CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/21 02:19:53 Modified files: usr.bin/ssh: readconf.c Log message: properly fix ProxyJump parsing; Thanks to tb@ for pointing out my error (parse_ssh_uri() can return -1/0/1, that I missed).

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/20 18:31:06 Modified files: regress/usr.bin/ssh/unittests/hostkeys: test_iterate.c Log message: adapt to API change in hostkeys_foreach()/load_hostkeys()

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/20 16:40:19 Modified files: usr.bin/ssh: ssh.c sshconnect.c sshconnect.h sshconnect2.c Log message: plumb ssh_conn_info through to sshconnect.c; feedback/ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/20 16:38:00 Modified files: usr.bin/ssh: ssh.c sshconnect.c Log message: allow UserKnownHostsFile=none; feedback and ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/20 16:36:51 Modified files: usr.bin/ssh: sshconnect2.c sshconnect.c ssh-keygen.c hostfile.h clientloop.c hostfile.c auth.c Log message:

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/17 16:28:50 Modified files: usr.bin/ssh: auth2-pubkey.c Log message: fix possible error("%s", NULL) on error paths

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/17 16:26:11 Modified files: usr.bin/ssh: ssh.c sshconnect.h Log message: refactor client percent_expand() argument passing; consolidate the common arguments into a single struct and pass that

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/17 16:10:27 Modified files: usr.bin/ssh: readconf.c readconf.h ssh-keysign.c ssh.c Log message: prepare readconf.c for fuzzing; remove fatal calls and fix some (one-off) memory leaks; ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/13 20:13:12 Modified files: usr.bin/ssh: session.c Log message: use _PATH_SSH_USER_DIR instead of hardcoded .ssh in path

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/03 19:41:10 Modified files: usr.bin/ssh: sftp.c sftp-client.h sftp-client.c Log message: shuffle a few utility functions into sftp-client.c; from Jakub Jelen

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/03 19:29:56 Modified files: usr.bin/ssh: ssh_api.c Log message: make ssh_free(NULL) a no-op

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/03 19:29:25 Modified files: usr.bin/ssh: kexdh.c Log message: memleak of DH public bignum; found with libfuzzer

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/03 19:27:57 Modified files: usr.bin/ssh: kex.c Log message: fix minor memleak of kex->hostkey_alg on rekex

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/03 19:27:08 Modified files: usr.bin/ssh: kex.c Log message: typos: s/hex/kex/ in error messages

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/12/03 19:25:13 Modified files: usr.bin/ssh: log.c log.h Log message: make program name be const

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/27 20:28:00 Modified files: usr.bin/ssh: session.c Log message: check result of strchr() against NULL rather than searched-for characters; from zhongju...@huawei.com

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/26 17:49:58 Modified files: usr.bin/ssh: misc.c misc.h packet.c sshconnect.c Log message: Set the specified TOS/DSCP for interactive use prior to TCP connect. The connection phase of the SSH

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/26 17:37:10 Modified files: usr.bin/ssh: monitor.c monitor_wrap.c Log message: clean up passing of struct passwd from monitor to preauth privsep process. No longer copy entire struct w/ pointer

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/22 15:38:26 Modified files: usr.bin/ssh: ssh-pkcs11.c Log message: when loading PKCS#11 keys, include the key fingerprints and provider/slot information in debug output.

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/22 15:37:12 Modified files: usr.bin/ssh: sshconnect.c Log message: when mentioning that the host key has changed, don't report the type because it is ambiguous as to whether it referred to the

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/15 15:34:58 Modified files: usr.bin/ssh: readconf.c Log message: revert r1.341; it breaks ProxyJump; reported by sthen@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/13 00:30:44 Modified files: usr.bin/ssh: sshconnect2.c Log message: scrub keyboard-interactive authentication prompts coming from the server through asmprintf() prior to display; suggested by

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/12 21:53:12 Modified files: usr.bin/ssh: sshconnect2.c Log message: prefix keyboard interactive prompts with (user@host) to make it easier to determine which connection they are associated with

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/12 15:56:00 Modified files: usr.bin/ssh: sshconnect.c Log message: when prompting the user to accept a new hostkey, display any other host names/addresses already associated with the key. E.g.

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/10 22:22:32 Modified files: usr.bin/ssh: readconf.c Log message: fix logic error that broke URI parsing in ProxyJump directives; ok dtucker@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/08 16:19:03 Modified files: usr.bin/ssh: readpass.c Log message: unbreak; missing NULL check

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/08 15:37:24 Modified files: usr.bin/ssh: misc.h readpass.c ssh-agent.c ssh-keygen.c sshconnect2.c Log message: when requesting a security key touch on stderr, inform

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/11/03 15:53:12 Modified files: usr.bin/ssh: match.c Log message: fold consecutive '*' wildcards to mitigate combinatorial explosion of recursive searches; ok dtucker

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/29 19:50:07 Modified files: usr.bin/ssh: sshconnect2.c Log message: print reason in fatal error message when kex_assemble_namelist() fails

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/28 21:13:06 Modified files: usr.bin/ssh: servconf.h Log message: fix sshd_config SetEnv directive inside Match blocks; part of github PR#201 from github user manuelm

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/28 21:01:18 Modified files: usr.bin/ssh: ssh-keygen.c Log message: fix type of nid in type_bits_valid(); github PR#202 from github user thingsconnected

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/28 20:52:43 Modified files: usr.bin/ssh: authfd.c digest-openssl.c mux.c sftp.c ssh-keygen.c sshconnect2.c Log message: whitespace; no code change

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/28 20:47:23 Modified files: usr.bin/ssh: clientloop.c Log message: UpdateHostkeys: fixed/better detection of host keys that exist under other names and addresses; spotted by and debugged with

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/19 02:07:08 Modified files: usr.bin/ssh: fatal.c ssh-keyscan.c Log message: fix SEGV on fatal() errors spotted by dtucker@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/18 05:32:02 Modified files: usr.bin/ssh: addrmatch.c auth-options.c auth-passwd.c auth-rhosts.c auth.c auth2-chall.c auth2-gss.c

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/18 05:21:59 Modified files: usr.bin/ssh: fatal.c log.c log.h monitor.c ssh-keyscan.c Log message: variants of the log methods that append a ssherr.h string from a supplied error code; ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/18 05:13:45 Modified files: usr.bin/ssh: log.h Log message: add some variant log.h calls that prepend the calling function name; ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/18 05:14:27 Modified files: usr.bin/ssh: log.h Log message: remove a level of macro indirection; ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/16 19:28:20 Modified files: usr.bin/ssh: fatal.c log.c log.h ssh-keyscan.c Log message: make the log functions that exit (sshlogdie(), sshfatal(), etc) have identical signatures. Makes things a

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/16 08:02:24 Modified files: regress/usr.bin/ssh/unittests/conversion: Makefile regress/usr.bin/ssh/unittests/misc: Makefile regress/usr.bin/ssh/unittests/sshbuf: Makefile Log

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/16 07:26:13 Modified files: usr.bin/ssh: auth.c monitor_wrap.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config.5 sshd.c

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/16 07:24:46 Modified files: usr.bin/ssh: Makefile.inc fatal.c log.c log.h monitor.c monitor_wrap.c monitor_wrap.h ssh-keyscan.c Log message: revised log infrastructure

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/15 20:37:13 Modified files: usr.bin/ssh: sshconnect2.c Log message: use do_log2 instead of function pointers to different log functions

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/13 18:55:17 Modified files: usr.bin/ssh: clientloop.c Log message: make UpdateHostkeys still more conservative: refuse to proceed if one of the keys offered by the server is already in

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/11 16:14:38 Modified files: usr.bin/ssh: clientloop.c Log message: UpdateHostkeys: check for keys under other names Stop UpdateHostkeys from automatically removing deprecated keys from

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/11 16:13:37 Modified files: usr.bin/ssh: clientloop.c hostfile.c Log message: UpdateHostkeys: better CheckHostIP handling When preparing to update the known_hosts file, fully check both entries

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/11 16:12:44 Modified files: usr.bin/ssh: clientloop.c Log message: UpdateHostkeys: better detect manual host entries Disable UpdateHostkeys if the known_hosts line has more than two entries in

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/07 19:15:16 Modified files: usr.bin/ssh: clientloop.c Log message: don't misdetect comma-separated hostkey names as wildcards; spotted by naddy@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/07 18:31:05 Modified files: usr.bin/ssh: ssh_config.5 Log message: clarify conditions for UpdateHostkeys

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/07 00:38:16 Modified files: regress/usr.bin/ssh: hostkey-rotate.sh Log message: remove GlobalKnownHostsFile for this test after UpdateHostkeys change

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/06 20:26:28 Modified files: usr.bin/ssh: sshconnect.c Log message: Disable UpdateHostkeys when hostkey checking fails If host key checking fails (i.e. a wrong host key is recorded for the

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/06 20:25:43 Modified files: usr.bin/ssh: hostfile.c Log message: Fix UpdateHostkeys/HashKnownHosts/CheckHostIP bug When all of UpdateHostkeys, HashKnownHosts and ChechHostIP were enabled and

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/06 20:24:51 Modified files: usr.bin/ssh: sshconnect.c Log message: don't UpdateHostkeys when the hostkey is verified by the GlobalKnownHostsFile file, support only UserKnownHostsFile matches

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/06 20:22:24 Modified files: usr.bin/ssh: clientloop.c kex.h sshconnect.c sshconnect.h sshconnect2.c Log message: revert kex->flags cert hostkey downgrade back to a

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/06 20:20:35 Modified files: usr.bin/ssh: sshconnect.c Log message: simply disable UpdateHostkeys when a certificate successfully authenticated the host; simpler than the complicated plumbing via

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/06 20:18:45 Modified files: usr.bin/ssh: readconf.c ssh_config.5 Log message: disable UpdateHostkeys by default if VerifyHostKeyDNS is enabled; suggested by Mark D. Baushke

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/04 03:45:01 Modified files: usr.bin/ssh: hostfile.c hostfile.h sshconnect.c sshconnect2.c Log message: when ordering host key algorithms in the client, consider the

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/03 03:22:26 Modified files: usr.bin/ssh: misc.c misc.h mux.c readconf.c readpass.c ssh-agent.c ssh.c sshconnect.c sshd.c Log message: There are lots of place where we

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/03 02:30:47 Modified files: usr.bin/ssh: readconf.c ssh_config.5 Log message: enable UpdateHostkeys by default when the configuration has not overridden UserKnownHostsFile; ok markus@ "The

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/03 02:12:59 Modified files: usr.bin/ssh: clientloop.c Log message: disable UpdateHostkeys when a wildcard hostname pattern is encountered or when a certificate host key is in use. feedback/ok

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/03 02:11:28 Modified files: usr.bin/ssh: sshconnect.c sshconnect.h sshconnect2.c kex.h Log message: record when the host key checking code downgrades a certificate host key to a plain key. This

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/02 22:15:06 Modified files: usr.bin/ssh: myproposal.h ssh_config.5 sshd_config.5 Log message: prefer ed25519 signature algorithm variants to ECDSA; ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/10/02 21:40:38 Modified files: usr.bin/ssh: sk-usbhid.c Log message: want time.h here too

CVS: cvs.openbsd.org: www

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2020/09/27 03:35:52 Modified files: build : Makefile build/mirrors : openssh-ftp.html.head openssh: ftp.html index.html openbsd.html

CVS: cvs.openbsd.org: www

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2020/09/27 02:01:07 Added files: openssh/txt: release-8.4 Log message: OpenSSH 8.4 release notes

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/27 01:22:05 Modified files: usr.bin/ssh: version.h Log message: openssh 8.4

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/21 01:29:09 Modified files: usr.bin/ssh: ssh.c Log message: close stdin when forking after authentication too; ok markus

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/20 17:31:46 Modified files: usr.bin/ssh: ssh.c Log message: close stdout/stderr after "ssh -f ..." forking bz#3137, ok markus

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/19 23:47:25 Modified files: usr.bin/ssh: channels.c channels.h Log message: cap channel input buffer size at 16MB; avoids high memory use when peer advertises a large window but is slow to

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/18 02:16:38 Modified files: usr.bin/ssh: ssh-agent.c Log message: handle multiple messages in a single read() PR#183 by Dennis Kaarsemaker; feedback and ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/17 23:23:03 Modified files: usr.bin/ssh: sshconnect2.c Log message: tweak the client hostkey preference ordering algorithm to prefer the default ordering if the user has a key that matches the

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/09 15:57:27 Modified files: usr.bin/ssh: sshconnect.c Log message: For the hostkey confirmation message: > Are you sure you want to continue connecting (yes/no/[fingerprint])? compare the

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/08 21:10:21 Modified files: regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c Log message: adapt to SSH_SK_VERSION_MAJOR crank

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/08 21:08:02 Modified files: usr.bin/ssh: PROTOCOL.u2f sk-api.h sk-usbhid.c ssh-keygen.1 ssh-keygen.c ssh-sk.c Log message: when writing an attestation blob for a FIDO

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/09/06 19:09:48 Modified files: lib/libfido2 : README.openbsd lib/libfido2/man: fido_dev_get_touch_begin.3 lib/libfido2/src: dev.c u2f.c Log message: sync a couple of minor fixes (no

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/30 22:33:17 Modified files: usr.bin/ssh: ssh-add.c Log message: refuse to add verify-required (PINful) FIDO keys to ssh-agent until the agent supports them properly

