from:"Damien Miller"

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 14:55:23 Modified files: usr.bin/ssh: kex.c kex.h serverloop.c Log message: Fix signature algorithm selection logic for UpdateHostkeys on the server side. The previous code tried to prefer

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 14:48:38 Modified files: usr.bin/ssh: channels.c channels.h clientloop.c serverloop.c Log message: convert ssh, sshd mainloops from select() to poll(); feedback & ok deraadt@ and markus@ has

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 14:46:23 Modified files: usr.bin/ssh: channels.c channels.h Log message: prepare for conversion of ssh, sshd mainloop from select() to poll() by moving FD_SET construction out of channel

CVS: cvs.openbsd.org: src

2022-01-05 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/05 14:54:37 Modified files: usr.bin/ssh: ssh-keygen.c Log message: add a comment so I don't make this mistake again

CVS: cvs.openbsd.org: src

2022-01-05 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/05 14:50:00 Modified files: usr.bin/ssh: ssh-keygen.c Log message: fix cut-and-pasto in error message

CVS: cvs.openbsd.org: src

2022-01-05 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/05 01:25:05 Modified files: regress/usr.bin/ssh: hostkey-rotate.sh Log message: select all RSA hostkey algorithms for UpdateHostkeys tests, not just RSA-SHA1

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:56:15 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: regress test both sshsig message hash algorithms, possible now because the algorithm is controllable via the CLI

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:50:11 Modified files: usr.bin/ssh: ssh-keygen.1 ssh-keygen.c Log message: allow selection of hash at sshsig signing time; code already supported either sha512 (default) or sha256, but

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:27:54 Modified files: usr.bin/ssh: ssh-keygen.c Log message: add missing -O option to usage() for ssh-keygen -Y sign; from Linus Nordberg

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:27:01 Modified files: usr.bin/ssh: ssh-keygen.c Log message: move sig_process_opts() to before sig_sign(); no functional code change

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:10:39 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: regression test for find-principals NULL deref; from Fabian Stelzer

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:02:42 Modified files: usr.bin/ssh: sshsig.c Log message: NULL deref when using find-principals when matching an allowed_signers line that contains a namespace restriction, but no

CVS: cvs.openbsd.org: src

2022-01-03 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 00:20:33 Modified files: regress/usr.bin/ssh: agent-restrict.sh Log message: unbreak test: was picking up system ssh-add instead of the one supposedly being tested. Spotted by dtucker and using

CVS: cvs.openbsd.org: src

2021-12-31 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/31 21:18:06 Modified files: usr.bin/ssh: ssh-agent.c Log message: fix memleak in process_extension(); oss-fuzz issue #42719

CVS: cvs.openbsd.org: src

2021-12-26 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/26 16:34:41 Modified files: usr.bin/ssh: auth2.c Log message: split method list search functionality from authmethod_lookup() into a separate authmethod_byname(), for cases where we don't need

CVS: cvs.openbsd.org: www

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/12/19 16:06:02 Modified files: openssh: agent-restrict.html Log message: replace unicode quotes with ASCII ones

CVS: cvs.openbsd.org: www

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/12/19 16:03:53 Modified files: openssh: agent-restrict.html Log message: more missing markup

CVS: cvs.openbsd.org: www

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/12/19 16:01:29 Modified files: openssh: agent-restrict.html Log message: missing tag

CVS: cvs.openbsd.org: www

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/12/19 15:29:21 Modified files: openssh: features.html Log message: typo in link

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:20:12 Modified files: regress/usr.bin/ssh: Makefile Added files: regress/usr.bin/ssh: agent-restrict.sh Log message: regression test for destination restrictions in ssh-agent

CVS: cvs.openbsd.org: www

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/12/19 15:16:34 Modified files: openssh: features.html Added files: openssh: agent-restrict.html Log message: introductory documentation for destination-restricted keys in

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:15:42 Modified files: usr.bin/ssh: PROTOCOL Log message: document host-bound publickey authentication

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:15:21 Modified files: usr.bin/ssh: PROTOCOL.agent Log message: document agent protocol extensions

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:14:47 Modified files: usr.bin/ssh: readconf.c readconf.h sshconnect2.c Log message: PubkeyAuthentication=yes|no|unbound|host-bound Allow control over which pubkey methods are used. Added

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:14:12 Modified files: usr.bin/ssh: ssh-add.1 Log message: document destination-constrained keys feedback / ok markus@

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:13:55 Modified files: usr.bin/ssh: ssh-agent.c Log message: Use hostkey parsed from hostbound userauth request Require host-bound userauth requests for forwarded SSH connections. The

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:13:34 Modified files: usr.bin/ssh: ssh-agent.c Log message: agent support for parsing hostkey-bound signatures Allow parse_userauth_request() to work with blobs from

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:13:12 Modified files: usr.bin/ssh: kex.c Log message: EXT_INFO negotiation of hostbound pubkey auth the EXT_INFO packet gets a new publickey-hostbo...@openssh.com to advertise the

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:12:54 Modified files: usr.bin/ssh: kex.h sshconnect2.c Log message: client side of host-bound pubkey authentication Add kex->flags member to enable the publickey-hostbound-...@openssh.com

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:12:30 Modified files: usr.bin/ssh: auth2-pubkey.c monitor.c Log message: sshd side of hostbound public key auth This is identical to the standard "publickey" method, but it also includes

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:12:07 Modified files: usr.bin/ssh: auth.h auth2-gss.c auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:11:39 Modified files: usr.bin/ssh: ssh-agent.c Log message: ssh-agent side of destination constraints Gives ssh-agent the ability to parse restrict-destination-...@openssh.com constraints

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:11:06 Modified files: usr.bin/ssh/ssh-add: Makefile Log message: ssh-add side of destination constraints Have ssh-add accept a list of "destination constraints" that allow restricting where

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:10:24 Modified files: usr.bin/ssh: authfd.c authfd.h ssh-add.c sshconnect.c Log message: ssh-add side of destination constraints Have ssh-add accept a list of "destination constraints"

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:09:23 Modified files: usr.bin/ssh: ssh-agent.c Log message: ssh-agent side of binding record session ID/hostkey/forwarding status for each active socket. Attempt to parse

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:08:48 Modified files: usr.bin/ssh: authfd.c authfd.h clientloop.c sshconnect2.c Log message: ssh client side of binding send session ID, hostkey, signature and a flag indicating whether

CVS: cvs.openbsd.org: src

2021-12-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/19 15:08:06 Modified files: usr.bin/ssh: kex.c kex.h kexgen.c kexgexc.c kexgexs.c Log message: Record session ID, host key and sig at intital KEX These will be used later for agent session ID /

CVS: cvs.openbsd.org: src

2021-12-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/07 15:06:45 Modified files: usr.bin/ssh: sk-usbhid.c Log message: better error message for FIDO keys when we can't match them to a token

CVS: cvs.openbsd.org: src

2021-12-02 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/02 16:45:36 Modified files: usr.bin/ssh: ssh-keyscan.c Log message: hash full host:port when asked to hash output, fixes hashes for non- default ports. bz3367 ok dtucker@

CVS: cvs.openbsd.org: src

2021-12-02 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/02 16:23:13 Modified files: usr.bin/ssh: sk-usbhid.c Log message: improve the testing of credentials against inserted FIDO keys a little more: ask the token whether a particular key belongs to

CVS: cvs.openbsd.org: src

2021-12-02 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/02 15:40:05 Modified files: usr.bin/ssh: sk-usbhid.c Log message: move check_sk_options() up so we can use it earlier

CVS: cvs.openbsd.org: src

2021-12-01 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/01 19:44:44 Modified files: usr.bin/ssh: ssh.c Log message: don't put the tty into raw mode when SessionType=none, avoids ^c being unable to kill such a session. bz3360; ok dtucker@

CVS: cvs.openbsd.org: src

2021-11-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/28 18:04:45 Modified files: sys/lib/libsa : blowfish.h blowfish.c sys/crypto : blf.h blf.c lib/libc/crypt : blowfish.c blowfish.3 include: blf.h Log message:

CVS: cvs.openbsd.org: src

2021-11-27 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/28 00:21:26 Modified files: usr.bin/ssh: sshsig.c Log message: sshsig: return "key not found" when searching empty files rather than "internal error"

CVS: cvs.openbsd.org: src

2021-11-27 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/28 00:15:10 Modified files: usr.bin/ssh: ssh-keygen.1 Log message: ssh-keygen -Y match-principals doesn't accept any -O options at present, so don't say otherwise in SYNOPSIS; spotted jmc@

CVS: cvs.openbsd.org: src

2021-11-27 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/28 00:14:29 Modified files: usr.bin/ssh: ssh-keygen.c Log message: fix indenting in last commit

CVS: cvs.openbsd.org: src

2021-11-27 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/28 00:10:18 Modified files: usr.bin/ssh: sshsig.c Log message: missing initialisation for oerrno

CVS: cvs.openbsd.org: src

2021-11-26 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/27 00:23:35 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: whitespac e

CVS: cvs.openbsd.org: src

2021-11-26 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/27 00:20:59 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: regression test for match-principals. Mostly by Fabian Stelzer

CVS: cvs.openbsd.org: src

2021-11-26 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/27 00:14:46 Modified files: usr.bin/ssh: ssh-keygen.1 ssh-keygen.c sshsig.c sshsig.h Log message: Add ssh-keygen -Y match-principals operation to perform matching of principals names against an

CVS: cvs.openbsd.org: src

2021-11-25 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/25 16:02:24 Modified files: usr.bin/ssh: packet.c Log message: debug("func: ...") -> debug_f("...")

CVS: cvs.openbsd.org: src

2021-11-18 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/18 14:32:11 Modified files: usr.bin/ssh: clientloop.c Log message: less confusing debug message; bz#3365

CVS: cvs.openbsd.org: src

2021-11-18 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/18 14:11:01 Modified files: usr.bin/ssh: ssh-pkcs11.c Log message: avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we already did this for RSA keys). Avoids fatal errors for PKCS#11 libraries

CVS: cvs.openbsd.org: src

2021-11-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/17 20:53:48 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: regression test for ssh-keygen -Y find-principals fix; from Fabian Stelzer ok djm markus

CVS: cvs.openbsd.org: src

2021-11-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/17 20:50:41 Modified files: usr.bin/ssh: sshsig.c Log message: ssh-keygen -Y find-principals was verifying key validity when using ca certs but not with simple key lifetimes within the allowed

CVS: cvs.openbsd.org: src

2021-11-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/17 20:31:44 Modified files: usr.bin/ssh: ssh-agent.c ssh-keyscan.c ssh-pkcs11-helper.c Log message: check for POLLHUP wherever we check for POLLIN

CVS: cvs.openbsd.org: src

2021-11-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/17 20:08:00 Modified files: usr.bin/ssh: sshd.c Log message: fd leak in sshd listen loop error path; from Gleb Smirnoff

CVS: cvs.openbsd.org: src

2021-11-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/17 20:07:21 Modified files: usr.bin/ssh: sshd.c Log message: check for POLLHUP as well as POLLIN in sshd listen loop; ok deraadt millert

CVS: cvs.openbsd.org: src

2021-11-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/17 20:06:04 Modified files: usr.bin/ssh: sftp-server.c Log message: check for POLLHUP as well as POLLIN, handle transient IO errors as well as half-close on the output side; ok deraadt millert

CVS: cvs.openbsd.org: src

2021-11-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/17 14:06:39 Modified files: usr.bin/ssh: sshd.c Log message: set num_listen_socks to 0 on close-all instead of -1, which interferes with the new poll()-based listen loop; spotted and debugged by

CVS: cvs.openbsd.org: src

2021-11-09 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/09 23:29:25 Modified files: usr.bin/ssh: myproposal.h ssh_config.5 sshd_config.5 Log message: add the sntrup761x25519-sha...@openssh.com hybrid ECDH/x25519 + Streamlined NTRU Prime post-quantum

CVS: cvs.openbsd.org: src

2021-11-09 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/09 23:25:09 Modified files: usr.bin/ssh: ssh-keysign.c Log message: fix ssh-keysign for KEX algorithms that use SHA384/512 exchange hashes; feedback/ok markus@

CVS: cvs.openbsd.org: src

2021-11-08 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/08 14:32:49 Modified files: usr.bin/ssh: sftp-server.c Log message: improve error message when trying to expand a ~user path for a user that doesn't exist; better matches what the shell does ok

CVS: cvs.openbsd.org: src

2021-11-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/04 21:10:58 Modified files: usr.bin/ssh: sshsig.c Log message: move cert_filter_principals() to earlier in the file for reuse; no code change

