from:"Markus Friedl"

CVS: cvs.openbsd.org: src

2023-12-08 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2023/12/08 02:18:39

Modified files:
usr.bin/ssh: sshsig.c 

Log message:
prevent leak in sshsig_match_principals; ok djm@

CVS: cvs.openbsd.org: src

2022-05-04 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2022/05/04 01:31:22

Modified files:
usr.bin/ssh: channels.c 

Log message:
make sure stdout is non-blocking; ok djm@

CVS: cvs.openbsd.org: src

2021-04-15 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2021/04/15 10:24:32

Modified files:
usr.bin/ssh: log.c log.h monitor.c monitor_wrap.c 
 monitor_wrap.h 

Log message:
do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@

CVS: cvs.openbsd.org: src

2021-02-15 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2021/02/15 13:43:15

Modified files:
usr.bin/ssh: channels.c readconf.c readconf.h ssh.1 ssh.c 
 ssh_config.5 

Log message:
ssh: add PermitRemoteOpen for remote dynamic forwarding with SOCKS
ok djm@, dtucker@

CVS: cvs.openbsd.org: src

2021-02-15 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2021/02/15 13:36:35

Modified files:
usr.bin/ssh: misc.c misc.h servconf.c 

Log message:
factor out opt_array_append; ok djm@

CVS: cvs.openbsd.org: src

2020-07-03 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/07/03 04:12:26

Modified files:
usr.bin/ssh: sshd.c 

Log message:
update setproctitle after re-exec; ok djm

CVS: cvs.openbsd.org: src

2020-07-03 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/07/03 04:11:33

Modified files:
usr.bin/ssh: sshd.c 

Log message:
keep ignoring HUP after fork+exec; ok djm

CVS: cvs.openbsd.org: src

2020-07-03 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/07/03 04:10:17

Modified files:
usr.bin/ssh: sshd.c 

Log message:
don't exit the listener on send_rexec_state errors; ok djm

CVS: cvs.openbsd.org: src

2020-07-01 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/07/01 10:28:31

Modified files:
usr.bin/ssh: packet.c ssh_api.c 

Log message:
free kex in ssh_packet_close; ok djm semarie

CVS: cvs.openbsd.org: src

2020-06-24 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/06/24 09:16:23

Modified files:
regress/usr.bin/ssh: multiplex.sh 

Log message:
add test for mux w/-Oproxy; ok djm

CVS: cvs.openbsd.org: src

2020-06-24 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/06/24 09:12:09

Modified files:
usr.bin/ssh: packet.c 

Log message:
fix kex mem-leak in ssh_packet_close; ok djm

CVS: cvs.openbsd.org: src

2020-06-24 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/06/24 09:10:38

Modified files:
usr.bin/ssh: packet.c 

Log message:
fix ssh -O proxy w/mux which got broken by no longer
making ssh->kex optional in packet.c revision 1.278
ok djm@

CVS: cvs.openbsd.org: src

2020-06-24 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/06/24 09:09:53

Modified files:
usr.bin/ssh: servconf.c 

Log message:
support loading big sshd_config files w/o realloc; ok djm

CVS: cvs.openbsd.org: src

2020-06-24 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/06/24 09:08:53

Modified files:
usr.bin/ssh: msg.c 

Log message:
allow sshd_config longer than 256k; ok djm

CVS: cvs.openbsd.org: src

2020-06-24 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/06/24 09:07:33

Modified files:
usr.bin/ssh: sshkey.c 

Log message:
only call sshkey_xmss_init() once for KEY_XMSS_CERT; ok djm

CVS: cvs.openbsd.org: src

2020-05-15 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/05/15 02:34:04

Modified files:
usr.bin/ssh: sshd.c 

Log message:
sshd listener must not block if reexecd sshd exits early:
the call to send_rexec_state() in the parent sshd will block forever
in write(2) on config_s[0] if the forked child exits early before
finishing recv_rexec_state (e.g. with fatal()) because config_s[1] stays
open in the parent. this prevents the parent from accepting new connections.
ok djm, deraadt

CVS: cvs.openbsd.org: src

2020-04-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/04/30 11:12:20

Modified files:
usr.bin/ssh: mux.c 

Log message:
bring back debug() removed in rev 1.74; noted by pradeep kumar

CVS: cvs.openbsd.org: src

2020-04-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/04/30 11:07:10

Modified files:
usr.bin/ssh: scp.1 scp.c 

Log message:
run the 2nd ssh with BatchMode for scp -3

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:29:54

Modified files:
usr.bin/ssh: servconf.c 

Log message:
fix relative includes in sshd_config; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:29:14

Modified files:
usr.bin/ssh: ssh-keygen.c 

Log message:
fix use-after-free in do_download_sk; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:28:50

Modified files:
usr.bin/ssh: sshsig.c 

Log message:
do not leak oprincipals; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:28:27

Modified files:
usr.bin/ssh: ssh-agent.c 

Log message:
initialize seconds for debug message; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:27:15

Modified files:
usr.bin/ssh: sshsig.c 

Log message:
principalsp is optional, pubkey required; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:27:50

Modified files:
usr.bin/ssh: sshsig.c 

Log message:
correct return code; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:26:21

Modified files:
usr.bin/ssh: ssh-pkcs11-helper.c 

Log message:
remove unused variables in ssh-pkcs11-helper; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:25:48

Modified files:
usr.bin/ssh: ssh-sk.c 

Log message:
return correct error in sshsk_ed25519_sig; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:25:12

Modified files:
usr.bin/ssh: hostfile.c 

Log message:
fix possible null-deref in check_key_not_revoked; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:24:39

Modified files:
usr.bin/ssh: authfd.c 

Log message:
ssh_fetch_identitylist() returns the return value from
ssh_request_reply() so we should also check against != 0
ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:23:17

Modified files:
usr.bin/ssh: sshkey.c 

Log message:
sshkey_cert_check_authority requires reason to be set; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:21:29

Modified files:
usr.bin/ssh: sshkey.c 

Log message:
passphrase depends on kdfname, not ciphername (possible null-deref);
ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:20:44

Modified files:
usr.bin/ssh: packet.c 

Log message:
consistently check packet_timeout_ms against 0; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:20:02

Modified files:
usr.bin/ssh: ssh.c 

Log message:
initialize cname in case ai_canonname is NULL or too long; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:19:21

Modified files:
usr.bin/ssh: channels.c 

Log message:
fix uninitialized pointers for forward_cancel; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:16:21

Modified files:
usr.bin/ssh: auth2.c 

Log message:
exit on parse failures in input_service_request; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:15:38

Modified files:
usr.bin/ssh: auth-options.c 

Log message:
fix null-deref on calloc failure; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:15:04

Modified files:
usr.bin/ssh: ssh-keygen.c 

Log message:
exit if ssh_krl_revoke_key_sha256 fails; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:14:13

Modified files:
usr.bin/ssh: ssh-pkcs11.c 

Log message:
pkcs11_register_provider: return < 0 on error; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:12:55

Modified files:
usr.bin/ssh: utf8.c 

Log message:
vasnmprintf allocates str and returns -1; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:13:29

Modified files:
usr.bin/ssh: sshsig.c 

Log message:
sshsig: return correct error, fix null-deref; ok djm

CVS: cvs.openbsd.org: src

2020-03-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/03/06 11:11:10

Modified files:
usr.bin/ssh: packet.h 

Log message:
sshpkt_fatal() does not return; ok djm

CVS: cvs.openbsd.org: src

2020-01-27 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2020/01/27 13:51:32

Modified files:
usr.bin/ssh: ssh.c 

Log message:
disable UpdateHostKeys=ask if command is specified; ok djm@ sthen@

CVS: cvs.openbsd.org: src

2019-11-15 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/15 08:41:01

Modified files:
usr.bin/ssh: sk-usbhid.c 

Log message:
fix typos in sk_enroll

CVS: cvs.openbsd.org: src

2019-11-13 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/13 15:00:21

Modified files:
usr.bin/ssh: sshkey.c 

Log message:
in order to be able to figure out the number of signatures left on
a shielded key, we need to transfer the number of signatures left
from the private to the public key. ok djm@

CVS: cvs.openbsd.org: src

2019-11-13 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/13 13:25:45

Modified files:
usr.bin/ssh: ssh-sk.c 

Log message:
fix check for sig_s; noted by qsa at qualys.com

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/13 00:53:10

Modified files:
usr.bin/ssh: ssh-agent.c sshkey-xmss.c sshkey.c sshkey.h 

Log message:
fix shield/unshield for xmss keys:
- in ssh-agent we need to delay the call to shield
until we have received key specific options.
- when serializing xmss keys for shield we need to deal with
all optional components (e.g. state might not be loaded).
ok djm@

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:34:00

Modified files:
usr.bin/ssh: ssh-sk.c 

Log message:
check sig_r and sig_s for ssh-sk keys; ok djm

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:34:40

Modified files:
usr.bin/ssh: PROTOCOL.u2f ssh-ed25519-sk.c ssh-sk.c 

Log message:
remove extra layer for ed25519 signature; ok djm@

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:33:08

Modified files:
usr.bin/ssh: authfd.c myproposal.h pathnames.h readconf.c 
 ssh-add.c ssh-agent.c ssh-keygen.c 
 ssh-sk-helper.c sshconnect.c sshconnect2.c 
 sshkey.c sshkey.h 

Log message:
enable ed25519 support; ok djm

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:32:30

Modified files:
usr.bin/ssh: PROTOCOL.u2f sk-api.h ssh-sk.c 

Log message:
update sk-api to version 2 for ed25519 support; ok djm

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:31:45

Modified files:
usr.bin/ssh: ssh-sk.c ssh-sk.h 

Log message:
implement sshsk_ed25519_assemble(); ok djm

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:30:51

Modified files:
usr.bin/ssh: ssh-sk-helper.c ssh-sk.c ssh-sk.h sshkey.c 

Log message:
rename sshsk_ecdsa_sign() to sshsk_sign(); ok djm

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:31:18

Modified files:
usr.bin/ssh: ssh-sk.c ssh-sk.h sshkey.c 

Log message:
implement sshsk_ed25519_inner_sig(); ok djm

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:30:21

Modified files:
usr.bin/ssh: ssh-sk.c 

Log message:
factor out sshsk_ecdsa_inner_sig(); ok djm@

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:29:54

Modified files:
usr.bin/ssh: ssh-sk.c 

Log message:
factor out sshsk_ecdsa_assemble(); ok djm@

CVS: cvs.openbsd.org: src

2019-11-12 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/11/12 12:29:25

Modified files:
usr.bin/ssh: Makefile.inc sshkey.c sshkey.h 
Added files:
usr.bin/ssh: ssh-ed25519-sk.c 

Log message:
implement ssh-ed25519-sk verification; ok djm@

CVS: cvs.openbsd.org: src

2019-03-08 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/03/08 10:24:43

Modified files:
usr.bin/ssh: ssh-pkcs11.c 

Log message:
fix use-after-free in ssh-pkcs11; found by hshoexer w/AFL

CVS: cvs.openbsd.org: src

2019-02-27 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/02/27 12:37:02

Modified files:
usr.bin/ssh: sshconnect.c 

Log message:
dup stdout/in for proxycommand=-, otherwise stdout might be
redirected to /dev/null; ok djm@

CVS: cvs.openbsd.org: src

2019-01-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2019/01/30 12:51:15

Modified files:
usr.bin/ssh: sntrup4591761.c sntrup4591761.sh 

Log message:
Add authors for public domain sntrup4591761 code;
confirmed by Daniel J. Bernstein

CVS: cvs.openbsd.org: src

2018-07-27 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/27 06:03:17

Modified files:
usr.bin/ssh: channels.c log.c log.h 

Log message:
avoid expensive channel_open_message() calls; ok djm@

CVS: cvs.openbsd.org: src

2018-07-11 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/11 12:55:11

Modified files:
usr.bin/ssh: auth2-chall.c auth2-pubkey.c sshconnect2.c 

Log message:
treat ssh_packet_write_wait() errors as fatal; ok djm@

CVS: cvs.openbsd.org: src

2018-07-11 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/11 12:53:29

Modified files:
usr.bin/ssh: auth2.c channels.c clientloop.c kex.h monitor.c 
 monitor_wrap.c monitor_wrap.h mux.c servconf.c 
 serverloop.c session.c ssh.c sshconnect.c 
 sshconnect2.c sshd.c 
usr.bin/ssh/ssh: Makefile 
usr.bin/ssh/ssh-agent: Makefile 
usr.bin/ssh/sshd: Makefile 
Removed files:
usr.bin/ssh: key.c key.h 

