| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
If child_set env was called with a NULL env pointer and a non-zero count
it would end up in a null deref, although we don't currently do this.
Prompted by Coverity CID 291850, tweak & ok djm@
|
|
|
|
|
|
|
| |
SSH_TIME_T_MAX for this, so move from misc.c to misc.h so it's available.
Fixes a Coverity warning for 64bit time_t safety, ok djm@
OpenBSD-Commit-ID: c69c4c3152cdaab953706db4ccf4d5fd682f7d8d
|
|
|
|
|
|
| |
timeouts; ok dtucker markus
OpenBSD-Commit-ID: 3335268ca135b3ec15a947547d7cfbb8ff929ead
|
|
|
|
|
|
|
|
|
| |
char (which did not come from stdio read functions) in the presence of
ctype macros, is to always cast to (unsigned char). casting to (int)
for a "macro" which is documented to take int, is weird. And sadly wrong,
because of the sing extension risk.. same diff from florian
OpenBSD-Commit-ID: 65b9a49a68e22ff3a0ebd593f363e9f22dd73fea
|
|
|
|
|
|
| |
string in error messages. Patch from vapier at chromium.org.
OpenBSD-Commit-ID: fc28466ebc7b74e0072331947a89bdd239c160d3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
times and authorized_keys expiry-time options to accept dates in the UTC time
zone in addition to the default of interpreting them in the system time zone.
YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if
suffixed with a 'Z' character.
Also allow certificate validity intervals to be specified in raw
seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
is intended for use by regress tests and other tools that call
ssh-keygen as part of a CA workflow.
bz3468 ok dtucker
OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13
|
|
|
|
|
|
|
|
|
|
|
| |
sshd_config and sshd_config; previously if the same name was reused then the
last would win (which is the opposite to how the config is supposed to work).
While there, make the ssh_config parsing more like sshd_config.
bz3438, ok dtucker
OpenBSD-Commit-ID: 797909c1e0262c0d00e09280459d7ab00f18273b
|
|
|
|
|
|
|
|
|
|
| |
improve error reporting
make freeargs(NULL) a noop like the other free functions
ok dtucker as part of bz3403
OpenBSD-Commit-ID: 15f86da83176978b4d1d288caa24c766dfa2983d
|
|
|
|
|
|
| |
might not set it. Found by the Valgrind tests on github, ok deraadt@
OpenBSD-Commit-ID: c830c0db185ca43beff3f41c19943c724b4f636d
|
|
|
|
|
|
|
|
|
|
| |
Historicallly, hpdelim accepted ":" or "/" as a port delimiter between
hosts (or addresses) and ports. These days most of the uses for "/"
are no longer accepted, so there are several places where it checks the
delimiter to disallow it. Make hpdelim accept only ":" and use hpdelim2
in the other cases. ok djm@
OpenBSD-Commit-ID: 7e6420bd1be87590b6840973f5ad5305804e3102
|
|
|
|
|
|
| |
paths with no trailing slash; feedback/ok markus and jsg
OpenBSD-Commit-ID: a2ab365598a902f0f14ba6a4f8fb2d07a9b5d51d
|
|
|
|
|
|
| |
timeval's to timespec's to make things easier. back and forth and ok; djm
OpenBSD-Commit-ID: 89d3b23c60875da919e7820f9de6213286ffbec9
|
| |
|
|
|
|
|
|
| |
ok deraadt@
OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce
|
|
|
|
|
|
|
|
|
|
| |
~-prefixed paths, in particular ~user ones. Allows scp in sftp mode to accept
these paths, like scp in rcp mode does.
prompted by and much discussion deraadt@
ok markus@
OpenBSD-Commit-ID: 7d794def9e4de348e1e777f6030fc9bafdfff392
|
|
|
|
|
|
|
|
| |
Should fix printing cert times exceeding INT_MAX (bz#3329) on platforms
were time_t is a long long. The limit used is for the signed type, so if
some system has a 32bit unsigned time_t then the lower limit will still
be imposed and we would need to add some way to detect this. Anyone using
an unsigned 64bit can let us know when it starts being a problem.
|
|
|
|
|
|
|
|
| |
format_absolute_time fix for bz#3329 that allows printing of timestamps past
INT_MAX. This was incorrectly included with the previous commit. Based on
discussion with djm@.