CVS: cvs.openbsd.org: src

2021-11-02 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/02 16:57:27 Modified files: regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c Log message: crank SSH_SK_VERSION_MAJOR to match recent change in usr/bin/ssh

CVS: cvs.openbsd.org: src

2021-11-02 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/11/02 16:56:40 Modified files: usr.bin/ssh: sk-api.h sk-usbhid.c ssh-sk.c Log message: Better handle FIDO keys on tokens that provide user verification (UV) on the device itself, including

CVS: cvs.openbsd.org: src

2021-10-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/10/28 21:20:46 Modified files: usr.bin/ssh: ssh-keygen.c Log message: ssh-keygen: make verify-time argument parsing optional >From Fabian Stelzer

CVS: cvs.openbsd.org: src

2021-10-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/10/28 21:03:06 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: sshsig: add tests for signing key validity and find-principals - adds generic find-principals tests (this command had none

CVS: cvs.openbsd.org: src

2021-10-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/10/28 20:48:20 Modified files: regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c Log message: avoid signedness warning; spotted in -portable

CVS: cvs.openbsd.org: src

2021-10-27 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/10/27 20:55:30 Modified files: regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c Log message: increment SSH_SK_VERSION_MAJOR to match last change

CVS: cvs.openbsd.org: src

2021-10-27 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/10/27 20:54:18 Modified files: usr.bin/ssh: sk-api.h sk-usbhid.c ssh-add.c ssh-keygen.c ssh-sk-client.c ssh-sk-helper.c ssh-sk.c ssh-sk.h Log

CVS: cvs.openbsd.org: src

2021-10-26 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/10/26 15:36:24 Modified files: lib/libfido2 : LICENSE Makefile README.openbsd shlib_version lib/libfido2/man: fido_assert_new.3 fido_assert_set_authdata.3

CVS: cvs.openbsd.org: src

2021-10-05 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/10/05 21:35:13 Modified files: regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c Log message: use libc SHA256 functions; make this work when compiled !WITH_OPENSSL

CVS: cvs.openbsd.org: src

2021-09-30 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/30 22:50:36 Modified files: usr.bin/ssh: sk-usbhid.c Log message: unbreak FIDO sk-ed25519 key enrollment for OPENSSL=no builds; ok dtucker@

CVS: cvs.openbsd.org: src

2021-09-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/28 19:33:32 Modified files: usr.bin/ssh: auth2-pubkey.c Log message: add some debug output showing how many key file/command lines were processed. Useful to see whether a file or command

CVS: cvs.openbsd.org: src

2021-09-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/28 19:32:21 Modified files: regress/usr.bin/ssh: hostkey-agent.sh Log message: Test certificate hostkeys held in ssh-agent too. Would have caught regression fixed in sshd r1.575 ok markus@

CVS: cvs.openbsd.org: www

2021-09-26 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/09/26 08:44:18 Modified files: build : Makefile build/mirrors : openssh-ftp.html.head openssh: ftp.html index.html openbsd.html

CVS: cvs.openbsd.org: www

2021-09-26 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/09/26 08:41:10 Added files: openssh/txt: release-8.8 Log message: release notes for openssh-8.8

CVS: cvs.openbsd.org: src

2021-09-26 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/26 08:01:03 Modified files: usr.bin/ssh: misc.c Log message: need initgroups() before setresgid(); reported by anton@, ok deraadt@

CVS: cvs.openbsd.org: src

2021-09-26 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/26 08:01:12 Modified files: usr.bin/ssh: version.h Log message: openssh-8.8

CVS: cvs.openbsd.org: src

2021-09-20 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/20 00:53:57 Modified files: usr.bin/ssh: scp.1 scp.c Log message: fix missing -s in SYNOPSYS and usage() as well as a capitalisation mistake; spotted by jmc@

CVS: cvs.openbsd.org: src

2021-09-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/19 19:55:42 Modified files: usr.bin/ssh: scp.c scp.1 Log message: Switch scp back to use the old protocol by default, ahead of release. We'll wait a little longer for people to pick up

CVS: cvs.openbsd.org: src

2021-09-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/17 20:03:25 Modified files: usr.bin/ssh: scp.c Log message: better error message for ~user failures when the sftp-server lacks the expand-path extension; ok deraadt@

