| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2023-04-26 | Check for ProxyJump=none in CanonicalizeHostname logic. | Damien Miller | |
| Previously ssh would incorrectly refuse to canonicalise the hostname if ProxyJump was explicitly set to "none" when CanonicalizeHostname=yes bz3567; ok dtucker | |||
| 2023-04-12 | remove duplicate signal.h include | Jonathan Gray | |
| 2023-04-12 | fix double words | Jonathan Gray | |
| ok dtucker@ | |||
| 2023-04-06 | simplify sshsig_find_principals() similar to what happened to | Damien Miller | |
| sshsig_check_allowed_keys() in r1.31, removing some dead code | |||
| 2023-04-06 | remove redundant ssh!=NULL check; we'd already dereferenced it | Damien Miller | |
| 2023-04-06 | match_user() shouldn't be called with user==NULL unless | Damien Miller | |
| host and ipaddr are also NULL | |||
| 2023-04-06 | don't care about glob() return value here. | Damien Miller | |
| 2023-04-03 | Move null check up and simplify process_escapes. Based on Coverity CID | Darren Tucker | |
| 291863 which points out we check the channel pointer for NULLness after dereferencing it. Move this to the start of the function, and while there simplify initialization of efc a bit. ok djm@ | |||
| 2023-03-31 | Explicitly ignore return from waitpid here too. | Darren Tucker | |
| 2023-03-31 | Explictly ignore return codes where we don't check them. From Dmitry | Darren Tucker | |
| Belyavskiy via github PR#238, ok djm@ | |||
| 2023-03-31 | Return immediately from get_sock_port if sock <0 so we don't call | Darren Tucker | |
| getsockname on a negative FD. From Coverity CID 291840, ok djm@ | |||
| 2023-03-31 | don't leak arg2 on parse_pubkey_algos error path; ok dtucker@ | Damien Miller | |
| 2023-03-31 | clamp max number of GSSAPI mechanisms to 2048; ok dtucker | Damien Miller | |
| 2023-03-31 | don't print key if printing hostname failed; with/ok dtucker@ | Damien Miller | |
| 2023-03-31 | remove redundant test | Damien Miller | |
| 2023-03-31 | don't attempt to decode a ridiculous number of attributes; | Damien Miller | |
| harmless because of bounds elsewhere, but better to be explicit | |||
| 2023-03-31 | remove unused variable; prompted by Coverity CID 291879 | Damien Miller | |
| 2023-03-31 | Check fd against >=0 instead of >0 in error path. The dup could | Darren Tucker | |
| in theory return fd 0 although currently it doesn't in practice. From Dmitry Belyavskiy vi github PR#238. | |||
| 2023-03-30 | Ignore return value from muxclient(). It normally loops without returning, | Darren Tucker | |
| but it if returns on failure we immediately exit. Coverity CID 405050. | |||
| 2023-03-30 | return SSH_ERR_KEY_NOT_FOUND if the allowed_signers file is empty, | Damien Miller | |
| not SSH_ERR_INTERNAL_ERROR. Also remove some dead code spotted by Coverity; with/ok dtucker@ | |||
| 2023-03-30 | Remove dead code from inside if block. The only way the if statement can | Darren Tucker | |
| be true is if both dup()s fail, and in that case the tmp2 can never be set. Coverity CID 291805, ok djm@ | |||
| 2023-03-29 | Explicitly ignore return value from sshpkt_disconnect since we set our | Darren Tucker | |
| own return value for the function. Coverity CID 291797, ok djm@ | |||
| 2023-03-29 | Plug another potential mem leak in process_put. It allocates abs_dst | Darren Tucker | |
| inside a loop but only frees it on exit, so free inside the loop if necessary. Coverity CID 291837, ok djm@ | |||
| 2023-03-29 | fix memory leak; Coverity CID 291848, with/ok dtucker@ | Damien Miller | |
| 2023-03-28 | Plug more mem leaks in sftp by making make_absolute_pwd_glob work in | Darren Tucker | |
| the same way as make_absolute: you pass it a dynamically allocated string and it either returns it, or frees it and allocates a new one. Patch from emaste at freebsd.org and https://reviews.freebsd.org/D37253 ok djm@ | |||