Log message:
remove legacy key emulation layer; ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:59:10

Modified files:
usr.bin/ssh: authfd.c authfile.c msg.c ssh-keygen.c 
 ssh-pkcs11-client.c sshkey-xmss.c 

Log message:
replace cast with call to sshbuf_mutable_ptr(); ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:56:06

Modified files:
usr.bin/ssh: Makefile.inc kex.h sshbuf.c sshbuf.h 
usr.bin/ssh/ssh: Makefile 
usr.bin/ssh/ssh-agent: Makefile 
usr.bin/ssh/ssh-pkcs11-helper: Makefile 
usr.bin/ssh/sshd: Makefile 
Removed files:
usr.bin/ssh: bufaux.c bufbn.c bufec.c buffer.c buffer.h 

Log message:
remove legacy buffer API emulation layer; ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:53:45

Modified files:
usr.bin/ssh: monitor.c monitor.h monitor_wrap.c 

Log message:
sshd: switch monitor to sshbuf API; lots of help & ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:37:55

Modified files:
usr.bin/ssh: auth2-gss.c gss-genr.c gss-serv-krb5.c 
 gss-serv.c 

Log message:
sshd: switch GSSAPI to sshbuf API; ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:35:50

Modified files:
usr.bin/ssh: auth-bsdauth.c auth-krb5.c auth-rhosts.c auth.c 
 auth2-chall.c auth2-hostbased.c auth2-kbdint.c 
 auth2-none.c auth2-passwd.c auth2-pubkey.c 
 auth2.c monitor.c 

Log message:
sshd: switch authentication to sshbuf API; ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:29:36

Modified files:
usr.bin/ssh: servconf.c serverloop.c sshd.c 

Log message:
sshd: switch config to sshbuf API; ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:26:02

Modified files:
usr.bin/ssh: auth-passwd.c monitor.c monitor_wrap.c 
 servconf.h session.c sshd.c sshlogin.c 

Log message:
sshd: switch loginmsg to sshbuf API; ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:20:26

Modified files:
usr.bin/ssh: clientloop.c packet.h session.c ttymodes.c 

Log message:
ttymodes: switch to sshbuf API; ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:18:10

Modified files:
usr.bin/ssh: mux.c 

Log message:
client: switch mux to sshbuf API; with & ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 15:03:30

Modified files:
usr.bin/ssh: clientloop.c clientloop.h compat.c mux.c 
 packet.c ssh.c sshconnect.c sshconnect2.c 

Log message:
client: switch to sshbuf API; ok djm@

CVS: cvs.openbsd.org: src

2018-07-09 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/07/09 14:39:28

Modified files:
usr.bin/ssh: ssh-pkcs11-client.c 

Log message:
pkcs11: switch to sshbuf API; ok djm@

CVS: cvs.openbsd.org: src

2018-06-06 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/06/06 12:29:18

Modified files:
usr.bin/ssh: auth2-pubkey.c authfile.c dh.c hostfile.c 
 misc.c misc.h readconf.c servconf.c session.c 
 ssh-keygen.c ssh-keyscan.c ssh.h 

Log message:
switch config file parsing to getline(3) as this avoids static limits
noted by gerhard@; ok dtucker@, djm@

CVS: cvs.openbsd.org: src

2018-03-24 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/03/24 13:29:03

Modified files:
usr.bin/ssh: version.h 

Log message:
openssh-7.7

CVS: cvs.openbsd.org: src

2018-03-24 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/03/24 13:28:43

Modified files:
usr.bin/ssh: sshconnect2.c 

Log message:
fix bogus warning when signing cert keys using agent; from djm; ok deraadt 
dtucker

