-Commit-ID: 08efad608b790949a9a048d65578fae9ed5845fe
 2020-02-02 20:25:09 +11:00
jmc@openbsd.org 6fb3dd0ccd upstream: tweak previous; 
OpenBSD-Commit-ID: 0c42851cdc88583402b4ab2b110a6348563626d3
 2020-02-02 20:25:09 +11:00
Darren Tucker 92725d4d3f Use sys-queue.h from compat library. 
Fixes build on platforms that don't have sys/queue.h (eg MUSL).
 2020-02-01 17:25:09 +11:00