| 2023-03-28 | Remove compatibility code for OpenSSL versions prior to 1.1.* since | Darren Tucker | |
| -portable no longer supports them. | |||
| 2023-03-27 | Add tilde and environment variable expansion to RevokedHostKeys. | Darren Tucker | |
| bz#3552, ok djm@ | |||
| 2023-03-27 | fix test: getnameinfo returns a non-zero value on error, | Damien Miller | |
| not (neccessarily) -1. From GHPR#384 | |||
| 2023-03-27 | scp: when copying local->remote, check that source file exists before | Damien Miller | |
| opening SFTP connection to the server. Based on GHPR#370 ok dtucker, markus | |||
| 2023-03-15 | openssh-9.3 | Damien Miller | |
| 2023-03-14 | Free KRL itself in addition to its contents. From Coverity CID 291841, | Darren Tucker | |
| ok djm@ | |||
| 2023-03-14 | Check pointer for NULL before attempting to deref. None of the existing | Darren Tucker | |
| callers seem to do that, but it's worth checking. From Coverity CID 291834, ok djm@ | |||
| 2023-03-12 | Put upper bound on number of entries in SSH2_MSG_EXT_INFO request. | Darren Tucker | |
| This is already constrained by the maximum SSH packet size but this makes it explicit. Prompted by Coverity CID 291868, ok djm@ markus@ | |||
| 2023-03-12 | calloc can return NULL but xcalloc cannot. From Coverity CID 291881, | Darren Tucker | |
| ok djm@ | |||
| 2023-03-10 | Explicitly ignore return from fcntl(... FD_CLOEXEC) here too. | Darren Tucker | |
| Coverity CID 291853. | |||
| 2023-03-10 | Plug mem leak on error path. Coverity CID 405026, ok djm@. | Darren Tucker | |
| 2023-03-10 | Expliticly ignore return code from fcntl(.. FD_CLOEXEC) since there's | Darren Tucker | |
| not much we can do anyway. From Coverity CID 291857, ok djm@ | |||
| 2023-03-10 | Like sshd_config, some ssh_config options are not first-match-wins. | Damien Miller | |
| sshd_config.5 was fixed in r1.348, this is the same for this file | |||
| 2023-03-10 | Remove no-op (int) > INT_MAX checks since they can never be true. | Darren Tucker | |
| From Coverity CID 405031, ok djm@ | |||
| 2023-03-09 | modify parentheses in conditionals to make it clearer what is being | Joshua Stein | |
| assigned and what is being checked ok djm dtucker | |||
| 2023-03-09 | Re-split the merge of the reorder-hostkeys test. | Darren Tucker | |
| In the kex_proposal_populate_entries change I merged the the check for reordering hostkeys with the actual reordering, but kex_assemble_names mutates options.hostkeyalgorithms which renders the check ineffective. Put the check back where it was. Spotted and tested by jsg@, ok djm@ | |||
| 2023-03-09 | include destination constraints for smartcard keys too. | Damien Miller | |
| Spotted by Luci Stanescu; ok deraadt@ markus@ | |||
| 2023-03-08 | Plug mem leak. Coverity CID 405196, ok djm@ | Darren Tucker | |
| 2023-03-08 | ssh-pkcs11: synchronize error messages with errors | Theo Buehler | |
| A handful of error messages contained incorrect function names or otherwise inaccurate descriptions. Fix them to match reality. input/ok djm | |||
| 2023-03-08 | Delete obsolete /* ARGSUSED */ lint comments. | Philip Guenther | |
| ok miod@ millert@ | |||
| 2023-03-08 | use RSA/SHA256 when testing usability of private key in agent; | Damien Miller | |
| with/ok dtucker | |||
| 2023-03-08 | use RSA/SHA256 when testing usability of private key; | Damien Miller | |
| based on fix in bz3546 by Dmitry Belyavskiy; with/ok dtucker | |||
| 2023-03-07 | refactor to be more readable top to bottom. Prompted by Coverity CID | Damien Miller | |
| 405048 which was a false-positive fd leak; ok dtucker@ | |||
| 2023-03-07 | Fix mem leak in environment setup. From jjelen at redhat.com via | Darren Tucker | |
| bz#2687, ok djm@ | |||
| 2023-03-07 | fix memory leak in process_read() path; Spotted by James Robinson | Damien Miller | |
| in GHPR363; ok markus@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |