summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/ssh-agent.c
AgeCommit message (Expand)Author
2019-06-28When system calls indicate an error they return -1, not some arbitraryTheo de Raadt
2019-06-21Add protection for private keys at rest in RAM against speculationDamien Miller
2019-06-14process agent requests for RSA certificate private keys using correctDamien Miller
2019-06-06Replace calls to ssh_malloc_init() by a static init of malloc_options.Otto Moerbeek
2019-01-22backoff reading messages from active connections when the input bufferDamien Miller
2018-11-09typo in error message; caught by Debian lintian, via Colin WatsonDamien Miller
2018-05-11implement EMFILE mitigation for ssh-agent: remember the fd rlimitDamien Miller
2018-04-10lots of typos in comments/docs. Patch from Karsten Weiss after checkingDamien Miller
2018-04-09don't kill ssh-agent's listening socket entriely if we fail to accept aDamien Miller
2018-02-23Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures)Markus Friedl
2018-01-23Drop compatibility hacks for some ancient SSH implementations, includingDamien Miller
2017-11-15downgrade a couple more request parsing errors from process-fatal toDamien Miller
2017-11-15fix regression in 7.6: failure to parse a signature request messageDamien Miller
2017-07-24g/c unused variable; make a little more portableDamien Miller
2017-07-19switch from select() to poll() for the ssh-agent mainloop; ok markusDamien Miller
2017-07-01remove post-SSHv1 removal dead code from rsa.c and merge theDamien Miller
2017-04-30flense SSHv1 support from ssh-agent, considerably simplifying itDamien Miller
2017-04-30remove KEY_RSA1Damien Miller
2017-04-30unifdef WITH_SSH1Damien Miller
2017-03-15accidents happen to the best of us; ok djmTheo de Raadt
2017-03-15fix regression in 7.4: deletion of PKCS#11-hosted keys would failDamien Miller
2017-01-04relax PKCS#11 whitelist a bit to allow libexec as well as libDamien Miller
2016-11-30add a whitelist of paths from which ssh-agent will load (viaDamien Miller
2016-09-12Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitionsTheo de Raadt
2016-05-02fix signed/unsigned errors reported by clang-3.7; addDamien Miller
2016-02-15Add a function to enable security-related malloc_options. With and okDarren Tucker
2015-12-11Add "id" to ssh-agent pledge for subprocess support.Doug Hogan
2015-12-11fflush stdout so that output is seen even when running in debug mode whenDarren Tucker
2015-12-11correct error messages; from Tomas Kuthan bz#2507Damien Miller
2015-12-04implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth)Markus Friedl
2015-12-02Add "cpath" to the ssh-agent pledge so the cleanup handler can unlink().Doug Hogan
2015-12-02ssh-agent pledge needs proc for askpass; spotted by todd@Damien Miller
2015-12-01basic pledge() for ssh-agent, more refinement neededDamien Miller
2015-07-08no need to include the old buffer/key APIMarkus Friedl
2015-05-15Use a salted hash of the lock passphrase instead of plain text and doDarren Tucker
2015-04-24combine -Dd onto one line and update usage();Jason McIntyre
2015-04-24add ssh-agent -D to leave ssh-agent in foreground without enablingDamien Miller
2015-04-24rename xrealloc() to xreallocarray() since it follows that form.Theo de Raadt
2015-03-04make ssh-add -D work with !SSH1 agentDamien Miller
2015-03-03add SSH1 Makefile knob to make it easier to build without SSH1 support;Damien Miller
2015-01-28update to new API (key_fingerprint => sshkey_fingerprint)Damien Miller
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
2015-01-14fix small regression: ssh-agent would return a success messageDamien Miller
2015-01-14switch to sshbuf/sshkey; with & ok djm@Markus Friedl
2014-12-21tweak previous;Jason McIntyre
2014-12-21Add FingerprintHash option to control algorithm used for keyDamien Miller
2014-11-18Nuke more obvious #include duplications.Kenneth R Westerback
2014-07-25Clear buffer used for handling messages. This prevents keys beingDarren Tucker
2014-07-18restore umask around listener socket creation (dropped in streamlocal patchDamien Miller
2014-07-15Add support for Unix domain socket forwarding. A remote TCP portTodd C. Miller
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 08:49:08 +0000