summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh (follow)
Commit message (Collapse)AuthorAgeFilesLines
* typos in comments; GHPR#180 from Ville Skyttädjm2021-04-033-6/+6
|
* sync CASignatureAlgorithms lists with reality. GHPR#174 fromdjm2021-04-032-8/+10
| | | | Matt Hazinski
* highly polished whitespace, mostly fixing spaces-for-tab and baddjm2021-04-0340-153/+156
| | | | indentation on continuation lines. Prompted by GHPR#185
* whitespace (tab after space)djm2021-04-034-9/+9
|
* fix incorrect plural; from Ville Skyttä via GHPR#181djm2021-04-031-3/+3
|
* ensure that pkcs11_del_provider() is called before exit - some PKCS#11djm2021-04-031-1/+5
| | | | | | providers get upset if C_Initialize is not matched with C_Finalize. From Adithya Baglody via GHPR#234; ok markus
* unused variabledjm2021-04-031-2/+2
|
* Fix two problems in string->argv conversion: 1) multiple backslashesdjm2021-04-031-7/+4
| | | | | | | | | were not being dequoted correctly and 2) quoted space in the middle of a string was being incorrectly split. A unit test for these cases has already been committed prompted by and based on GHPR#223 by Eero Häkkinen; ok markus@
* Use new limits@openssh.com protocol extension to let the client selectdjm2021-03-313-18/+115
| | | | | | | | | | | good limits based on what the server supports. Split the download and upload buffer sizes to allow them to be chosen independently. In practice (and assuming upgraded sftp/sftp-server at each end), this increases the download buffer 32->64KiB and the upload buffer 32->255KiB. Patches from Mike Frysinger; ok dtucker@
* do not advertise protocol extensions that have been disallowed bydjm2021-03-311-33/+53
| | | | the command-line options (e.g. -p/-P/-R); ok dtucker@
* return non-zero exit status when killed by signal; bz#3281djm2021-03-191-2/+2
| | | | ok dtucker@
* increase maximum SSH2_FXP_READ to match the maximum packet size.djm2021-03-191-24/+38
| | | | | | Also handle zero-length reads that are borderline nonsensical but not explicitly banned by the spec. Based on patch from Mike Frysinger, feedback deraadt@ ok dtucker@
* don't let logging clobber errno before usedjm2021-03-161-4/+6
|
* spellingjsg2021-03-121-3/+3
|
* Add ModuliFile keyword to sshd_config to specify the location of thedtucker2021-03-126-12/+49
| | | | | | "moduli" file containing the groups for DH-GEX. This will allow us to run tests against arbitrary moduli files without having to install them. ok djm@
* pwcopy() struct passwd that we're going to reuse across a bunch ofdjm2021-03-121-1/+2
| | | | library calls; bz3273 ok dtucker@
* Import regenerated moduli file.dtucker2021-03-106-405/+445
|
* no need to reset buffer after send_msg() as that is done for us;djm2021-03-101-3/+1
| | | | patch from Mike Frysinger
* Fix PRINT macro, the suffix param to sshlog() was missing.millert2021-03-061-21/+20
| | | | | | Also remove redundant __func__ prefix from PRINT calls as the macro already adds __FILE__, __func__ and __LINE__. From Christos Zoulas. OK dtucker@
* don't sshbuf_get_u32() into an enum; reported by goetze ATdjm2021-03-031-4/+4
| | | | dovetail.com via bz3269
* typo in other_hostkeys_message() display output, ok djmsthen2021-03-031-2/+2
|
* needs FILE*; from Mike Frysingerdjm2021-03-031-1/+2
|
* openssh-8.5djm2021-03-021-2/+2
|
* Add %k to list of keywords. From Eero Häkkinenvia bz#3267dtucker2021-02-281-3/+3
|
* Do not try to reset signal handler for signal 0 in subprocess.dtucker2021-02-281-2/+2
| | | | Prevents spurious debug message. ok djm@
* fix alphabetic ordering of options; spotted by Iain Morgandjm2021-02-271-9/+9
|
* a bit more debugging behind #ifdef DEBUG_SKdjm2021-02-261-2/+7
|
* Put obsolete aliases for hostbasedalgorithms and pubkeyacceptedalgorithmsdtucker2021-02-242-6/+6
| | | | | after their current names so that the config-dump mode finds and uses the current names. Spotted by Phil Pennock.
* lots more s/key types/signature algorithms/ mostly indjm2021-02-232-32/+32
| | | | | HostbasedAcceptedAlgorithms and HostKeyAlgorithms; prompted by Jakub Jelen
* Correct reference to signature algorithms as keys; from Jakub Jelendjm2021-02-231-3/+3
|
* warn when the user specifies a ForwardAgent path that does not existdjm2021-02-231-1/+7
| | | | and exit if ExitOnForwardFailure is set; bz3264
* Fix the hostkeys rotation extension documentationdjm2021-02-181-1/+2
| | | | | | | The documentation was lacking the needed want-reply field in the initial global request. https://github.com/openssh/openssh-portable/pull/218 by dbussink
* make names in function prototypes match those in definitiondjm2021-02-182-4/+4
| | | | | from https://github.com/openssh/openssh-portable/pull/225 by ZenithalHourlyRate
* unbreak SK_DEBUG buildsdjm2021-02-181-3/+3
| | | | | from https://github.com/openssh/openssh-portable/pull/225 by ZenithalHourlyRate
* sftp-server: implement limits@openssh.com extensiondjm2021-02-182-3/+85
| | | | | | | | | | This is a simple extension that allows the server to clearly communicate transfer limits it is imposing so the client doesn't have to guess, or force the user to manually tune. This is particularly useful when an attempt to use too large of a value causes the server to abort the connection. Patch from Mike Frysinger; ok dtucker@
* ssh: add PermitRemoteOpen for remote dynamic forwarding with SOCKSmarkus2021-02-156-9/+170
| | | | ok djm@, dtucker@
* factor out opt_array_append; ok djm@markus2021-02-153-43/+51
|
* ProxyJump takes "none" to disable processing like ProxyCommand doesdlg2021-02-151-2/+5
| | | | ok djm@ jmc@
* sftp: add missing lsetstat@openssh.com documentationdjm2021-02-123-13/+39
| | | | patch from Mike Frysinger
* factor SSH_AGENT_CONSTRAIN_EXTENSION parsing into its own functiondjm2021-02-121-41/+59
| | | | and remove an unused variable; ok dtucker@
* Remove debug message from sigchld handler. While this works on OpenBSDdtucker2021-02-051-3/+1
| | | | | it can cause problems on other platforms. From kircherlike at outlook.com via bz#3259, ok djm@
* whitespacedjm2021-02-021-2/+1
|
* fix memleaks in private key deserialisation; enforce more consistencydjm2021-02-021-1/+20
| | | | | between redundant fields in private key certificate and private key body; ok markus@
* memleak on error path; ok markus@djm2021-02-021-2/+2
|
* more strictly enforce KEX state-machine by banning packet typesdjm2021-01-315-9/+25
| | | | | | | | once they are received. Fixes memleak caused by duplicate SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz via oss-fuzz #30078). ok markus@
* Set linesize returned by getline to zero when freeing and NULLing thedtucker2021-01-311-1/+3
| | | | | returned string. OpenBSD's getline handles this just fine, but some implementations used by -portable do not. ok djm@
* fix the values of enum sock_typedjm2021-01-291-4/+4
|
* give typedef'd struct a struct name; makes the fuzzer I'm writing a bitdjm2021-01-291-2/+2
| | | | easier
* fix leak: was double allocating kex->session_id bufferdjm2021-01-271-4/+6
|
* this needs kex.h nowdjm2021-01-271-1/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.