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/30 18:17:41 Modified files: usr.bin/ssh: PROTOCOL.agent PROTOCOL.sshsig PROTOCOL.u2f sk-usbhid.c sshsig.c sshsig.h Log message: Add RCS IDs to the few files that are

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/27 03:46:04 Modified files: usr.bin/ssh: ssh-keygen.c Log message: debug()-print a little info about FIDO-specific key fields via "ssh-keygen -vyf /path/key"

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/27 03:43:28 Modified files: usr.bin/ssh: sk-usbhid.c Log message: skip a bit more FIDO token selection logic when only a single token is attached. with Pedro Martelletto

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/26 21:55:22 Modified files: regress/usr.bin/ssh/unittests/sshkey: test_fuzz.c test_sshkey.c Log message: adapt to API changes

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/26 20:11:09 Modified files: usr.bin/ssh: readconf.c Log message: remove unreachable code I forgot to delete in r1.334

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/26 19:15:36 Modified files: regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c Log message: dummy firmware needs to match API version numner crank (for verify-required resident keys) even though it

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/26 19:08:19 Modified files: usr.bin/ssh: sk-api.h sk-usbhid.c ssh-sk.c Log message: preserve verify-required for resident FIDO keys When downloading a resident, verify-required key from a FIDO

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/26 19:08:45 Modified files: usr.bin/ssh: ssh-keygen.1 ssh-keygen.c Log message: Request PIN ahead of time for certain FIDO actions When we know that a particular action will require a PIN, such

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/26 19:07:52 Modified files: usr.bin/ssh: sk-usbhid.c ssh-keygen.c Log message: major rework of FIDO token selection logic When PINs are in use and multiple FIDO tokens are attached to a host,

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/26 19:07:10 Modified files: usr.bin/ssh: auth-options.c auth-options.h auth.c auth2-pubkey.c monitor.c servconf.c servconf.h sshd.8

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/26 19:06:19 Modified files: usr.bin/ssh: krl.c monitor.c monitor_wrap.c monitor_wrap.h sk-usbhid.c ssh-agent.c ssh-keygen.1 ssh-keygen.c

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/23 04:31:28 Modified files: lib/libfido2/src: hid_openbsd.c Log message: check errno against EINTR; not return value from poll() spotted by Pedro Martelletto

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/22 21:34:57 Modified files: lib/libfido2 : README.openbsd shlib_version lib/libfido2/man: fido_dev_get_touch_begin.3 fido_dev_open.3 lib/libfido2/src: dev.c export.llvm extern.h

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/11 03:49:57 Modified files: usr.bin/ssh: readconf.c readconf.h ssh_config.5 sshconnect.c Log message: let ssh_config(5)'s AddKeysToAgent keyword accept a time limit for keys in addition to its

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/11 03:45:54 Modified files: usr.bin/ssh: readpass.c Log message: let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/11 02:44:53 Modified files: lib/libfido2 : Makefile README.openbsd shlib_version lib/libfido2/man: fido_assert_new.3 fido_bio_dev_get_info.3 fido_bio_template.3

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/02 20:53:51 Modified files: usr.bin/ssh: ssh-keygen.c Log message: ensure that certificate extensions are lexically sorted. Previously if the user specified a custom extension then the

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/02 20:43:41 Modified files: usr.bin/ssh: scp.c sftp.c scp.1 sftp.1 Log message: allow -A to explicitly enable agent forwarding in scp and sftp. The default remains to not forward an agent, even

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/08/02 20:34:31 Modified files: lib/libcbor: Makefile README.openbsd shlib_version lib/libcbor/src: allocators.c cbor.c cbor.h lib/libcbor/src/cbor: arrays.c arrays.h bytestrings.c

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/07/16 21:51:32 Modified files: usr.bin/ssh: sftp-server.c Log message: log error message for process_write() write failures

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/07/14 17:57:01 Modified files: usr.bin/ssh: readpass.c ssh-add.1 ssh.1 ssh.h Log message: allow some additional control over the use of ssh-askpass via $SSH_ASKPASS_REQUIRE, including

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/07/05 17:59:45 Modified files: usr.bin/ssh: PROTOCOL channels.h compat.c kex.c match.c match.h monitor.c mux.c packet.c readconf.c servconf.c

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/07/03 01:25:18 Modified files: usr.bin/ssh: channels.c Log message: put back the mux_ctx memleak fix, but only for channels of type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY

CVS: cvs.openbsd.org: src

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/07/03 01:17:35 Modified files: usr.bin/ssh: channels.c Log message: revert r1.399 - the lifetime of c->mux_ctx is more complex; simply freeing it here causes other problems

<    3   4   5   6   7   8   9   10   11   12   >