CVS: cvs.openbsd.org: src

2018-03-22 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/03/22 01:06:11

Modified files:
usr.bin/ssh: xmss_fast.c 

Log message:
ssh/xmss: fix build; ok djm@

CVS: cvs.openbsd.org: src

2018-03-22 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/03/22 01:05:48

Modified files:
usr.bin/ssh: sshkey.c 

Log message:
ssh/xmss: fix deserialize for certs; ok djm@

CVS: cvs.openbsd.org: src

2018-03-01 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/03/01 13:32:16

Modified files:
usr.bin/ssh: servconf.c 

Log message:
missing #ifdef for _PATH_HOST_XMSS_KEY_FILE; report by jmc@

CVS: cvs.openbsd.org: src

2018-02-23 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/02/23 08:58:38

Modified files:
usr.bin/ssh: Makefile.inc authfd.c authfd.h authfile.c 
 cipher.c dns.c dns.h pathnames.h readconf.c 
 servconf.c ssh-add.c ssh-agent.c ssh-keygen.c 
 ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c 
 sshd.c sshkey.c sshkey.h 
Added files:
usr.bin/ssh: ssh-xmss.c sshkey-xmss.c sshkey-xmss.h 
 xmss_commons.c xmss_commons.h xmss_fast.c 
 xmss_fast.h xmss_hash.c xmss_hash.h 
 xmss_hash_address.c xmss_hash_address.h 
 xmss_wots.c xmss_wots.h 

Log message:
Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures)
The code is not compiled in by default (see WITH_XMSS in Makefile.inc)
Joint work with stefan-lukas_gazdag at genua.eu
See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12
ok djm@

CVS: cvs.openbsd.org: src

2018-01-08 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/01/08 08:37:38

Modified files:
usr.bin/ssh: Makefile.inc 
usr.bin/ssh/scp: Makefile 
usr.bin/ssh/sftp-server: Makefile 
usr.bin/ssh/sftp: Makefile 
usr.bin/ssh/ssh-add: Makefile 
usr.bin/ssh/ssh-agent: Makefile 
usr.bin/ssh/ssh-keygen: Makefile 
usr.bin/ssh/ssh-keyscan: Makefile 
usr.bin/ssh/ssh-keysign: Makefile 
usr.bin/ssh/ssh-pkcs11-helper: Makefile 
usr.bin/ssh/ssh: Makefile 
usr.bin/ssh/sshd: Makefile 

Log message:
group shared source files (e.g. SRCS_KEX) and allow compilation w/o OPENSSL
ok djm@

CVS: cvs.openbsd.org: src

2018-01-08 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/01/08 08:21:49

Modified files:
usr.bin/ssh: auth.c auth.h misc.c misc.h 
usr.bin/ssh/scp: Makefile 
usr.bin/ssh/sftp: Makefile 

Log message:
move subprocess() so scp/sftp do not need uidswap.o; ok djm@

CVS: cvs.openbsd.org: src

2018-01-08 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/01/08 08:18:46

Modified files:
usr.bin/ssh: ssh-pkcs11-helper.c 
usr.bin/ssh/ssh-pkcs11-helper: Makefile 

Log message:
switch ssh-pkcs11-helper to new API; ok djm@

CVS: cvs.openbsd.org: src

2018-01-08 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2018/01/08 08:15:36

Modified files:
usr.bin/ssh: monitor_wrap.c 

Log message:
uuencode.h is not used

Modified files:
usr.bin/ssh/ssh: Makefile 

Log message:
only ssh-keygen needs uuencode.o; only scp/sftp use progressmeter.o

Modified files:
usr.bin/ssh/sshd: Makefile 

Log message:
split client/server kex; only ssh-keygen needs uuencode.o;
only scp/sftp use progressmeter.o; ok djm@

CVS: cvs.openbsd.org: src

2017-09-21 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/09/21 13:18:12

Modified files:
regress/usr.bin/ssh: dynamic-forward.sh 

Log message:
test reverse dynamic forwarding with SOCKS

CVS: cvs.openbsd.org: src

2017-09-21 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/09/21 13:16:53

Modified files:
usr.bin/ssh: channels.c channels.h readconf.c ssh.1 ssh.c 
 ssh_config.5 

Log message:
Add 'reverse' dynamic forwarding which combines dynamic forwarding
(-D) with remote forwarding (-R) where the remote-forwarded port
expects SOCKS-requests.