OpenBSD-Commit-ID: 835936f6837c86504b07cabb596b613600cf0f6e
|
|
|
|
|
|
| |
djm@
OpenBSD-Commit-ID: 6060f70966f362d8eb4bec3da2f6c4712fbfb98f
|
|
|
|
|
|
|
|
|
|
|
|
| |
when it encounters an unquoted comment.
Add some additional utility function for working with argument
vectors, since we'll be switching to using them to parse
ssh/sshd_config shortly.
ok markus@ as part of a larger diff; tested in snaps
OpenBSD-Commit-ID: fd9c108cef2f713f24e3bc5848861d221bb3a1ac
|
|
|
|
|
|
|
|
| |
handled specially by the protocol. Useful in ~/.ssh/config to set TERM to
something generic (e.g. "xterm" instead of "xterm-256color") for destinations
that lack terminfo entries. feedback and ok dtucker@
OpenBSD-Commit-ID: 38b1ef4d5bc159c7d9d589d05e3017433e2d5758
|
|
|
|
| |
Reported by Luke Dashjr
|
|
|
|
|
|
| |
and bad indentation on continuation lines. Prompted by GHPR#185
OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
backslashes were not being dequoted correctly and 2) quoted space in the
middle of a string was being incorrectly split.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
A unit test for these cases has already been committed
prompted by and based on GHPR#223 by Eero Häkkinen; ok markus@
OpenBSD-Commit-ID: d7ef27abb4eeeaf6e167e9312e4abe9e89faf1e4
|
|
|
|
|
|
| |
subprocess. Prevents spurious debug message. ok djm@
OpenBSD-Commit-ID: 7f9785e292dcf304457566ad4637effd27ad1d46
|
|
|
|
| |
OpenBSD-Commit-ID: 571bc5dd35f99c5cf9de6aaeac428b168218e74a
|
|
|
|
|
|
|
| |
change its new type. Add tests for boundary conditions and fix convtime to
work up to INT_MAX. ok djm@
OpenBSD-Commit-ID: 01dc0475f1484ac2f47facdfcf9221f9472145de
|
|
|
|
|
|
|
|
| |
the elapsed time from the timeout each loop, so we only want to measure the
elapsed time the poll() in that loop, not since the start of the function.
Spotted by chris.xj.zhu at gmail.com, ok djm@
OpenBSD-Commit-ID: 199df060978ee9aa89b8041a3dfaf1bf7ae8dd7a
|
|
|
|
|
|
|
|
| |
On platforms where sizeof(int) != sizeof(long), convtime could accept values
>MAX_INT which subsequently truncate when stored in an int during config
parsing. bz#3250, ok djm@
OpenBSD-Commit-ID: 8fc932683d6b4660d52f50911d62bd6639c5db31
|
|
|
|
|
|
|
|
|
|
|
|
| |
make privilege dropping optional but allow it via callbacks (to avoid
need to link uidswap.c everywhere)
add some other flags (keep environment, disable strict path safety check)
that make this more useful for client-side use.
feedback & ok markus@
OpenBSD-Commit-ID: a80ea9fdcc156f1a18e9c166122c759fae1637bf
|
|
|
|
|
|
|
|
|
|
|
| |
TCP connect. The connection phase of the SSH session is time-sensitive (due
to server side login grace periods) and is frequently interactive (e.g.
entering passwords). The ultimate interactive/bulk TOS/DSCP will be set after
authentication completes.
ok dtucker@
OpenBSD-Commit-ID: f31ab10d9233363a6d2c9996007083ba43a093f1
|
|
|
|
|
|
| |
__func__ and appending ssh_err(r) manually; ok markus@
OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
|
|
|
|
|
|
|
|
| |
stdout and/or stderr to /dev/null. Factor all these out to a single
stdfd_devnull() function that allows selection of which of these to redirect.
ok markus@
OpenBSD-Commit-ID: 3033ba5a4c47cacfd5def020d42cabc52fad3099
|
|
|
|
|
|
| |
bz#3071; ok dtucker@
OpenBSD-Commit-ID: 08fa87be50070bd8b754d9b1ebb1138d7bc9d8ee
|
|
|
|
|
|
| |
vdollar_percent_expand. Fixes build error on arm64 spotted by otto@.
