| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
| |
The rlimit tests can hang when being run with some compiler sanitizers
so skip all of them if sandbox=no.
|
|
|
|
|
|
| |
Move the checks for struct pollfd.fd and nfds_t to before the sandboxing
checks. This groups all the sandbox checks together so we can skip them
all when sandboxing is disabled.
|
|
|
|
|
|
| |
Remove extra line leftover from merge conflict. ok djm@
OpenBSD-Commit-ID: 460e2290875d7ae64971a7e669c244b1d1c0ae2e
|
|
|
|
|
|
| |
in format description
OpenBSD-Commit-ID: 3de33572733ee7fcfd7db33d37db23d2280254f0
|
|
|
|
|
| |
It's not needed in that case, and the test can fail when being built
with some compiler memory sanitizer flags. bz#3441
|
|
|
|
|
|
| |
authorized keys/principals file for errno != ENOENT; bz2042 ok dtucker
OpenBSD-Commit-ID: e79aa550d91ade6a80f081bda689da24c086d66b
|
|
|
|
|
|
|
|
|
|
| |
and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of
github PR#324 from ZoltanFridrich, ok djm@
This is a roll-forward of the previous rollback now that the required
changes in compat.c have been done.
OpenBSD-Commit-ID: c7cd93730b3b9f53cdad3ae32462922834ef73eb
|
|
|
|
|
|
|
| |
that we can free them later. Fix one leak in compat_kex_proposal. Based on
github PR#324 from ZoltanFridrich with some simplications by me. ok djm@
OpenBSD-Commit-ID: 9171616da3307612d0ede086fd511142f91246e4
|
|
|
|
|
|
|
| |
muxclient() which performs operations that could cause one; Reported by Noam
Lewis via bz3454, ok dtucker@
OpenBSD-Commit-ID: 63d8e13276869eebac6d7a05d5a96307f9026e47
|
|
|
|
| |
OpenBSD-Commit-ID: abdcde4f92b1ef094ae44210ee99d3b0155aad9c
|
| |
|
|
|
|
|
|
|
|
| |
"/usr/libexec/sftp-server -el debug3"
ok markus@
OpenBSD-Commit-ID: 5a002b9f3a7aef2731fc0ffa9c921cf15f38ecce
|
|
|
|
|
|
|
| |
compat_pkalg_proposal and friends always allocate their returned strings.
Reported by Qualys.
OpenBSD-Commit-ID: 1c7a88a0d5033f42f88ab9bec58ef1cf72c81ad0
|
|
|
|
|
|
|
| |
and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of
github PR#324 from ZoltanFridrich, ok djm@
OpenBSD-Commit-ID: b2f6e5f60f2bba293b831654328a8a0035ef4a1b
|
|
|
|
|
| |
Prevents us from trying to link them into ssh-sk-helper and failing to
build.
|
| |
|
| |
|
|
|
|
| |
idea/patch from Pedro Martelletto via GHPR#322; ok dtucker@
|
|
|
|
|
|
| |
and received data. GHPR#328 from Jan Pazdziora
OpenBSD-Commit-ID: d180a905fec9ff418a75c07bb96ea41c9308c3f9
|
|
|
|
|
|
|
|
| |
error.
ok dtucker@
OpenBSD-Commit-ID: e384c4e05d5521e7866b3d53ca59acd2a86eef99
|
|
|
|
|
|
| |
Martin Vahlensieck via tech@.
OpenBSD-Commit-ID: 4c54d20a8e8e4e9912c38a7b4ef5bfc5ca2e05c2
|
|
|
|
|
|
| |
connection. bz#3447, from vincent-openssh at vinc17 net, ok djm@
OpenBSD-Commit-ID: 9d59f19872b94900a5c79da2d57850241ac5df94
|
|
|
|
|
|
|
|
| |
If libfido2 is found and usable, then enable the built-in
security key support unless --without-security-key-builtin
was requested.
ok dtucker@
|
|
|
|
| |
Analysis/fix from kircher in bz3443; ok dtucker@
|
|
|
|
|
|
|
| |
and not in the pledge(2)'d unprivileged process; fixes regression caused by
recent refactoring spotted by henning@
OpenBSD-Commit-ID: a089870b95101cd8881a2dff65b2f1627d13e88d
|
|
|
|
|
|
| |
auth2-pubkeyfile.c too; they make more sense there.
OpenBSD-Commit-ID: 9970d99f900e1117fdaab13e9e910a621b7c60ee
|
|
|
|
|
|
| |
too
OpenBSD-Regress-ID: 4c8804f9db38a02db480b9923317457b377fe34b
|
|
|
|
|
|
|
|
|
|
|
| |
sshd_config and sshd_config; previously if the same name was reused then the
last would win (which is the opposite to how the config is supposed to work).