The SSH server code is unchanged and the parsing happens at the SSH
clients side. Thus the full SOCKS-request is sent over the forwarded
channel and the client parses c->output. Parsing happens in
channel_before_prepare_select(), _before_ the select bitmask is
computed in the pre[] handlers, but after network input processing
in the post[] handlers.

help and ok djm@

CVS: cvs.openbsd.org: src

2017-07-19 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/07/19 02:30:41

Modified files:
usr.bin/ssh: sshkey.c 

Log message:
fix support for unknown key types; ok djm@

CVS: cvs.openbsd.org: src

2017-05-31 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/31 04:54:00

Modified files:
usr.bin/ssh: auth-options.c auth-options.h auth2-pubkey.c 

Log message:
make sure we don't pass a NULL string to vfprintf (triggered by the
principals-command regress test); ok bluhm

CVS: cvs.openbsd.org: src

2017-05-31 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/31 04:04:29

Modified files:
usr.bin/ssh: monitor.c 

Log message:
use SO_ZEROIZE for privsep communication (if available)

CVS: cvs.openbsd.org: src

2017-05-31 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/31 02:55:10

Modified files:
sys/kern   : uipc_socket.c 
sys/sys: socket.h 

Log message:
new socketoption SO_ZEROIZE: zero out all mbufs sent over socket
ok deraadt bluhm

CVS: cvs.openbsd.org: src

2017-05-31 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/31 02:09:45

Modified files:
usr.bin/ssh: monitor.c monitor_wrap.h opacket.h packet.c 
 packet.h session.c sshd.c umac.c 

Log message:
clear session keys from memory; ok djm@

CVS: cvs.openbsd.org: src

2017-05-31 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/31 01:00:13

Modified files:
usr.bin/ssh: auth2.c clientloop.c dispatch.c dispatch.h 
 serverloop.c ssh-keyscan.c sshconnect2.c sshd.c 

Log message:
remove now obsolete ctx from ssh_dispatch_run; ok djm@

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 23:34:14

Modified files:
usr.bin/ssh: auth2.c 

Log message:
use the ssh_dispatch_run_fatal variant

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 08:29:59

Modified files:
usr.bin/ssh: auth.h auth2-chall.c auth2-gss.c 
 auth2-hostbased.c auth2-kbdint.c auth2-none.c 
 auth2-passwd.c auth2-pubkey.c auth2.c 

Log message:
switch auth2 to ssh_dispatch API; ok djm@

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 08:27:22

Modified files:
usr.bin/ssh: auth2-none.c 

Log message:
switch auth2-none.c to modern APIs; ok djm@

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 08:26:49

Modified files:
usr.bin/ssh: auth2-passwd.c 

Log message:
switch auth2-passwd.c to modern APIs; ok djm@

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 08:25:42

Modified files:
usr.bin/ssh: auth2-hostbased.c 

Log message:
switch auth2-hostbased.c to modern APIs; ok djm@

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 08:23:52

Modified files:
usr.bin/ssh: auth2-chall.c auth2-gss.c auth2.c channels.c 
 channels.h clientloop.c dispatch.c dispatch.h 
 kex.c kex.h kexdhc.c kexdhs.c kexecdhc.c 
 kexecdhs.c kexgexc.c kexgexs.c serverloop.c 
 sshconnect2.c 

Log message:
protocol handlers all get struct ssh passed; ok djm@

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 08:19:15

Modified files:
usr.bin/ssh: sshconnect2.c 

Log message:
ssh: pass struct ssh to auth functions, too; ok djm@

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 08:18:15

Modified files:
usr.bin/ssh: auth2-chall.c auth2-gss.c auth2.c packet.h 

Log message:
sshd: pass struct ssh to auth functions; ok djm@

CVS: cvs.openbsd.org: src

2017-05-30 Thread Markus Friedl

CVSROOT:/cvs
Module name:src
Changes by: mar...@cvs.openbsd.org  2017/05/30 08:16:41

Modified files:
usr.bin/ssh: key.c key.h ssh-add.c ssh-keygen.c 

Log message:
remove unused wrapper functions from key.[ch]; ok djm@

1 2 3 4 5 >

1 - 100 of 406 matches

Mail list logo