OpenBSD-Commit-ID: 181910d7ae489f40ad609b4cf4a20f3d068a7279
|
|
|
|
|
|
|
|
| |
dollar_expand. The original intent was in case there's some platform where
va_list is not a pointer equivalent, but on i386 this chokes on the memset.
This unbreaks that build, but will require further consideration.
OpenBSD-Commit-ID: 7b90afcd8e1137a1d863204060052aef415baaf7
|
|
|
|
|
|
|
|
|
|
| |
environment variables on the client side. The supported keywords are
CertificateFile, ControlPath, IdentityAgent and IdentityFile, plus
LocalForward and RemoteForward when used for Unix domain socket paths. This
would for example allow forwarding of Unix domain socket paths that change at
runtime. bz#3140, ok djm@
OpenBSD-Commit-ID: a4a2e801fc2d4df2fe0e58f50d9c81b03822dffa
|
|
|
|
|
|
| |
other units. bz#3171, spotted by ronf at timeheart.net, ok djm@.
OpenBSD-Commit-ID: 95b7a848e1083974a65fbb6ccb381d438e1dd5be
|
|
|
|
|
|
|
|
| |
interval in a human- friendly format. Switch copyright for this file from BSD
to MIT to make it easier to add Henning's copyright for this function. ok
markus@
OpenBSD-Commit-ID: 414a831c662df7e68893e5233e86f2cac081ccf9
|
|
|
|
|
|
|
|
|
|
|
| |
On some platforms (at least older HP-UXes such as 11.11, possibly others)
setting SA_RESTART on signal handers will cause it to not interrupt
select(), at least for calls that do not specify a timeout. Try to
detect this and if found, don't use SA_RESTART.
POSIX says "If SA_RESTART has been set for the interrupting signal, it
is implementation-dependent whether select() restarts or returns with
[EINTR]" so this behaviour is within spec.
|
|
|
|
|
|
| |
that had slipped in. ok deraadt markus djm.
OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6
|
|
|
|
|
|
| |
based on patch by veegish AT cyberstorm.mu
OpenBSD-Commit-ID: 9902bf4fbb4ea51de2193ac2b1d965bc5d99c425
|
|
|
|
|
|
| |
(reallocating as necessary). ok aja@ as part of a larger diff
OpenBSD-Commit-ID: 30796b50d330b3e0e201747fe40cdf9aa70a77f9
|
|
|
|
|
|
|
|
| |
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.
OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
|
|
|
|
|
|
|
|
|
|
| |
connect, not just readable. Prevents a timeout when the server doesn't
immediately send a banner (eg multiplexers like sslh) but is also slightly
quicker for other connections since, unlike ssh1, ssh2 doesn't specify
that the client should parse the server banner before sending its own.
Patch from mnissler@chromium.org, ok djm@
OpenBSD-Commit-ID: aba9cd8480d1d9dd31d0ca0422ea155c26c5df1d
|
| |
|
|
|
|
|
|
| |
and make them public; ok markus@
OpenBSD-Commit-ID: c18bcb2a687227b3478377c981c2d56af2638ea2
|
|
|
|
|
|
| |
markus@
OpenBSD-Commit-ID: caa77e8a3b210948e29ad3e28c5db00852961eae
|
|
|
|
|
|
| |
fixed buffer; ok markus@
OpenBSD-Commit-ID: 3f9ef20bca5ef5058b48c1cac67c53b9a1d15711
|
|
|
|
|
|
|
|
| |
some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.
OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
|
|
|
|
|
|
| |
precise == -1. ok millert nicm tb, etc
OpenBSD-Commit-ID: caecf8f57938685c04f125515b9f2806ad408d53
|