While there, make the ssh_config parsing more like sshd_config.
bz3438, ok dtucker
OpenBSD-Commit-ID: 797909c1e0262c0d00e09280459d7ab00f18273b
|
|
|
|
|
|
| |
skazi0 via github PR#294.
OpenBSD-Commit-ID: fda2c869cdb871f3c90a89fb3f985370bb5d25c0
|
|
|
|
|
|
| |
message. github PR#320 from jschauma, ok djm@
OpenBSD-Commit-ID: bd60809803c4bfd3ebb7c5c4d918b10e275266f2
|
|
|
|
|
|
|
| |
Based on github PR#303 from jsegitz with man page text from jmc@, ok markus@
djm@
OpenBSD-Commit-ID: 5c4c57bdd7063ff03381cfb6696659dd3f9f5b9f
|
|
|
|
|
|
|
|
|
| |
This was already documented when support for user-verified FIDO
keys was added, but the ssh-keygen(1) code was missing.
ok djm@
OpenBSD-Commit-ID: f660f973391b593fea4b7b25913c9a15c3eb8a06
|
|
|
|
|
|
| |
from caspar schutijser
OpenBSD-Commit-ID: f146a19d7d5c9374c3b9c520da43b2732d7d1a4e
|
| |
|
| |
|
| |
|
|
|
|
|
| |
mostly redundant to authopt_fuzz, but it's sensitive code so IMO it
makes sense to test this layer too
|
|
|
|
|
|
|
|
|
|
|
|
| |
auth2-pubkey.c
Put them in a new auth2-pubkeyfile.c to make it easier to refer to them
(e.g. in unit/fuzz tests) without having to refer to everything else
pubkey auth brings in.
ok dtucker@
OpenBSD-Commit-ID: 3fdca2c61ad97dc1b8d4a7346816f83dc4ce2217
|
|
|
|
|
|
|
|
|
|
| |
remove "struct ssh *" from arguments - this was only used to pass the
remote host/address. These can be passed in instead and the resulting
code is less tightly coupled to ssh_api.[ch]
ok dtucker@
OpenBSD-Commit-ID: 9d4373d013edc4cc4b5c21a599e1837ac31dda0d
|
|
|
|
|
|
|
|
|
| |
with freezero. Unconditionally call freezero to guarantee that password is
removed from RAM.
From tobias@ and c3h2_ctf via github PR#286, ok djm@
OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
|
|
|
|
|
|
|
|
|
| |
reached before fork has been called. If this happens, then kill -1 would be
called, sending SIGTERM to all processes reachable by the current process.
From tobias@ and c3h2_ctf via github PR#286, ok djm@
OpenBSD-Commit-ID: 6277af1207d81202f5daffdccfeeaed4c763b1a8
|
|
|
|
|
|
| |
ProxyCommand. From pallxk via github PR#305.
OpenBSD-Commit-ID: 7115ac351b129205f1f1ffa6bbfd62abd76be7c5
|
|
|
|
| |
OpenBSD-Commit-ID: 457c79afaca2f89ec2606405c1059b98b30d8b0d
|
|
|
|
|
|
| |
via #define) dump to stderr rather than stdout
OpenBSD-Commit-ID: 10298513ee32db8390aecb0397d782d68cb14318
|
|
|
|
|
| |
HAVE_CAPH_CACHE_TZDATA to be missing from config.h.in.
Spotted by Bryan Drewery
|
|
|
|
|
|
| |
files with smaller ones; would have caught last regression in scp(1)
OpenBSD-Regress-ID: 19de4e88dd3a4f7e5c1618c9be3c32415bd93bc2
|
|
|
|
|
|
| |
architectures do not ship with gdb.
OpenBSD-Regress-ID: ec53e928803e6b87f9ac142d38888ca79a45348d
|
|
|
|
|
|
|
| |
all cases, not just at the start of a transfer. This could cause overwrites
of larger files to leave junk at the end. Spotted by tb@
OpenBSD-Commit-ID: b189f19cd68119548c8e24e39c79f61e115bf92c
|
|
|
|
|
|
|
|
|
|
|
|
| |
early
previous behavious of unconditionally truncating the destination file
would cause "scp ~/foo localhost:" and "scp localhost:foo ~/" to
delete all the contents of their destination.
spotted by solene@ sthen@, also bz3431; ok dtucker@
OpenBSD-Commit-ID: ca39fdd39e0ec1466b9666f15cbcfddea6aaa179
|