| Age | Commit message (Collapse) | Author |
|---|
|
function name and the error message
|
|
cause connection to close incorrectly; Report and patch from Jakub
Jelen in bz#2757; ok dtucker@ markus@
|
|
Match block overrides a more restrictive global default.
Spotted by jmc@, ok markus@
|
|
|
|
"seems worthwhile" deraadt.
|
|
from NIST Special Publication 800-57, 3k bits provides security equivalent
to 128 bits which is the smallest symmetric cipher we enable by default.
ok markus@ deraadt@
|
|
|
|
|
|
|
|
This is a no-op on OpenBSD but will make things easier in -portable,
eg on systems where these checks should be case-insensitive. ok djm@
|
|
keepalives successively and prematurely terminating connection when
ClientAliveCount=1. While there, collapse two similar tests into one.
ok markus@
|
|
|
|
messages. Previously it would be difficult to tell which direction
it was talking about
|
|
1. Recently-forked child processes will briefly remain listening to
listen_socks. If the main server sshd process completes its restart
via execv() before these sockets are closed by the child processes
then it can fail to listen at the desired addresses/ports and/or
fail to restart.
2. When a SIGHUP is received, there may be forked child processes that
are awaiting their reexecution state. If the main server sshd
process restarts before passing this state, these child processes
will yield errors and use a fallback path of reading the current
sshd_config from the filesystem rather than use the one that sshd
was started with.
To fix both of these cases, we reuse the startup_pipes that are shared
between the main server sshd and forked children. Previously this was
used solely to implement tracking of pre-auth child processes for
MaxStartups, but this extends the messaging over these pipes to include
a child->parent message that the parent process is safe to restart. This
message is sent from the child after it has completed its preliminaries:
closing listen_socks and receiving its reexec state.
bz#2953, reported by Michal Koutný; ok markus@ dtucker@
|
|
RSA keys only (since we support ECDSA now and might support others in
the future). Inspired by Jakub Jelen via bz#2974
|
|
print PKCS11Provider instead of obsolete SmartcardDevice in config dump.
bz#2974 ok dtucker@
|
|
redirected to /dev/null; ok djm@
|
|
client for KEX, ciphers and MACs. The ciphers and MACs were
identical between the client and server, but the error accidentially
disabled the diffie-hellman-group-exchange-sha1 KEX method.
This fixes the client code to use the correct method list, but
because nobody complained, it also disables the
diffie-hellman-group-exchange-sha1 KEX method.
Reported by nuxi AT vault24.org via bz#2697; ok dtucker
|
|
path with user's privileged. This is a no-op as this code always runs
with user privilege now that we no longer support running sshd with
privilege separation disabled, but as long as the privsep skeleton is
there we should follow the rules.
bz#2969 with patch from Erik Sjölund
|
|
issue pointed out by andreas kahari
ok dtucker djm
|
|
key from the agent was being attempted for use.
|
|
authmethod. Move function-static GSSAPI state to the client Authctxt
structure. Make static a bunch of functions that aren't used outside
this file.
Based on patch from Markus Schmidt <markus@blueflash.cc>; ok markus@
|
|
so it can ask for the smartcards PIN.
ok markus@
|
|
client requested, be prepared to handle shell-style brace alternations,
e.g. "{foo,bar}".
"looks good to me" millert@ + in snaps for the last week courtesy
deraadt@
|
|
when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@
|
|
This code is not normally reachable since USE_PIPES is always defined.
bz#2961, patch from adrian.fita at gmail com.
|
|
requiring a PIN; reported by benno@ fix mostly by markus@
|
|
Patch from samy.mahmoudi at gmail com.
|
|
preventing them from having no timeout. bz#2918, ok djm@
|
|
confirmed by Daniel J. Bernstein
|
|
|
|
copies satisfy the wildcard specified by the user.
This checking provides some protection against a malicious server
sending unexpected filenames, but it comes at a risk of rejecting wanted
files due to differences between client and server wildcard expansion rules.
For this reason, this also adds a new -T flag to disable the check.
reported by Harry Sintonen
fix approach suggested by markus@;
has been in snaps for ~1wk courtesy deraadt@
|
|
bz#2903
|
|
an unknown host key. This allows you to paste a fingerprint obtained
out of band into the yes/no prompt and have the client do the comparison
for you. ok markus@ djm@
|
|
transfer. Fixes the problem recently introduces where very quick
transfers do not display the progressmeter at all. Spotted by naddy@
|
|
(they are the same value) but makes things easier in -portable where
they may be distinct values. "sigh ok" deraadt@
|
|
there's a delimiter. If there's not (the common case) it checked
uninitialized memory, which usually passed, but if not would cause
spurious failures when the uninitialized memory happens to contain
"/". ok deraadt.
|
|
host/port was added in 2001 as an alternative to host:port syntax for
the benefit of IPv6 users. These days there are establised standards
for this like [::1]:22 and the slash syntax is easily mistaken for CIDR
notation, which OpenSSH now supports for some things. Remove the slash
notation from ListenAddress and PermitOpen. bz#2335, patch from jjelen
at redhat.com, ok markus@
|
|
|
|
It's not mentioned in RFC4419 and it's not possible for Sophie-Germain
primes greater than 5. bz#2330, from Christian Wittenhorst , ok djm@ tb@
|
|
progressmeter formatting outside of signal handler context and have
the atomicio callback called for EINTR too. bz#2434 with contributions
from djm and jjelen at redhat.com, ok djm@
|
|
in a single commandline.
|
|
|
|
|
|
than pointer+length; ok markus@
|
|
is too full to read one, or if the output buffer is too full to enqueue
a response; feedback & ok dtucker@
|
|
|
|
the attempt at reading the PIN could be skipped in some cases
especially on devices with integrated PIN readers.
based on patch from Daniel Kucera in bz#2652; ok markus@
|
|
fresh login after the C_SignInit operation.
based on patch from Jakub Jelen in bz#2638; ok markus
|
|
to any ProxyJump/-J hosts. This has confused a few people...
|