CVS: cvs.openbsd.org: src

2021-09-16 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/16 09:22:23 Modified files: usr.bin/ssh: scp.c Log message: make some more scp-in-SFTP mode better match Unix idioms suggested by deraadt@

CVS: cvs.openbsd.org: src

2021-09-16 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/16 09:11:19 Modified files: usr.bin/ssh: log.c scp.c Log message: allow log_stderr==2 to prefix log messages with argv[0] use this to make scp's SFTP mode error messages more scp-like prompted

CVS: cvs.openbsd.org: src

2021-09-15 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/15 23:36:03 Modified files: usr.bin/ssh: readconf.c Log message: missing space character in ssh -G output broke the t-sshcfgparse regression test; spotted by anton@

CVS: cvs.openbsd.org: src

2021-09-15 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/15 00:56:01 Modified files: usr.bin/ssh: readconf.c readconf.h ssh.c ssh_config.5 Log message: allow CanonicalizePermittedCNAMEs=none in ssh_config; ok markus@

CVS: cvs.openbsd.org: src

2021-09-10 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/10 18:40:24 Modified files: usr.bin/ssh: scp.c Log message: when using SFTP protocol, continue transferring files after a transfer error occurs. This matches original scp/rcp behaviour. ok

CVS: cvs.openbsd.org: src

2021-09-09 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/09 23:46:09 Modified files: usr.bin/ssh: compat.c Log message: openssh-7.4 was incorrectly listed twice; spotted by Dmitry Belyavskiy, ok dtucker@

CVS: cvs.openbsd.org: src

2021-09-08 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/08 17:31:39 Modified files: usr.bin/ssh: scp.1 scp.c Log message: Use the SFTP protocol by default. The original scp/rcp protocol remains available via the -O flag. Note that ~user/ prefixed

CVS: cvs.openbsd.org: src

2021-09-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/07 21:23:45 Modified files: usr.bin/ssh: ssh-keygen.c Log message: correct my mistake in previous fix; spotted by halex

Re: CVS: cvs.openbsd.org: src

2021-09-07 Thread Damien Miller

gt; > >+if (print_pubkey == NULL) > >+*print_pubkey = 0; > > > >That looks like a terrible fix to me. No? > > > >/Alexander > > > >On September 7, 2021 8:03:51 AM GMT+02:00, Damien Miller > > wrote: > >>CVSROOT:/cvs > >>

CVS: cvs.openbsd.org: src

2021-09-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/09/07 00:03:51 Modified files: usr.bin/ssh: ssh-keygen.c Log message: avoid NULL deref in -Y find-principals. Report and fix from Carlo Marcelo Arenas BelÃ³n

Re: CVS: cvs.openbsd.org: xenocara

2021-09-06 Thread Damien Miller

this breaks xterm on freshly-installed systems: keroppi$ env DISPLAY=:0 xterm xterm: unveil from ktrace, it looks like it is failing when trying to unveil a nonexistent directory: 93248 xtermNAMI "/home/djm/.cache/fontconfig" 93248 xtermRET unveil -1 errno 2 No such file or

CVS: cvs.openbsd.org: src

2021-08-29 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/08/29 19:15:45 Modified files: regress/usr.bin/ssh: knownhosts-command.sh Log message: adapt to RSA/SHA1 deprectation

CVS: cvs.openbsd.org: src

2021-08-29 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/08/29 17:53:10 Modified files: usr.bin/ssh: myproposal.h Log message: After years of forewarning, disable the RSA/SHA-1 signature algorithm by default. It is feasible to create colliding SHA1

CVS: cvs.openbsd.org: src

2021-08-29 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/08/29 17:44:07 Modified files: usr.bin/ssh: clientloop.c Log message: wrap at 80 columns

CVS: cvs.openbsd.org: www

2021-08-19 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/08/19 23:09:09 Modified files: build : Makefile build/mirrors : openssh-ftp.html.head openssh: ftp.html index.html openbsd.html

CVS: cvs.openbsd.org: www

2021-08-19 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/08/19 22:46:19 Modified files: openssh/txt: release-8.7 Log message: whitespace

CVS: cvs.openbsd.org: www

2021-08-19 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/08/19 22:38:35 Added files: openssh/txt: release-8.7 Log message: openssh-8.7 release notes

< 1 2 3 4 5 6 7 8 9 10 >

401 - 500 of 2899 matches

Mail list logo